Sebastian Krüger
9cf0d160b4
Added authentication and scale-to-zero capabilities to VERT file converter service: **Authentication**: - Added HTTP Basic Auth middleware using VERT_AUTH_USERS - Auth middleware applied to web-secure router - Credentials configured via .env file (htpasswd format) **Sablier Scale-to-Zero**: - Added sablier.enable and sablier.group labels - Created proxy/dynamic/vert-sablier.yaml with Sablier middleware config - 1-hour session duration before automatic scale-down - Ghost theme with custom display name - Middleware chain: sablier-vert@file → auth → compress **Configuration Updates**: - Added VERT_SABLIER_ENABLED to arty.yml (default: true) - Updated CLAUDE.md with auth and Sablier documentation - Middleware order ensures Sablier wakes container before auth check Infrastructure: - Follows same pattern as Scrapy service for auth - Dynamic Traefik configuration for Sablier plugin - Container name: vert_app (referenced in Sablier config) 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>
34 lines
1.8 KiB
YAML
34 lines
1.8 KiB
YAML
services:
|
|
vert:
|
|
image: ${VERT_IMAGE:-ghcr.io/vert-sh/vert:latest}
|
|
container_name: ${VERT_COMPOSE_PROJECT_NAME}_app
|
|
restart: unless-stopped
|
|
environment:
|
|
PUB_HOSTNAME: ${VERT_TRAEFIK_HOST}
|
|
PUB_ENV: production
|
|
PUB_DISABLE_ALL_EXTERNAL_REQUESTS: true
|
|
networks:
|
|
- compose_network
|
|
labels:
|
|
- 'traefik.enable=${VERT_TRAEFIK_ENABLED}'
|
|
- 'traefik.http.middlewares.${VERT_COMPOSE_PROJECT_NAME}-redirect-web-secure.redirectscheme.scheme=https'
|
|
- 'traefik.http.routers.${VERT_COMPOSE_PROJECT_NAME}-web.middlewares=${VERT_COMPOSE_PROJECT_NAME}-redirect-web-secure'
|
|
- 'traefik.http.routers.${VERT_COMPOSE_PROJECT_NAME}-web.rule=Host(`${VERT_TRAEFIK_HOST}`)'
|
|
- 'traefik.http.routers.${VERT_COMPOSE_PROJECT_NAME}-web.entrypoints=web'
|
|
- 'traefik.http.routers.${VERT_COMPOSE_PROJECT_NAME}-web-secure.rule=Host(`${VERT_TRAEFIK_HOST}`)'
|
|
- 'traefik.http.routers.${VERT_COMPOSE_PROJECT_NAME}-web-secure.tls.certresolver=resolver'
|
|
- 'traefik.http.routers.${VERT_COMPOSE_PROJECT_NAME}-web-secure.entrypoints=web-secure'
|
|
- 'traefik.http.middlewares.${VERT_COMPOSE_PROJECT_NAME}-auth.basicauth.users=${VERT_AUTH_USERS}'
|
|
- 'traefik.http.middlewares.${VERT_COMPOSE_PROJECT_NAME}-web-secure-compress.compress=true'
|
|
- 'traefik.http.routers.${VERT_COMPOSE_PROJECT_NAME}-web-secure.middlewares=sablier-vert@file,${VERT_COMPOSE_PROJECT_NAME}-auth,${VERT_COMPOSE_PROJECT_NAME}-web-secure-compress'
|
|
- 'traefik.http.services.${VERT_COMPOSE_PROJECT_NAME}-web-secure.loadbalancer.server.port=80'
|
|
- 'traefik.docker.network=${NETWORK_NAME}'
|
|
- 'sablier.enable=${VERT_SABLIER_ENABLED}'
|
|
- 'sablier.group=${VERT_COMPOSE_PROJECT_NAME}'
|
|
- 'com.centurylinklabs.watchtower.enable=${WATCHTOWER_LABEL_ENABLE}'
|
|
|
|
networks:
|
|
compose_network:
|
|
name: ${NETWORK_NAME}
|
|
external: true
|