99 lines
2.6 KiB
YAML
99 lines
2.6 KiB
YAML
version: "3.5"
|
|
|
|
networks:
|
|
web:
|
|
external: false
|
|
name: web
|
|
|
|
volumes:
|
|
authelia-config:
|
|
|
|
services:
|
|
proxy:
|
|
container_name: traefik
|
|
image: traefik:v2.1
|
|
restart: always
|
|
environment:
|
|
- EMAIL
|
|
- PRIVATE_DOMAIN
|
|
- PUBLIC_DOMAIN
|
|
networks:
|
|
- web
|
|
command:
|
|
- "--configFile=/data/traefik.yaml"
|
|
ports:
|
|
- "80:80"
|
|
- "443:443"
|
|
- "8080:8080"
|
|
volumes:
|
|
- "/var/run/docker.sock:/var/run/docker.sock"
|
|
- "./traefik:/data"
|
|
labels:
|
|
- "traefik.enable=true"
|
|
- "traefik.http.services.traefik.loadbalancer.server.port=8080"
|
|
|
|
- "traefik.http.routers.traefik.rule=Host(`traefik.${PRIVATE_DOMAIN}`)"
|
|
- "traefik.http.routers.traefik.middlewares=auth@file"
|
|
- "traefik.http.routers.traefik.tls.certResolver=le"
|
|
|
|
- "traefik.http.routers.http-catchall.rule=hostregexp(`{host:.+}`)"
|
|
- "traefik.http.routers.http-catchall.entrypoints=web"
|
|
- "traefik.http.routers.http-catchall.middlewares=redir@file"
|
|
|
|
authelia-config:
|
|
image: hairyhenderson/gomplate
|
|
environment:
|
|
- PRIVATE_DOMAIN
|
|
- PUBLIC_DOMAIN
|
|
volumes:
|
|
- ./authelia/configuration.yml:/data/input:ro
|
|
- authelia-config:/data/output
|
|
command: '--file=/data/input --out=/data/output/configuration.yml'
|
|
authelia:
|
|
container_name: authelia
|
|
image: authelia/authelia
|
|
restart: always
|
|
links:
|
|
- authelia-config
|
|
volumes:
|
|
- ./authelia:/opt/authelia
|
|
- authelia-config:/etc/authelia/
|
|
environment:
|
|
- ENVIRONMENT=dev
|
|
- NODE_TLS_REJECT_UNAUTHORIZED=1
|
|
networks:
|
|
- web
|
|
labels:
|
|
- "traefik.enable=true"
|
|
- "traefik.http.routers.authelia.rule=Host(`auth.${PRIVATE_DOMAIN}`)"
|
|
- "traefik.http.routers.authelia.tls=true"
|
|
- "traefik.http.routers.authelia.tls.certResolver=le"
|
|
- "traefik.http.routers.authelia.entrypoints=websecure"
|
|
|
|
# whoami-http:
|
|
# image: containous/whoami
|
|
# networks:
|
|
# - web
|
|
# labels:
|
|
# - "traefik.enable=true"
|
|
# - "traefik.http.routers.whoami2.rule=Host(`wai-http.${PRIVATE_DOMAIN}`)"
|
|
#
|
|
# whoami-https:
|
|
# image: containous/whoami
|
|
# networks:
|
|
# - web
|
|
# labels:
|
|
# - "traefik.enable=true"
|
|
# - "traefik.http.routers.whoami.rule=Host(`wai-https.${PRIVATE_DOMAIN}`)"
|
|
# - "traefik.http.routers.whoami.tls.certResolver=le"
|
|
|
|
# whoami-auth:
|
|
# image: containous/whoami
|
|
# networks:
|
|
# - web
|
|
# labels:
|
|
# - "traefik.enable=true"
|
|
# - "traefik.http.routers.wai.rule=Host(`wai-auth.${PRIVATE_DOMAIN}`)"
|
|
# - "traefik.http.routers.wai.tls.certResolver=le"
|
|
# - "traefik.http.routers.wai.middlewares=auth@file"
|