Add Homer dashboard
This commit is contained in:
		
							parent
							
								
									5d1b7c06c6
								
							
						
					
					
						commit
						e8cd50c857
					
				
							
								
								
									
										3
									
								
								.gitignore
									
									
									
									
										vendored
									
									
								
							
							
						
						
									
										3
									
								
								.gitignore
									
									
									
									
										vendored
									
									
								
							| @ -1,7 +1,10 @@ | ||||
| traefik/acme.json | ||||
| traefik/certs/ | ||||
| traefik/traefik.log | ||||
| traefik/config/old.yaml | ||||
| 
 | ||||
| authelia/db.sqlite3 | ||||
| authelia/notification.txt | ||||
| authelia/users_database.yml | ||||
| 
 | ||||
| homer/ | ||||
|  | ||||
| @ -6,13 +6,12 @@ authentication_backend: | ||||
|   file: | ||||
|     path: /opt/authelia/users_database.yml | ||||
| 
 | ||||
|     # {{ env.Getenv "ROOT_DOMAIN" }} | ||||
| session: | ||||
|   name: authelia_session | ||||
|   secret: {{ env.Getenv "PRIVATE_DOMAIN" }}-token-secret | ||||
|   domain: {{ env.Getenv "PRIVATE_DOMAIN" }} | ||||
|   expiration: 604800 | ||||
|   inactivity: 300 | ||||
|   inactivity: 172800 | ||||
| 
 | ||||
| storage: | ||||
|   local: | ||||
| @ -22,9 +21,10 @@ totp: | ||||
|   issuer: {{ env.Getenv "PRIVATE_DOMAIN" }} | ||||
| 
 | ||||
| access_control: | ||||
|   default_policy: two_factor | ||||
|   default_policy: one_factor | ||||
| 
 | ||||
|   rules: | ||||
|     # Allow free access from local network | ||||
|     - domain: "*" | ||||
|       networks: | ||||
|         - 192.168.1.0/23 | ||||
|  | ||||
| @ -1,43 +1,52 @@ | ||||
| version: "3.5" | ||||
| version: "2.4" | ||||
| 
 | ||||
| networks: | ||||
|   web: | ||||
|     # All containers that are router through traefik needs to be on this network | ||||
|     external: false | ||||
|     name: web | ||||
|     external: true | ||||
| 
 | ||||
| volumes: | ||||
|   authelia-config: | ||||
|     # Used for pre-processing of authelia configuration | ||||
| 
 | ||||
| services: | ||||
|   proxy: | ||||
|   autoheal: | ||||
|     container_name: autoheal | ||||
|     restart: always | ||||
|     image: willfarrell/autoheal | ||||
|     volumes: | ||||
|       - /var/run/docker.sock:/var/run/docker.sock | ||||
| 
 | ||||
|   traefik: | ||||
|     container_name: traefik | ||||
|     image: traefik:v2.1 | ||||
|     image: traefik | ||||
|     restart: always | ||||
|     environment: | ||||
|       - EMAIL | ||||
|       - PRIVATE_DOMAIN | ||||
|       - PUBLIC_DOMAIN | ||||
|     networks: | ||||
|       - web | ||||
|       web: | ||||
|     command: | ||||
|       - "--configFile=/data/traefik.yaml" | ||||
|     ports:  | ||||
|     ports: | ||||
|       - 80:80 | ||||
|       - 443:443 | ||||
|       # Open port 8080 for debugging emergencies | ||||
|     # - 8080:8080 | ||||
|       - 8080:8080 | ||||
|     volumes: | ||||
|       - /var/run/docker.sock:/var/run/docker.sock | ||||
|       - ./traefik:/data | ||||
|     healthcheck: | ||||
|       # Sometimes, traefik loses connection to authelia. The only thing that works then is a restart, handled by autoheal. | ||||
