welsberr
/
VHostLoom
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Added portected site and directory examples

This commit is contained in:
Wesley R. Elsberry 2025-11-19 14:13:52 -05:00
parent 1634f2c4ae
commit 4580f9066a
2 changed files with 85 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

44
sites/protected-directory-of-site/docker-compose.yml Normal file
View File

@ -0,0 +1,44 @@
version: "3.9"
networks:
traefik_proxy:
external: true
services:
private_static:
image: nginx:alpine
container_name: private_static
restart: unless-stopped
networks:
- traefik_proxy
# Host-visible content
volumes:
- ./html:/usr/share/nginx/html:ro
labels:
- "traefik.enable=true"
# =========================
# HTTP → HTTPS redirect
# =========================
# Catch http://example.com/private[...] and redirect to https://
- "traefik.http.routers.private-http.rule=Host(`example.com`) && PathPrefix(`/private`)"
- "traefik.http.routers.private-http.entrypoints=web"
- "traefik.http.routers.private-http.middlewares=private-https-redirect"
- "traefik.http.middlewares.private-https-redirect.redirectscheme.scheme=https"
# =========================
# HTTPS router (protected)
# =========================
# Serve static files at https://example.com/private[...]
- "traefik.http.routers.private-https.rule=Host(`example.com`) && PathPrefix(`/private`)"
- "traefik.http.routers.private-https.entrypoints=websecure"
- "traefik.http.routers.private-https.tls.certresolver=letsencrypt"
# Optional: set higher priority if you have a general example.com router
- "traefik.http.routers.private-https.priority=20"
# Require Authelia auth before serving anything under /private
- "traefik.http.routers.private-https.middlewares=authelia-auth@file"

41
sites/protected-static-site/docker-compose.yml Normal file
View File

@ -0,0 +1,41 @@
version: "3.9"
networks:
traefik_proxy:
external: true
services:
protected_static:
image: nginx:alpine
container_name: protected_static
restart: unless-stopped
networks:
- traefik_proxy
# Bind-mounted static content stored natively on the host
volumes:
- ./html:/usr/share/nginx/html:ro
labels:
- "traefik.enable=true"
# --------------------------
# HTTP → HTTPS redirect
# --------------------------
- "traefik.http.routers.psite-http.rule=Host(`secure.example.com`)"
- "traefik.http.routers.psite-http.entrypoints=web"
- "traefik.http.routers.psite-http.middlewares=psite-https-redirect"
- "traefik.http.middlewares.psite-https-redirect.redirectscheme.scheme=https"
# --------------------------
# HTTPS router
# --------------------------
- "traefik.http.routers.psite-https.rule=Host(`secure.example.com`)"
- "traefik.http.routers.psite-https.entrypoints=websecure"
- "traefik.http.routers.psite-https.tls.certresolver=letsencrypt"
# --------------------------
# Authelia protection
# --------------------------
- "traefik.http.routers.psite-https.middlewares=authelia-auth@file"