Add internal Traefik ingress for Pangolin and Authelia
This commit is contained in:
89
ingress/traefik/dynamic/routes.yml
Normal file
89
ingress/traefik/dynamic/routes.yml
Normal file
@@ -0,0 +1,89 @@
|
||||
http:
|
||||
routers:
|
||||
auth:
|
||||
rule: Host(`auth.paccoco.com`)
|
||||
entryPoints: [web]
|
||||
service: authelia
|
||||
middlewares:
|
||||
- security-headers
|
||||
|
||||
gitea:
|
||||
rule: Host(`gitea.paccoco.com`)
|
||||
entryPoints: [web]
|
||||
service: gitea
|
||||
middlewares:
|
||||
- security-headers
|
||||
- authelia-forwardauth
|
||||
|
||||
grafana:
|
||||
rule: Host(`grafana.paccoco.com`)
|
||||
entryPoints: [web]
|
||||
service: grafana
|
||||
middlewares:
|
||||
- security-headers
|
||||
- authelia-forwardauth
|
||||
|
||||
technitium:
|
||||
rule: Host(`dns.paccoco.com`)
|
||||
entryPoints: [web]
|
||||
service: technitium
|
||||
middlewares:
|
||||
- security-headers
|
||||
- authelia-forwardauth
|
||||
|
||||
traefik-dashboard:
|
||||
rule: Host(`traefik.paccoco.com`)
|
||||
entryPoints: [web]
|
||||
service: api@internal
|
||||
middlewares:
|
||||
- security-headers
|
||||
- authelia-forwardauth
|
||||
|
||||
services:
|
||||
authelia:
|
||||
loadBalancer:
|
||||
servers:
|
||||
- url: http://authelia:9091
|
||||
|
||||
gitea:
|
||||
loadBalancer:
|
||||
servers:
|
||||
- url: http://gitea:3000
|
||||
|
||||
grafana:
|
||||
loadBalancer:
|
||||
servers:
|
||||
- url: http://grafana:3000
|
||||
|
||||
technitium:
|
||||
loadBalancer:
|
||||
passHostHeader: true
|
||||
serversTransport: technitium-selfsigned
|
||||
servers:
|
||||
- url: https://technitium-dns-pilot:443
|
||||
|
||||
middlewares:
|
||||
authelia-forwardauth:
|
||||
forwardAuth:
|
||||
address: http://authelia:9091/api/authz/forward-auth
|
||||
trustForwardHeader: true
|
||||
authResponseHeaders:
|
||||
- Remote-User
|
||||
- Remote-Groups
|
||||
- Remote-Name
|
||||
- Remote-Email
|
||||
|
||||
security-headers:
|
||||
headers:
|
||||
frameDeny: true
|
||||
browserXssFilter: true
|
||||
contentTypeNosniff: true
|
||||
referrerPolicy: same-origin
|
||||
customRequestHeaders:
|
||||
X-Forwarded-Proto: https
|
||||
customResponseHeaders:
|
||||
X-Robots-Tag: noindex, nofollow, noarchive, nosnippet
|
||||
|
||||
serversTransports:
|
||||
technitium-selfsigned:
|
||||
insecureSkipVerify: true
|
||||
Reference in New Issue
Block a user