Switch Frigate image to custom built image with simple user access controls based on username

Add code-server docker config
code-server docker is actually not used at this time
2025-01-22 18:24:12 -08:00 · 2025-01-22 18:23:30 -08:00 · 2025-01-22 18:22:43 -08:00 · 2025-01-22 18:21:59 -08:00
5 changed files with 45 additions and 3 deletions
--- a/authelia/config/authelia/configuration.yml
+++ b/authelia/config/authelia/configuration.yml
@@ -6,7 +6,19 @@ server:
 # Security https://www.authelia.com/configuration/security/access-control/
 access_control:
  networks:
  - name: 'internal'
    networks:
    - '192.168.1.0/24'
    - '172.16.0.0/12'
  rules:
  - domain: 'gitea.tremendousturtle.tools'
    policy: bypass
    networks:
    - 'internal'
    resources:
    - '^/api([/?].*)?$'
    - '^/v2([/?].*)?$'
  - domain: '*.tremendousturtle.tools'
    policy: two_factor
--- a/caddy/config/Caddyfile
+++ b/caddy/config/Caddyfile
@@ -144,7 +144,7 @@ import ttt-app-local cockpit 9090
 #import ttt-app frigate 8971
 import ttt-app overseerr 5055
 import ttt-app openobserve 5080
-import ttt-app gitea 3000
+#import ttt-app gitea 3000
 #import ttt-app homepage 3000
 import ttt-app requestrr 4545
@@ -161,3 +161,4 @@ import redirect home homepage
 import authentik frigate
 import authentik code
 import authentik gitea
--- a/code-server/docker-compose.yml
+++ b/code-server/docker-compose.yml
@@ -0,0 +1,25 @@
 name: code-server
 services:
  app:
    environment:
      DOCKER_USER: chris
    image: codercom/code-server:latest
    networks:
      - proxy-net
    ports:
      - "8020:8080"
    expose:
      - "8020"
      - "8080"
    restart: unless-stopped
    user: "1000:1000"
    volumes:
      - /home/chris/.local:/home/coder/.local
      - /home/chris/.config:/home/coder/.config
      - /docker:/docker
      - /code:/code
      - /home/chris:/home/coder/chris-home
 networks:
  proxy-net:
    external: true
--- a/frigate/docker-compose.yml
+++ b/frigate/docker-compose.yml
@@ -2,7 +2,8 @@ name: frigate
 services:
  app:
    restart: unless-stopped
-    image: ghcr.io/blakeblackshear/frigate:stable
+    #image: ghcr.io/blakeblackshear/frigate:stable
    image: gitea.tremendousturtle.tools/chris/frigate:v0.14.1-web-admin-088ff992
    shm_size: "250mb"
    devices:
      - /dev/apex_0:/dev/apex_0 # Passes a PCIe Coral
@@ -20,7 +21,7 @@ services:
    networks:
      - proxy-net
    ports:
-      - "8971:8971"
+      # - "8971:8971"
      - "8554:8554" # RTSP feeds
      - "8555:8555/tcp" # WebRTC over tcp
      - "8555:8555/udp" # WebRTC over udp
--- a/gitea/docker-compose.yml
+++ b/gitea/docker-compose.yml
@@ -17,6 +17,9 @@ services:
      GITEA__database__USER: ${GITEA_DB_USER}
      GITEA__database__PASSWD__FILE: /run/secrets/postgres_pass
      GITEA__server__SSH_AUTHORIZED_KEYS_COMMAND_TEMPLATE: gitea --config={{.CustomConf}} serv key-{{.Key.ID}}
      GITEA__service__ENABLE_REVERSE_PROXY_AUTHENTICATION: true
      GITEA__service__ENABLE_REVERSE_PROXY_AUTO_REGISTRATION: true
      GITEA__service__ENABLE_REVERSE_PROXY_EMAIL: true
    restart: unless-stopped
    networks:
      - gitea
Author	SHA1	Message	Date
Chris King	e951edffaf	Switch Frigate image to custom built image with simple user access controls based on username	2025-01-22 18:24:12 -08:00
Chris King	2e67562d95	Add code-server docker config code-server docker is actually not used at this time	2025-01-22 18:23:30 -08:00
Chris King	78688d8bf5	Move gitea to Authentik Enable reverse proxy authentication via headers for Gitea	2025-01-22 18:22:43 -08:00
Chris King	97a97f5028	Add bypass rules to Authelia access control for gitea API	2025-01-22 18:21:59 -08:00