40 lines
1.3 KiB
YAML
40 lines
1.3 KiB
YAML
networks:
|
|
proxy_tier:
|
|
name: proxy_tier
|
|
external: true
|
|
|
|
services:
|
|
authelia:
|
|
image: authelia/authelia:4.37.5
|
|
container_name: authelia
|
|
volumes:
|
|
- ./config:/config
|
|
networks:
|
|
- proxy_tier
|
|
environment:
|
|
- TZ=UTC
|
|
restart: unless-stopped
|
|
healthcheck:
|
|
test: ["CMD", "wget", "--quiet", "--tries=1", "--spider", "http://localhost:9091/api/health"]
|
|
interval: 30s
|
|
timeout: 10s
|
|
retries: 3
|
|
start_period: 40s
|
|
resources:
|
|
limits:
|
|
cpus: '0.5'
|
|
memory: 512M
|
|
reservations:
|
|
cpus: '0.25'
|
|
memory: 256M
|
|
labels:
|
|
- "traefik.enable=true"
|
|
# The URL where you will actually log in
|
|
- "traefik.http.routers.authelia.rule=Host(`auth.quangkhai.ch`)"
|
|
- "traefik.http.routers.authelia.entrypoints=websecure"
|
|
- "traefik.http.routers.authelia.tls.certresolver=myresolver"
|
|
- "traefik.http.services.authelia.loadbalancer.server.port=9091"
|
|
- "traefik.http.middlewares.authelia-auth.forwardauth.address=http://authelia:9091/api/verify?rd=https://auth.quangkhai.ch/"
|
|
- "traefik.http.middlewares.authelia-auth.forwardauth.trustForwardHeader=true"
|
|
- "traefik.http.middlewares.authelia-auth.forwardauth.authResponseHeaders=Remote-User,Remote-Groups,Remote-Name,Remote-Email"
|