2021-04-11 11:25:03 +00:00
|
|
|
---
|
2023-05-07 06:41:41 +00:00
|
|
|
version: '3.8'
|
2020-03-26 23:43:10 +00:00
|
|
|
|
|
|
|
networks:
|
|
|
|
net:
|
2023-05-07 06:41:41 +00:00
|
|
|
driver: 'bridge'
|
2020-03-26 23:43:10 +00:00
|
|
|
|
|
|
|
services:
|
|
|
|
authelia:
|
2023-05-07 06:41:41 +00:00
|
|
|
image: 'authelia/authelia'
|
|
|
|
container_name: 'authelia'
|
2020-03-26 23:43:10 +00:00
|
|
|
volumes:
|
2023-05-07 06:41:41 +00:00
|
|
|
- './authelia:/config'
|
2020-03-26 23:43:10 +00:00
|
|
|
networks:
|
2023-05-07 06:41:41 +00:00
|
|
|
- 'net'
|
2020-03-26 23:43:10 +00:00
|
|
|
labels:
|
|
|
|
- 'traefik.enable=true'
|
2021-08-02 04:29:45 +00:00
|
|
|
- 'traefik.http.routers.authelia.rule=Host(`authelia.example.com`)'
|
2020-03-26 23:43:10 +00:00
|
|
|
- 'traefik.http.routers.authelia.entrypoints=https'
|
|
|
|
- 'traefik.http.routers.authelia.tls=true'
|
|
|
|
- 'traefik.http.routers.authelia.tls.certresolver=letsencrypt'
|
2023-01-25 09:36:40 +00:00
|
|
|
- 'traefik.http.middlewares.authelia.forwardauth.address=http://authelia:9091/api/authz/forward-auth?authelia_url=https://authelia.example.com' # yamllint disable-line rule:line-length
|
2020-03-26 23:43:10 +00:00
|
|
|
- 'traefik.http.middlewares.authelia.forwardauth.trustForwardHeader=true'
|
2021-04-11 11:25:03 +00:00
|
|
|
- 'traefik.http.middlewares.authelia.forwardauth.authResponseHeaders=Remote-User,Remote-Groups,Remote-Name,Remote-Email' # yamllint disable-line rule:line-length
|
2020-03-26 23:43:10 +00:00
|
|
|
expose:
|
|
|
|
- 9091
|
2023-05-07 06:41:41 +00:00
|
|
|
restart: 'unless-stopped'
|
2021-03-30 05:17:11 +00:00
|
|
|
healthcheck:
|
2022-10-01 10:24:31 +00:00
|
|
|
## In production the healthcheck section should be commented.
|
2021-03-30 05:17:11 +00:00
|
|
|
disable: true
|
2020-03-26 23:43:10 +00:00
|
|
|
environment:
|
2023-05-07 06:41:41 +00:00
|
|
|
TZ: 'Australia/Melbourne'
|
2020-03-26 23:43:10 +00:00
|
|
|
|
|
|
|
redis:
|
2023-05-07 06:41:41 +00:00
|
|
|
image: 'redis:alpine'
|
|
|
|
container_name: 'redis'
|
2020-03-26 23:43:10 +00:00
|
|
|
volumes:
|
2023-05-07 06:41:41 +00:00
|
|
|
- './redis:/data'
|
2020-03-26 23:43:10 +00:00
|
|
|
networks:
|
2023-05-07 06:41:41 +00:00
|
|
|
- 'net'
|
2020-03-26 23:43:10 +00:00
|
|
|
expose:
|
|
|
|
- 6379
|
2023-05-07 06:41:41 +00:00
|
|
|
restart: 'unless-stopped'
|
2020-03-26 23:43:10 +00:00
|
|
|
environment:
|
2023-05-07 06:41:41 +00:00
|
|
|
TZ: 'Australia/Melbourne'
|
2020-03-26 23:43:10 +00:00
|
|
|
|
|
|
|
traefik:
|
2023-05-07 06:41:41 +00:00
|
|
|
image: 'traefik:v2.10.1'
|
|
|
|
container_name: 'traefik'
|
2020-03-26 23:43:10 +00:00
|
|
|
volumes:
|
2023-05-07 06:41:41 +00:00
|
|
|
- './traefik:/etc/traefik'
|
|
|
|
- '/var/run/docker.sock:/var/run/docker.sock'
|
2020-03-26 23:43:10 +00:00
|
|
|
networks:
|
2023-05-07 06:41:41 +00:00
