lino/homelab
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: TinyAuth + traefik dash + sonarr forward auth

Browse Source
This commit is contained in:
Lino Silva
2026-04-01 00:11:23 +01:00
parent d71caea7d0
commit f17526afc3
9 changed files with 138 additions and 41 deletions
Download Patch File Download Diff File Expand all files Collapse all files
ansible/roles/traefik/templates/docker-compose.yml.j2
+1 -17
View File
@@ -10,7 +10,7 @@ services:
ports:
- "80:80"
- "443:443"
- "8080:8080" # Dashboard
- "8080:8080"
environment:
- CF_DNS_API_TOKEN={{ cloudflare_api_token | default('') }}
volumes:
@@ -21,22 +21,6 @@ services:
- ./data/acme.json:/acme.json
labels:
- "traefik.enable=true"
# HTTP to HTTPS redirect
- "traefik.http.routers.traefik.entrypoints=http"
- "traefik.http.routers.traefik.rule=Host(`traefik.{{ domain | default('local') }}`)"
- "traefik.http.middlewares.traefik-https-redirect.redirectscheme.scheme=https"
- "traefik.http.routers.traefik.middlewares=traefik-https-redirect"
# HTTPS with auth
- "traefik.http.routers.traefik-secure.entrypoints=https"
- "traefik.http.routers.traefik-secure.rule=Host(`traefik.{{ domain | default('local') }}`)"
- "traefik.http.routers.traefik-secure.tls=true"
- "traefik.http.routers.traefik-secure.tls.certresolver=cloudflare"
- "traefik.http.routers.traefik-secure.service=api@internal"
# ForwardAuth middleware pointing to Pocket ID
- "traefik.http.middlewares.pocketid-auth.forwardauth.address=http://auth.{{ domain }}/api/oidc/authorize?client_id=traefik&redirect_uri=https://traefik.{{ domain }}/callback"
- "traefik.http.middlewares.pocketid-auth.forwardauth.trustForwardHeader=true"
- "traefik.http.middlewares.pocketid-auth.forwardauth.authResponseHeaders=X-Forwarded-User"
- "traefik.http.routers.traefik-secure.middlewares=pocketid-auth"
networks:
proxy: