aki/docker-compose-nas
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

fix(authelia): Add trusted proxies configuration
Some checks failed
/ validate-docker-compose (push) Has been cancelled
Details

Browse Source
This commit is contained in:
Jose Daniel G. Percy 2025-04-26 12:10:42 +08:00
parent f07d0937d9
commit 191d25e281
2 changed files with 7 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
authelia/configuration.example.yml
View File

@ -4,6 +4,8 @@
# Server settings # Server settings
server: server:
address: 'tcp://0.0.0.0:9091' address: 'tcp://0.0.0.0:9091'
trusted_proxies:
- '172.16.0.0/12' # Docker networks
# Logging configuration # Logging configuration
log: log:

7
docker-compose.yml
View File

@ -15,6 +15,8 @@ services:
- --experimental.plugins.rewriteHeaders.version=v0.0.3 - --experimental.plugins.rewriteHeaders.version=v0.0.3
- --providers.docker.network=docker-compose-nas - --providers.docker.network=docker-compose-nas
- --providers.docker.endpoint=unix:///var/run/docker.sock - --providers.docker.endpoint=unix:///var/run/docker.sock
- --log.level=DEBUG
- --entrypoints.web.http.middlewares=set-x-forwarded-proto@docker
network_mode: service:tailscale network_mode: service:tailscale
volumes: volumes:
- /var/run/docker.sock:/var/run/docker.sock:ro - /var/run/docker.sock:/var/run/docker.sock:ro
@ -22,6 +24,8 @@ services:
test: ["CMD", "traefik", "healthcheck", "--ping"] test: ["CMD", "traefik", "healthcheck", "--ping"]
interval: 30s interval: 30s
retries: 10 retries: 10
labels:
- traefik.http.middlewares.set-x-forwarded-proto.headers.customRequestHeaders.X-Forwarded-Proto=https
redis: redis:
image: redis:alpine image: redis:alpine
container_name: redis container_name: redis
@ -44,7 +48,6 @@ services:
volumes: volumes:
- ${CONFIG_ROOT:-.}/authelia:/config:Z - ${CONFIG_ROOT:-.}/authelia:/config:Z
environment: environment:
- AUTHELIA_JWT_SECRET=${AUTHELIA_JWT_SECRET}
- AUTHELIA_SESSION_SECRET=${AUTHELIA_SESSION_SECRET} - AUTHELIA_SESSION_SECRET=${AUTHELIA_SESSION_SECRET}
- AUTHELIA_STORAGE_ENCRYPTION_KEY=${AUTHELIA_STORAGE_ENCRYPTION_KEY} - AUTHELIA_STORAGE_ENCRYPTION_KEY=${AUTHELIA_STORAGE_ENCRYPTION_KEY}
- AUTHELIA_SESSION_REDIS_PASSWORD=${AUTHELIA_REDIS_PASSWORD} - AUTHELIA_SESSION_REDIS_PASSWORD=${AUTHELIA_REDIS_PASSWORD}
@ -400,7 +403,7 @@ services:
- PUID=${USER_ID} - PUID=${USER_ID}
- PGID=${GROUP_ID} - PGID=${GROUP_ID}
- TZ=${TIMEZONE} - TZ=${TIMEZONE}
- JELLYFIN_PublishedServerUrl=${TAILSCALE_HOSTNAME}.${TAILSCALE_TAILNET_DOMAIN}/jellyfin - JELLYFIN_PublishedServerUrl=https://${TAILSCALE_HOSTNAME}.${TAILSCALE_TAILNET_DOMAIN}/jellyfin
volumes: volumes:
- ${CONFIG_ROOT:-.}/jellyfin:/config:Z - ${CONFIG_ROOT:-.}/jellyfin:/config:Z
- ${DATA_ROOT}:/data:Z - ${DATA_ROOT}:/data:Z