|
|
|
- 'net'
|
2020-03-26 23:43:10 +00:00
|
|
|
labels:
|
|
|
|
- 'traefik.enable=true'
|
|
|
|
- 'traefik.http.routers.api.rule=Host(`traefik.example.com`)'
|
|
|
|
- 'traefik.http.routers.api.entrypoints=https'
|
|
|
|
- 'traefik.http.routers.api.service=api@internal'
|
|
|
|
- 'traefik.http.routers.api.tls=true'
|
|
|
|
- 'traefik.http.routers.api.tls.certresolver=letsencrypt'
|
|
|
|
- 'traefik.http.routers.api.middlewares=authelia@docker'
|
|
|
|
ports:
|
2023-01-25 09:36:40 +00:00
|
|
|
- '80:80'
|
|
|
|
- '443:443'
|
2020-03-26 23:43:10 +00:00
|
|
|
command:
|
|
|
|
- '--api'
|
|
|
|
- '--providers.docker=true'
|
|
|
|
- '--providers.docker.exposedByDefault=false'
|
|
|
|
- '--entrypoints.http=true'
|
|
|
|
- '--entrypoints.http.address=:80'
|
|
|
|
- '--entrypoints.http.http.redirections.entrypoint.to=https'
|
|
|
|
- '--entrypoints.http.http.redirections.entrypoint.scheme=https'
|
|
|
|
- '--entrypoints.https=true'
|
|
|
|
- '--entrypoints.https.address=:443'
|
|
|
|
- '--certificatesResolvers.letsencrypt.acme.email=your-email@your-domain.com'
|
2021-08-02 04:29:45 +00:00
|
|
|
- '--certificatesResolvers.letsencrypt.acme.storage=/etc/traefik/acme.json'
|
2020-03-26 23:43:10 +00:00
|
|
|
- '--certificatesResolvers.letsencrypt.acme.httpChallenge.entryPoint=http'
|
|
|
|
- '--log=true'
|
|
|
|
- '--log.level=DEBUG'
|
|
|
|
|
|
|
|
secure:
|
2023-05-07 06:41:41 +00:00
|
|
|
image: 'traefik/whoami'
|
|
|
|
container_name: 'secure'
|
2020-03-26 23:43:10 +00:00
|
|
|
networks:
|
2023-05-07 06:41:41 +00:00
|
|
|
- 'net'
|
2020-03-26 23:43:10 +00:00
|
|
|
labels:
|
|
|
|
- 'traefik.enable=true'
|
|
|
|
- 'traefik.http.routers.secure.rule=Host(`secure.example.com`)'
|
|
|
|
- 'traefik.http.routers.secure.entrypoints=https'
|
|
|
|
- 'traefik.http.routers.secure.tls=true'
|
|
|
|
- 'traefik.http.routers.secure.tls.certresolver=letsencrypt'
|
|
|
|
- 'traefik.http.routers.secure.middlewares=authelia@docker'
|
|
|
|
expose:
|
|
|
|
- 80
|
2023-05-07 06:41:41 +00:00
|
|
|
restart: 'unless-stopped'
|
2020-03-26 23:43:10 +00:00
|
|
|
|
2020-04-10 14:12:21 +00:00
|
|
|
public:
|
2023-05-07 06:41:41 +00:00
|
|
|
image: 'traefik/whoami'
|
|
|
|
container_name: 'public'
|
2020-04-10 14:12:21 +00:00
|
|
|
networks:
|
2023-05-07 06:41:41 +00:00
|
|
|
- 'net'
|
2020-04-10 14:12:21 +00:00
|
|
|
labels:
|
|
|
|
- 'traefik.enable=true'
|
|
|
|
- 'traefik.http.routers.public.rule=Host(`public.example.com`)'
|
|
|
|
- 'traefik.http.routers.public.entrypoints=https'
|
|
|
|
- 'traefik.http.routers.public.tls=true'
|
|
|
|
- 'traefik.http.routers.public.tls.certresolver=letsencrypt'
|
|
|
|
- 'traefik.http.routers.public.middlewares=authelia@docker'
|
|
|
|
expose:
|
|
|
|
- 80
|
2023-05-07 06:41:41 +00:00
|
|
|
restart: 'unless-stopped'
|
2021-04-11 11:25:03 +00:00
|
|
|
...
|