git
43f25321d7
modified: core/crowdsec/docker-compose.yml modified: core/error-pages/docker-compose.yml modified: monitoring/docker-exporter/docker-compose.yml modified: monitoring/docker-socket-proxy/docker-compose.yml deleted: monitoring/influxdb-service/docker-compose.yml modified: monitoring/node-exporter/docker-compose.yml modified: monitoring/pihole-exporter/docker-compose.yml modified: monitoring/telegraf/docker-compose.yml new file: service-access-policy.md
31 lines
1.3 KiB
YAML
31 lines
1.3 KiB
YAML
services:
|
|
authelia:
|
|
profiles: ["core","all","authelia", "traefik"]
|
|
image: authelia/authelia
|
|
restart: always
|
|
build:
|
|
context: ${PROJECT_ROOT}/core/authelia
|
|
# env_file:
|
|
# - ${PROJECT_ROOT}/secrets/stack-secrets.env
|
|
# environment:
|
|
# - AUTHELIA_IDENTITY_VALIDATION_RESET_PASSWORD_JWT_SECRET:${AUTHELIA_JWT_SECRET}
|
|
# - AUTHELIA_SESSION_SECRET:${AUTHELIA_SESSION_SECRET}
|
|
# - AUTHELIA_STORAGE_ENCRYPTION_KEY:${AUTHELIA_STORAGE_ENCRYPTION_KEY}
|
|
volumes:
|
|
- ${PROJECT_ROOT}/core/authelia:/config
|
|
networks:
|
|
# - reverse_proxy
|
|
- traefik
|
|
container_name: authelia
|
|
labels:
|
|
- traefik.enable=true
|
|
- traefik.http.routers.authelia.rule=Host(`auth.lan.ddnsgeek.com`)
|
|
- traefik.http.routers.authelia.entrypoints=websecure
|
|
- traefik.http.routers.authelia.tls=true
|
|
- traefik.http.routers.authelia.tls.certresolver=myresolver
|
|
- io.portainer.accesscontrol.public
|
|
- traefik.http.middlewares.authelia.forwardauth.address=http://authelia:9091/api/verify?rd=https://auth.lan.ddnsgeek.com/
|
|
- traefik.http.middlewares.authelia.forwardauth.trustForwardHeader=true
|
|
- traefik.http.middlewares.authelia.forwardauth.authResponseHeaders=Remote-User,Remote-Groups
|
|
- traefik.http.middlewares.authelia.forwardauth.maxResponseBodySize=2097152
|