anubis support #72
12
.env.sample
12
.env.sample
@ -174,4 +174,14 @@ COMPOSE_FILE="compose.yml"
|
||||
|
||||
## Nextcloud Talk HPB
|
||||
#COMPOSE_FILE="$COMPOSE_FILE:compose.nextcloud-talk-hpb.yml"
|
||||
#NEXTCLOUD_TALK_HPB_ENABLED=1
|
||||
#NEXTCLOUD_TALK_HPB_ENABLED=1
|
||||
|
||||
## Anubis
|
||||
#COMPOSE_FILE="$COMPOSE_FILE:compose.anubis.yml"
|
||||
#ANUBIS_COOKIE_DOMAIN=example.com
|
||||
#ANUBIS_DOMAIN=anubis.example.com
|
||||
#ANUBIS_REDIRECT_DOMAINS=
|
||||
#ANUBIS_OG_PASSTHROUGH=true
|
||||
#ANUBIS_OG_EXPIRY_TIME=1h
|
||||
#ANUBIS_OG_CACHE_CONSIDER_HOST=true
|
||||
#ANUBIS_SERVE_ROBOTS_TXT=true
|
||||
|
||||
13
README.md
13
README.md
@ -55,4 +55,17 @@ Letsencrypt DNS challenges.
|
||||
Access Token, in which case use compose.gandi-personal-access-token.yml.
|
||||
6. Redeploy Traefik, using e.g. `abra app deploy YOURAPPDOMAIN -f`
|
||||
|
||||
## Blocking scrapers with [Anubis](https://anubis.techaro.lol/)
|
||||
|
||||
Uncomment the lines on the Anubis section of the configuration. Set
|
||||
a domain name for the cookies and a domain that will serve Anubis
|
||||
redirection service. Optionally and for [added
|
||||
security](https://anubis.techaro.lol/docs/admin/configuration/redirect-domains),
|
||||
set a list of the domain names for the apps that are going to be
|
||||
protected.
|
||||
|
||||
After deploying these changes, go to each recipe that supports Anubis
|
||||
and follow the process there. **Enabling Anubis here is not enough for
|
||||
protection your apps.**
|
||||
|
||||
[`abra`]: https://git.autonomic.zone/autonomic-cooperative/abra
|
||||
|
||||
29
compose.anubis.yml
Normal file
29
compose.anubis.yml
Normal file
@ -0,0 +1,29 @@
|
||||
---
|
||||
version: "3.8"
|
||||
services:
|
||||
app:
|
||||
deploy:
|
||||
labels:
|
||||
- "traefik.http.middlewares.anubis.forwardauth.address=http://anubis:8080/.within.website/x/cmd/anubis/api/check"
|
||||
anubis:
|
||||
image: "ghcr.io/techarohq/anubis:v1.24.0"
|
||||
environment:
|
||||
BIND: ":8080"
|
||||
TARGET: " "
|
||||
|
decentral1se marked this conversation as resolved
|
||||
REDIRECT_DOMAINS: "${ANUBIS_REDIRECT_DOMAINS}"
|
||||
COOKIE_DOMAIN: "${ANUBIS_COOKIE_DOMAIN}"
|
||||
PUBLIC_URL: "https://${ANUBIS_DOMAIN}"
|
||||
OG_PASSTHROUGH: "${ANUBIS_OG_PASSTHROUGH}"
|
||||
|
decentral1se marked this conversation as resolved
decentral1se
commented
Do env vars like Do env vars like `ANUBIS_OG_PASSTHROUGH` need to also be added to the `environment: ...` stanza or they are magically added in?
fauno
commented
not sure what you mean? i prefixed them not sure what you mean? i prefixed them `ANUBIS_` to keep them separate from traefik's
decentral1se
commented
@fauno ah, i mean: where does If it's not an issue, ignore me ☺️ @fauno ah, i mean: where does `ANUBIS_COOKIE_DOMAIN` come from? should it not be this?
```yaml
environment:
ANUBIS_COOKIE_DOMAIN:
COOKIE_DOMAIN: "${ANUBIS_COOKIE_DOMAIN}"
```
If it's not an issue, ignore me ☺️
fauno
commented
it comes from the .env file and it seems to be working it comes from the .env file and it seems to be working
|
||||
OG_EXPIRY_TIME: "${ANUBIS_OG_EXPIRY_TIME}"
|
||||
OG_CACHE_CONSIDER_HOST: "${ANUBIS_OG_CACHE_CONSIDER_HOST}"
|
||||
SERVE_ROBOTS_TXT: "${ANUBIS_SERVE_ROBOTS_TXT}"
|
||||
networks:
|
||||
- proxy
|
||||
deploy:
|
||||
labels:
|
||||
- "traefik.enable=true"
|
||||
- "traefik.http.routers.anubis.rule=Host(`${ANUBIS_DOMAIN}`)"
|
||||
- "traefik.http.routers.anubis.tls.certresolver=${LETS_ENCRYPT_ENV}"
|
||||
- "traefik.http.routers.anubis.entrypoints=web-secure"
|
||||
- "traefik.http.services.anubis.loadbalancer.server.port=8080"
|
||||
- "traefik.http.routers.anubis.service=anubis"
|
||||
Reference in New Issue
Block a user
Is
" "required or can this be skipped? Maybe worth a comment if it's needed.it's required by anubis but the docs don't explain why, just that a space means anubis is enabled with redirection mode