version: '3.8' services: amigos-app: image: gitea.nucleoriofrio.com/nucleo000/amigos-app:latest container_name: amigos-app environment: - MONGO_HOST=mongodb-local - PORT=3001 - NODE_ENV=production depends_on: - mongodb restart: unless-stopped networks: - principal - amigos-network labels: # Habilitar Traefik - "traefik.enable=true" # Router principal - "traefik.http.routers.amigos-nucleoriofrio.rule=Host(`amigos.nucleoriofrio.com`)" - "traefik.http.routers.amigos-nucleoriofrio.entrypoints=websecure" - "traefik.http.routers.amigos-nucleoriofrio.tls.certresolver=letsencrypt" - "traefik.http.routers.amigos-nucleoriofrio.service=amigos-nucleoriofrio-service" # Service (puerto interno del contenedor) - "traefik.http.services.amigos-nucleoriofrio-service.loadbalancer.server.port=3001" # Middleware de autenticación ESPECÍFICO para amigos-app (usando nombre del contenedor) - "traefik.http.middlewares.amigos-authentik.forwardauth.address=http://ak-outpost-lvl0:9000/outpost.goauthentik.io/auth/traefik" - "traefik.http.middlewares.amigos-authentik.forwardauth.trustForwardHeader=true" - "traefik.http.middlewares.amigos-authentik.forwardauth.authResponseHeaders=X-authentik-username,X-authentik-email,X-authentik-name,X-authentik-uid,X-authentik-groups,X-authentik-entitlements,Set-Cookie" # Middleware de headers ESPECÍFICO para amigos-app - "traefik.http.middlewares.amigos-headers.headers.customrequestheaders.X-Forwarded-Proto=https" - "traefik.http.middlewares.amigos-headers.headers.customrequestheaders.X-Forwarded-Scheme=https" # Aplicar SOLO los middlewares específicos de este contenedor - "traefik.http.routers.amigos-nucleoriofrio.middlewares=amigos-authentik,amigos-headers" mongodb: image: mongo:latest container_name: mongodb-local expose: - "27017" environment: - MONGO_INITDB_ROOT_USERNAME=admin - MONGO_INITDB_ROOT_PASSWORD=MongoPass2024! - MONGO_INITDB_DATABASE=testdb restart: unless-stopped networks: - amigos-network networks: principal: external: true amigos-network: driver: bridge