Migrate admin middleware to internal

This commit is contained in:
♥ Minnie ♥ 2024-07-08 22:08:39 +08:00
parent e3185359b1
commit a5100fe7fa
Signed by: jasmine
GPG key ID: 8563E358D4E8040E
7 changed files with 7 additions and 15 deletions

View file

@ -34,7 +34,7 @@ in
"websecure"
];
middlewares = [
"admin"
"internal"
];
service = "lidarr";
};

View file

@ -31,7 +31,7 @@ in
"websecure"
];
middlewares = [
"admin"
"internal"
];
service = "prowlarr";
};

View file

@ -34,7 +34,7 @@ in
"websecure"
];
middlewares = [
"admin"
"internal"
];
service = "qbittorrent";
};

View file

@ -33,7 +33,7 @@ in
"websecure"
];
middlewares = [
"admin"
"internal"
];
service = "radarr";
};

View file

@ -34,7 +34,7 @@ in
"websecure"
];
middlewares = [
"admin"
"internal"
];
service = "sonarr";
};

View file

@ -41,7 +41,7 @@
"websecure"
];
middlewares = [
"admin"
"internal"
];
service = "grafana";
};

View file

@ -10,18 +10,10 @@
# Attached to the routers, pieces of middleware are a means of tweaking the requests before they are sent to your service
services.traefik.dynamicConfigOptions.http.middlewares = {
# Restrict access to admin devices only
admin.ipwhitelist.sourcerange = [
"127.0.0.1/32" # localhost
"192.168.1.101" # fuchsia
"10.100.0.2" # Pixel 6 Pro
];
# Restrict access to internal networks
internal.ipwhitelist.sourcerange = [
"127.0.0.1/32" # localhost
"192.168.1.1/24" # lan
"10.100.0.0/24" # wireguard clients
"192.168.20.1/24" # lan
];
# Restrict access based on geo-location