From 664363ae60267513fa2d7b39ff360951b09db9b8 Mon Sep 17 00:00:00 2001 From: karmacoma Date: Tue, 25 Nov 2025 22:02:03 +0000 Subject: [PATCH] added complete router Signed-off-by: karmacoma --- downloader.docker-compose.yml | 26 +++++++++++++++++++++++++- 1 file changed, 25 insertions(+), 1 deletion(-) diff --git a/downloader.docker-compose.yml b/downloader.docker-compose.yml index 8088b48..644cedf 100644 --- a/downloader.docker-compose.yml +++ b/downloader.docker-compose.yml @@ -38,7 +38,31 @@ services: networks: - array labels: - - "traefik.http.routers.gluetun.middlewares=authentik-auth@file" + - "traefik.enable=true" + # Define a custom service pointing to port 8080 (qBittorrent WebUI) + - "traefik.http.services.gluetun-svc.loadbalancer.server.port=8080" + + # --- SECURE ROUTER (HTTPS) --- + # 1. Match the domain + - "traefik.http.routers.gluetun-secure.rule=Host(`qbittorrent.karmacoma.dev`)" + # 2. Use HTTPS entrypoint + - "traefik.http.routers.gluetun-secure.entrypoints=https" + # 3. Enable TLS (SSL) using LetsEncrypt + - "traefik.http.routers.gluetun-secure.tls=true" + - "traefik.http.routers.gluetun-secure.tls.certresolver=letsencrypt" + # 4. Apply the Authentik Middleware (Check the name matches your dynamic config) + - "traefik.http.routers.gluetun-secure.middlewares=authentik-auth@file" + # 5. Point to the service we defined above + - "traefik.http.routers.gluetun-secure.service=gluetun-svc" + # 6. PRIORITY: This is the fix. Higher number wins over Coolify defaults. + - "traefik.http.routers.gluetun-secure.priority=100" + + # --- OPTIONAL: HTTP REDIRECT (Standard Coolify behavior) --- + - "traefik.http.routers.gluetun-http.rule=Host(`qbittorrent.karmacoma.dev`)" + - "traefik.http.routers.gluetun-http.entrypoints=http" + - "traefik.http.routers.gluetun-http.middlewares=redirect-to-https" + - "traefik.http.routers.gluetun-http.priority=100" + - "traefik.http.middlewares.redirect-to-https.redirectscheme.scheme=https" networks: array: external: true \ No newline at end of file