rework pi/traefik

2024-03-24 05:43:52 +00:00 · 2024-03-24 05:43:52 +00:00 · b9b11ce739
commit b9b11ce739
parent 6cdc5c1194
1 changed files with 11 additions and 13 deletions
--- a/pi/traefik/docker-compose.yml
+++ b/pi/traefik/docker-compose.yml
@ -11,7 +11,6 @@ services:
    environment:
      - CLOUDFLARE_EMAIL=${CLOUDFLARE_EMAIL}
      - CLOUDFLARE_DNS_API_TOKEN=${CLOUDFLARE_KEY}
      - DOMAIN_ROOT=${DOMAIN_ROOT}
    ports:
      - mode: host
@ -24,24 +23,24 @@ services:
        target: 443
    volumes:
-      - ./traefik.yml:/etc/traefik/traefik.yml:ro
+      - /home/steve/docker/traefik/traefik.yml:/etc/traefik/traefik.yml:ro
-      - ./custom:/etc/traefik/custom:ro
+      - /home/steve/docker/traefik/custom:/etc/traefik/custom:ro
      - /var/run/docker.sock:/tmp/docker.sock:ro
      - certs:/letsencrypt
    labels:
      - 'traefik.enable=true'
-      - 'traefik.http.routers.traefik.rule=Host(`traefik.${DOMAIN_ROOT}`)'
+      - 'traefik.http.routers.traefik.rule=Host(`traefik.pi.dudenhoeffer.casa`)'
      - "traefik.http.routers.traefik.entrypoints=websecure"
      - 'entrypoints.websecure.http.tls=true'
      - 'entrypoints.websecure.http.tls.certResolver=letsencrypt'
-      - 'entrypoints.websecure.http.tls.domains[0].main=${DOMAIN_ROOT}'
+      - 'entrypoints.websecure.http.tls.domains[0].main=pi.dudenhoeffer.casa'
-      - 'entrypoints.websecure.http.tls.domains[0].sans=*.${DOMAIN_ROOT}'
+      - 'entrypoints.websecure.http.tls.domains[0].sans=*.pi.dudenhoeffer.casa'
      - "traefik.http.routers.traefik.service=api@internal"
      - 'traefik.http.routers.traefik.middlewares=strip'
      - 'traefik.http.middlewares.strip.stripprefix.prefixes=/traefik'
      - 'traefik.http.services.traefik.loadbalancer.server.port=8080'
-      - 'traefik.http.middlewares.authelia.forwardAuth.address=http://authelia:9091/api/verify?rd=https://login.${DOMAIN_ROOT}/'
+      - 'traefik.http.middlewares.authelia.forwardAuth.address=http://authelia:9091/api/verify?rd=https://login.pi.dudenhoeffer.casa/'
      - 'traefik.http.middlewares.authelia.forwardAuth.trustForwardHeader=true'
      - 'traefik.http.middlewares.authelia.forwardAuth.authResponseHeaders=Remote-User,Remote-Groups,Remote-Name,Remote-Email'
      - 'certificatesresolvers.letsencrypt.acme.dnschallenge=true'
@ -57,20 +56,19 @@ services:
    container_name: authelia
    volumes:
      - authelia_config:/config
-      - ./config/configuration.yml:/config/configuration.yml:ro
+      - /home/docker/authelia/configuration.yml:/config/configuration.yml:ro
-      - ./config/users_database.yml:/config/users_database.yml:ro
+      - /home/docker/authelia/users_database.yml:/config/users_database.yml:ro
    environment:
-      - DOMAIN_ROOT=${DOMAIN_ROOT}
+      - TZ=America/New_York
      - TZ=${TIMEZONE}
    networks:
      - web
    labels:
      - 'traefik.enable=true'
-      - 'traefik.http.routers.authelia.rule=Host(`login.${DOMAIN_ROOT}`)'
+      - 'traefik.http.routers.authelia.rule=Host(`login.pi.dudenhoeffer.casa`)'
-      - 'traefik.http.middlewares.authelia.forwardauth.address=http://authelia:9091/api/verify?rd=https://login.${DOMAIN_ROOT}/'  # yamllint disable-line rule:line-length
+      - 'traefik.http.middlewares.authelia.forwardauth.address=http://authelia:9091/api/verify?rd=https://login.pi.dudenhoeffer.casa/'  # yamllint disable-line rule:line-length
      - 'traefik.http.middlewares.authelia.forwardauth.trustForwardHeader=true'
      - 'traefik.http.middlewares.authelia.forwardauth.authResponseHeaders=Remote-User,Remote-Groups,Remote-Name,Remote-Email'  # yamllint disable-line rule:line-length
      - 'traefik.http.services.authelia.loadbalancer.server.port=9091'