othrayte/infra
1
0
Fork 0
Code Issues 1 Pull Requests 2 Actions Packages Projects Releases Wiki Activity

Resolve authelia via consul service mesh

Browse Source
This commit is contained in:
Adrian Cowan
2025-10-12 20:58:12 +11:00
parent e2562ce4b0
commit e6c6bb0c91
2 changed files with 23 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
2-nomad-config/authelia.nomad.hcl
View File

@@ -28,6 +28,10 @@ job "authelia" {
"traefik.enable=true",
]
connect {
sidecar_service {}
}
check {
type = "http"
path = "/health"

25
2-nomad-config/traefik.nomad.hcl
View File

@@ -1,6 +1,7 @@
job "traefik" {
group "traefik" {
network {
mode = "bridge"
port "http" {
static = 80
}
@@ -13,6 +14,18 @@ job "traefik" {
static = 8081
}
}
service {
connect {
sidecar_service {
proxy {
upstreams {
destination_name = "auth"
local_bind_port = 9091
}
}
}
}
}
service {
name = "traefik"
@@ -45,8 +58,8 @@ job "traefik" {
driver = "docker"
config {
image = "traefik:v3.3"
network_mode = "host"
image = "traefik:v3.3"
ports = ["http", "https", "api"]
volumes = [
"local/traefik.yml:/etc/traefik/traefik.yml",
@@ -91,7 +104,7 @@ providers:
exposedByDefault: false
defaultRule: {{"Host(`{{ .Name }}.othrayte.one`)"}}
endpoint:
address: "127.0.0.1:8500"
address: "{{ env "NOMAD_HOST_IP_http" }}:8500"
scheme: "http"
certificatesResolvers:
@@ -112,7 +125,7 @@ http:
middlewares:
auth:
forwardAuth:
address: "http://jaglan-beta-m21:9091/api/authz/forward-auth"
address: "http://localhost:9091/api/authz/forward-auth"
trustForwardHeader: true
auth-allow-token:
chain:
@@ -165,11 +178,11 @@ http:
nomad-ui:
loadBalancer:
servers:
- url: "http://127.0.0.1:4646"
- url: "http://{{ env "NOMAD_HOST_IP_http" }}:4646"
consul-ui:
loadBalancer:
servers:
- url: "http://127.0.0.1:8500"
- url: "http://{{ env "NOMAD_HOST_IP_http" }}:8500"
unraid:
loadBalancer:
servers: