2021-04-11 03:51:00 +07:00
|
|
|
---
|
2020-01-19 17:06:37 +07:00
|
|
|
version: '3'
|
|
|
|
services:
|
|
|
|
traefik:
|
2022-06-28 06:21:23 +07:00
|
|
|
image: traefik:v2.7.2
|
2020-01-19 17:06:37 +07:00
|
|
|
volumes:
|
|
|
|
- '/var/run/docker.sock:/var/run/docker.sock'
|
|
|
|
labels:
|
2022-05-02 11:50:37 +07:00
|
|
|
- 'traefik.enable=true'
|
2020-01-19 17:06:37 +07:00
|
|
|
- 'traefik.http.routers.api.rule=Host(`traefik.example.com`)'
|
|
|
|
- 'traefik.http.routers.api.entrypoints=https'
|
|
|
|
- 'traefik.http.routers.api.service=api@internal'
|
|
|
|
- 'traefik.http.routers.api.tls=true'
|
2021-04-11 03:51:00 +07:00
|
|
|
# Traefik 2.x
|
|
|
|
- 'traefik.http.middlewares.authelia.forwardauth.address=https://authelia-backend:9091${PathPrefix}/api/verify?rd=https://login.example.com:8080${PathPrefix}' # yamllint disable-line rule:line-length
|
|
|
|
- 'traefik.http.middlewares.authelia.forwardauth.tls.insecureSkipVerify=true'
|
|
|
|
- 'traefik.http.middlewares.authelia.forwardauth.trustForwardHeader=true'
|
|
|
|
- 'traefik.http.middlewares.authelia.forwardauth.authResponseHeaders=Remote-User, Remote-Groups, Remote-Name, Remote-Email' # yamllint disable-line rule:line-length
|
2020-01-19 17:06:37 +07:00
|
|
|
command:
|
2022-05-02 11:50:37 +07:00
|
|
|
- '--accesslog=true'
|
2020-01-19 17:06:37 +07:00
|
|
|
- '--api'
|
|
|
|
- '--providers.docker=true'
|
|
|
|
- '--entrypoints.https=true'
|
|
|
|
- '--entrypoints.https.address=:8080'
|
|
|
|
- '--log=true'
|
|
|
|
- '--log.level=DEBUG'
|
2022-05-02 11:50:37 +07:00
|
|
|
- '--providers.docker.exposedByDefault=false'
|
2020-04-14 06:57:28 +07:00
|
|
|
- '--serversTransport.insecureSkipVerify=true'
|
2020-01-19 17:06:37 +07:00
|
|
|
networks:
|
|
|
|
authelianet:
|
2021-05-05 05:06:05 +07:00
|
|
|
aliases:
|
|
|
|
- public.example.com
|
|
|
|
- secure.example.com
|
|
|
|
- login.example.com
|
2020-01-19 17:06:37 +07:00
|
|
|
# Set the IP to be able to query on port 8080
|
2021-04-11 03:51:00 +07:00
|
|
|
ipv4_address: 192.168.240.100
|
|
|
|
...
|