nucleo000/analiticaNucleo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
4303365020bfffb8b99688296580fcff08c1092c
analiticaNucleo/docker-compose.yml
josedario87 602bdc4558
All checks were successful
build-and-deploy / build (push) Successful in 9s
Details
build-and-deploy / deploy (push) Successful in 4s
Details
fix: configurar rutas públicas en Traefik para assets de Nuxt 
- Exponer solo /_nuxt/* sin autenticación (necesario para funcionamiento)
- Mantener autenticación Authentik en todas las demás rutas
- Priorizar seguridad: /api/*, manifest y favicon protegidos
2025-10-14 04:04:30 -06:00

62 lines
2.6 KiB
YAML
Raw Blame History

version: '3.8'
services:
nuxt-app:
image: ${REG}/${REPO_OWNER}/${APP_NAME}:latest
container_name: ${APP_NAME}
restart: unless-stopped
environment:
- NODE_ENV=production
# Nuxt runtime config variables (prefijo NUXT_)
- NUXT_SUPABASE_URL=${SUPABASE_URL}
- NUXT_SUPABASE_SERVICE_ROLE_KEY=${SUPABASE_SERVICE_ROLE_KEY}
# Variables originales para compatibilidad
- SUPABASE_URL=${SUPABASE_URL}
- SUPABASE_SERVICE_ROLE_KEY=${SUPABASE_SERVICE_ROLE_KEY}
- NEXT_PUBLIC_SUPABASE_URL=${SUPABASE_URL}
- NEXT_PUBLIC_SUPABASE_ANON_KEY=${SUPABASE_ANON_KEY}
# Authentik configuration
- NUXT_PUBLIC_AUTHENTIK_URL=${NUXT_PUBLIC_AUTHENTIK_URL:-https://authentik.nucleoriofrio.com}
# Metabase configuration
- METABASE_URL=${METABASE_URL:-https://metabase.nucleoriofrio.com}
- METABASE_API_KEY=${METABASE_API_KEY}
- METABASE_EMAIL=${METABASE_EMAIL}
- METABASE_PASSWORD=${METABASE_PASSWORD}
networks:
- principal
- traefik-network
labels:
- "traefik.enable=true"
- "traefik.docker.network=principal"
# Service
- "traefik.http.services.${APP_NAME}.loadbalancer.server.port=3000"
# Router para assets estáticos de Nuxt (sin autenticación) - mayor prioridad
# SOLO /_nuxt/* para que la aplicación funcione
- "traefik.http.routers.${APP_NAME}-public.rule=Host(`${APP_DOMAIN}`) && PathPrefix(`/_nuxt`)"
- "traefik.http.routers.${APP_NAME}-public.entrypoints=websecure"
- "traefik.http.routers.${APP_NAME}-public.tls=true"
- "traefik.http.routers.${APP_NAME}-public.tls.certresolver=letsencrypt"
- "traefik.http.routers.${APP_NAME}-public.service=${APP_NAME}"
- "traefik.http.routers.${APP_NAME}-public.priority=100"
- "traefik.http.routers.${APP_NAME}-public.middlewares=${APP_NAME}-headers"
# Router principal con Authentik Forward Auth (menor prioridad)
- "traefik.http.routers.${APP_NAME}.rule=Host(`${APP_DOMAIN}`)"
- "traefik.http.routers.${APP_NAME}.entrypoints=websecure"
- "traefik.http.routers.${APP_NAME}.tls=true"
- "traefik.http.routers.${APP_NAME}.tls.certresolver=letsencrypt"
- "traefik.http.routers.${APP_NAME}.service=${APP_NAME}"
- "traefik.http.routers.${APP_NAME}.priority=50"
- "traefik.http.routers.${APP_NAME}.middlewares=authentik-forward-auth@file,${APP_NAME}-headers"
# Custom headers middleware
- "traefik.http.middlewares.${APP_NAME}-headers.headers.customrequestheaders.X-Forwarded-Proto=https"
networks:
principal:
external: true
traefik-network:
external: true
Reference in New Issue View Git Blame Copy Permalink