2020-05-23 14:43:52 +01:00
|
|
|
version: '3'
|
|
|
|
|
|
|
|
|
|
services:
|
|
|
|
|
traefik:
|
|
|
|
|
image: traefik:v2.2
|
2020-05-23 16:42:02 +01:00
|
|
|
command:
|
|
|
|
|
- --providers.docker
|
|
|
|
|
# This example uses "global authentication"
|
|
|
|
|
- --entryPoints.http.address=:80
|
|
|
|
|
- --entrypoints.http.http.middlewares=traefik-forward-auth
|
2020-05-23 14:43:52 +01:00
|
|
|
ports:
|
|
|
|
|
- "8085:80"
|
|
|
|
|
- "8086:8080"
|
|
|
|
|
volumes:
|
|
|
|
|
- /var/run/docker.sock:/var/run/docker.sock
|
|
|
|
|
|
|
|
|
|
whoami:
|
2020-05-23 16:42:02 +01:00
|
|
|
image: containous/whoami
|
2020-05-23 14:43:52 +01:00
|
|
|
labels:
|
|
|
|
|
- "traefik.http.routers.whoami.rule=Host(`whoami.localhost.com`)"
|
|
|
|
|
|
|
|
|
|
traefik-forward-auth:
|
|
|
|
|
image: thomseddon/traefik-forward-auth:2
|
|
|
|
|
environment:
|
|
|
|
|
- PROVIDERS_GOOGLE_CLIENT_ID=your-client-id
|
|
|
|
|
- PROVIDERS_GOOGLE_CLIENT_SECRET=your-client-secret
|
|
|
|
|
- SECRET=something-random
|
|
|
|
|
# INSECURE_COOKIE is required if not using a https entrypoint
|
|
|
|
|
- INSECURE_COOKIE=true
|
|
|
|
|
- COOKIE_DOMAIN=localhost.com
|
|
|
|
|
- AUTH_HOST=auth.localhost.com:8085
|
|
|
|
|
- LOG_LEVEL=debug
|
|
|
|
|
labels:
|
|
|
|
|
- "traefik.http.routers.traefik-forward-auth.rule=Host(`auth.localhost.com`)"
|
|
|
|
|
- "traefik.http.middlewares.traefik-forward-auth.forwardauth.address=http://traefik-forward-auth:4181"
|
|
|
|
|
- "traefik.http.middlewares.traefik-forward-auth.forwardauth.authResponseHeaders=X-Forwarded-User"
|
|
|
|
|
- "traefik.http.services.traefik-forward-auth.loadbalancer.server.port=4181"
|
