36 lines
1.3 KiB
YAML
36 lines
1.3 KiB
YAML
version: "3.8"
|
|
|
|
services:
|
|
authelia:
|
|
image: authelia/authelia:latest
|
|
container_name: authelia
|
|
volumes:
|
|
- /mnt/HoardingCow_docker_data/Authelia:/config
|
|
networks:
|
|
- traefik-net
|
|
restart: unless-stopped
|
|
labels:
|
|
- "traefik.enable=true"
|
|
|
|
# HTTP router
|
|
- "traefik.http.routers.authelia-http.rule=Host(`auth.lazyworkhorse.net`)"
|
|
- "traefik.http.routers.authelia-http.entrypoints=web"
|
|
- "traefik.http.routers.authelia-http.middlewares=redirect-to-https"
|
|
|
|
# HTTPS router
|
|
- "traefik.http.routers.authelia-https.rule=Host(`auth.lazyworkhorse.net`)"
|
|
- "traefik.http.routers.authelia-https.entrypoints=websecure"
|
|
- "traefik.http.routers.authelia-https.tls=true"
|
|
- "traefik.http.routers.authelia-https.tls.certresolver=njalla"
|
|
|
|
- "traefik.http.services.authelia.loadbalancer.server.port=9091"
|
|
|
|
# forward auth middleware definition
|
|
- "traefik.http.middlewares.authelia.forwardauth.address=http://authelia:9091/api/verify?rd=https://auth.lazyworkhorse.net"
|
|
- "traefik.http.middlewares.authelia.forwardauth.trustForwardHeader=true"
|
|
- "traefik.http.middlewares.authelia.forwardauth.authResponseHeaders=Remote-User,Remote-Groups,Remote-Name,Remote-Email"
|
|
|
|
networks:
|
|
traefik-net:
|
|
external: true
|