othrayte/infra
1
0
Fork 0
Code Issues 1 Pull Requests 2 Actions Packages Projects Releases Wiki Activity

Resolve authelia via consul service mesh

Browse Source
This commit is contained in:
Adrian Cowan
2025-10-12 20:58:12 +11:00
parent e2562ce4b0
commit e6c6bb0c91
2 changed files with 23 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
2-nomad-config/authelia.nomad.hcl
View File

@@ -28,6 +28,10 @@ job "authelia" {
"traefik.enable=true", "traefik.enable=true",
] ]
connect {
sidecar_service {}
}
check { check {
type = "http" type = "http"
path = "/health" path = "/health"

25
2-nomad-config/traefik.nomad.hcl
View File

@@ -1,6 +1,7 @@
job "traefik" { job "traefik" {
group "traefik" { group "traefik" {
network { network {
mode = "bridge"
port "http" { port "http" {
static = 80 static = 80
} }
@@ -13,6 +14,18 @@ job "traefik" {
static = 8081 static = 8081
} }
} }
service {
connect {
sidecar_service {
proxy {
upstreams {
destination_name = "auth"
local_bind_port = 9091
}
}
}
}
}
service { service {
name = "traefik" name = "traefik"
@@ -45,8 +58,8 @@ job "traefik" {
driver = "docker" driver = "docker"
config { config {
image = "traefik:v3.3" image = "traefik:v3.3"
network_mode = "host" ports = ["http", "https", "api"]
volumes = [ volumes = [
"local/traefik.yml:/etc/traefik/traefik.yml", "local/traefik.yml:/etc/traefik/traefik.yml",
@@ -91,7 +104,7 @@ providers:
exposedByDefault: false exposedByDefault: false
defaultRule: {{"Host(`{{ .Name }}.othrayte.one`)"}} defaultRule: {{"Host(`{{ .Name }}.othrayte.one`)"}}
endpoint: endpoint:
address: "127.0.0.1:8500" address: "{{ env "NOMAD_HOST_IP_http" }}:8500"
scheme: "http" scheme: "http"
certificatesResolvers: certificatesResolvers:
@@ -112,7 +125,7 @@ http:
middlewares: middlewares:
auth: auth:
forwardAuth: forwardAuth:
address: "http://jaglan-beta-m21:9091/api/authz/forward-auth" address: "http://localhost:9091/api/authz/forward-auth"
trustForwardHeader: true trustForwardHeader: true
auth-allow-token: auth-allow-token:
chain: chain:
@@ -165,11 +178,11 @@ http:
nomad-ui: nomad-ui:
loadBalancer: loadBalancer:
servers: servers:
- url: "http://127.0.0.1:4646" - url: "http://{{ env "NOMAD_HOST_IP_http" }}:4646"
consul-ui: consul-ui:
loadBalancer: loadBalancer:
servers: servers:
- url: "http://127.0.0.1:8500" - url: "http://{{ env "NOMAD_HOST_IP_http" }}:8500"
unraid: unraid:
loadBalancer: loadBalancer:
servers: servers: