Renovate Bot
c32445b554
This PR contains the following updates: | Package | Update | Change | |---|---|---| | [traefik](https://github.com/containous/traefik) | digest | `6ebe52d` -> `f92d9f6` | --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4xNjUuMCIsInVwZGF0ZWRJblZlciI6IjM3LjE2NS4wIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIn0=--> Reviewed-on: #705 Co-authored-by: Renovate Bot <renovate@mgrote.net> Co-committed-by: Renovate Bot <renovate@mgrote.net>
61 lines
1.9 KiB
Django/Jinja
61 lines
1.9 KiB
Django/Jinja
version: '3'
|
|
services:
|
|
######## traefik ########
|
|
traefik:
|
|
container_name: traefik
|
|
image: "traefik:v2.11@sha256:f92d9f60689ac262c225e660dd215ce1e70191f6a69c1c86f3e82ecdbd887d3c"
|
|
restart: always
|
|
volumes:
|
|
- /var/run/docker.sock:/var/run/docker.sock:ro
|
|
- ./traefik.yml:/etc/traefik/traefik.yml
|
|
- ./file-provider.yml:/etc/traefik/file-provider.yml
|
|
- acme_data:/etc/traefik/acme
|
|
networks:
|
|
- traefik
|
|
ports:
|
|
- "80:80" # HTTP
|
|
- "8081:8080" # Web-GUI
|
|
- "443:443" # HTTPS
|
|
- "2222:2222" # SSH
|
|
environment:
|
|
TZ: Europe/Berlin
|
|
labels:
|
|
com.centurylinklabs.watchtower.enable: true
|
|
|
|
######## nforwardauth ########
|
|
nforwardauth:
|
|
restart: always
|
|
image: "nosduco/nforwardauth:v1.4.0@sha256:16e38db002d27758bdc53c70ba12113d84158c758efe930c97c6e9e2bf612a5d"
|
|
container_name: traefik-nforwardauth
|
|
environment:
|
|
TOKEN_SECRET: "{{ lookup('keepass', 'nforwardauth_token_secret', 'password') }}"
|
|
AUTH_HOST: auth.mgrote.net
|
|
labels:
|
|
traefik.enable: true
|
|
traefik.http.routers.nforwardauth.rule: Host(`auth.mgrote.net`)
|
|
|
|
traefik.http.middlewares.nforwardauth.forwardauth.address: http://nforwardauth:3000
|
|
|
|
traefik.http.services.nforwardauth.loadbalancer.server.port: 3000
|
|
traefik.http.routers.nforwardauth.tls: true
|
|
traefik.http.routers.nforwardauth.tls.certresolver: resolver_letsencrypt
|
|
traefik.http.routers.nforwardauth.entrypoints: entry_https
|
|
|
|
com.centurylinklabs.watchtower.depends-on: traefik
|
|
com.centurylinklabs.watchtower.enable: true
|
|
volumes:
|
|
- "./passwd:/passwd:ro" # Mount local passwd file at /passwd as read only
|
|
networks:
|
|
- traefik
|
|
|
|
######## Networks ########
|
|
networks:
|
|
traefik:
|
|
external: true
|
|
######## Volumes ########
|
|
volumes:
|
|
acme_data:
|
|
|
|
|
|
# passwd
|
|
# echo "<user>:$(mkpasswd -m sha-512 <password>)"
|