From 728fb943af935122ca9ffec2d415c7000ca9d960 Mon Sep 17 00:00:00 2001 From: xeovalyte Date: Thu, 24 Oct 2024 20:14:50 +0200 Subject: [PATCH] Added dozzle --- homelab/adguard/docker-compose.yml | 2 +- homelab/authelia/config/configuration.yml | 8 +++++--- homelab/caddy/caddyfiles/routes/dozzle | 9 +++++++++ homelab/dozzle/docker-compose.yml | 15 +++++++++++++++ hosts/pm01vm01/hardware-configuration.nix | 8 +++----- 5 files changed, 33 insertions(+), 9 deletions(-) create mode 100644 homelab/caddy/caddyfiles/routes/dozzle create mode 100644 homelab/dozzle/docker-compose.yml diff --git a/homelab/adguard/docker-compose.yml b/homelab/adguard/docker-compose.yml index ce730c4..4ef6b7b 100644 --- a/homelab/adguard/docker-compose.yml +++ b/homelab/adguard/docker-compose.yml @@ -6,7 +6,7 @@ services: ports: - 53:53/tcp - 53:53/udp -# - 80:3000 # Only use during setup + # - 80:3000 # Only use during setup volumes: - work:/opt/adguardhome/work - conf:/opt/adguardhome/conf diff --git a/homelab/authelia/config/configuration.yml b/homelab/authelia/config/configuration.yml index c519e55..01db4bf 100644 --- a/homelab/authelia/config/configuration.yml +++ b/homelab/authelia/config/configuration.yml @@ -645,6 +645,9 @@ access_control: - domain: 'cloud.timo.bmrs.nl' policy: 'bypass' + - domain: 'dozzle.timo.bmrs.nl' + policy: 'one_factor' + - domain: 'office.timo.bmrs.nl' policy: 'bypass' @@ -658,8 +661,7 @@ access_control: policy: 'bypass' - domain: 'ldap.timo.bmrs.nl' - policy: 'two_factor' - subject: 'group:admin' + policy: 'bypass' - domain: 'uptime.timo.bmrs.nl' policy: 'bypass' @@ -777,7 +779,7 @@ session: ## - The above 'domain' option MUST either: ## - Match the host portion of this URI. ## - Match the suffix of the host portion when prefixed with '.'. - # default_redirection_url: 'https://www.example.com' + default_redirection_url: 'https://www.timo.bmrs.nl' ## Sets the Cookie SameSite value. Possible options are none, lax, or strict. ## Please read https://www.authelia.com/c/session#same_site diff --git a/homelab/caddy/caddyfiles/routes/dozzle b/homelab/caddy/caddyfiles/routes/dozzle new file mode 100644 index 0000000..62e8cf4 --- /dev/null +++ b/homelab/caddy/caddyfiles/routes/dozzle @@ -0,0 +1,9 @@ +@dozzle host dozzle.timo.bmrs.nl +handle @dozzle { + forward_auth authelia:9091 { + uri /api/authz/forward-auth + copy_headers Remote-User Remote-Groups Remote-Name Remote-Email + } + + reverse_proxy dozzle:8080 +} diff --git a/homelab/dozzle/docker-compose.yml b/homelab/dozzle/docker-compose.yml new file mode 100644 index 0000000..5a201b8 --- /dev/null +++ b/homelab/dozzle/docker-compose.yml @@ -0,0 +1,15 @@ +services: + dozzle: + image: amir20/dozzle:latest + container_name: dozzle + restart: unless-stopped + volumes: + - /run/user/1000/docker.sock:/var/run/docker.sock:ro + environment: + DOZZLE_ENABLE_ACTIONS: true + DOZZLE_AUTH_PROVIDER: forward-proxy + +networks: + default: + external: true + name: proxy diff --git a/hosts/pm01vm01/hardware-configuration.nix b/hosts/pm01vm01/hardware-configuration.nix index 604b147..1dbc8b1 100644 --- a/hosts/pm01vm01/hardware-configuration.nix +++ b/hosts/pm01vm01/hardware-configuration.nix @@ -14,19 +14,17 @@ boot.extraModulePackages = [ ]; fileSystems."/" = - { device = "/dev/disk/by-uuid/649666ff-db85-4666-86d0-c088732505d6"; + { device = "/dev/disk/by-uuid/47301fe6-a7db-4ffd-854a-beddd53b6d99"; fsType = "ext4"; }; fileSystems."/boot" = - { device = "/dev/disk/by-uuid/A157-F96E"; + { device = "/dev/disk/by-uuid/6A5B-F811"; fsType = "vfat"; options = [ "fmask=0077" "dmask=0077" ]; }; - # swapDevices = - # [ { device = "/dev/disk/by-uuid/f8c0a59c-7e1a-4eb7-960e-20ba65fec156"; } - # ]; + swapDevices = [ ]; # Enables DHCP on each ethernet and wireless interface. In case of scripted networking # (the default) this is the recommended approach. When using systemd-networkd it's