38 lines
1.5 KiB
YAML
38 lines
1.5 KiB
YAML
---
|
|
version: '3'
|
|
services:
|
|
traefik:
|
|
image: traefik:v2.9.10
|
|
volumes:
|
|
- '/var/run/docker.sock:/var/run/docker.sock'
|
|
labels:
|
|
- 'traefik.enable=true'
|
|
- 'traefik.http.routers.api.rule=Host(`traefik.example.com`)'
|
|
- 'traefik.http.routers.api.entrypoints=https'
|
|
- 'traefik.http.routers.api.service=api@internal'
|
|
- 'traefik.http.routers.api.tls=true'
|
|
# Traefik 2.x
|
|
- 'traefik.http.middlewares.authelia.forwardauth.address=https://authelia-backend:9091${PathPrefix}/api/authz/forward-auth' # yamllint disable-line rule:line-length
|
|
- 'traefik.http.middlewares.authelia.forwardauth.tls.insecureSkipVerify=true'
|
|
- 'traefik.http.middlewares.authelia.forwardauth.trustForwardHeader=true'
|
|
- 'traefik.http.middlewares.authelia.forwardauth.authResponseHeaders=Authorization,Proxy-Authorization,Remote-User,Remote-Groups,Remote-Email,Remote-Name' # yamllint disable-line rule:line-length
|
|
command:
|
|
- '--accesslog=true'
|
|
- '--api'
|
|
- '--providers.docker=true'
|
|
- '--entrypoints.https=true'
|
|
- '--entrypoints.https.address=:8080'
|
|
- '--log=true'
|
|
- '--log.level=DEBUG'
|
|
- '--providers.docker.exposedByDefault=false'
|
|
- '--serversTransport.insecureSkipVerify=true'
|
|
networks:
|
|
authelianet:
|
|
aliases:
|
|
- public.example.com
|
|
- secure.example.com
|
|
- login.example.com
|
|
# Set the IP to be able to query on port 8080
|
|
ipv4_address: 192.168.240.100
|
|
...
|