version: '3.4'

services:
  traefik:
    image: traefik:v2.10.4
    container_name: traefik
    networks:
      - catalog
    command:
      - "--api.insecure=true"
      - "--providers.docker=true"
      - "--providers.docker.exposedbydefault=false"
      - "--entrypoints.web.address=:80"
      - "--log.level=DEBUG"
    ports:
      - "8080:80"   
      - "8082:8080"    
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock
  whoami: # TEST PURPOSE
        image: traefik/whoami
        container_name: whoami
        networks:
        - catalog
        ports:
        - "5000:80"
        labels:
        - "traefik.enable=true"
        - "traefik.http.routers.whoami.entrypoints=web"
        - "traefik.http.routers.whoami.rule=Host(`localhost`)"
        - "traefik.routers.whoami.rule=Path(/whoami)"
        - "traefik.http.routers.whoami.tls=false"
        - "traefik.http.services.whoami.loadbalancer.server.port=80"
        - "traefik.http.routers.whoami.middlewares=auth"
  oc-auth:
    image: 'oc-auth:latest'
    ports:
      - 8094:8080
    container_name: oc-auth
    labels:
      - "traefik.enable=true"
      - "traefik.http.middlewares.auth.forwardauth.address=http://oc-auth:8080/oc/forward"
      - "traefik.http.middlewares.auth.forwardauth.authResponseHeaders=X-Forwarded-User"
      - "traefik.http.services.auth.loadbalancer.server.port=8080"
    environment:
          LDAP_ENDPOINTS: ldap:389
          LDAP_BINDDN: cn=admin,dc=example,dc=com
          LDAP_BINDPW: password
          LDAP_BASEDN: "dc=example,dc=com"
          LDAP_ROLE_BASEDN: "ou=AppRoles,dc=example,dc=com"
    networks: 
      - catalog
    volumes:
      - ./pem:/etc/oc/pem
networks: 
  catalog:
    external: true