54 lines
1.9 KiB
YAML
54 lines
1.9 KiB
YAML
networks:
|
|
default:
|
|
external: false
|
|
|
|
services:
|
|
traefik:
|
|
image: "traefik:v2.5.3"
|
|
container_name: "traefik"
|
|
restart:always
|
|
networks:
|
|
- default
|
|
ports:
|
|
- "80:80"
|
|
- "443:443"
|
|
- "2222:2222"
|
|
volumes:
|
|
- "/var/run/docker.sock:/var/run/docker.sock:ro"
|
|
- "./letsencrypt:/letsencrypt"
|
|
- "./traefik.toml:/etc/traefik/traefik.toml"
|
|
- "./config:/etc/traefik/config"
|
|
labels:
|
|
- "traefik.enable=true"
|
|
- "traefik.http.routers.traefik.rule=Host(`rproxy.hugowillaume.com`) && (PathPrefix(`/api`) || PathPrefix(`/dashboard`))"
|
|
- "traefik.http.routers.traefik.service=api@internal"
|
|
- "traefik.http.routers.traefik.entrypoints=web"
|
|
- "traefik.http.middlewares.redirect-to-https.redirectscheme.scheme=https"
|
|
- "traefik.http.routers.redirs.rule=hostregexp(`{host:.+}`)"
|
|
- "traefik.http.routers.redirs.entrypoints=web"
|
|
- "traefik.http.routers.redirs.middlewares=redirect-to-https"
|
|
|
|
traefik-forward-auth:
|
|
image: thomseddon/traefik-forward-auth:2
|
|
container_name: auth_forward
|
|
restart:always
|
|
networks:
|
|
- default
|
|
env_file: secrets/traefik_forward_auth.secret
|
|
environment:
|
|
# INSECURE_COOKIE is required if not using a https entrypoint
|
|
- INSECURE_COOKIE=false
|
|
- COOKIE_DOMAIN=hugowillaume.com
|
|
# - AUTH_HOST=auth.hugowillaume.com
|
|
- LOG_LEVEL=debug
|
|
- LOG_FORMAT=json
|
|
- MATCH_WHITELIST_OR_DOMAIN=true
|
|
- DOMAIN=sloclap.com
|
|
- WHITELIST=mr.hurlu@gmail.com
|
|
labels:
|
|
- "traefik.enable=true"
|
|
# - "traefik.http.routers.traefik-forward-auth.rule=Host(`auth.hugowillaume.com`)"
|
|
- "traefik.http.services.traefik-forward-auth.loadbalancer.server.port=4181"
|
|
- "traefik.http.middlewares.traefik-forward-auth.forwardauth.address=http://traefik-forward-auth:4181"
|
|
- "traefik.http.middlewares.traefik-forward-auth.forwardauth.authResponseHeaders=X-Forwarded-User"
|