File Browser with Traefik in docker-compose
version: '3.5'
services:
oauth2:
image: quay.io/pusher/oauth2_proxy:v4.1.0
expose:
- 4180
volumes:
- ./templates:/templates
labels:
- "traefik.enable=true"
- "traefik.docker.network=default"
- "traefik.http.routers.oauth2proxy.rule=Host(`${DOMAIN}`) || PathPrefix(`/oauth2`)"
- "traefik.http.routers.oauth2proxy.entrypoints=websecure"
- "traefik.http.routers.oauth2proxy.service=oauth2proxy@docker"
- "traefik.http.routers.oauth2proxy.tls.certresolver=myhttpchallenge"
- "traefik.http.services.oauth2proxy.loadbalancer.server.port=4180"
- "traefik.http.middlewares.oauth-verify.forwardauth.address=http://oauth2:4180/oauth2/auth"
- "traefik.http.middlewares.oauth-verify.forwardauth.authResponseHeaders=X-Auth-Request-User,X-Auth-Request-Email,Authorization,Set-Cookie"
- "traefik.http.middlewares.oauth-verify.forwardauth.trustForwardHeader=true"
- "traefik.http.middlewares.oauth-signin.errors.service=oauth2proxy@docker"
- "traefik.http.middlewares.oauth-signin.errors.status=401"
- "traefik.http.middlewares.oauth-signin.errors.query=/oauth2/sign_in"
command:
- "-banner=tausendkind"
- "-cookie-domain=.${DOMAIN}"
- "-cookie-secure=true"
- "-custom-templates-dir=/templates/"
- "-email-domain=XXX.de"
- "-footer=-"
- "-http-address=0.0.0.0:4180"
- "-provider=google"
- "-set-authorization-header=true"
- "-set-xauthrequest=true"
- "-whitelist-domain=.${DOMAIN}"
environment:
- OAUTH2_PROXY_CLIENT_ID=
- OAUTH2_PROXY_CLIENT_SECRET=
- OAUTH2_PROXY_COOKIE_SECRET=
networks:
- default
restart: unless-stopped
traefik:
image: traefik:v2.1
ports:
- 80:80
- 443:443
labels:
- "traefik.enable=true"
- "traefik.docker.network=default"
- "traefik.http.routers.http-catchall.rule=hostregexp(`{host:.+}`)"
- "traefik.http.routers.http-catchall.entrypoints=web"
- "traefik.http.routers.http-catchall.middlewares=redirect-to-https"
- "traefik.http.routers.traefik.rule=Host(`traefik.${DOMAIN}`)"
- "traefik.http.routers.traefik.entrypoints=websecure"
- "traefik.http.routers.traefik.tls.certresolver=myhttpchallenge"
- "traefik.http.routers.traefik.middlewares=oauth-verify,oauth-signin"
- "traefik.http.middlewares.redirect-to-https.redirectscheme.scheme=https"
- "traefik.http.middlewares.redirect-to-https.redirectscheme.permanent=true"
volumes:
- /var/run/docker.sock:/var/run/docker.sock
- ./letsencrypt:/letsencrypt
command:
- "--log.level=DEBUG"
#- "--api.insecure=true"
- "--api.dashboard=true"
- "--providers.docker=true"
- "--providers.docker.exposedbydefault=false"
- "--entrypoints.web.address=:80"
- "--entrypoints.websecure.address=:443"
- "--certificatesresolvers.myhttpchallenge.acme.httpchallenge=true"
- "--certificatesresolvers.myhttpchallenge.acme.httpchallenge.entrypoint=web"
#- "--certificatesresolvers.myhttpchallenge.acme.caserver=https://acme-staging-v02.api.letsencrypt.org/directory"
- "--certificatesresolvers.myhttpchallenge.acme.email=${EMAIL}"
- "--certificatesresolvers.myhttpchallenge.acme.storage=/letsencrypt/acme.json"
networks:
- default
filemanager:
image: filebrowser/filebrowser
labels:
- "traefik.enable=true"
- "traefik.docker.network=default"
- "traefik.http.routers.filemanager.rule=Host(`files.${DOMAIN}`)"
- "traefik.http.routers.filemanager.entrypoints=websecure"
- "traefik.http.routers.filemanager.tls.certresolver=myhttpchallenge"
- "traefik.http.routers.filemanager.middlewares=oauth-signin,oauth-verify"
volumes:
- /data/srv:/srv
- /data/filebrowser.db:/database.db
- /data/.filebrowser.json:/.filebrowser.json
networks:
- default
networks:
default:Last updated
Was this helpful?