Bhasher/homelab
Bhasher
/
homelab
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

syncthing & mealie

This commit is contained in:
Brieuc Dubois 2024-05-30 15:15:31 +02:00
parent f60bede85f
commit c42f64d273
3 changed files with 52 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

26
bxl-shp/apps/docker-compose.mealie.yaml
View File

@ -1,28 +1,34 @@
services: services:
mealie: mealie:
container_name: mealie container_name: mealie
image: hkotel/mealie:v0.5.6 image: hkotel/mealie:latest
restart: always restart: always
environment: environment:
- PUID=1000 - PUID=1000
- PGID=1000 - PGID=1000
- TZ=Europe/Paris - TZ=Europe/Paris
- RECIPE_PUBLIC=true - MAX_WORKERS=1
- RECIPE_SHOW_NUTRITION=true - WEB_CONCURRENCY=1
- RECIPE_SHOW_ASSETS=true - BASE_URL=https://recipes.bhasher.com
- RECIPE_LANDSCAPE_VIEW=true - OIDC_AUTH_ENABLED=true
- RECIPE_DISABLE_COMMENTS=true - OIDC_SIGNUP_ENABLE=true
- RECIPE_DISABLE_AMOUNT=false - OIDC_REMEMBER_ME=true
- OIDC_AUTO_REDIRECT=true
- OIDC_CONFIGURATION_URL=https://idp.bhasher.com/.well-known/openid-configuration
- OIDC_CLIENT_ID=mealie
- OIDC_PROVIDER_NAME=Authelia
- OIDC_USER_GROUP=everybody
- OIDC_ADMIN_GROUP=admin
labels: labels:
- "traefik.enable=true" - "traefik.enable=true"
- "traefik.http.routers.mealie.rule=Host(`mealie.bhasher.com`)" - "traefik.http.routers.mealie.rule=Host(`recipes.bhasher.com`)"
- "traefik.http.services.mealie.loadbalancer.server.port=80" - "traefik.http.services.mealie.loadbalancer.server.port=9000"
- "traefik.http.routers.mealie.tls=true" - "traefik.http.routers.mealie.tls=true"
- "traefik.http.routers.mealie.tls.certresolver=http" - "traefik.http.routers.mealie.tls.certresolver=http"
- "traefik.http.routers.mealie.entrypoints=internalsecure,externalsecure" - "traefik.http.routers.mealie.entrypoints=internalsecure,externalsecure"
- "com.centurylinklabs.watchtower.enable=true" - "com.centurylinklabs.watchtower.enable=true"
volumes: volumes:
- $DATA/mealie/:/app/data - $DATA/mealiev1/:/app/data
networks: networks:
- external - external

2
bxl-shp/apps/docker-compose.syncthing.yaml
View File

@ -9,7 +9,7 @@ services:
volumes: volumes:
- $DATA/syncthing:/var/syncthing:rw - $DATA/syncthing:/var/syncthing:rw
- /mnt/syncDocuments:/mnt/SyncDocuments:rw - /mnt/syncDocuments:/mnt/SyncDocuments:rw
- /mnt/brieuc-pictures:/mnt/pictures:rw - /mnt/brieuc:/mnt/brieuc:rw
labels: labels:
- "traefik.enable=true" - "traefik.enable=true"
- "traefik.http.routers.syncthing.rule=Host(`syncthing.bhasher.com`)" - "traefik.http.routers.syncthing.rule=Host(`syncthing.bhasher.com`)"

35
bxl-shp/config/idp/authelia.configuration.yaml
View File

@ -62,6 +62,19 @@ access_control:
policy: two_factor policy: two_factor
subject: subject:
- "group:admin" - "group:admin"
- domain: 'mealie.bhasher.com'
policy: one_factor
subject:
- "group:member"
methods:
- "GET"
- "HEAD"
- "POST"
- "PUT"
- "DELETE"
- "CONNECT"
- "OPTIONS"
- "TRACE"
- domain: '*.bhasher.com' - domain: '*.bhasher.com'
policy: one_factor policy: one_factor
subject: subject:
@ -125,6 +138,13 @@ telemetry:
identity_providers: identity_providers:
oidc: oidc:
enforce_pkce: public_clients_only enforce_pkce: public_clients_only
cors:
allowed_origins_from_client_redirect_uris: true
endpoints:
- 'authorization'
- 'token'
- 'revocation'
- 'introspection'
clients: clients:
- id: grafana - id: grafana
description: Grafana description: Grafana
@ -237,3 +257,18 @@ identity_providers:
- groups - groups
userinfo_signing_algorithm: none userinfo_signing_algorithm: none
- id: mealie
description: Mealie
public: true
authorization_policy: one_factor
redirect_uris:
- https://recipes.bhasher.com/login
- https://recipes.bhasher.com/login?direct=1
consent_mode: implicit
scopes:
- openid
- profile
- email
- groups
userinfo_signing_algorithm: none