security: blindaje de dashboard con doble factor (muro-seguro + auth) y alias de host

2026-01-06 20:14:49 +01:00
parent 36f44190a8
commit 2c3cfbf159
1 changed files with 11 additions and 6 deletions
--- a/traefik/dynamic/dashboard.yml
+++ b/traefik/dynamic/dashboard.yml
@@ -1,11 +1,16 @@
+# ################################################################# #
+# CONFIGURACIÓN DEL DASHBOARD DE TRAEFIK - ACCESO SEGURO            #
+# ################################################################# #
+
 http:
  routers:
-    api:
+    router-traefik-dash:
      rule: "Host(`traefik.ognir-server.synology.me`) || Host(`ognir-server.synology.me`)"
-      service: api@internal
-      middlewares:
-        - auth-dashboard@file
      entryPoints:
-        - websecure
+        - "websecure"
+      service: "api@internal"
+      middlewares:
+        - "muro-seguro@file"      # Control por IP (Whitelist)
+        - "auth-dashboard@file"   # Control por Usuario (Basic Auth)
      tls:
-        certResolver: letsencrypt
+        certResolver: "letsencrypt"