Add traefik config

2020-02-02 21:10:29 +00:00
parent a42c1a4182
commit 035ff0ac24
5 changed files with 154 additions and 0 deletions
--- a/ansible/roles/docker/files/traefik/file-provider.yml
+++ b/ansible/roles/docker/files/traefik/file-provider.yml
@ -0,0 +1,42 @@
+http:
+  middlewares:
+    internal-only:
+      ipWhiteList:
+        sourceRange:
+          - "{{ wireguard.cidr }}"
+          - "192.168.1.0/24"
+    hsts:
+      redirectScheme:
+        scheme: https
+
+  routers:
+    hsts:
+      service: "ping@internal"
+      rule: "PathPrefix(`/`)"
+      entryPoints:
+        - web
+      middlewares:
+        - hsts
+    ping:
+      service: "ping@internal"
+      rule: "Host(`traefik.jakehoward.tech`) && Path(`/ping/`)"
+      middlewares:
+        - hsts
+      tls:
+        certResolver: le
+    dashboard:
+      service: "dashboard@internal"
+      rule: "Host(`traefik.jakehoward.tech`)"
+      middlewares:
+        - hsts
+        - internal-only
+      tls:
+        certResolver: le
+    api:
+      service: "api@internal"
+      rule: "Host(`traefik.jakehoward.tech`) && PathPrefix(`/api`)"
+      middlewares:
+        - hsts
+        - internal-only
+      tls:
+        certResolver: le