Compare commits
3 commits
84614d89e0
...
9b46f6e9e9
Author | SHA1 | Date | |
---|---|---|---|
9b46f6e9e9 | |||
ad901449e1 | |||
756536a2ee |
5 changed files with 34 additions and 2 deletions
|
@ -38,7 +38,7 @@
|
|||
};
|
||||
volumes = [
|
||||
"/home/ghoscht/.docker/infrastructure/traefik_config/traefik.yml:/traefik.yml:ro"
|
||||
"/home/ghoscht/.docker/infrastructure/traefik_data/config.yml:/config.yml:ro"
|
||||
"/home/ghoscht/.docker/infrastructure/traefik_config/conf:/conf:ro"
|
||||
"/storage/dataset/docker/infrastructure/traefik_data/acme.json:/acme.json"
|
||||
"/var/run/docker.sock:/var/run/docker.sock:ro"
|
||||
"traefik-logs:/var/log/traefik"
|
||||
|
|
|
@ -96,7 +96,8 @@ in {
|
|||
exposedByDefault: false
|
||||
network: dmz
|
||||
file:
|
||||
filename: /config.yml
|
||||
watch: true
|
||||
directory: /conf/
|
||||
certificatesResolvers:
|
||||
letsencrypt:
|
||||
acme:
|
||||
|
|
|
@ -59,6 +59,13 @@
|
|||
"traefik.http.routers.navidrome.tls" = "true";
|
||||
"traefik.http.routers.navidrome.tls.certresolver" = "letsencrypt";
|
||||
|
||||
"traefik.http.services.navidrome-external.loadbalancer.server.port" = "4533";
|
||||
"traefik.http.routers.navidrome-external.service" = "navidrome-external";
|
||||
"traefik.http.routers.navidrome-external.rule" = "Host(`music.ghoscht.com`)";
|
||||
"traefik.http.routers.navidrome-external.entrypoints" = "websecure-external";
|
||||
"traefik.http.routers.navidrome-external.tls" = "true";
|
||||
"traefik.http.routers.navidrome-external.tls.certresolver" = "letsencrypt";
|
||||
|
||||
"diun.enable" = "true";
|
||||
"diun.watch_repo" = "true";
|
||||
"diun.sort_tags" = "semver";
|
||||
|
@ -112,6 +119,7 @@
|
|||
"traefik.docker.network" = "dmz";
|
||||
"traefik.http.routers.transmission.tls" = "true";
|
||||
"traefik.http.routers.transmission.tls.certresolver" = "letsencrypt";
|
||||
"traefik.http.routers.transmission.middlewares" = "authentik@file";
|
||||
};
|
||||
volumes = [
|
||||
"/storage/dataset/docker/media/transmission_data:/config"
|
||||
|
@ -155,6 +163,7 @@
|
|||
"traefik.docker.network" = "dmz";
|
||||
"traefik.http.routers.prowlarr.tls" = "true";
|
||||
"traefik.http.routers.prowlarr.tls.certresolver" = "letsencrypt";
|
||||
"traefik.http.routers.prowlarr.middlewares" = "authentik@file";
|
||||
|
||||
"diun.enable" = "true";
|
||||
"diun.watch_repo" = "true";
|
||||
|
@ -185,6 +194,7 @@
|
|||
"traefik.docker.network" = "dmz";
|
||||
"traefik.http.routers.sonarr.tls" = "true";
|
||||
"traefik.http.routers.sonarr.tls.certresolver" = "letsencrypt";
|
||||
"traefik.http.routers.sonarr.middlewares" = "authentik@file";
|
||||
|
||||
"diun.enable" = "true";
|
||||
"diun.watch_repo" = "true";
|
||||
|
@ -217,6 +227,7 @@
|
|||
"traefik.docker.network" = "dmz";
|
||||
"traefik.http.routers.radarr.tls" = "true";
|
||||
"traefik.http.routers.radarr.tls.certresolver" = "letsencrypt";
|
||||
"traefik.http.routers.radarr.middlewares" = "authentik@file";
|
||||
|
||||
"diun.enable" = "true";
|
||||
"diun.watch_repo" = "true";
|
||||
|
@ -250,6 +261,7 @@
|
|||
"traefik.docker.network" = "dmz";
|
||||
"traefik.http.routers.lidarr.tls" = "true";
|
||||
"traefik.http.routers.lidarr.tls.certresolver" = "letsencrypt";
|
||||
"traefik.http.routers.lidarr.middlewares" = "authentik@file";
|
||||
};
|
||||
volumes = [
|
||||
"/storage/dataset/docker/media/lidarr_data:/config"
|
||||
|
@ -280,6 +292,7 @@
|
|||
"traefik.docker.network" = "dmz";
|
||||
"traefik.http.routers.bazarr.tls" = "true";
|
||||
"traefik.http.routers.bazarr.tls.certresolver" = "letsencrypt";
|
||||
"traefik.http.routers.bazarr.middlewares" = "authentik@file";
|
||||
};
|
||||
volumes = [
|
||||
"/storage/dataset/docker/media/bazarr_data:/config"
|
||||
|
|
|
@ -0,0 +1,18 @@
|
|||
http:
|
||||
middlewares:
|
||||
authentik:
|
||||
forwardAuth:
|
||||
address: http://authentik:9000/outpost.goauthentik.io/auth/traefik
|
||||
trustForwardHeader: true
|
||||
authResponseHeaders:
|
||||
- X-authentik-username
|
||||
- X-authentik-groups
|
||||
- X-authentik-email
|
||||
- X-authentik-name
|
||||
- X-authentik-uid
|
||||
- X-authentik-jwt
|
||||
- X-authentik-meta-jwks
|
||||
- X-authentik-meta-outpost
|
||||
- X-authentik-meta-provider
|
||||
- X-authentik-meta-app
|
||||
- X-authentik-meta-version
|
Loading…
Reference in a new issue