Will start by saying that I’m an enthusiast, not an expert.
After following the instructions on the ‘Zero Trust Hosting and Reverse Proxy via Cloudflare, SWAG and Authelia’ blog, I have successfully published multiple services with SSO.
My root domain is not reachable, and I cannot figure out how to configure it so that it is.
How do I configure a tunnel so that my root domain is accessible and, preferably, proxied?
docker-compose.yml:
---
services:
swag:
image: lscr.io/linuxserver/swag:latest
container_name: swag
cap_add:
- NET_ADMIN
environment:
- PUID=1000
- PGID=1000
- URL=mydomain.dev
- VALIDATION=dns
- SUBDOMAINS=wildcard
- DNSPLUGIN=cloudflare
- ONLY_SUBDOMAINS=false
- DOCKER_MODS=linuxserver/mods:swag-auto-proxy|linuxserver/mods:universal-docker|linuxserver/mods:universal-cloudflared|linuxserver/mods:swag-dashboard
- DOCKER_HOST=dockerproxy
- CF_ZONE_ID=abc123
- CF_ACCOUNT_ID=abc123
- CF_API_TOKEN=abc123
- CF_TUNNEL_NAME=mydomain.dev-swag
- CF_TUNNEL_PASSWORD=abc123
- FILE__CF_TUNNEL_CONFIG=/config/tunnelconfig.yml
extra_hosts:
- mydomain.dev:127.0.0.1
volumes:
- ./config:/config
ports:
- 443:443
- 8080:80 #optional
networks:
- homelab
restart: unless-stopped
dockerproxy:
image: ghcr.io/tecnativa/docker-socket-proxy
container_name: dockerproxy
volumes:
- /var/run/docker.sock:/var/run/docker.sock:ro
environment:
- CONTAINERS=1
- POST=0
restart: unless-stopped
networks:
homelab:
external: true
tunnelconfig.yml
ingress:
- hostname: mydomain.dev
service: https://mydomain.dev
- hostname: "*.mydomain.dev"
service: https://mydomain.dev
- service: http_status:404