Configure deployment with Traefik and Authentik
- Add proper Traefik labels with middleware support - Use APP_NAME variable for dynamic naming - Remove port mapping (Traefik handles routing) - Add .env.example with all required variables - Update README with complete variable documentation - Configure docker network to use 'principal' - Add X-Forwarded-Proto header middleware
This commit is contained in:
@@ -2,31 +2,42 @@ version: '3.8'
|
||||
|
||||
services:
|
||||
app:
|
||||
image: ${REG}/plantilla-nuxt-authentik:latest
|
||||
container_name: plantilla-nuxt-authentik
|
||||
image: ${REG}/${APP_NAME}:latest
|
||||
container_name: ${APP_NAME}
|
||||
restart: unless-stopped
|
||||
ports:
|
||||
- "3000:3000"
|
||||
environment:
|
||||
# Node Environment
|
||||
- NODE_ENV=production
|
||||
- NUXT_HOST=0.0.0.0
|
||||
- NUXT_PORT=3000
|
||||
# OAuth Authentik configuration
|
||||
# OAuth Authentik
|
||||
- NUXT_OAUTH_AUTHENTIK_CLIENT_ID=${NUXT_OAUTH_AUTHENTIK_CLIENT_ID}
|
||||
- NUXT_OAUTH_AUTHENTIK_CLIENT_SECRET=${NUXT_OAUTH_AUTHENTIK_CLIENT_SECRET}
|
||||
- NUXT_OAUTH_AUTHENTIK_SERVER_URL=${NUXT_OAUTH_AUTHENTIK_SERVER_URL}
|
||||
- NUXT_OAUTH_AUTHENTIK_SERVER_URL_INTERNAL=${NUXT_OAUTH_AUTHENTIK_SERVER_URL_INTERNAL}
|
||||
- NUXT_OAUTH_AUTHENTIK_REDIRECT_URL=${NUXT_OAUTH_AUTHENTIK_REDIRECT_URL}
|
||||
# Public URL
|
||||
- NUXT_PUBLIC_APP_URL=${NUXT_PUBLIC_APP_URL}
|
||||
# Session Secret
|
||||
- NUXT_SESSION_PASSWORD=${NUXT_SESSION_PASSWORD}
|
||||
networks:
|
||||
- principal
|
||||
labels:
|
||||
# Traefik labels
|
||||
- "traefik.enable=true"
|
||||
- "traefik.http.routers.plantilla-nuxt.rule=Host(`${APP_DOMAIN}`)"
|
||||
- "traefik.http.routers.plantilla-nuxt.entrypoints=websecure"
|
||||
- "traefik.http.routers.plantilla-nuxt.tls.certresolver=letsencrypt"
|
||||
- "traefik.http.services.plantilla-nuxt.loadbalancer.server.port=3000"
|
||||
- "traefik.docker.network=principal"
|
||||
|
||||
# HTTP Router
|
||||
- "traefik.http.routers.${APP_NAME}.rule=Host(`${APP_DOMAIN}`)"
|
||||
- "traefik.http.routers.${APP_NAME}.entrypoints=websecure"
|
||||
- "traefik.http.routers.${APP_NAME}.tls.certresolver=letsencrypt"
|
||||
|
||||
# Service
|
||||
- "traefik.http.services.${APP_NAME}.loadbalancer.server.port=3000"
|
||||
|
||||
# Middleware (headers para proxy)
|
||||
- "traefik.http.routers.${APP_NAME}.middlewares=${APP_NAME}-headers"
|
||||
- "traefik.http.middlewares.${APP_NAME}-headers.headers.customrequestheaders.X-Forwarded-Proto=https"
|
||||
|
||||
networks:
|
||||
principal:
|
||||
|
||||
Reference in New Issue
Block a user