From 8086799c7b38f26f9bd930fe17d7fde20d7c199e Mon Sep 17 00:00:00 2001
From: Anton Vakhrushev <anwinged@ya.ru>
Date: Wed, 13 Aug 2025 19:08:46 +0300
Subject: [PATCH] Dozzle: install version 8.13.8

---
 files/authelia/configuration.template.yml |  4 +++
 files/caddyproxy/Caddyfile.j2             | 11 ++++++++
 files/dozzle/docker-compose.yml.j2        | 23 +++++++++++++++
 playbook-dozzle.yml                       | 34 +++++++++++++++++++++++
 4 files changed, 72 insertions(+)
 create mode 100644 files/dozzle/docker-compose.yml.j2
 create mode 100644 playbook-dozzle.yml

diff --git a/files/authelia/configuration.template.yml b/files/authelia/configuration.template.yml
index 9ce47b7..8378f78 100644
--- a/files/authelia/configuration.template.yml
+++ b/files/authelia/configuration.template.yml
@@ -727,6 +727,10 @@ access_control:
       subject: 'group:admins'
       policy: 'one_factor'
 
+    - domain: 'dozzle.vakhrushev.me'
+      subject: 'group:admins'
+      policy: 'one_factor'
+
     - domain: 'rssbridge.vakhrushev.me'
       subject: 'group:admins'
       policy: 'one_factor'
diff --git a/files/caddyproxy/Caddyfile.j2 b/files/caddyproxy/Caddyfile.j2
index 9e0d1a9..f3d8118 100644
--- a/files/caddyproxy/Caddyfile.j2
+++ b/files/caddyproxy/Caddyfile.j2
@@ -91,3 +91,14 @@ rssbridge.vakhrushev.me {
 
     reverse_proxy rssbridge_app:80
 }
+
+dozzle.vakhrushev.me {
+    tls anwinged@ya.ru
+
+    forward_auth authelia_app:9091 {
+        uri /api/authz/forward-auth
+        copy_headers Remote-User Remote-Groups Remote-Email Remote-Name Remote-Filter
+    }
+
+    reverse_proxy dozzle_app:8080
+}
diff --git a/files/dozzle/docker-compose.yml.j2 b/files/dozzle/docker-compose.yml.j2
new file mode 100644
index 0000000..9a5cde4
--- /dev/null
+++ b/files/dozzle/docker-compose.yml.j2
@@ -0,0 +1,23 @@
+services:
+  
+  dozzle_app:
+    image: amir20/dozzle:v8.13.8
+    container_name: dozzle_app
+    restart: unless-stopped
+    volumes:
+      - "/var/run/docker.sock:/var/run/docker.sock"
+    networks:
+      - "web_proxy_network"
+    environment:
+      DOZZLE_HOSTNAME: dozzle.vakhrushev.me
+      DOZZLE_AUTH_PROVIDER: forward-proxy
+    healthcheck:
+      test: ["CMD", "/dozzle", "healthcheck"]
+      interval: 3s
+      timeout: 30s
+      retries: 5
+      start_period: 30s
+
+networks:
+  web_proxy_network:
+    external: true
diff --git a/playbook-dozzle.yml b/playbook-dozzle.yml
new file mode 100644
index 0000000..7d96079
--- /dev/null
+++ b/playbook-dozzle.yml
@@ -0,0 +1,34 @@
+---
+- name: "Configure dozzle application"
+  hosts: all
+
+  vars_files:
+    - vars/ports.yml
+    - vars/secrets.yml
+
+  vars:
+    app_name: "dozzle"
+    app_user: "{{ app_name }}"
+    base_dir: "/home/{{ app_user }}"
+
+  tasks:
+    - name: "Create user and environment"
+      ansible.builtin.import_role:
+        name: owner
+      vars:
+        owner_name: "{{ app_user }}"
+        owner_extra_groups: ["docker"]
+
+    - name: "Copy docker compose file"
+      ansible.builtin.template:
+        src: "./files/{{ app_name }}/docker-compose.yml.j2"
+        dest: "{{ base_dir }}/docker-compose.yml"
+        owner: "{{ app_user }}"
+        group: "{{ app_user }}"
+        mode: "0640"
+
+    - name: "Run application with docker compose"
+      community.docker.docker_compose_v2:
+        project_src: "{{ base_dir }}"
+        state: "present"
+        remove_orphans: true