From f1683181f4b580327653146d2dc17e5777bf4030 Mon Sep 17 00:00:00 2001 From: deadcxap Date: Mon, 25 Aug 2025 07:02:58 +0300 Subject: [PATCH] =?UTF-8?q?=D0=BF=D1=80=D0=B0=D0=B2=D0=BA=D0=B0=20=D0=BB?= =?UTF-8?q?=D0=B5=D0=B9=D0=B1=D0=BB=D0=BE=D0=B2=20=D0=B4=D0=BB=D1=8F=20?= =?UTF-8?q?=D0=BA=D0=B0=D0=B4=D0=B4=D0=B8,=20=D0=B4=D0=BE=D0=B1=D0=B0?= =?UTF-8?q?=D0=B2=D0=BB=D0=B5=D0=BD=D0=B8=D0=B5=20=D0=B0=D0=B2=D1=82=D0=BE?= =?UTF-8?q?=D1=80=D0=B8=D0=B7=D0=B0=D1=86=D0=B8=D0=BE=D0=BD=D0=BD=D0=BE?= =?UTF-8?q?=D0=B3=D0=BE=20=D0=BF=D0=BB=D0=B0=D0=B3=D0=B8=D0=BD=D0=B0=20?= =?UTF-8?q?=D0=B4=D0=BB=D1=8F=20=D0=BA=D0=B0=D0=B4=D0=B4=D0=B8=20(=D0=BD?= =?UTF-8?q?=D0=B0=20=D0=B1=D1=83=D0=B4=D1=83=D1=89=D0=B5=D0=B5,=20=D0=B2?= =?UTF-8?q?=D0=BC=D0=B5=D1=81=D1=82=D0=BE=20tinyauth)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- admin/bootstrap/caddy-labeled/Dockerfile | 3 ++- admin/bootstrap/docker-compose.yml | 11 +++++++++-- 2 files changed, 11 insertions(+), 3 deletions(-) diff --git a/admin/bootstrap/caddy-labeled/Dockerfile b/admin/bootstrap/caddy-labeled/Dockerfile index 6adad5d..8f9806d 100644 --- a/admin/bootstrap/caddy-labeled/Dockerfile +++ b/admin/bootstrap/caddy-labeled/Dockerfile @@ -1,7 +1,8 @@ FROM caddy:2-builder AS builder RUN xcaddy build \ --with github.com/lucaslorentz/caddy-docker-proxy/v2 \ + --with github.com/greenpau/caddy-security@v1.1.31 \ --with github.com/caddy-dns/cloudflare FROM caddy:2 -COPY --from=builder /usr/bin/caddy /usr/bin/caddy +COPY --from=builder /usr/bin/caddy /usr/bin/caddy \ No newline at end of file diff --git a/admin/bootstrap/docker-compose.yml b/admin/bootstrap/docker-compose.yml index 524d6e0..63e0cb4 100644 --- a/admin/bootstrap/docker-compose.yml +++ b/admin/bootstrap/docker-compose.yml @@ -19,13 +19,20 @@ services: # Глобальные настройки + сниппет для forward_auth (Tinyauth) labels: caddy.email: dead@cxap.space - caddy.acme_dns: "cloudflare {env.CF_API_TOKEN}" + caddy.dns: "cloudflare {env.CF_API_TOKEN}" + command: ["caddy","docker-proxy","--docker-sockets","unix:///var/run/docker.sock"] + + caddy-snippets: + image: alpine:3.20 + command: ["sleep", "infinity"] + restart: unless-stopped + networks: [proxy] + labels: # сниппет аутентификации caddy: (tinyauth_forwarder) caddy.forward_auth: tinyauth:3000 caddy.forward_auth.uri: /api/auth/caddy caddy.forward_auth.copy_headers: Remote-User Remote-Name Remote-Email Remote-Groups - command: ["caddy","docker-proxy","--docker-sockets","unix:///var/run/docker.sock"] tinyauth: image: ghcr.io/steveiliop56/tinyauth:v3