hcornet
92fd0f9d47
Some checks failed
Deployment Verification / deploy-and-test (push) Failing after 5m35s
106 lines
4.2 KiB
YAML
106 lines
4.2 KiB
YAML
http:
|
|
middlewares:
|
|
redirect-to-https:
|
|
redirectScheme:
|
|
scheme: https
|
|
permanent: true
|
|
hsts-minimal:
|
|
headers:
|
|
stsSeconds: 31536000
|
|
stsIncludeSubdomains: false
|
|
stsPreload: false
|
|
forceSTSHeader: true
|
|
hsts-standard:
|
|
headers:
|
|
stsSeconds: 31536000
|
|
stsIncludeSubdomains: true
|
|
stsPreload: false
|
|
forceSTSHeader: true
|
|
hsts-full:
|
|
headers:
|
|
stsSeconds: 31536000
|
|
stsIncludeSubdomains: true
|
|
stsPreload: true
|
|
forceSTSHeader: true
|
|
|
|
# Redirect non-www URLs to their www equivalent
|
|
# Use with traefik.http.routers.myRouter.middlewares: "redirect-non-www-to-www@file"
|
|
# Source: https://www.benjaminrancourt.ca/how-to-redirect-from-non-www-to-www-with-traefik/
|
|
redirect-non-www-to-www:
|
|
# Redirect a request from an url to another with regex matching and replacement
|
|
redirectregex:
|
|
# Apply a permanent redirection (HTTP 301)
|
|
permanent: true
|
|
# The regular expression to match and capture elements from the request URL
|
|
regex: "^https?://(?:www\\.)?(.+)"
|
|
# How to modify the URL to have the new target URL
|
|
replacement: "https://www.${1}"
|
|
|
|
# Redirect www URLs to their non-www equivalent
|
|
# Use with traefik.http.routers.myRouter.middlewares: "redirect-www-to-non-www@file"
|
|
# Source: https://www.benjaminrancourt.ca/how-to-redirect-from-non-www-to-www-with-traefik/
|
|
redirect-www-to-non-www:
|
|
# Redirect a request from an url to another with regex matching and replacement
|
|
redirectregex:
|
|
# Apply a permanent redirection (HTTP 301)
|
|
permanent: true
|
|
# The regular expression to match and capture elements from the request URL
|
|
regex: "^https?://www\\.(.+)"
|
|
# How to modify the URL to have the new target URL
|
|
replacement: "https://${1}"
|
|
|
|
# default-headers:
|
|
# headers:
|
|
# frameDeny: true
|
|
# browserXssFilter: true
|
|
# contentTypeNosniff: true
|
|
# forceSTSHeader: true
|
|
# stsIncludeSubdomains: true
|
|
# stsPreload: true
|
|
# stsSeconds: 15552000
|
|
# customFrameOptionsValue: SAMEORIGIN
|
|
# customRequestHeaders:
|
|
# X-Forwarded-Proto: https
|
|
|
|
# crowdsec:
|
|
# plugin:
|
|
# bouncer:
|
|
# enabled: true
|
|
# logLevel: INFO
|
|
# updateIntervalSeconds: 15
|
|
# updateMaxFailure: 0
|
|
# defaultDecisionSeconds: 15
|
|
# httpTimeoutSeconds: 10
|
|
# crowdsecMode: stream
|
|
# crowdsecAppsecEnabled: true
|
|
# crowdsecAppsecHost: crowdsec:7422
|
|
# crowdsecAppsecFailureBlock: true
|
|
# crowdsecAppsecUnreachableBlock: true
|
|
# crowdsecLapiKey: #####REPLACE_API_KEY##### # Replace CrowdSec API key (docker exec crowdsec cscli bouncers add crowdsecBouncer)
|
|
# crowdsecLapiKeyFile: /etc/traefik/cs-privateKey-foo
|
|
# crowdsecLapiHost: crowdsec:8080
|
|
# crowdsecLapiScheme: http
|
|
# forwardedHeadersTrustedIPs:
|
|
# - 10.0.35.4/32 # Cloudflare tunnel IP address
|
|
# - 172.30.0.0/24 # Reverse Proxy IP address
|
|
# clientTrustedIPs:
|
|
# - 10.0.1.0/24 # Internal LAN IP addresses
|
|
# - 10.0.2.0/24 # Internal LAN IP addresses
|
|
# - 10.0.3.0/24 # Internal LAN IP addresses
|
|
# - 10.0.4.0/24 # Internal LAN IP addresses
|
|
# - 10.0.5.0/24 # Internal LAN IP addresses
|
|
# forwardedHeadersCustomName: CF-Connecting-IP # Cloudflare IP address header
|
|
|
|
# default-whitelist:
|
|
# ipWhiteList:
|
|
# sourceRange:
|
|
# - "10.0.4.0/24"
|
|
# - "192.168.0.0/16"
|
|
# - "172.16.0.0/12"
|
|
|
|
# secured:
|
|
# chain:
|
|
# middlewares:
|
|
# - default-whitelist
|
|
# - default-headers
|