authelia: secure portainer, keycloak, allow local
This commit is contained in:
parent
11c96fe48d
commit
57c7b06f03
|
@ -26,11 +26,19 @@ authentication_backend:
|
||||||
password: {{ vault_openldap_admin_password }}
|
password: {{ vault_openldap_admin_password }}
|
||||||
access_control:
|
access_control:
|
||||||
default_policy: deny
|
default_policy: deny
|
||||||
|
networks:
|
||||||
|
- name: local
|
||||||
|
networks:
|
||||||
|
- 192.168.0.0/24
|
||||||
rules:
|
rules:
|
||||||
- domain: "*.{{ base_domain }}"
|
- domain: "*.{{ base_domain }}"
|
||||||
|
networks:
|
||||||
|
- local
|
||||||
policy: bypass
|
policy: bypass
|
||||||
- domain: portainer.{{ base_domain }}
|
- domain: portainer.{{ base_domain }}
|
||||||
policy: one_factor
|
policy: one_factor
|
||||||
|
- domain: keycloak.{{ base_domain }}
|
||||||
|
policy: one_factor
|
||||||
session:
|
session:
|
||||||
name: authelia_session
|
name: authelia_session
|
||||||
secret: somerandomsecret
|
secret: somerandomsecret
|
||||||
|
|
Loading…
Reference in New Issue