beatz174-bit
36 lines
1.5 KiB
YAML
36 lines
1.5 KiB
YAML
services:
|
|
mtls-bridge:
|
|
profiles: ["monitoring", "all", "mtls-bridge"]
|
|
build:
|
|
context: ${PROJECT_ROOT}/monitoring/mtls-bridge
|
|
container_name: mtls-bridge
|
|
restart: unless-stopped
|
|
environment:
|
|
- TARGET_URL=${MTLS_BRIDGE_TARGET_URL}
|
|
- CLIENT_CERT=${MTLS_BRIDGE_CLIENT_CERT}
|
|
- CLIENT_KEY=${MTLS_BRIDGE_CLIENT_KEY}
|
|
- TIMEOUT=${MTLS_BRIDGE_TIMEOUT}
|
|
- LOG_LEVEL=${MTLS_BRIDGE_LOG_LEVEL:-INFO}
|
|
- UPSTREAM_CA_CERT=${MTLS_BRIDGE_UPSTREAM_CA_CERT:-}
|
|
volumes:
|
|
- ${PROJECT_ROOT}/core/traefik/certs:/certs:ro
|
|
labels:
|
|
- "traefik.http.routers.mtls-bridge.rule=Host(`mtls-bridge.lan.ddnsgeek.com`)"
|
|
- "traefik.enable=true"
|
|
- "traefik.http.routers.mtls-bridge.entrypoints=websecure"
|
|
- "traefik.http.routers.mtls-bridge.tls.certresolver=myresolver"
|
|
- "traefik.http.routers.mtls-bridge.middlewares=mtls-bridge-auth"
|
|
- "traefik.http.middlewares.mtls-bridge-auth.basicauth.users=${MTLS_BRIDGE_BASIC_AUTH_USERS}"
|
|
- "io.portainer.accesscontrol.public"
|
|
# - "traefik.http.routers.searxng.middlewares=crowdsec@file,secHeaders@file,error-pages-middleware"
|
|
- "traefik.http.services.mtls-bridge.loadbalancer.server.port=8080"
|
|
healthcheck:
|
|
test: ["CMD", "python", "-c", "import urllib.request; urllib.request.urlopen('http://localhost:8080/health', timeout=3).read()"]
|
|
interval: 30s
|
|
timeout: 5s
|
|
retries: 3
|
|
start_period: 10s
|
|
networks:
|
|
- monitor
|
|
- traefik
|