documentaion update
This commit is contained in:
kelinfoxy
65
README.md
65
README.md
@@ -1,8 +1,28 @@
|
||||
# Authelia DuckDNS & Traefik based Arcane Registry
|
||||
|
||||
## Approach
|
||||
|
||||
Authelia provides single sign on authentication
|
||||
DuckDNS provides free sub domain redirects, and letsencrypt certificates (domain and wildcard)
|
||||
|
||||
Use env variables to template the required labels
|
||||
Traefik routes based on labels for services running on the same server
|
||||
Traefik routes based on remote-host.yaml files for services NOT running on the same server.
|
||||
|
||||
Each docker-compose.yml & .env file template includes templated labels to easily configure traefik routing.
|
||||
|
||||
>***Tip:*** **Create the following variables in .env.global**
|
||||
>* TZ=America/New_York
|
||||
>* PUID=1000
|
||||
>* PGID=1000
|
||||
>* SERVER_NAME=
|
||||
>* SERVER_IP=
|
||||
>* SUBDOMAIN=
|
||||
>
|
||||
> Then you can simply remove them from the .env file instead of filling in the values every time.
|
||||
|
||||
To disable Authelia for a specific site (like Jellyfin): Comment out this line in the compose file `- ${AUTHELIA_LABEL}`
|
||||
|
||||
## Deploying a new server? Start with the core stack
|
||||
|
||||
## Compose file template
|
||||
|
||||
@@ -112,6 +132,49 @@ AUTHELIA_LABEL=traefik.http.routers.${SERVICE_NAME}.middlewares=authelia@docker
|
||||
WATCHTOWER_ENABLE_LABEL=com.centurylinklabs.watchtower.enable=true
|
||||
```
|
||||
|
||||
## Traefik remote server yaml files
|
||||
|
||||
When Traefik is on a different server
|
||||
|
||||
* labels in compose files are ignored (remove to avoid confussion)
|
||||
|
||||
* The routers and services must be included in a yaml file under traefik/dynamic
|
||||
|
||||
> **VARIABLES MUST BE REPLACED BY THE ACTUAL VALUES - The files in traefik/dynamic do NOT have access to the env variables**
|
||||
***Tip:*** **Use find/replace in your text editor**
|
||||
|
||||
```yaml
|
||||
http:
|
||||
routers:
|
||||
|
||||
${SERVICE_NAME}-${SERVER_NAME}:
|
||||
rule: "Host(`${SERVICE_NAME}$.${DOMAIN}`)"
|
||||
service: ${SERVICE_NAME}-${SERVER_NAME}-service
|
||||
entrypoints:
|
||||
- websecure
|
||||
tls:
|
||||
certResolver: letsencrypt
|
||||
middlewares:
|
||||
- authelia@docker
|
||||
|
||||
|
||||
services:
|
||||
|
||||
${SERVICE_NAME}-${SERVER_NAME}-service:
|
||||
loadBalancer:
|
||||
servers:
|
||||
- url: "http://${SERVER_IP}:${EXTERNAL_PORT}"
|
||||
passHostHeader: true
|
||||
|
||||
```
|
||||
|
||||
Filename doesn't technically matter, but it is recomended to either
|
||||
|
||||
* create a file for each service named like `service-server_name-remote-host.yaml`
|
||||
|
||||
* OR Create a single file per server like `server_name-remote-host.yaml`
|
||||
|
||||
|
||||
## Docker Compose Templates
|
||||
|
||||
* Core
|
||||
|
||||
Reference in New Issue
Block a user