jpallison0625/swarm-production
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Configure Traefik for public-facing access with frostlabs.me domains

Browse Source 
- Fixed certificatesResolvers configuration in static.yml (moved out of tls section)
- Added DNS resolvers to Cloudflare ACME challenge configuration
- Added persistent volume mount for Let's Encrypt certificates
- Updated Outline service labels to use flow.frostlabs.me with proper cert resolver
- Updated Authentik service labels to use auth.frostlabs.me with proper cert resolver
- Added security headers and rate limiting middlewares to dynamic.yml
- Added example templates for public-facing service configuration

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
This commit is contained in:
John
2025-11-10 11:27:47 +00:00
parent ad08678553
commit 3871e30abd
5 changed files with 56 additions and 17 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
stacks/core/authentik/stack.yml
View File

@@ -61,9 +61,11 @@ services:
labels:
- "traefik.enable=true"
- "traefik.swarm.network=homelab"
# Public-facing domain with Let's Encrypt certificate
- "traefik.http.routers.authentik.rule=Host(`auth.frostlabs.me`)"
- "traefik.http.routers.authentik.entrypoints=websecure"
- "traefik.http.routers.authentik.tls=certificatesResolvers=cloudflare"
- "traefik.http.routers.authentik.tls=true"
- "traefik.http.routers.authentik.tls.certresolver=cloudflare"
- "traefik.http.services.authentik.loadbalancer.server.port=9000"
depends_on: