update scan
This commit is contained in:
40
swarm.yml
40
swarm.yml
@@ -203,8 +203,6 @@
|
||||
secrets:
|
||||
- wildcard-jingoh-private.crt
|
||||
- wildcard-jingoh-private.key
|
||||
labels:
|
||||
- "io.portainer.accesscontrol.public"
|
||||
deploy:
|
||||
mode: replicated
|
||||
replicas: 1
|
||||
@@ -231,7 +229,8 @@
|
||||
- "traefik.http.routers.http-catchall.middlewares=redirect-to-https"
|
||||
- "traefik.http.middlewares.redirect-to-https.redirectscheme.scheme=https"
|
||||
- "traefik.http.middlewares.privatevpn.ipwhitelist.sourcerange=100.96.0.0/16"
|
||||
# - "traefik.http.routers.dashboard.middlewares=privatevpn"
|
||||
- "io.portainer.accesscontrol.public"
|
||||
- "traefik.http.routers.dashboard.middlewares=privatevpn"
|
||||
agent:
|
||||
image: portainer/agent:latest
|
||||
environment:
|
||||
@@ -261,14 +260,13 @@
|
||||
networks:
|
||||
- public
|
||||
- agent_network
|
||||
labels:
|
||||
- "io.portainer.accesscontrol.public"
|
||||
deploy:
|
||||
mode: replicated
|
||||
replicas: 1
|
||||
placement:
|
||||
constraints: [node.role == manager]
|
||||
labels:
|
||||
- "io.portainer.accesscontrol.public"
|
||||
# Frontend
|
||||
- "traefik.enable=true"
|
||||
- "traefik.docker.network=public"
|
||||
@@ -287,10 +285,9 @@
|
||||
- "traefik.http.routers.edge.middlewares=privatevpn"
|
||||
whoami:
|
||||
image: "traefik/whoami"
|
||||
labels:
|
||||
- "io.portainer.accesscontrol.public"
|
||||
deploy:
|
||||
labels:
|
||||
- "io.portainer.accesscontrol.public"
|
||||
- "traefik.enable=true"
|
||||
- "traefik.docker.network=public"
|
||||
- "traefik.http.routers.whoami.rule=Host(`whoamitest.jingoh.private`)"
|
||||
@@ -301,6 +298,34 @@
|
||||
networks:
|
||||
- public
|
||||
|
||||
# forward-auth:
|
||||
# image: thomseddon/traefik-forward-auth:2.2.0
|
||||
# environment:
|
||||
# # env_file: ./appdata/dex/traefik-auth-conf.env
|
||||
# container_name: forward-auth
|
||||
# volumes:
|
||||
# # - ./config.ini:/config.ini:ro
|
||||
# - ./appdata/dex/traefik-auth-conf.env:/config.ini:ro
|
||||
# # - /var/data/config/traefik-forward-auth/config.ini:/config.ini:ro
|
||||
# networks:
|
||||
# t2_proxy:
|
||||
# ipv4_address: 192.168.90.193
|
||||
# labels:
|
||||
# # traefikv2
|
||||
# - "traefik.enable=true"
|
||||
# - "traefik.docker.network=t2_proxy"
|
||||
# - "traefik.http.routers.auth.rule=Host(`auth.jingoh.fr`)"
|
||||
# - "traefik.http.routers.auth.entrypoints=https"
|
||||
# - "traefik.http.routers.auth.tls=true"
|
||||
# # - "traefik.http.routers.auth.tls.domains[0].main=jingoh.fr"
|
||||
# # - "traefik.http.routers.auth.tls.domains[0].sans=*.jingoh.fr"
|
||||
# - "traefik.http.routers.auth.tls.certresolver=letsencrypt-resolver"
|
||||
# - "traefik.http.routers.auth.service=auth@docker"
|
||||
# - "traefik.http.services.auth.loadbalancer.server.port=4181"
|
||||
# - "traefik.http.middlewares.forward-auth.forwardauth.address=http://forward-auth:4181"
|
||||
# - "traefik.http.middlewares.forward-auth.forwardauth.trustForwardHeader=true"
|
||||
# - "traefik.http.middlewares.forward-auth.forwardauth.authResponseHeaders=X-Forwarded-User"
|
||||
|
||||
networks:
|
||||
public:
|
||||
external: true
|
||||
@@ -325,6 +350,7 @@
|
||||
|
||||
run_once: true
|
||||
when: inventory_hostname in groups['docker_swarm_manager']
|
||||
tags: deploy
|
||||
|
||||
# docker network create -d overlay agent_network
|
||||
# docker network create -d overlay public
|
||||
|
||||
Reference in New Issue
Block a user