testing authelia and traefik

This commit is contained in:
2025-03-21 12:48:28 -05:00
parent 0eca9d9458
commit 688e2c00f1
2 changed files with 105 additions and 0 deletions

0
proxy/.env Normal file
View File

105
proxy/compose.yml Normal file
View File

@@ -0,0 +1,105 @@
---
networks:
authelia:
reverseproxy:
external: true
services:
authelia:
image: 'authelia/authelia'
container_name: 'authelia'
volumes:
- './authelia:/config'
networks:
- authelia
- reverseproxy
labels:
traefik.enable: 'true'
traefik.http.routers.authelia.rule: 'Host(`authelia.akanealw.com`)'
traefik.http.routers.authelia.entrypoints: 'https'
traefik.http.routers.authelia.tls: 'true'
traefik.http.routers.authelia.tls.certresolver: 'letsencrypt'
traefik.http.middlewares.authelia.forwardauth.address: 'http://authelia:9091/api/authz/forward-auth' # yamllint disable-line rule:line-length
traefik.http.middlewares.authelia.forwardauth.trustForwardHeader: 'true'
traefik.http.middlewares.authelia.forwardauth.authResponseHeaders: 'Remote-User,Remote-Groups,Remote-Name,Remote-Email' # yamllint disable-line rule:line-length
restart: 'unless-stopped'
healthcheck:
## In production the healthcheck section should be commented.
disable: true
environment:
TZ: 'American/Chicago'
redis:
image: 'redis:alpine'
container_name: 'redis'
volumes:
- './redis:/data'
networks:
- authelia
- bridge
restart: 'unless-stopped'
environment:
TZ: 'America/Chicago'
traefik:
image: 'traefik:v3.3.4'
container_name: 'traefik'
volumes:
- './traefik:/etc/traefik'
- '/var/run/docker.sock:/var/run/docker.sock'
networks:
- reverseproxy
labels:
traefik.enable: 'true'
traefik.http.routers.api.rule: 'Host(`traefik.akanealw.com`)'
traefik.http.routers.api.entrypoints: 'https'
traefik.http.routers.api.service: 'api@internal'
traefik.http.routers.api.tls: 'true'
traefik.http.routers.api.tls.certresolver: 'letsencrypt'
traefik.http.routers.api.middlewares: 'authelia@docker'
ports:
- '80:80'
- '443:443'
command:
- '--api'
- '--providers.docker=true'
- '--providers.docker.exposedByDefault=false'
- '--entrypoints.http=true'
- '--entrypoints.http.address=:80'
- '--entrypoints.http.http.redirections.entrypoint.to=https'
- '--entrypoints.http.http.redirections.entrypoint.scheme=https'
- '--entrypoints.https=true'
- '--entrypoints.https.address=:443'
- '--certificatesResolvers.letsencrypt.acme.email=akanealw@gmail.com'
- '--certificatesResolvers.letsencrypt.acme.storage=/etc/traefik/acme.json'
- '--certificatesResolvers.letsencrypt.acme.httpChallenge.entryPoint=http'
- '--log=true'
- '--log.level=DEBUG'
secure:
image: 'traefik/whoami'
container_name: 'secure'
networks:
- reverseproxy
labels:
traefik.enable: 'true'
traefik.http.routers.secure.rule: 'Host(`secure.akanealw.com`)'
traefik.http.routers.secure.entrypoints: 'https'
traefik.http.routers.secure.tls: 'true'
traefik.http.routers.secure.tls.certresolver: 'letsencrypt'
traefik.http.routers.secure.middlewares: 'authelia@docker'
restart: 'unless-stopped'
public:
image: 'traefik/whoami'
container_name: 'public'
networks:
- reverseproxy
labels:
traefik.enable: 'true'
traefik.http.routers.public.rule: 'Host(`public.akanealw.com`)'
traefik.http.routers.public.entrypoints: 'https'
traefik.http.routers.public.tls: 'true'
traefik.http.routers.public.tls.certresolver: 'letsencrypt'
traefik.http.routers.public.middlewares: 'authelia@docker'
restart: 'unless-stopped'