keith/dev-notes
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
b0d760c3abed565b16fe6446f24c75873d0ffced
dev-notes/assets/files/traefik/traefik-stack.yml
Keith Solomon b0d760c3ab feature: Add basic Traefik/Authelia support files
2025-12-06 13:41:33 -06:00

94 lines
2.8 KiB
YAML
Raw Blame History

services:
traefik:
container_name: Traefik
image: traefik:latest
restart: always
networks:
traefik_macvlan:
ipv4_address: 192.168.2.253 # Traefik's LAN IP
proxy: {}
volumes:
- /var/run/docker.sock:/var/run/docker.sock:ro
- ./traefik/traefik.yml:/traefik.yml:ro
- ./traefik/config:/traefik_config
- ./traefik/cert:/traefik_cert
- ./traefik/logs:/logs
environment:
- TZ=America/Winnipeg
- CLOUDFLARE_API_KEY=${CLOUDFLARE_API_KEY}
- CLOUDFLARE_EMAIL=${CLOUDFLARE_EMAIL}
labels:
- "traefik.enable=true"
# Dashboard (behind Authelia)
- "traefik.http.routers.traefik.rule=Host(`tfk.yourdomain.com`)"
- "traefik.http.routers.traefik.entrypoints=https"
- "traefik.http.routers.traefik.tls.certresolver=cloudflare"
- "traefik.http.routers.traefik.service=api@internal"
- "traefik.http.routers.traefik.middlewares=authelia@docker"
authelia:
container_name: Authelia
restart: always
image: authelia/authelia:latest
networks:
- proxy
volumes:
- ./authelia/config:/config
- ./authelia/secrets:/secrets:ro
- ./authelia/logs:/var/log/authelia
environment:
- TZ=America/Winnipeg
- X_AUTHELIA_CONFIG_FILTERS=template
- AUTHELIA_SESSION_SECRET=${AUTHELIA_SESSION_SECRET}
- AUTHELIA_STORAGE_ENCRYPTION_KEY=${AUTHELIA_STORAGE_ENCRYPTION_KEY}
- AUTHELIA_JWT_SECRET=${AUTHELIA_JWT_SECRET}
labels:
- "traefik.enable=true"
- "traefik.docker.network=proxy"
- "traefik.http.routers.authelia.rule=Host(`auth.yourdomain.com`)"
- "traefik.http.routers.authelia.entrypoints=https"
- "traefik.http.routers.authelia.tls.certresolver=cloudflare"
- "traefik.http.middlewares.authelia.forwardAuth.address=http://authelia:9091/api/authz/forward-auth"
- "traefik.http.middlewares.authelia.forwardAuth.trustForwardHeader=true"
- "traefik.http.middlewares.authelia.forwardAuth.authResponseHeaders=Remote-User,Remote-Groups,Remote-Name,Remote-Email"
traefik-gui:
container_name: Traefik-GUI
restart: always
image: ghcr.io/rahn-it/traefik-gui:master
networks:
- proxy
volumes:
- ./traefik-gui/db:/app/db
- ./traefik/config:/app/traefik
environment:
- TZ=America/Winnipeg
labels:
- "traefik.enable=true"
- "traefik.docker.network=proxy"
- "traefik.http.routers.traefik-gui.rule=Host(`tfk-admin.yourdomain.com`)"
- "traefik.http.routers.traefik-gui.entrypoints=https"
- "traefik.http.routers.traefik-gui.tls.certresolver=cloudflare"
- "traefik.http.routers.traefik-gui.middlewares=authelia@docker"
networks:
traefik_macvlan:
external: true
proxy:
name: proxy
driver: bridge
Reference in New Issue View Git Blame Copy Permalink