Files
truenas-stacks/ingress/traefik/dynamic/routes.yml
Fizzlepoof 5c6b3cab4d
Some checks failed
secret-guardrails / artifact-secret-scan (push) Has been cancelled
secret-guardrails / gitleaks (push) Has been cancelled
Add internal Traefik ingress for Pangolin and Authelia
2026-05-23 10:59:20 +00:00

90 lines
2.0 KiB
YAML

http:
routers:
auth:
rule: Host(`auth.paccoco.com`)
entryPoints: [web]
service: authelia
middlewares:
- security-headers
gitea:
rule: Host(`gitea.paccoco.com`)
entryPoints: [web]
service: gitea
middlewares:
- security-headers
- authelia-forwardauth
grafana:
rule: Host(`grafana.paccoco.com`)
entryPoints: [web]
service: grafana
middlewares:
- security-headers
- authelia-forwardauth
technitium:
rule: Host(`dns.paccoco.com`)
entryPoints: [web]
service: technitium
middlewares:
- security-headers
- authelia-forwardauth
traefik-dashboard:
rule: Host(`traefik.paccoco.com`)
entryPoints: [web]
service: api@internal
middlewares:
- security-headers
- authelia-forwardauth
services:
authelia:
loadBalancer:
servers:
- url: http://authelia:9091
gitea:
loadBalancer:
servers:
- url: http://gitea:3000
grafana:
loadBalancer:
servers:
- url: http://grafana:3000
technitium:
loadBalancer:
passHostHeader: true
serversTransport: technitium-selfsigned
servers:
- url: https://technitium-dns-pilot:443
middlewares:
authelia-forwardauth:
forwardAuth:
address: http://authelia:9091/api/authz/forward-auth
trustForwardHeader: true
authResponseHeaders:
- Remote-User
- Remote-Groups
- Remote-Name
- Remote-Email
security-headers:
headers:
frameDeny: true
browserXssFilter: true
contentTypeNosniff: true
referrerPolicy: same-origin
customRequestHeaders:
X-Forwarded-Proto: https
customResponseHeaders:
X-Robots-Tag: noindex, nofollow, noarchive, nosnippet
serversTransports:
technitium-selfsigned:
insecureSkipVerify: true