mirror of
https://github.com/0rangebananaspy/authelia.git
synced 2024-09-14 22:47:21 +07:00
08e674b62f
Updated all links to use https://www.authelia.com/docs/. Removed all comment sections from documented configuration on the documentation site and replaced them with their own sections. Made all documentation inside config.template.yml double hashes, and made all commented configuration sections single quoted. Added .yamllint.yaml to express our desired YAML styles. Added a style guide. Refactored many documentation areas to be 120 char widths where possible. It's by no means exhaustive but is a large start. Added a statelessness guide for the pending Kubernetes chart introduction. Added labels to configuration documentation and made many areas uniform.
98 lines
3.1 KiB
YAML
98 lines
3.1 KiB
YAML
---
|
|
version: '3.3'
|
|
|
|
networks:
|
|
net:
|
|
driver: bridge
|
|
|
|
services:
|
|
authelia:
|
|
image: authelia/authelia
|
|
container_name: authelia
|
|
volumes:
|
|
- ./authelia:/config
|
|
networks:
|
|
- net
|
|
labels:
|
|
- 'traefik.enable=true'
|
|
- 'traefik.http.routers.authelia.rule=Host(`authelia.example.com`)'
|
|
- 'traefik.http.routers.authelia.entrypoints=https'
|
|
- 'traefik.http.routers.authelia.tls=true'
|
|
- 'traefik.http.routers.authelia.tls.options=default'
|
|
- 'traefik.http.middlewares.authelia.forwardauth.address=http://authelia:9091/api/verify?rd=https://authelia.example.com' # yamllint disable-line rule:line-length
|
|
- 'traefik.http.middlewares.authelia.forwardauth.trustForwardHeader=true'
|
|
- 'traefik.http.middlewares.authelia.forwardauth.authResponseHeaders=Remote-User,Remote-Groups,Remote-Name,Remote-Email' # yamllint disable-line rule:line-length
|
|
expose:
|
|
- 9091
|
|
restart: unless-stopped
|
|
healthcheck:
|
|
disable: true
|
|
environment:
|
|
- TZ=Australia/Melbourne
|
|
|
|
traefik:
|
|
image: traefik:2.4
|
|
container_name: traefik
|
|
volumes:
|
|
- ./traefik:/etc/traefik
|
|
- /var/run/docker.sock:/var/run/docker.sock
|
|
networks:
|
|
- net
|
|
labels:
|
|
- 'traefik.enable=true'
|
|
- 'traefik.http.routers.api.rule=Host(`traefik.example.com`)'
|
|
- 'traefik.http.routers.api.entrypoints=https'
|
|
- 'traefik.http.routers.api.service=api@internal'
|
|
- 'traefik.http.routers.api.tls=true'
|
|
- 'traefik.http.routers.api.tls.options=default'
|
|
- 'traefik.http.routers.api.middlewares=authelia@docker'
|
|
ports:
|
|
- 80:80
|
|
- 443:443
|
|
command:
|
|
- '--api'
|
|
- '--providers.docker=true'
|
|
- '--providers.docker.exposedByDefault=false'
|
|
- '--providers.file.filename=/etc/traefik/certificates.yml'
|
|
- '--entrypoints.http=true'
|
|
- '--entrypoints.http.address=:80'
|
|
- '--entrypoints.http.http.redirections.entrypoint.to=https'
|
|
- '--entrypoints.http.http.redirections.entrypoint.scheme=https'
|
|
- '--entrypoints.https=true'
|
|
- '--entrypoints.https.address=:443'
|
|
- '--log=true'
|
|
- '--log.level=DEBUG'
|
|
|
|
secure:
|
|
image: traefik/whoami
|
|
container_name: secure
|
|
networks:
|
|
- net
|
|
labels:
|
|
- 'traefik.enable=true'
|
|
- 'traefik.http.routers.secure.rule=Host(`secure.example.com`)'
|
|
- 'traefik.http.routers.secure.entrypoints=https'
|
|
- 'traefik.http.routers.secure.tls=true'
|
|
- 'traefik.http.routers.secure.tls.options=default'
|
|
- 'traefik.http.routers.secure.middlewares=authelia@docker'
|
|
expose:
|
|
- 80
|
|
restart: unless-stopped
|
|
|
|
public:
|
|
image: traefik/whoami
|
|
container_name: public
|
|
networks:
|
|
- net
|
|
labels:
|
|
- 'traefik.enable=true'
|
|
- 'traefik.http.routers.public.rule=Host(`public.example.com`)'
|
|
- 'traefik.http.routers.public.entrypoints=https'
|
|
- 'traefik.http.routers.public.tls=true'
|
|
- 'traefik.http.routers.public.tls.options=default'
|
|
- 'traefik.http.routers.public.middlewares=authelia@docker'
|
|
expose:
|
|
- 80
|
|
restart: unless-stopped
|
|
...
|