http: middlewares: authentik: forwardAuth: address: http://localhost:9100/outpost.goauthentik.io/auth/traefik trustForwardHeader: true authResponseHeaders: - X-authentik-username - X-authentik-groups - X-authentik-entitlements - X-authentik-email - X-authentik-name - X-authentik-uid - X-authentik-jwt - X-authentik-meta-jwks - X-authentik-meta-outpost - X-authentik-meta-provider - X-authentik-meta-app - X-authentik-meta-version routers: # Router for wekan.rohrschacht.de wekan-router: rule: "Host(`wekan.rohrschacht.de`)" entryPoints: - websecure tls: certResolver: letsencrypt service: wekan-service # Router for wekantesting.rohrschacht.de wekantesting-router: rule: "Host(`wekantesting.rohrschacht.de`)" entryPoints: - websecure tls: certResolver: letsencrypt service: wekantesting-service # Router for git.rohrschacht.de git-router: rule: "Host(`git.rohrschacht.de`) || Host(`gitea.rohrschacht.de`)" entryPoints: - websecure tls: certResolver: letsencrypt service: gitea-service # Router for vault.rohrschacht.de vault-router: rule: "Host(`vault.rohrschacht.de`)" entryPoints: - websecure tls: certResolver: letsencrypt service: vault-service # Router for actual.rohrschacht.de actual-router: rule: "Host(`actual.rohrschacht.de`)" entryPoints: - websecure tls: certResolver: letsencrypt service: actual-service # Router for nextcloud.rohrschacht.de nextcloud-router: rule: "Host(`nextcloud.rohrschacht.de`)" entryPoints: - websecure tls: certResolver: letsencrypt service: nextcloud-service # Router for paperless.rohrschacht.de paperless-router: rule: "Host(`paperless.rohrschacht.de`)" entryPoints: - websecure tls: certResolver: letsencrypt service: paperless-service # Router for bookstack.rohrschacht.de bookstack-router: rule: "Host(`bookstack.rohrschacht.de`)" entryPoints: - websecure tls: certResolver: letsencrypt service: bookstack-service # Router for languagetool.rohrschacht.de languagetool-router: rule: "Host(`languagetool.rohrschacht.de`)" entryPoints: - websecure tls: certResolver: letsencrypt service: languagetool-service # Router for sgnarva.petrich.work sgnarva-router: rule: "Host(`sg-narva.petrich.work`)" entryPoints: - websecure tls: certResolver: letsencrypt service: sgnarva-service # Router for auth.rohrschacht.de authentik-router: rule: "Host(`auth.rohrschacht.de`)" entryPoints: - websecure tls: certResolver: letsencrypt service: authentik-serivce # Router for tandoor.rohrschacht.de tandoor-router: rule: "Host(`tandoor.rohrschacht.de`)" entryPoints: - websecure tls: certResolver: letsencrypt service: tandoor-service # Router for silverbullet.rohrschacht.de silverbullet-router-service-worker: rule: "Host(`silverbullet.rohrschacht.de`) && PathPrefix(`/service_worker.js`)" entryPoints: - websecure priority: 20 tls: certResolver: letsencrypt service: silverbullet-service # Router for silverbullet.rohrschacht.de static client assets silverbullet-router-client: rule: "Host(`silverbullet.rohrschacht.de`) && PathPrefix(`/.client`)" entryPoints: - websecure priority: 20 tls: certResolver: letsencrypt service: silverbullet-service # Router for silverbullet.rohrschacht.de silverbullet-router: rule: "Host(`silverbullet.rohrschacht.de`)" # rule: "Host(`silverbullet.rohrschacht.de`) && !PathPrefix(`/service_worker.js`) && !PathPrefix(`/.client`) && !PathPrefix(`/outpost.goauthentik.io/`)" entryPoints: - websecure middlewares: - authentik priority: 10 tls: certResolver: letsencrypt service: silverbullet-service # Router for silverbullet.rohrschacht.de authentik outpost path silverbullet-router-auth: rule: "Host(`silverbullet.rohrschacht.de`) && PathPrefix(`/outpost.goauthentik.io/`)" entryPoints: - websecure priority: 15 tls: certResolver: letsencrypt service: authentik-service services: # Service for wekan.rohrschacht.de wekan-service: loadBalancer: servers: - url: "http://localhost:8100" # Service for wekantesting.rohrschacht.de wekantesting-service: loadBalancer: servers: - url: "http://localhost:8200" # Service for gitea.rohrschacht.de gitea-service: loadBalancer: servers: - url: "http://localhost:8300" # Service for vault.rohrschacht.de vault-service: loadBalancer: servers: - url: "http://localhost:8400" # Service for vault.rohrschacht.de actual-service: loadBalancer: servers: - url: "http://localhost:8500" # Service for nextcloud.rohrschacht.de nextcloud-service: loadBalancer: servers: - url: "http://localhost:8600" # Service for paperless.rohrschacht.de paperless-service: loadBalancer: servers: - url: "http://localhost:8700" # Service for bookstack.rohrschacht.de bookstack-service: loadBalancer: servers: - url: "http://localhost:8800" # Service for languagetool.rohrschacht.de languagetool-service: loadBalancer: servers: - url: "http://localhost:8900" # Service for sgnarva.petrich.work sgnarva-service: loadBalancer: servers: - url: "http://localhost:9000" # Service for auth.rohrschacht.de authentik-serivce: loadBalancer: servers: - url: "http://localhost:9100" # Service for tandoor.rohrschacht.de tandoor-service: loadBalancer: servers: - url: "http://localhost:9200" # Service for silverbullet.rohrschacht.de silverbullet-service: loadBalancer: servers: - url: "http://localhost:9300"