|       test: ["CMD", "wget", "-O", "-", "authelia:9091/api/state"] | ||||
|     labels: | ||||
|       traefik.enable: true | ||||
|       traefik.http.services.traefik.loadbalancer.server.port: 8080 | ||||
| 
 | ||||
|       traefik.http.routers.traefik.rule: Host(`traefik.${PRIVATE_DOMAIN}`) | ||||
|       traefik.http.routers.traefik.middlewares: auth@file | ||||
|       traefik.http.routers.traefik.tls.certResolver: le | ||||
|       autoheal: "true" | ||||
| 
 | ||||
|   authelia-config: | ||||
|     # Preprocess authelia configuration through gomplate | ||||
| @ -63,17 +72,37 @@ services: | ||||
|       - ENVIRONMENT=dev | ||||
|       - NODE_TLS_REJECT_UNAUTHORIZED=1 | ||||
|     networks: | ||||
|       - web | ||||
|       web: | ||||
|     healthcheck: | ||||
|       test: ["CMD", "wget", "-O", "-", "127.0.0.1:9091/api/state"] | ||||
|     labels: | ||||
|       traefik.enable: true | ||||
|       traefik.http.routers.authelia.rule: Host(`auth.${PRIVATE_DOMAIN}`) | ||||
|       traefik.http.routers.authelia.tls.certResolver: le | ||||
|       traefik.http.routers.authelia.entrypoints: websecure | ||||
|       autoheal: "true" | ||||
| 
 | ||||
|   homer: | ||||
|     container_name: homer | ||||
|     image: b4bz/homer | ||||
|     restart: always | ||||
|     volumes: | ||||
|       - ./homer:/www/assets | ||||
|     environment: | ||||
|       UID: 1000 | ||||
|       GID: 1001 | ||||
|     networks: | ||||
|       web: | ||||
|     labels: | ||||
|       traefik.enable: true | ||||
|       traefik.http.routers.homer.rule: Host(`${PRIVATE_DOMAIN}`) | ||||
|       traefik.http.routers.homer.tls.certResolver: le | ||||
|       traefik.http.routers.homer.entrypoints: websecure | ||||
| 
 | ||||
| # whoami-https: | ||||
| #   image: containous/whoami | ||||
| #   networks: | ||||
| #     - web | ||||
| #     web: | ||||
| #   labels: | ||||
| #     traefik.enable: true | ||||
| #     traefik.http.routers.wait-https.rule: Host(`wai-https.${PRIVATE_DOMAIN}`) | ||||
| @ -82,7 +111,8 @@ services: | ||||
| # whoami-auth: | ||||
| #   image: containous/whoami | ||||
| #   networks: | ||||
| #     - web | ||||
| #     web: | ||||
| #     macvlan: | ||||
| #   labels: | ||||
| #     traefik.enable: true | ||||
| #     traefik.http.routers.wai-auth.rule: Host(`wai-auth.${PRIVATE_DOMAIN}`) | ||||
|  | ||||
| @ -30,6 +30,9 @@ http: | ||||
|         address: http://authelia:9091/api/verify?rd=https://auth.{{ env "PRIVATE_DOMAIN" }}/ | ||||
|         trustForwardHeader: true | ||||
|         authResponseHeaders: | ||||
|           - X-Forwarded-User | ||||
|           - X-Remote-User | ||||
|           - Remote-User | ||||
|           - X-Remote-Groups | ||||
|           - Remote-Groups | ||||
|         tls: | ||||
|           insecureSkipVerify: true | ||||
|  | ||||
| @ -1,6 +1,9 @@ | ||||
| api: | ||||
|   insecure: true | ||||
| 
 | ||||
| serversTransport: | ||||
|   insecureSkipVerify: true | ||||
| 
 | ||||
| providers: | ||||
|   file: | ||||
|     directory: /data/config | ||||
|  | ||||
		Loading…
	
	
			
			x
			
			
		
	
		Reference in New Issue
	
	Block a user