From c683739fa71e1bd652b2db4229e1d006ee738afa Mon Sep 17 00:00:00 2001
From: LRVT <21357789+l4rm4nd@users.noreply.github.com>
Date: Fri, 17 Nov 2023 13:47:51 +0100
Subject: [PATCH] Update docker-compose.yml

add traefil labels to protect /metrics endpoint
---
 examples/hedgedoc/docker-compose.yml | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/examples/hedgedoc/docker-compose.yml b/examples/hedgedoc/docker-compose.yml
index e72f97f..1623232 100644
--- a/examples/hedgedoc/docker-compose.yml
+++ b/examples/hedgedoc/docker-compose.yml
@@ -41,8 +41,14 @@ services:
     #  - traefik.enable=true
     #  - traefik.docker.network=proxy
     #  - traefik.http.routers.hedgedoc.rule=Host(`collab.example.com`)
+    #  - traefik.http.routers.hedgedoc.service=hedgedoc
     #  - traefik.http.services.hedgedoc.loadbalancer.server.port=3000
     #  - traefik.http.routers.hedgedoc.middlewares=local-ipwhitelist@file
+    #  # prevent unauthorized access to the /metrics endpoint
+    #  - traefik.http.routers.hedgedoc-metrics.rule=Host(`collab.example.com`) && PathPrefix(`/metrics`)
+    #  - traefik.http.routers.hedgedoc-metrics.service=hedgedoc
+    #  - traefik.http.services.hedgedoc-metrics.loadbalancer.server.port=3000
+    #  - traefik.http.routers.hedgedoc-metrics.middlewares=local-ipwhitelist@file    
 
 #networks:
 #  proxy: