authelia: secure portainer, keycloak, allow local

This commit is contained in:
Lukáš Kucharczyk 2021-06-21 11:32:24 +02:00
parent 11c96fe48d
commit 57c7b06f03
No known key found for this signature in database
GPG Key ID: 65524498C0196B64
1 changed files with 8 additions and 0 deletions

View File

@ -26,11 +26,19 @@ authentication_backend:
password: {{ vault_openldap_admin_password }} password: {{ vault_openldap_admin_password }}
access_control: access_control:
default_policy: deny default_policy: deny
networks:
- name: local
networks:
- 192.168.0.0/24
rules: rules:
- domain: "*.{{ base_domain }}" - domain: "*.{{ base_domain }}"
networks:
- local
policy: bypass policy: bypass
- domain: portainer.{{ base_domain }} - domain: portainer.{{ base_domain }}
policy: one_factor policy: one_factor
- domain: keycloak.{{ base_domain }}
policy: one_factor
session: session:
name: authelia_session name: authelia_session
secret: somerandomsecret secret: somerandomsecret