1f9292cc9a
Add drawio_extra_domains (list, default empty). The traefik Host rule on the drawio router now expands to Host(<canonical>) || Host(<extra>) ... so the same container can answer on additional FQDNs — e.g. an internal *.int.* name so a DMZ reverse-proxy can reach drawio via a backend hostname covered by the local traefik cert. Empty by default; behaviour unchanged for existing inventories.
31 lines
No EOL
1.1 KiB
YAML
31 lines
No EOL
1.1 KiB
YAML
#SPDX-License-Identifier: MIT-0
|
|
---
|
|
# defaults file for drawio
|
|
|
|
# Base directory configuration (inherited from base role or defined here)
|
|
docker_compose_base_dir: /etc/docker/compose
|
|
|
|
# Drawio-specific configuration
|
|
drawio_service_name: drawio
|
|
drawio_docker_compose_dir: "{{ docker_compose_base_dir }}/{{ drawio_service_name }}"
|
|
|
|
# Service configuration
|
|
drawio_domain: "drawio.local.test"
|
|
# Additional hostnames the same drawio container should answer on
|
|
# (e.g. an internal *.int.* FQDN so a DMZ reverseproxy can reach
|
|
# drawio via a backend hostname covered by the local traefik cert).
|
|
drawio_extra_domains: []
|
|
drawio_image: "jgraph/drawio:latest"
|
|
drawio_port: 8080
|
|
drawio_extra_hosts: []
|
|
|
|
# Traefik configuration
|
|
drawio_traefik_network: "proxy"
|
|
drawio_use_ssl: true
|
|
|
|
# Optional Authentik ForwardAuth (set to true and provide the URL to gate
|
|
# drawio behind an authentik proxy provider). Expects the authentik
|
|
# embedded outpost to expose the /outpost.goauthentik.io/auth/traefik
|
|
# endpoint on the configured URL (typically the public auth.* FQDN).
|
|
drawio_authentik_forward_auth: false
|
|
drawio_authentik_forward_auth_url: "" |