Added dozzle

2024-10-24 20:14:50 +02:00 · 2024-10-24 20:14:50 +02:00 · 728fb943af
commit 728fb943af
parent 74b0efc9ee
5 changed files with 33 additions and 9 deletions
--- a/homelab/adguard/docker-compose.yml
+++ b/homelab/adguard/docker-compose.yml
@ -6,7 +6,7 @@ services:
    ports:
      - 53:53/tcp
      - 53:53/udp
-#      - 80:3000 # Only use during setup
+      # - 80:3000 # Only use during setup
    volumes:
      - work:/opt/adguardhome/work
      - conf:/opt/adguardhome/conf
--- a/homelab/authelia/config/configuration.yml
+++ b/homelab/authelia/config/configuration.yml
@ -645,6 +645,9 @@ access_control:
    - domain: 'cloud.timo.bmrs.nl'
      policy: 'bypass'

+    - domain: 'dozzle.timo.bmrs.nl'
+      policy: 'one_factor'
+
    - domain: 'office.timo.bmrs.nl'
      policy: 'bypass'

@ -658,8 +661,7 @@ access_control:
      policy: 'bypass'

    - domain: 'ldap.timo.bmrs.nl'
-      policy: 'two_factor'
-      subject: 'group:admin'
+      policy: 'bypass'

    - domain: 'uptime.timo.bmrs.nl'
      policy: 'bypass'
@ -777,7 +779,7 @@ session:
      ##   - The above 'domain' option MUST either:
      ##      - Match the host portion of this URI.
      ##      - Match the suffix of the host portion when prefixed with '.'.
-      # default_redirection_url: 'https://www.example.com'
+      default_redirection_url: 'https://www.timo.bmrs.nl'

      ## Sets the Cookie SameSite value. Possible options are none, lax, or strict.
      ## Please read https://www.authelia.com/c/session#same_site
--- a/homelab/caddy/caddyfiles/routes/dozzle
+++ b/homelab/caddy/caddyfiles/routes/dozzle
@ -0,0 +1,9 @@
+@dozzle host dozzle.timo.bmrs.nl
+handle @dozzle {
+	forward_auth authelia:9091 {
+		uri /api/authz/forward-auth
+		copy_headers Remote-User Remote-Groups Remote-Name Remote-Email
+	}
+
+	reverse_proxy dozzle:8080
+}
--- a/homelab/dozzle/docker-compose.yml
+++ b/homelab/dozzle/docker-compose.yml
@ -0,0 +1,15 @@
+services:
+  dozzle:
+    image: amir20/dozzle:latest
+    container_name: dozzle
+    restart: unless-stopped
+    volumes:
+      - /run/user/1000/docker.sock:/var/run/docker.sock:ro
+    environment:
+      DOZZLE_ENABLE_ACTIONS: true
+      DOZZLE_AUTH_PROVIDER: forward-proxy
+
+networks:
+  default:
+    external: true
+    name: proxy
--- a/hosts/pm01vm01/hardware-configuration.nix
+++ b/hosts/pm01vm01/hardware-configuration.nix
@ -14,19 +14,17 @@
  boot.extraModulePackages = [ ];

  fileSystems."/" =
-    { device = "/dev/disk/by-uuid/649666ff-db85-4666-86d0-c088732505d6";
+    { device = "/dev/disk/by-uuid/47301fe6-a7db-4ffd-854a-beddd53b6d99";
      fsType = "ext4";
    };

  fileSystems."/boot" =
-    { device = "/dev/disk/by-uuid/A157-F96E";
+    { device = "/dev/disk/by-uuid/6A5B-F811";
      fsType = "vfat";
      options = [ "fmask=0077" "dmask=0077" ];
    };

-  # swapDevices =
-  #   [ { device = "/dev/disk/by-uuid/f8c0a59c-7e1a-4eb7-960e-20ba65fec156"; }
-  #   ];
+  swapDevices = [ ];

  # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
  # (the default) this is the recommended approach. When using systemd-networkd it's