beatzaplenty/docker
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Enforce mTLS on private-admin Traefik routes

Browse Source
This commit is contained in:
beatz174-bit
2026-04-13 12:05:43 +10:00
parent 0ddbb7d7ad
commit 24047b0eaa
15 changed files with 200 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
monitoring/gotify/docker-compose.yml
+1
View File
@@ -23,4 +23,5 @@ services:
- "traefik.http.routers.gotify.rule=Host(`gotify.lan.ddnsgeek.com`)"
- "traefik.http.routers.gotify.entrypoints=websecure"
- "traefik.http.routers.gotify.tls.certresolver=myresolver"
- "traefik.http.routers.gotify.tls.options=mtls-private-admin@file"
- "traefik.http.services.gotify.loadbalancer.server.port=80"
monitoring/grafana/docker-compose.yml
+1
View File
@@ -18,6 +18,7 @@ services:
- "traefik.enable=true"
- "traefik.http.routers.grafana.entrypoints=websecure"
- "traefik.http.routers.grafana.tls.certresolver=myresolver"
- "traefik.http.routers.grafana.tls.options=mtls-private-admin@file"
- "io.portainer.accesscontrol.public"
- "traefik.http.services.grafana.loadbalancer.server.port=3000"
- "traefik.docker.network=core_traefik"
monitoring/influxdb/docker-compose.yml
+1
View File
@@ -26,6 +26,7 @@ services:
- "traefik.enable=true"
- "traefik.http.routers.influxdb.entrypoints=websecure"
- "traefik.http.routers.influxdb.tls.certresolver=myresolver"
- "traefik.http.routers.influxdb.tls.options=mtls-private-admin@file"
- "io.portainer.accesscontrol.public"
- "traefik.http.services.influxdb.loadbalancer.server.port=8086"
- "traefik.http.routers.influxdb.middlewares=authelia"
monitoring/node-red/docker-compose.yml
+1
View File
@@ -56,6 +56,7 @@ services:
# - "traefik.http.routers.node-red.service=api@internal"
- "traefik.http.routers.node-red.entrypoints=websecure"
- "traefik.http.routers.node-red.tls.certresolver=myresolver"
- "traefik.http.routers.node-red.tls.options=mtls-private-admin@file"
- "traefik.http.routers.node-red.middlewares=authelia"
- "io.portainer.accesscontrol.public"
- "traefik.docker.network=core_traefik"
monitoring/portainer/docker-compose.yml
+1
View File
@@ -20,6 +20,7 @@ services:
- traefik.http.routers.portainer.entrypoints=websecure
- traefik.http.routers.portainer.tls=true
- traefik.http.routers.portainer.tls.certresolver=myresolver
- traefik.http.routers.portainer.tls.options=mtls-private-admin@file
- io.portainer.accesscontrol.public
# Service -> Portainer listens on 9000 inside the container
- traefik.http.services.portainer.loadbalancer.server.port=9000
monitoring/prometheus/docker-compose.yml
+1
View File
@@ -30,6 +30,7 @@ services:
- "traefik.enable=true"
- "traefik.http.routers.prometheus.entrypoints=websecure"
- "traefik.http.routers.prometheus.tls.certresolver=myresolver"
- "traefik.http.routers.prometheus.tls.options=mtls-private-admin@file"
- "io.portainer.accesscontrol.public"
- "traefik.http.services.prometheus.loadbalancer.server.port=9090"
- "traefik.http.routers.prometheus.middlewares=authelia"
monitoring/uptime-kuma/docker-compose.yml
+1
View File
@@ -20,6 +20,7 @@ services:
- traefik.http.routers.monitor.entrypoints=websecure
- traefik.http.routers.monitor.tls=true
- traefik.http.routers.monitor.tls.certresolver=myresolver
- traefik.http.routers.monitor.tls.options=mtls-private-admin@file
- io.portainer.accesscontrol.public
- traefik.docker.network=core_traefik
# Service -> container port