fix docker compose 2
All checks were successful
build-and-deploy / build-and-deploy (push) Successful in 16s
All checks were successful
build-and-deploy / build-and-deploy (push) Successful in 16s
This commit is contained in:
@@ -48,11 +48,10 @@ services:
|
||||
|
||||
labels:
|
||||
- traefik.enable=true
|
||||
- traefik.docker.network=traefik-network
|
||||
|
||||
- traefik.docker.network=principal
|
||||
- traefik.http.services.${APP_NAME}.loadbalancer.server.port=3000
|
||||
|
||||
# Public PWA (sin auth)
|
||||
# Públicos PWA (sin auth)
|
||||
- traefik.http.routers.${APP_NAME}-public.rule=Host(`${APP_DOMAIN}`) && (PathPrefix(`/manifest.webmanifest`) || PathPrefix(`/sw.js`) || PathPrefix(`/workbox-`) || PathPrefix(`/icon-`) || PathPrefix(`/apple-touch-icon`) || PathPrefix(`/favicon.ico`) || PathPrefix(`/robots.txt`) || PathPrefix(`/offline.html`) || PathPrefix(`/api/_nuxt_icon/`))
|
||||
- traefik.http.routers.${APP_NAME}-public.entrypoints=websecure
|
||||
- traefik.http.routers.${APP_NAME}-public.tls.certresolver=letsencrypt
|
||||
@@ -60,7 +59,7 @@ services:
|
||||
- traefik.http.routers.${APP_NAME}-public.service=${APP_NAME}
|
||||
- traefik.http.routers.${APP_NAME}-public.middlewares=${APP_NAME}-headers,${APP_NAME}-cors
|
||||
|
||||
# App protegida (con auth)
|
||||
# App protegida
|
||||
- traefik.http.routers.${APP_NAME}.rule=Host(`${APP_DOMAIN}`)
|
||||
- traefik.http.routers.${APP_NAME}.entrypoints=websecure
|
||||
- traefik.http.routers.${APP_NAME}.tls.certresolver=letsencrypt
|
||||
@@ -68,22 +67,23 @@ services:
|
||||
- traefik.http.routers.${APP_NAME}.service=${APP_NAME}
|
||||
- traefik.http.routers.${APP_NAME}.middlewares=${APP_NAME}-authentik,${APP_NAME}-headers
|
||||
|
||||
# ForwardAuth → Outpost exteriorlvl2
|
||||
- traefik.http.middlewares.${APP_NAME}-authentik.forwardauth.address=https://exteriorlvl2.nucleoriofrio.com/outpost.goauthentik.io/auth/traefik
|
||||
# ForwardAuth interno → sidecar
|
||||
- traefik.http.middlewares.${APP_NAME}-authentik.forwardauth.address=http://ak-outpost-exterior-lvl2:9000/outpost.goauthentik.io/auth/traefik
|
||||
- traefik.http.middlewares.${APP_NAME}-authentik.forwardauth.trustForwardHeader=true
|
||||
- traefik.http.middlewares.${APP_NAME}-authentik.forwardauth.authResponseHeaders=X-Authentik-Username,X-Authentik-Email,X-Authentik-Name,X-Authentik-Uid,X-Authentik-Groups,X-Authentik-Entitlements
|
||||
|
||||
# Headers
|
||||
# X-Forwarded-*
|
||||
- traefik.http.middlewares.${APP_NAME}-headers.headers.customrequestheaders.X-Forwarded-Proto=https
|
||||
- traefik.http.middlewares.${APP_NAME}-headers.headers.customrequestheaders.X-Forwarded-Scheme=https
|
||||
|
||||
# CORS para públicos
|
||||
# CORS para assets públicos
|
||||
- traefik.http.middlewares.${APP_NAME}-cors.headers.accesscontrolallowmethods=GET,OPTIONS
|
||||
- traefik.http.middlewares.${APP_NAME}-cors.headers.accesscontrolalloworiginlist=https://${APP_DOMAIN}
|
||||
- traefik.http.middlewares.${APP_NAME}-cors.headers.accesscontrolmaxage=100
|
||||
- traefik.http.middlewares.${APP_NAME}-cors.headers.addvaryheader=true
|
||||
|
||||
|
||||
|
||||
volumes:
|
||||
postgres_data:
|
||||
name: ${APP_NAME}_postgres_data
|
||||
|
||||
Reference in New Issue
Block a user