nucleo000/seguidorDeLotes
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
e3fc6c924ad897394c91ab063b6aa8d7b3d63f85
seguidorDeLotes/docker-compose.yml
josedario87 e3fc6c924a Add offline.html to public routes (no authentication required) 
This allows the service worker to cache offline.html without Authentik redirecting to login.
2025-10-13 02:39:36 -06:00

56 lines
2.5 KiB
YAML
Raw Blame History

version: '3.8'
services:
app:
image: ${REG}/${REPO_OWNER}/${APP_NAME}:latest
container_name: ${APP_NAME}
restart: unless-stopped
environment:
# Node Environment
- NODE_ENV=production
- NUXT_HOST=0.0.0.0
- NUXT_PORT=3000
# Public URL
- NUXT_PUBLIC_APP_URL=${NUXT_PUBLIC_APP_URL}
networks:
- principal
- traefik-network
labels:
# Traefik labels
- "traefik.enable=true"
- "traefik.docker.network=traefik-network"
# Service (shared by both routers)
- "traefik.http.services.${APP_NAME}.loadbalancer.server.port=3000"
# Router 1: Public PWA resources (no auth) - Higher priority
- "traefik.http.routers.${APP_NAME}-public.rule=Host(`${APP_DOMAIN}`) && (PathPrefix(`/manifest.webmanifest`) || PathPrefix(`/sw.js`) || PathPrefix(`/workbox-`) || PathPrefix(`/icon-`) || PathPrefix(`/apple-touch-icon`) || PathPrefix(`/favicon.ico`) || PathPrefix(`/robots.txt`) || PathPrefix(`/offline.html`) || PathPrefix(`/api/_nuxt_icon/`))"
- "traefik.http.routers.${APP_NAME}-public.entrypoints=websecure"
- "traefik.http.routers.${APP_NAME}-public.tls.certresolver=letsencrypt"
- "traefik.http.routers.${APP_NAME}-public.priority=100"
- "traefik.http.routers.${APP_NAME}-public.service=${APP_NAME}"
- "traefik.http.routers.${APP_NAME}-public.middlewares=${APP_NAME}-headers,${APP_NAME}-cors"
# Router 2: Protected application (with auth) - Normal priority
- "traefik.http.routers.${APP_NAME}.rule=Host(`${APP_DOMAIN}`)"
- "traefik.http.routers.${APP_NAME}.entrypoints=websecure"
- "traefik.http.routers.${APP_NAME}.tls.certresolver=letsencrypt"
- "traefik.http.routers.${APP_NAME}.priority=10"
- "traefik.http.routers.${APP_NAME}.service=${APP_NAME}"
- "traefik.http.routers.${APP_NAME}.middlewares=authentik-forward-auth@file,${APP_NAME}-headers"
# Custom headers middleware
- "traefik.http.middlewares.${APP_NAME}-headers.headers.customrequestheaders.X-Forwarded-Proto=https"
# CORS middleware for public resources
- "traefik.http.middlewares.${APP_NAME}-cors.headers.accesscontrolallowmethods=GET,OPTIONS"
- "traefik.http.middlewares.${APP_NAME}-cors.headers.accesscontrolalloworiginlist=https://${APP_DOMAIN}"
- "traefik.http.middlewares.${APP_NAME}-cors.headers.accesscontrolmaxage=100"
- "traefik.http.middlewares.${APP_NAME}-cors.headers.addvaryheader=true"
networks:
principal:
external: true
traefik-network:
external: true
Reference in New Issue View Git Blame Copy Permalink