-
Loraine Gueguen authoredfix authelia_db_postgres_password. Add main_species in "citrus_sinensis.yml". Fix authelia_secrets_env_path in traefik_compose.yml. Update Readme
bc8dbc8c
traefik_compose.yml.j2 5.24 KiB
version: '3.7'
services:
traefik:
image: traefik:2.1.6
command:
- "--api"
- "--api.dashboard"
- "--log.level=DEBUG"
- "--providers.docker"
- "--providers.docker.swarmMode=true"
- "--providers.docker.network=traefikbig"
- "--entryPoints.web.address=:80"
- "--entryPoints.web.forwardedHeaders.trustedIPs={{ proxy_ip }}" # The ips of our upstream proxies
- "--entryPoints.webs.address=:443"
- "--entryPoints.webs.forwardedHeaders.trustedIPs={{ proxy_ip }}" # The ips of our upstream proxies
ports:
- {{ http_port }}:80
{% if https_port is defined %}
- {{ https_port }}:443
{% endif %}
networks:
- traefikbig
volumes:
- /var/run/docker.sock:/var/run/docker.sock
deploy:
placement:
constraints:
- node.role == manager
labels:
- "traefik.http.routers.traefik-api.rule=PathPrefix(`/api`) || PathPrefix(`/dashboard`) || PathPrefix(`/traefik`)"
{% if https_port is defined %}
- "traefik.http.routers.traefik-api.tls=true"
- "traefik.http.routers.traefik-api.entryPoints=webs"
{% else %}
- "traefik.http.routers.traefik-api.entryPoints=web"
{% endif %}
- "traefik.http.routers.traefik-api.service=api@internal"
- "traefik.http.middlewares.traefik-strip.stripprefix.prefixes=/traefik"
- "traefik.http.middlewares.traefik-auth.forwardauth.address=http://authelia:9091/api/verify?rd=https://{{ authentication_domain_name }}/"
- "traefik.http.middlewares.traefik-auth.forwardauth.trustForwardHeader=true"
{% if https_port is defined %}
- "traefik.http.routers.traefik-api.middlewares=traefik-auth,traefik-strip"
{% else %}
- "traefik.http.routers.traefik-api.middlewares=traefik-strip"
{% endif %}
# Dummy service for Swarm port detection. The port can be any valid integer value.
- "traefik.http.services.traefik-svc.loadbalancer.server.port=9999"
# Some generally useful middlewares for organisms hosting
- "traefik.http.middlewares.sp-auth.forwardauth.address=http://authelia:9091/api/verify?rd=https://{{ authentication_domain_name }}/"
- "traefik.http.middlewares.sp-auth.forwardauth.trustForwardHeader=true"
- "traefik.http.middlewares.sp-auth.forwardauth.authResponseHeaders=Remote-User,Remote-Groups"
{% if https_port is defined %}
- "traefik.http.middlewares.sp-trailslash.redirectregex.regex=^(https?://[^/]+/sp/[^/]+)$$"
{% else %}
- "traefik.http.middlewares.sp-trailslash.redirectregex.regex=^(http?://[^/]+/sp/[^/]+)$$"
{% endif %}
- "traefik.http.middlewares.sp-trailslash.redirectregex.replacement=$${1}/"
- "traefik.http.middlewares.sp-trailslash.redirectregex.permanent=true"
{% if https_port is defined %}
- "traefik.http.middlewares.sp-app-trailslash.redirectregex.regex=^(https?://[^/]+/sp/[^/]+/[^/]+)$$"
{% else %}
- "traefik.http.middlewares.sp-app-trailslash.redirectregex.regex=^(http?://[^/]+/sp/[^/]+/[^/]+)$$"
{% endif %}
- "traefik.http.middlewares.sp-app-trailslash.redirectregex.replacement=$${1}/"
- "traefik.http.middlewares.sp-app-trailslash.redirectregex.permanent=true"
- "traefik.http.middlewares.sp-prefix.stripprefixregex.regex=/sp/[^/]+"
- "traefik.http.middlewares.sp-app-prefix.stripprefixregex.regex=/sp/[^/]+/[^/]+"
- "traefik.http.middlewares.tripal-addprefix.addprefix.prefix=/tripal"
- "traefik.http.middlewares.sp-big-req.buffering.maxRequestBodyBytes=50000000"
- "traefik.http.middlewares.sp-huge-req.buffering.maxRequestBodyBytes=2000000000"