Simplify authelia config. Add dozzle for log viewing.

docker-compose.yaml

@@ -27,6 +27,7 @@ services:
       - PUBLIC_DOMAIN
     networks:
       web:
+        ipv4_address: 172.18.1.2
     command:
       - "--configFile=/data/traefik.yaml"
     ports:
@@ -48,29 +49,20 @@ services:
       traefik.http.routers.traefik.tls.certResolver: le
       autoheal: "true"
 
-  authelia-config:
-    # Preprocess authelia configuration through gomplate
-    image: hairyhenderson/gomplate
-    environment:
-      - PRIVATE_DOMAIN
-      - PUBLIC_DOMAIN
-    volumes:
-      - ./authelia/configuration.yml:/data/input:ro
-      - authelia-config:/data/output
-    command: '--file=/data/input --out=/data/output/configuration.yml'
   authelia:
     container_name: authelia
     image: authelia/authelia
     restart: always
-    depends_on:
-      # config preprocessor should run first
-      - authelia-config
     volumes:
-      - ./authelia:/opt/authelia
-      - authelia-config:/etc/authelia/
+      - ./authelia:/config
     environment:
-      - ENVIRONMENT=dev
+      # - ENVIRONMENT=dev
       - NODE_TLS_REJECT_UNAUTHORIZED=1
+      - AUTHELIA_JWT_SECRET
+      - AUTHELIA_SESSION_SECRET
+      - AUTHELIA_SESSION_DOMAIN
+      - AUTHELIA_TOTP_ISSUER
+      - TZ=Europe/Stockholm
     networks:
       web:
     healthcheck:
@@ -95,26 +87,41 @@ services:
       web:
     labels:
       traefik.enable: true
-      traefik.http.routers.homer.rule: Host(`${PRIVATE_DOMAIN}`)
+      traefik.http.routers.homer.rule: Host(`${PRIVATE_DOMAIN}`) || Host(`www.${PRIVATE_DOMAIN}`)
       traefik.http.routers.homer.tls.certResolver: le
-      traefik.http.routers.homer.entrypoints: websecure
 
-# whoami-https:
-#   image: containous/whoami
-#   networks:
-#     web:
-#   labels:
-#     traefik.enable: true
-#     traefik.http.routers.wait-https.rule: Host(`wai-https.${PRIVATE_DOMAIN}`)
-#     traefik.http.routers.wait-https.tls.certResolver: le
+  dozzle:
+    image: amir20/dozzle
+    restart: always
+    volumes:
+      - /var/run/docker.sock:/var/run/docker.sock
+    networks:
+      web:
+    labels:
+      traefik.enable: true
+      traefik.http.routers.dozzle.rule: Host(`logs.${PRIVATE_DOMAIN}`)
+      traefik.http.routers.dozzle.tls.certResolver: le
+      traefik.http.routers.dozzle.middlewares: auth@file
 
-# whoami-auth:
-#   image: containous/whoami
-#   networks:
-#     web:
-#     macvlan:
-#   labels:
-#     traefik.enable: true
-#     traefik.http.routers.wai-auth.rule: Host(`wai-auth.${PRIVATE_DOMAIN}`)
-#     traefik.http.routers.wai-auth.tls.certResolver: le
-#     traefik.http.routers.wai-auth.middlewares: auth@file
+
+# labels:
+#   The following three labels are always needed. Make sure to replace <SERVICE> with a unique name
+#   traefik.enable: true
+#   traefik.http.routers.<SERVICE>.tls.certResolver: le
+#   traefik.http.routers.<SERVICE>.rule: Host(`<SERVICE>.${PRIVATE_DOMAIN}`)
+
+#   Alternatives:
+#   traefik.http.routers.<SERVICE>.rule: Host(`<SERVICE>.${PUBLIC_DOMAIN}`)
+#   traefik.http.routers.<SERVICE>.rule: Host(`<SERVICE>.${PRIVATE_DOMAIN}`) || HOST(`<SERVICE>.${PUBLIC_DOMAIN}`)
+
+#   Require authentication:
+#   traefik.http.routers.<SERVICE>.middlewares: auth@file
+
+#   If more than one port is exposed by the container:
+#   traefik.http.services.<SERVICE>.loadbalancer.server.port: <PORT>
+
+#   If container uses more than one network:
+#   traefik.docker.network: web
+
+#   Restart automatically if healthchech fails:
+#   autoheal: "true"