cleanup vaultwarden's compose

Modify local traefik configs
2024-12-13 10:55:30 -05:00 · 2024-12-13 10:54:22 -05:00
7 changed files with 55 additions and 10 deletions
--- a/.gitignore
+++ b/.gitignore
@ -3,3 +3,7 @@ _traefik/tls
 _traefik/shared
 **/app.env
 ddns-updater/config.json
 # This is will be a local sym-link
 *.local.yml
 *.local
 local.*
--- a/_traefik/dynamic/mw.fwd-auth-sysmgr.yml.shefet
+++ b/_traefik/dynamic/mw.fwd-auth-sysmgr.yml.shefet
@ -0,0 +1,19 @@
 http:
  middlewares:
    authentik_sysmgr:
      forwardAuth:
        address: https://auth.shefet.net/outpost.goauthentik.io/auth/traefik
        trustForwardHeader: true
        authResponseHeadersRegex: "^[Xx]-[Aa]uthentik"
        # authResponseHeaders:
        #   - X-authentik-username
        #   - X-authentik-groups
        #   - X-authentik-email
        #   - X-authentik-name
        #   - X-authentik-uid
        #   - X-authentik-jwt
        #   - X-authentik-meta-jwks
        #   - X-authentik-meta-outpost
        #   - X-authentik-meta-provider
        #   - X-authentik-meta-app
        #   - X-authentik-meta-version
--- a/_traefik/dynamic/mw.fwd-auth-sysmgr.yml.sz
+++ b/_traefik/dynamic/mw.fwd-auth-sysmgr.yml.sz
--- a/_traefik/dynamic/rt.ha.yml.shefet
+++ b/_traefik/dynamic/rt.ha.yml.shefet
@ -0,0 +1,23 @@
 # http routing section
 http:
  routers:
    # Define a connection between requests and services
    "to-ha":
      rule: "Host(`ha.shefet.net`)" 
      entrypoints:
      - websecure
    # # If the rule matches, applies the middleware
    # middlewares:
    # - test-user
      # If the rule matches, forward to the whoami service (declared below)
      service: home-assistant
      tls:
        certresolver: myresolver
  services:
    # Define how to reach an existing service on our infrastructure
    home-assistant:
      loadBalancer:      
        servers:
        - url: "http://ha.lan:8123"
        #- address: "ha.lan:8123"
--- a/_traefik/dynamic/rt.ha.yml.sz
+++ b/_traefik/dynamic/rt.ha.yml.sz
--- a/_traefik/traefik.yml
+++ b/_traefik/traefik.yml
@ -33,7 +33,7 @@ entryPoints:
 certificatesResolvers:
  myresolver:
    acme:
-      email: acme@thisprops.com
+    # email: acme@thisprops.com
      storage: /shared/acme.json
      # httpChallenge:
      #   entryPoint: web
--- a/vaultwarden/docker-compose.yml
+++ b/vaultwarden/docker-compose.yml
@ -15,15 +15,14 @@ services:
    - vaultwarden_pg_dockge
    volumes:
    - /srv/vaultwarden/data:/data
-    labels:
+    # labels:
    # Main
      traefik.docker.network: runtipi_tipi_main_network
    #   # Websecure
-      traefik.http.routers.vaultwarden-more.rule: Host(`vault.lksz.me`)${APP_ROUTE_OPTIONAL:-}
+    #   traefik.http.routers.vaultwarden.middlewares: authentik_sysmgr@file
-      traefik.http.routers.vaultwarden-more.entrypoints: websecure
+    #   traefik.http.routers.vaultwarden-more.rule: Host(`www.${ROOT_DOMAIN}`)${APP_ROUTE_OPTIONAL:-}
-      traefik.http.routers.vaultwarden-more.service: vaultwarden
+    #   traefik.http.routers.vaultwarden-more.entrypoints: websecure
-      traefik.http.routers.vaultwarden-more.tls: true
+    #   traefik.http.routers.vaultwarden-more.service: vaultwarden
-      traefik.http.routers.vaultwarden-more.tls.certresolver: myresolver
+    #   traefik.http.routers.vaultwarden-more.tls: true
    #   traefik.http.routers.vaultwarden-more.tls.certresolver: myresolver
 networks:
  vaultwarden_pg_dockge:
    external: true
Author	SHA1	Message	Date
Lockszmith (runtipi@wolfpack)	da4f31287b	cleanup vaultwarden's compose	2024-12-13 10:55:30 -05:00
Lockszmith (runtipi@wolfpack)	990ad02fa7	Modify local traefik configs	2024-12-13 10:54:22 -05:00