Add Homer dashboard
This commit is contained in:
		
							parent
							
								
									5d1b7c06c6
								
							
						
					
					
						commit
						e8cd50c857
					
				
							
								
								
									
										3
									
								
								.gitignore
									
									
									
									
										vendored
									
									
								
							
							
						
						
									
										3
									
								
								.gitignore
									
									
									
									
										vendored
									
									
								
							| @ -1,7 +1,10 @@ | |||||||
| traefik/acme.json | traefik/acme.json | ||||||
| traefik/certs/ | traefik/certs/ | ||||||
| traefik/traefik.log | traefik/traefik.log | ||||||
|  | traefik/config/old.yaml | ||||||
| 
 | 
 | ||||||
| authelia/db.sqlite3 | authelia/db.sqlite3 | ||||||
| authelia/notification.txt | authelia/notification.txt | ||||||
| authelia/users_database.yml | authelia/users_database.yml | ||||||
|  | 
 | ||||||
|  | homer/ | ||||||
|  | |||||||
| @ -6,13 +6,12 @@ authentication_backend: | |||||||
|   file: |   file: | ||||||
|     path: /opt/authelia/users_database.yml |     path: /opt/authelia/users_database.yml | ||||||
| 
 | 
 | ||||||
|     # {{ env.Getenv "ROOT_DOMAIN" }} |  | ||||||
| session: | session: | ||||||
|   name: authelia_session |   name: authelia_session | ||||||
|   secret: {{ env.Getenv "PRIVATE_DOMAIN" }}-token-secret |   secret: {{ env.Getenv "PRIVATE_DOMAIN" }}-token-secret | ||||||
|   domain: {{ env.Getenv "PRIVATE_DOMAIN" }} |   domain: {{ env.Getenv "PRIVATE_DOMAIN" }} | ||||||
|   expiration: 604800 |   expiration: 604800 | ||||||
|   inactivity: 300 |   inactivity: 172800 | ||||||
| 
 | 
 | ||||||
| storage: | storage: | ||||||
|   local: |   local: | ||||||
| @ -22,9 +21,10 @@ totp: | |||||||
|   issuer: {{ env.Getenv "PRIVATE_DOMAIN" }} |   issuer: {{ env.Getenv "PRIVATE_DOMAIN" }} | ||||||
| 
 | 
 | ||||||
| access_control: | access_control: | ||||||
|   default_policy: two_factor |   default_policy: one_factor | ||||||
| 
 | 
 | ||||||
|   rules: |   rules: | ||||||
|  |     # Allow free access from local network | ||||||
|     - domain: "*" |     - domain: "*" | ||||||
|       networks: |       networks: | ||||||
|         - 192.168.1.0/23 |         - 192.168.1.0/23 | ||||||
|  | |||||||
| @ -1,43 +1,52 @@ | |||||||
| version: "3.5" | version: "2.4" | ||||||
| 
 | 
 | ||||||
| networks: | networks: | ||||||
|   web: |   web: | ||||||
|     # All containers that are router through traefik needs to be on this network |     # All containers that are router through traefik needs to be on this network | ||||||
|     external: false |     external: true | ||||||
|     name: web |  | ||||||
| 
 | 
 | ||||||
| volumes: | volumes: | ||||||
|   authelia-config: |   authelia-config: | ||||||
|     # Used for pre-processing of authelia configuration |     # Used for pre-processing of authelia configuration | ||||||
| 
 | 
 | ||||||
| services: | services: | ||||||
|   proxy: |   autoheal: | ||||||
|  |     container_name: autoheal | ||||||
|  |     restart: always | ||||||
|  |     image: willfarrell/autoheal | ||||||
|  |     volumes: | ||||||
|  |       - /var/run/docker.sock:/var/run/docker.sock | ||||||
|  | 
 | ||||||
|  |   traefik: | ||||||
|     container_name: traefik |     container_name: traefik | ||||||
|     image: traefik:v2.1 |     image: traefik | ||||||
|     restart: always |     restart: always | ||||||
|     environment: |     environment: | ||||||
|       - EMAIL |       - EMAIL | ||||||
|       - PRIVATE_DOMAIN |       - PRIVATE_DOMAIN | ||||||
|       - PUBLIC_DOMAIN |       - PUBLIC_DOMAIN | ||||||
|     networks: |     networks: | ||||||
|       - web |       web: | ||||||
|     command: |     command: | ||||||
|       - "--configFile=/data/traefik.yaml" |       - "--configFile=/data/traefik.yaml" | ||||||
|     ports: |     ports: | ||||||
|       - 80:80 |       - 80:80 | ||||||
|       - 443:443 |       - 443:443 | ||||||
|       # Open port 8080 for debugging emergencies |       # Open port 8080 for debugging emergencies | ||||||
|     # - 8080:8080 |       - 8080:8080 | ||||||
|     volumes: |     volumes: | ||||||
|       - /var/run/docker.sock:/var/run/docker.sock |       - /var/run/docker.sock:/var/run/docker.sock | ||||||
|       - ./traefik:/data |       - ./traefik:/data | ||||||
|  |     healthcheck: | ||||||
|  |       # Sometimes, traefik loses connection to authelia. The only thing that works then is a restart, handled by autoheal. | ||||||
|  |       test: ["CMD", "wget", "-O", "-", "authelia:9091/api/state"] | ||||||
|     labels: |     labels: | ||||||
