mirror of
https://github.com/deadcxap/init_scripts.git
synced 2026-07-02 05:43:40 +03:00
добавил caddyfile для базовых директив
(не всё же в леблы пихать, так не удобно)
This commit is contained in:
@@ -0,0 +1,25 @@
|
||||
{
|
||||
email dead@cxap.space
|
||||
dns cloudflare {$CF_API_TOKEN}
|
||||
servers {
|
||||
dns cloudflare {env.CF_API_TOKEN}
|
||||
trusted_proxies static private_ranges
|
||||
}
|
||||
}
|
||||
|
||||
# общий сниппет авторизации
|
||||
(tinyauth_forwarder) {
|
||||
forward_auth tinyauth:3000 {
|
||||
uri /api/auth/caddy
|
||||
copy_headers Remote-User Remote-Name Remote-Email Remote-Groups
|
||||
}
|
||||
}
|
||||
|
||||
# при желании — отдельный сниппет для API
|
||||
(tinyauth_api_forwarder) {
|
||||
forward_auth tinyauth:3000 {
|
||||
uri /api/auth/caddy
|
||||
header_up Authorization {http.request.header.X-Api-Key}
|
||||
header_up Accept application/json
|
||||
}
|
||||
}
|
||||
@@ -15,30 +15,16 @@ services:
|
||||
volumes:
|
||||
- /var/run/docker.sock:/var/run/docker.sock:ro
|
||||
- caddy_data:/data
|
||||
- ./Caddyfile:/etc/caddy/Caddyfile:ro
|
||||
networks: [proxy]
|
||||
# Глобальные настройки + сниппет для forward_auth (Tinyauth)
|
||||
labels:
|
||||
caddy.email: dead@cxap.space
|
||||
caddy.dns: "cloudflare {env.CF_API_TOKEN}"
|
||||
command: ["caddy","docker-proxy","--docker-sockets","unix:///var/run/docker.sock"]
|
||||
|
||||
caddy-snippets:
|
||||
image: alpine:3.20
|
||||
command: ["sleep", "infinity"]
|
||||
restart: unless-stopped
|
||||
networks: [proxy]
|
||||
labels:
|
||||
# сниппет аутентификации
|
||||
caddy: (tinyauth_forwarder)
|
||||
caddy.forward_auth: tinyauth:3000
|
||||
caddy.forward_auth.uri: /api/auth/caddy
|
||||
caddy.forward_auth.copy_headers: Remote-User Remote-Name Remote-Email Remote-Groups
|
||||
|
||||
tinyauth:
|
||||
image: ghcr.io/steveiliop56/tinyauth:v3
|
||||
container_name: tinyauth
|
||||
restart: unless-stopped
|
||||
environment:
|
||||
- LOG_LEVEL=2
|
||||
- APP_URL=https://auth.realy.nothing.help
|
||||
- SECRET=${TINYAUTH_SECRET}
|
||||
- USERS=${TINYAUTH_USERS}
|
||||
@@ -67,7 +53,7 @@ services:
|
||||
labels:
|
||||
caddy: port.realy.nothing.help
|
||||
caddy.encode: zstd gzip
|
||||
caddy.import: tinyauth_forwarder *
|
||||
caddy.import: tinyauth_forwarder
|
||||
caddy.reverse_proxy: "{{upstreams 9000}}"
|
||||
|
||||
volumes:
|
||||
|
||||
Reference in New Issue
Block a user