From 990ad02fa7bca5c9fb1a47626c8ea3cd5ed1b3d6 Mon Sep 17 00:00:00 2001 From: "Lockszmith (runtipi@wolfpack)" Date: Fri, 13 Dec 2024 10:54:22 -0500 Subject: [PATCH] Modify local traefik configs --- .gitignore | 4 ++++ .../dynamic/mw.fwd-auth-sysmgr.yml.shefet | 19 +++++++++++++++ ...h-sysmgr.yml => mw.fwd-auth-sysmgr.yml.sz} | 0 _traefik/dynamic/rt.ha.yml.shefet | 23 +++++++++++++++++++ _traefik/dynamic/{rt.ha.yml => rt.ha.yml.sz} | 0 _traefik/traefik.yml | 2 +- 6 files changed, 47 insertions(+), 1 deletion(-) create mode 100644 _traefik/dynamic/mw.fwd-auth-sysmgr.yml.shefet rename _traefik/dynamic/{mw.fwd-auth-sysmgr.yml => mw.fwd-auth-sysmgr.yml.sz} (100%) create mode 100644 _traefik/dynamic/rt.ha.yml.shefet rename _traefik/dynamic/{rt.ha.yml => rt.ha.yml.sz} (100%) diff --git a/.gitignore b/.gitignore index c4cc9af..0ad8a25 100644 --- a/.gitignore +++ b/.gitignore @@ -3,3 +3,7 @@ _traefik/tls _traefik/shared **/app.env ddns-updater/config.json +# This is will be a local sym-link +*.local.yml +*.local +local.* diff --git a/_traefik/dynamic/mw.fwd-auth-sysmgr.yml.shefet b/_traefik/dynamic/mw.fwd-auth-sysmgr.yml.shefet new file mode 100644 index 0000000..c2a0f57 --- /dev/null +++ b/_traefik/dynamic/mw.fwd-auth-sysmgr.yml.shefet @@ -0,0 +1,19 @@ +http: + middlewares: + authentik_sysmgr: + forwardAuth: + address: https://auth.shefet.net/outpost.goauthentik.io/auth/traefik + trustForwardHeader: true + authResponseHeadersRegex: "^[Xx]-[Aa]uthentik" + # authResponseHeaders: + # - X-authentik-username + # - X-authentik-groups + # - X-authentik-email + # - X-authentik-name + # - X-authentik-uid + # - X-authentik-jwt + # - X-authentik-meta-jwks + # - X-authentik-meta-outpost + # - X-authentik-meta-provider + # - X-authentik-meta-app + # - X-authentik-meta-version \ No newline at end of file diff --git a/_traefik/dynamic/mw.fwd-auth-sysmgr.yml b/_traefik/dynamic/mw.fwd-auth-sysmgr.yml.sz similarity index 100% rename from _traefik/dynamic/mw.fwd-auth-sysmgr.yml rename to _traefik/dynamic/mw.fwd-auth-sysmgr.yml.sz diff --git a/_traefik/dynamic/rt.ha.yml.shefet b/_traefik/dynamic/rt.ha.yml.shefet new file mode 100644 index 0000000..a9c852b --- /dev/null +++ b/_traefik/dynamic/rt.ha.yml.shefet @@ -0,0 +1,23 @@ +# http routing section +http: + routers: + # Define a connection between requests and services + "to-ha": + rule: "Host(`ha.shefet.net`)" + entrypoints: + - websecure + # # If the rule matches, applies the middleware + # middlewares: + # - test-user + # If the rule matches, forward to the whoami service (declared below) + service: home-assistant + tls: + certresolver: myresolver + + services: + # Define how to reach an existing service on our infrastructure + home-assistant: + loadBalancer: + servers: + - url: "http://ha.lan:8123" + #- address: "ha.lan:8123" diff --git a/_traefik/dynamic/rt.ha.yml b/_traefik/dynamic/rt.ha.yml.sz similarity index 100% rename from _traefik/dynamic/rt.ha.yml rename to _traefik/dynamic/rt.ha.yml.sz diff --git a/_traefik/traefik.yml b/_traefik/traefik.yml index a1af91f..f9c5d0e 100644 --- a/_traefik/traefik.yml +++ b/_traefik/traefik.yml @@ -33,7 +33,7 @@ entryPoints: certificatesResolvers: myresolver: acme: - email: acme@thisprops.com + # email: acme@thisprops.com storage: /shared/acme.json # httpChallenge: # entryPoint: web