beatzaplenty/docker
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge branch 'main' of https://github.com/beatz174-bit/docker

Browse Source 
monitoring/mtls-bridge/docker-compose.yml

	modified:   monitoring/mtls-bridge/README.md
	modified:   monitoring/mtls-bridge/docker-compose.yml
This commit is contained in:
git
2026-04-14 11:11:47 +10:00
parent b2ff514a71 b5cfdde00f
commit 2499924afc
2 changed files with 14 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files
monitoring/mtls-bridge/README.md
+1
View File
@@ -17,6 +17,7 @@ Internal HTTP-to-mTLS bridge for services that cannot present client certificate
- `TIMEOUT` (default `5`): request timeout in seconds.
- `LOG_LEVEL` (default `INFO`): Python logging level.
- `MTLS_BRIDGE_BASIC_AUTH_USERS` (required for Traefik auth): value for `traefik.http.middlewares.*.basicauth.users` (e.g. `user:$$apr1$$...`).
- `MTLS_BRIDGE_CORS_ALLOW_ORIGIN` (default `https://grafana.lan.ddnsgeek.com`): origin allowed for browser-based panel actions.
## Endpoints
monitoring/mtls-bridge/docker-compose.yml
+13 -3
View File
@@ -20,9 +20,19 @@ services:
- "traefik.enable=true"
- "traefik.http.routers.mtls-bridge.entrypoints=websecure"
- "traefik.http.routers.mtls-bridge.tls.certresolver=myresolver"
- "traefik.http.routers.mtls-bridge.middlewares=mtls-bridge-auth"
# - "traefik.http.middlewares.mtls-bridge-auth.basicauth.users=${MTLS_BRIDGE_BASIC_AUTH_USERS}"
- "traefik.http.middlewares.mtls-bridge-auth.basicauth.users=beatzaplenty:$$2y$$05$$WAj1.xaHHoR0lmgx8UedwuIM4qv2Uz7eezY4gxASfM5KAdN8mPLOa"
- "traefik.http.routers.mtls-bridge.middlewares=mtls-bridge-auth,mtls-bridge-cors"
- "traefik.http.middlewares.mtls-bridge-auth.basicauth.users=${MTLS_BRIDGE_BASIC_AUTH_USERS}"
- "traefik.http.routers.mtls-bridge-preflight.rule=Host(`mtls-bridge.lan.ddnsgeek.com`) && Method(`OPTIONS`)"
- "traefik.http.routers.mtls-bridge-preflight.entrypoints=websecure"
- "traefik.http.routers.mtls-bridge-preflight.tls.certresolver=myresolver"
- "traefik.http.routers.mtls-bridge-preflight.middlewares=mtls-bridge-cors"
- "traefik.http.routers.mtls-bridge-preflight.priority=100"
- "traefik.http.routers.mtls-bridge-preflight.service=mtls-bridge"
- "traefik.http.middlewares.mtls-bridge-cors.headers.accesscontrolalloworiginlist=${MTLS_BRIDGE_CORS_ALLOW_ORIGIN:-https://grafana.lan.ddnsgeek.com}"
- "traefik.http.middlewares.mtls-bridge-cors.headers.accesscontrolallowmethods=GET,POST,PUT,PATCH,DELETE,OPTIONS"
- "traefik.http.middlewares.mtls-bridge-cors.headers.accesscontrolallowheaders=Authorization,Content-Type"
- "traefik.http.middlewares.mtls-bridge-cors.headers.accesscontrolallowcredentials=true"
- "traefik.http.middlewares.mtls-bridge-cors.headers.addvaryheader=true"
- "io.portainer.accesscontrol.public"
# - "traefik.http.routers.searxng.middlewares=crowdsec@file,secHeaders@file,error-pages-middleware"
- "traefik.http.services.mtls-bridge.loadbalancer.server.port=8080"