Added authelia, caddy and adguard

homelab/caddy/Dockerfile

@@ -0,0 +1,8 @@
+FROM caddy:2.8-builder AS builder
+
+RUN xcaddy build \
+  --with github.com/caddy-dns/cloudflare
+
+FROM caddy:2.8
+
+COPY --from=builder /usr/bin/caddy /usr/bin/caddy

homelab/caddy/README.md

@@ -0,0 +1,2 @@
+# Caddy reverse proxy
+Follow [this](https://github.com/caddy-dns/cloudflare) to obtain secrets

homelab/caddy/caddyfiles/Caddyfile

@@ -0,0 +1,16 @@
+localhost {
+	respond "Hello world!"
+}
+
+
+*.timo.bmrs.nl timo.bmrs.nl {
+	tls {
+		dns cloudflare {
+			zone_token {env.CF_ZONE_TOKEN}
+			api_token {env.CF_API_TOKEN}
+		}
+		resolvers 1.1.1.1
+	}
+
+	import routes/*
+}

homelab/caddy/caddyfiles/routes/adguard

@@ -0,0 +1,9 @@
+@adguard host adguard.timo.bmrs.nl
+handle @adguard {
+	forward_auth authelia:9091 {
+		uri /api/authz/forward-auth
+		copy_headers Remote-User Remote-Groups Remote-Email Remote-Name		
+	}
+
+	reverse_proxy adguardhome:3000
+}

homelab/caddy/caddyfiles/routes/authelia

@@ -0,0 +1,9 @@
+@ldap host ldap.timo.bmrs.nl
+handle @ldap {
+	reverse_proxy lldap:17170
+}
+
+@authelia host auth.timo.bmrs.nl
+handle @authelia {
+	reverse_proxy authelia:9091
+}

homelab/caddy/docker-compose.yml

@@ -1,6 +1,6 @@
 services:
   caddy:
-    image: caddy:2.8
+    build: .
     container_name: caddy
     restart: unless-stopped
     cap_add:
@@ -10,10 +10,18 @@ services:
       - 443:443
       - 443:443/udp
     volumes:
-      - caddy_data:/data
-      - caddy_config:/config
+      - data:/data
+      - config:/config
       - ./caddyfiles:/etc/caddy/
+    environment:
+      CF_ZONE_TOKEN: ${CF_ZONE_TOKEN}
+      CF_API_TOKEN: ${CF_API_TOKEN}
 
 volumes:
-  caddy_data:
-  caddy_config:
+  data:
+  config:
+
+networks:
+  default:
+    name: proxy
+    external: true