---
version: '3'
services:
  nginx-backend:
    image: nginx:alpine
    labels:
      # Traefik 1.x
      - 'traefik.frontend.rule=Host:home.example.com,public.example.com,secure.example.com,admin.example.com,singlefactor.example.com'  # yamllint disable-line rule:line-length
      - 'traefik.frontend.auth.forward.address=https://authelia-backend:9091/api/authz/forward-auth'  # yamllint disable-line rule:line-length
      - 'traefik.frontend.auth.forward.tls.insecureSkipVerify=true'
      - 'traefik.frontend.auth.forward.trustForwardHeader=true'
      - 'traefik.frontend.auth.forward.authResponseHeaders=Remote-User,Remote-Groups,Remote-Name,Remote-Email'
      # Traefik 2.x
      - 'traefik.enable=true'
      - 'traefik.http.routers.protectedapps.rule=Host(`home.example.com`,`public.example.com`,`secure.example.com`,`admin.example.com`,`singlefactor.example.com`)'  # yamllint disable-line rule:line-length
      - 'traefik.http.routers.protectedapps.entrypoints=https'
      - 'traefik.http.routers.protectedapps.tls=true'
      - 'traefik.http.routers.protectedapps.middlewares=authelia@docker'
    volumes:
      - ./example/compose/nginx/backend/html:/usr/share/nginx/html
      - ./example/compose/nginx/backend/nginx.conf:/etc/nginx/nginx.conf
    networks:
      - authelianet
...