|       traefik.enable: true |       traefik.enable: true | ||||||
|       traefik.http.services.traefik.loadbalancer.server.port: 8080 |       traefik.http.services.traefik.loadbalancer.server.port: 8080 | ||||||
| 
 |  | ||||||
|       traefik.http.routers.traefik.rule: Host(`traefik.${PRIVATE_DOMAIN}`) |       traefik.http.routers.traefik.rule: Host(`traefik.${PRIVATE_DOMAIN}`) | ||||||
|       traefik.http.routers.traefik.middlewares: auth@file |       traefik.http.routers.traefik.middlewares: auth@file | ||||||
|       traefik.http.routers.traefik.tls.certResolver: le |       traefik.http.routers.traefik.tls.certResolver: le | ||||||
|  |       autoheal: "true" | ||||||
| 
 | 
 | ||||||
|   authelia-config: |   authelia-config: | ||||||
|     # Preprocess authelia configuration through gomplate |     # Preprocess authelia configuration through gomplate | ||||||
| @ -63,17 +72,37 @@ services: | |||||||
|       - ENVIRONMENT=dev |       - ENVIRONMENT=dev | ||||||
|       - NODE_TLS_REJECT_UNAUTHORIZED=1 |       - NODE_TLS_REJECT_UNAUTHORIZED=1 | ||||||
|     networks: |     networks: | ||||||
|       - web |       web: | ||||||
|  |     healthcheck: | ||||||
|  |       test: ["CMD", "wget", "-O", "-", "127.0.0.1:9091/api/state"] | ||||||
|     labels: |     labels: | ||||||
|       traefik.enable: true |       traefik.enable: true | ||||||
|       traefik.http.routers.authelia.rule: Host(`auth.${PRIVATE_DOMAIN}`) |       traefik.http.routers.authelia.rule: Host(`auth.${PRIVATE_DOMAIN}`) | ||||||
|       traefik.http.routers.authelia.tls.certResolver: le |       traefik.http.routers.authelia.tls.certResolver: le | ||||||
|       traefik.http.routers.authelia.entrypoints: websecure |       traefik.http.routers.authelia.entrypoints: websecure | ||||||
|  |       autoheal: "true" | ||||||
|  | 
 | ||||||
|  |   homer: | ||||||
|  |     container_name: homer | ||||||
|  |     image: b4bz/homer | ||||||
|  |     restart: always | ||||||
|  |     volumes: | ||||||
|  |       - ./homer:/www/assets | ||||||
|  |     environment: | ||||||
|  |       UID: 1000 | ||||||
|  |       GID: 1001 | ||||||
|  |     networks: | ||||||
|  |       web: | ||||||
|  |     labels: | ||||||
|  |       traefik.enable: true | ||||||
|  |       traefik.http.routers.homer.rule: Host(`${PRIVATE_DOMAIN}`) | ||||||
|  |       traefik.http.routers.homer.tls.certResolver: le | ||||||
|  |       traefik.http.routers.homer.entrypoints: websecure | ||||||
| 
 | 
 | ||||||
| # whoami-https: | # whoami-https: | ||||||
| #   image: containous/whoami | #   image: containous/whoami | ||||||
| #   networks: | #   networks: | ||||||
| #     - web | #     web: | ||||||
| #   labels: | #   labels: | ||||||
| #     traefik.enable: true | #     traefik.enable: true | ||||||
| #     traefik.http.routers.wait-https.rule: Host(`wai-https.${PRIVATE_DOMAIN}`) | #     traefik.http.routers.wait-https.rule: Host(`wai-https.${PRIVATE_DOMAIN}`) | ||||||
| @ -82,7 +111,8 @@ services: | |||||||
| # whoami-auth: | # whoami-auth: | ||||||
| #   image: containous/whoami | #   image: containous/whoami | ||||||
| #   networks: | #   networks: | ||||||
| #     - web | #     web: | ||||||
|  | #     macvlan: | ||||||
| #   labels: | #   labels: | ||||||
| #     traefik.enable: true | #     traefik.enable: true | ||||||
| #     traefik.http.routers.wai-auth.rule: Host(`wai-auth.${PRIVATE_DOMAIN}`) | #     traefik.http.routers.wai-auth.rule: Host(`wai-auth.${PRIVATE_DOMAIN}`) | ||||||
|  | |||||||
| @ -30,6 +30,9 @@ http: | |||||||
|         address: http://authelia:9091/api/verify?rd=https://auth.{{ env "PRIVATE_DOMAIN" }}/ |         address: http://authelia:9091/api/verify?rd=https://auth.{{ env "PRIVATE_DOMAIN" }}/ | ||||||
|         trustForwardHeader: true |         trustForwardHeader: true | ||||||
|         authResponseHeaders: |         authResponseHeaders: | ||||||
|           - X-Forwarded-User |           - X-Remote-User | ||||||
|  |           - Remote-User | ||||||
|  |           - X-Remote-Groups | ||||||
|  |           - Remote-Groups | ||||||
|         tls: |         tls: | ||||||
|           insecureSkipVerify: true |           insecureSkipVerify: true | ||||||
|  | |||||||
| @ -1,6 +1,9 @@ | |||||||
| api: | api: | ||||||
|   insecure: true |   insecure: true | ||||||
| 
 | 
 | ||||||
|  | serversTransport: | ||||||
|  |   insecureSkipVerify: true | ||||||
|  | 
 | ||||||
| providers: | providers: | ||||||
|   file: |   file: | ||||||
|     directory: /data/config |     directory: /data/config | ||||||
|  | |||||||
		Loading…
	
	
			
			x
			
			
		
	
		Reference in New Issue
	
	Block a user