hcornet
92fd0f9d47
Some checks failed
Deployment Verification / deploy-and-test (push) Failing after 5m35s
159 lines
3.6 KiB
YAML
159 lines
3.6 KiB
YAML
## static configuration
|
|
|
|
global:
|
|
# Send anonymous usage data
|
|
sendAnonymousUsage: false
|
|
checkNewVersion: true
|
|
|
|
entryPoints:
|
|
# ftp:
|
|
# address: ":21"
|
|
ssh:
|
|
address: ":22"
|
|
# smtp:
|
|
# address: ":25"
|
|
# dns:
|
|
# address: ":53"
|
|
http:
|
|
address: ":80"
|
|
forwardedHeaders:
|
|
insecure: true
|
|
trustedIPs: &trustedIps
|
|
- 10.0.4.0/24
|
|
http:
|
|
# middlewares: # CHANGE MADE HERE (BOUNCER ENABLED) !!!
|
|
# - "crowdsec@file" # CHANGE MADE HERE (BOUNCER ENABLED) !!!
|
|
# - "cloudflarewarp@file" # CHANGE MADE HERE (BOUNCER ENABLED) !!!
|
|
redirections:
|
|
entryPoint:
|
|
to: https
|
|
scheme: https
|
|
# ssh:
|
|
# address: ":22"
|
|
# pop3:
|
|
# address: ":110"
|
|
# imap:
|
|
# address: ":143"
|
|
https:
|
|
address: ":443"
|
|
forwardedHeaders:
|
|
insecure: true
|
|
trustedIPs: &trustedIps
|
|
# http:
|
|
# middlewares:
|
|
# - crowdsec-bouncer@file
|
|
# - cloudflarewarp@file" # CHANGE MADE HERE (BOUNCER ENABLED) !!!
|
|
# - secureHeaders@file
|
|
# tls:
|
|
# certResolver: letsencrypt
|
|
# smtp-ssl:
|
|
# address: ":465"
|
|
# starttls:
|
|
# address: ":587"
|
|
# imap-ssl:
|
|
# address: ":993"
|
|
# pop3-ssl:
|
|
# address: ":995"
|
|
# openvpn:
|
|
# address: ":1194/udp"
|
|
# mysql:
|
|
# address: ":3306"
|
|
# elasticsearch:
|
|
# address: ":9200"
|
|
metrics:
|
|
address: ":8181"
|
|
|
|
serversTransport:
|
|
insecureSkipVerify: true
|
|
|
|
providers:
|
|
docker:
|
|
endpoint: "unix:///var/run/docker.sock"
|
|
exposedByDefault: false
|
|
watch: true
|
|
file:
|
|
directory: /etc/traefik/dynamic
|
|
watch: true
|
|
providersThrottleDuration: 10
|
|
|
|
certificatesResolvers:
|
|
staging:
|
|
acme:
|
|
email: admin@tips-of-mine.com
|
|
storage: /var/traefik/certs/acme.json
|
|
caServer: "https://acme-staging-v02.api.letsencrypt.org/directory"
|
|
keyType: EC256
|
|
dnsChallenge:
|
|
provider: staging
|
|
resolvers:
|
|
- "1.1.1.1:53"
|
|
- "1.0.0.1:53"
|
|
tlschallenge: true
|
|
# httpChallenge:
|
|
# entryPoint: http
|
|
production:
|
|
acme:
|
|
email: admin@tips-of-mine.com
|
|
storage: /var/traefik/certs/acme.json
|
|
caServer: "https://acme-v02.api.letsencrypt.org/directory"
|
|
keyType: EC256
|
|
dnsChallenge:
|
|
provider: production
|
|
resolvers:
|
|
- "1.1.1.1:53"
|
|
- "1.0.0.1:53"
|
|
tlschallenge: true
|
|
# httpchallenge:
|
|
# entrypoint: http
|
|
|
|
api:
|
|
insecure: true
|
|
dashboard: true
|
|
|
|
log:
|
|
level: DEBUG
|
|
filepath: "/var/log/traefik/traefik.log"
|
|
format: json
|
|
# default: "common"
|
|
|
|
accesslog:
|
|
filepath: "/var/log/traefik/access.log"
|
|
format: json
|
|
bufferingSize: 100
|
|
# format: common
|
|
|
|
# Ajout de la partie métrique qui concerne Prometheus
|
|
metrics:
|
|
prometheus:
|
|
# Nom du point d'entrée défini au dessus
|
|
entryPoint: metrics
|
|
# On configure la latence des métriques
|
|
buckets:
|
|
- 0.1
|
|
- 0.3
|
|
- 1.2
|
|
- 5.0
|
|
# Ajout des métriques sur les points d'entrée
|
|
addEntryPointsLabels: true
|
|
# Ajout des services
|
|
addServicesLabels: true
|
|
addRoutersLabels: true
|
|
|
|
experimental:
|
|
plugins:
|
|
crowdsec-bouncer-traefik-plugin:
|
|
moduleName: "github.com/maxlerebourg/crowdsec-bouncer-traefik-plugin"
|
|
version: "v1.3.3"
|
|
|
|
traefik-maintenance:
|
|
moduleName: "github.com/TRIMM/traefik-maintenance"
|
|
version: "v1.0.1"
|
|
|
|
fail2ban:
|
|
moduleName: "github.com/tomMoulard/fail2ban"
|
|
version: "v0.8.3"
|
|
|
|
sablier:
|
|
moduleName: "github.com/acouvreur/sablier"
|
|
version: "v1.8.0-beta.22"
|