From 1ea1baa57c3809111174a2f64a63f8039b9d7060 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Manuel=20Forc=C3=A9n=20Mu=C3=B1oz?= <manuforcen@gmail.com>
Date: Sat, 19 Oct 2024 19:12:11 +0200
Subject: [PATCH] Added traefik router labels

---
 templates/compose.yml | 19 +++++++++++++++++--
 1 file changed, 17 insertions(+), 2 deletions(-)

diff --git a/templates/compose.yml b/templates/compose.yml
index 3fd1a37..5e7a9b9 100644
--- a/templates/compose.yml
+++ b/templates/compose.yml
@@ -1,6 +1,5 @@
 services:
   database:
-
     image: postgres:17
     container_name: infra-db
     restart: unless-stopped
@@ -43,6 +42,14 @@ services:
       KC_HTTPS_PORT: 443
     depends_on:
       - database
+    labels:
+      - traefik.enable=true
+      - traefik.tcp.routers.keycloak.rule=HostSNI(`sso.mforcen.dev`)
+      - traefik.tcp.routers.keycloak.entrypoints=websecure
+      - traefik.tcp.routers.keycloak.service=keycloak
+      - traefik.tcp.routers.keycloak.tls=true
+      - traefik.tcp.routers.keycloak.tls.passthrough=true
+      - traefik.tcp.services.keycloak.loadbalancer.server.port=443
       
   grafana:
     container_name: infra-grafana
@@ -73,7 +80,7 @@ services:
       GF_SERVER_PORT: 443
       GF_SERVER_DOMAIN: grafana.mforcen.dev
       GF_SERVER_CERT_FILE: /ssl/grafana.mforcen.dev.fullchain.pem
-      GF_SERVER_KEY_FILE: /ssl/grafana.mforcen.dev.key
+      GF_SERVER_CERT_KEY: /ssl/grafana.mforcen.dev.key
       GF_AUTH_GENERIC_OAUTH_NAME: SSO
       GF_AUTH_GENERIC_OAUTH_ENABLED: true
       GF_AUTH_GENERIC_OAUTH_CLIENT_ID: grafana
@@ -85,6 +92,14 @@ services:
       GF_AUTH_GENERIC_OAUTH_AUTH_URL: https://sso.mforcen.dev/realms/infra/protocol/openid-connect/auth
       GF_AUTH_GENERIC_OAUTH_TOKEN_URL: https://sso.mforcen.dev/realms/infra/protocol/openid-connect/token
       GF_AUTH_GENERIC_OAUTH_API_URL: https://sso.mforcen.dev/realms/infra/protocol/openid-connect/userinfo
+    labels:
+      - traefik.enable=true
+      - traefik.tcp.routers.grafana.rule=HostSNI(`grafana.mforcen.dev`)
+      - traefik.tcp.routers.grafana.entrypoints=websecure
+      - traefik.tcp.routers.grafana.service=grafana
+      - traefik.tcp.routers.grafana.tls=true
+      - traefik.tcp.routers.grafana.tls.passthrough=true
+      - traefik.tcp.services.grafana.loadbalancer.server.port=443
 
 volumes:
   psql-data: