Arion: Add authentik integration with non-oidc services
This commit is contained in:
parent
3581dfc24a
commit
756536a2ee
5 changed files with 27 additions and 2 deletions
|
@ -38,7 +38,7 @@
|
|||
};
|
||||
volumes = [
|
||||
"/home/ghoscht/.docker/infrastructure/traefik_config/traefik.yml:/traefik.yml:ro"
|
||||
"/home/ghoscht/.docker/infrastructure/traefik_data/config.yml:/config.yml:ro"
|
||||
"/home/ghoscht/.docker/infrastructure/traefik_config/conf:/conf:ro"
|
||||
"/storage/dataset/docker/infrastructure/traefik_data/acme.json:/acme.json"
|
||||
"/var/run/docker.sock:/var/run/docker.sock:ro"
|
||||
"traefik-logs:/var/log/traefik"
|
||||
|
|
|
@ -96,7 +96,8 @@ in {
|
|||
exposedByDefault: false
|
||||
network: dmz
|
||||
file:
|
||||
filename: /config.yml
|
||||
watch: true
|
||||
directory: /conf/
|
||||
certificatesResolvers:
|
||||
letsencrypt:
|
||||
acme:
|
||||
|
|
|
@ -112,6 +112,7 @@
|
|||
"traefik.docker.network" = "dmz";
|
||||
"traefik.http.routers.transmission.tls" = "true";
|
||||
"traefik.http.routers.transmission.tls.certresolver" = "letsencrypt";
|
||||
"traefik.http.routers.transmission.middlewares" = "authentik@file";
|
||||
};
|
||||
volumes = [
|
||||
"/storage/dataset/docker/media/transmission_data:/config"
|
||||
|
@ -155,6 +156,7 @@
|
|||
"traefik.docker.network" = "dmz";
|
||||
"traefik.http.routers.prowlarr.tls" = "true";
|
||||
"traefik.http.routers.prowlarr.tls.certresolver" = "letsencrypt";
|
||||
"traefik.http.routers.prowlarr.middlewares" = "authentik@file";
|
||||
|
||||
"diun.enable" = "true";
|
||||
"diun.watch_repo" = "true";
|
||||
|
@ -185,6 +187,7 @@
|
|||
"traefik.docker.network" = "dmz";
|
||||
"traefik.http.routers.sonarr.tls" = "true";
|
||||
"traefik.http.routers.sonarr.tls.certresolver" = "letsencrypt";
|
||||
"traefik.http.routers.sonarr.middlewares" = "authentik@file";
|
||||
|
||||
"diun.enable" = "true";
|
||||
"diun.watch_repo" = "true";
|
||||
|
@ -217,6 +220,7 @@
|
|||
"traefik.docker.network" = "dmz";
|
||||
"traefik.http.routers.radarr.tls" = "true";
|
||||
"traefik.http.routers.radarr.tls.certresolver" = "letsencrypt";
|
||||
"traefik.http.routers.radarr.middlewares" = "authentik@file";
|
||||
|
||||
"diun.enable" = "true";
|
||||
"diun.watch_repo" = "true";
|
||||
|
@ -250,6 +254,7 @@
|
|||
"traefik.docker.network" = "dmz";
|
||||
"traefik.http.routers.lidarr.tls" = "true";
|
||||
"traefik.http.routers.lidarr.tls.certresolver" = "letsencrypt";
|
||||
"traefik.http.routers.lidarr.middlewares" = "authentik@file";
|
||||
};
|
||||
volumes = [
|
||||
"/storage/dataset/docker/media/lidarr_data:/config"
|
||||
|
@ -280,6 +285,7 @@
|
|||
"traefik.docker.network" = "dmz";
|
||||
"traefik.http.routers.bazarr.tls" = "true";
|
||||
"traefik.http.routers.bazarr.tls.certresolver" = "letsencrypt";
|
||||
"traefik.http.routers.bazarr.middlewares" = "authentik@file";
|
||||
};
|
||||
volumes = [
|
||||
"/storage/dataset/docker/media/bazarr_data:/config"
|
||||
|
|
|
@ -0,0 +1,18 @@
|
|||
http:
|
||||
middlewares:
|
||||
authentik:
|
||||
forwardAuth:
|
||||
address: http://authentik:9000/outpost.goauthentik.io/auth/traefik
|
||||
trustForwardHeader: true
|
||||
authResponseHeaders:
|
||||
- X-authentik-username
|
||||
- X-authentik-groups
|
||||
- X-authentik-email
|
||||
- X-authentik-name
|
||||
- X-authentik-uid
|
||||
- X-authentik-jwt
|
||||
- X-authentik-meta-jwks
|
||||
- X-authentik-meta-outpost
|
||||
- X-authentik-meta-provider
|
||||
- X-authentik-meta-app
|
||||
- X-authentik-meta-version
|
Loading…
Reference in a new issue