josedario87
fc46ae7a53
- Add traefik-network to container networks (CRITICAL FIX) - Change middleware to authentik-forward-auth@file - Update traefik.docker.network to traefik-network - Document network requirements - Update Authentik configuration instructions
42 lines
1.2 KiB
YAML
42 lines
1.2 KiB
YAML
version: '3.8'
|
|
|
|
services:
|
|
app:
|
|
image: ${REG}/${REPO_OWNER}/${APP_NAME}:latest
|
|
container_name: ${APP_NAME}
|
|
restart: unless-stopped
|
|
environment:
|
|
# Node Environment
|
|
- NODE_ENV=production
|
|
- NUXT_HOST=0.0.0.0
|
|
- NUXT_PORT=3000
|
|
# Public URL
|
|
- NUXT_PUBLIC_APP_URL=${NUXT_PUBLIC_APP_URL}
|
|
networks:
|
|
- principal
|
|
- traefik-network
|
|
labels:
|
|
# Traefik labels
|
|
- "traefik.enable=true"
|
|
- "traefik.docker.network=traefik-network"
|
|
|
|
# HTTP Router
|
|
- "traefik.http.routers.${APP_NAME}.rule=Host(`${APP_DOMAIN}`)"
|
|
- "traefik.http.routers.${APP_NAME}.entrypoints=websecure"
|
|
- "traefik.http.routers.${APP_NAME}.tls.certresolver=letsencrypt"
|
|
|
|
# Service
|
|
- "traefik.http.services.${APP_NAME}.loadbalancer.server.port=3000"
|
|
|
|
# Middleware chain: Authentik Forward Auth + Headers
|
|
- "traefik.http.routers.${APP_NAME}.middlewares=authentik-forward-auth@file,${APP_NAME}-headers"
|
|
|
|
# Custom headers middleware
|
|
- "traefik.http.middlewares.${APP_NAME}-headers.headers.customrequestheaders.X-Forwarded-Proto=https"
|
|
|
|
networks:
|
|
principal:
|
|
external: true
|
|
traefik-network:
|
|
external: true
|