diff --git a/examples/traefik-v2/swarm/docker-compose-auth-host.yml b/examples/traefik-v2/swarm/docker-compose-auth-host.yml new file mode 100644 index 0000000..f8f050c --- /dev/null +++ b/examples/traefik-v2/swarm/docker-compose-auth-host.yml @@ -0,0 +1,35 @@ +version: '3' + +services: + traefik: + image: traefik:v2.2 + command: --providers.docker + ports: + - "8085:80" + - "8086:8080" + volumes: + - /var/run/docker.sock:/var/run/docker.sock + + whoami: + image: emilevauge/whoami + labels: + - "traefik.http.routers.whoami.rule=Host(`whoami.localhost.com`)" + - "traefik.http.routers.whoami.middlewares=traefik-forward-auth" + + traefik-forward-auth: + image: thomseddon/traefik-forward-auth:2 + environment: + - PROVIDERS_GOOGLE_CLIENT_ID=your-client-id + - PROVIDERS_GOOGLE_CLIENT_SECRET=your-client-secret + - SECRET=something-random + # INSECURE_COOKIE is required if not using a https entrypoint + - INSECURE_COOKIE=true + - COOKIE_DOMAIN=localhost.com + - AUTH_HOST=auth.localhost.com:8085 + - LOG_LEVEL=debug + labels: + - "traefik.http.routers.traefik-forward-auth.rule=Host(`auth.localhost.com`)" + - "traefik.http.routers.traefik-forward-auth.middlewares=traefik-forward-auth" + - "traefik.http.middlewares.traefik-forward-auth.forwardauth.address=http://traefik-forward-auth:4181" + - "traefik.http.middlewares.traefik-forward-auth.forwardauth.authResponseHeaders=X-Forwarded-User" + - "traefik.http.services.traefik-forward-auth.loadbalancer.server.port=4181" diff --git a/examples/traefik-v2/swarm/docker-compose-oidc.yml b/examples/traefik-v2/swarm/docker-compose-oidc.yml new file mode 100644 index 0000000..a2768bd --- /dev/null +++ b/examples/traefik-v2/swarm/docker-compose-oidc.yml @@ -0,0 +1,34 @@ +version: '3' + +services: + traefik: + image: traefik:v2.2 + command: --providers.docker + ports: + - "8085:80" + - "8086:8080" + volumes: + - /var/run/docker.sock:/var/run/docker.sock + + whoami: + image: emilevauge/whoami + labels: + - "traefik.http.routers.whoami.rule=Host(`whoami.localhost.com`)" + - "traefik.http.routers.whoami.middlewares=traefik-forward-auth" + + traefik-forward-auth: + image: thomseddon/traefik-forward-auth:2 + environment: + - DEFAULT_PROVIDER=oidc + - PROVIDERS_OIDC_ISSUER_URL=https://login.microsoftonline.com/{tenant} + - PROVIDERS_OIDC_CLIENT_ID=your-client-id + - PROVIDERS_OIDC_CLIENT_SECRET=your-client-secret + - SECRET=something-random + # INSECURE_COOKIE is required if not using a https entrypoint + - INSECURE_COOKIE=true + - LOG_LEVEL=debug + labels: + - "traefik.http.middlewares.traefik-forward-auth.forwardauth.address=http://traefik-forward-auth:4181" + - "traefik.http.middlewares.traefik-forward-auth.forwardauth.authResponseHeaders=X-Forwarded-User" + - "traefik.http.services.traefik-forward-auth.loadbalancer.server.port=4181" + diff --git a/examples/traefik-v2/swarm/docker-compose.yml b/examples/traefik-v2/swarm/docker-compose.yml new file mode 100644 index 0000000..f1f183f --- /dev/null +++ b/examples/traefik-v2/swarm/docker-compose.yml @@ -0,0 +1,31 @@ +version: '3' + +services: + traefik: + image: traefik:v2.2 + command: --providers.docker + ports: + - "8085:80" + - "8086:8080" + volumes: + - /var/run/docker.sock:/var/run/docker.sock + + whoami: + image: emilevauge/whoami + labels: + - "traefik.http.routers.whoami.rule=Host(`whoami.localhost.com`)" + - "traefik.http.routers.whoami.middlewares=traefik-forward-auth" + + traefik-forward-auth: + image: thomseddon/traefik-forward-auth:2 + environment: + - PROVIDERS_GOOGLE_CLIENT_ID=your-client-id + - PROVIDERS_GOOGLE_CLIENT_SECRET=your-client-secret + - SECRET=something-random + # INSECURE_COOKIE is required if not using a https entrypoint + - INSECURE_COOKIE=true + - LOG_LEVEL=debug + labels: + - "traefik.http.middlewares.traefik-forward-auth.forwardauth.address=http://traefik-forward-auth:4181" + - "traefik.http.middlewares.traefik-forward-auth.forwardauth.authResponseHeaders=X-Forwarded-User" + - "traefik.http.services.traefik-forward-auth.loadbalancer.server.port=4181"