2017-11-26 11:23:34 +00:00
|
|
|
defaultEntryPoints = ["http", "https"]
|
2018-03-02 09:00:40 +00:00
|
|
|
sendAnonymousUsage = true
|
2018-04-19 15:10:52 +00:00
|
|
|
checkNewVersion = false
|
|
|
|
|
|
|
|
[traefikLog]
|
|
|
|
[accessLog]
|
2018-03-02 09:00:40 +00:00
|
|
|
|
2017-11-26 11:23:34 +00:00
|
|
|
[entryPoints]
|
|
|
|
[entryPoints.https]
|
|
|
|
address = ":443"
|
|
|
|
# This is required for ACME support
|
|
|
|
[entryPoints.https.tls]
|
2017-12-25 12:28:13 +00:00
|
|
|
[[entryPoints.https.tls.certificates]]
|
|
|
|
certFile = "/etc/traefik/git.captnemo.in.crt"
|
|
|
|
keyFile = "/etc/traefik/git.captnemo.in.key"
|
2018-01-29 20:09:36 +00:00
|
|
|
[[entryPoints.https.tls.certificates]]
|
|
|
|
certFile = "/etc/traefik/rss.captnemo.in.crt"
|
|
|
|
keyFile = "/etc/traefik/rss.captnemo.in.key"
|
2022-12-26 07:18:34 +00:00
|
|
|
[[entryPoints.https.tls.certificates]]
|
|
|
|
certFile = "/etc/traefik/tatooine.club.crt"
|
|
|
|
keyFile = "/etc/traefik/tatooine.club.key"
|
2017-11-26 11:23:34 +00:00
|
|
|
|
2017-11-29 21:15:38 +00:00
|
|
|
[docker]
|
2017-12-03 17:56:11 +00:00
|
|
|
# Make sure you mount this as readonly
|
2021-02-02 08:37:15 +00:00
|
|
|
# NOTE: readonly doesn't reduce the risk because
|
|
|
|
# it is a unix socket - it doesn't automatically translate
|
|
|
|
# read|write perms to GET/POST requests.
|
2017-11-29 21:15:38 +00:00
|
|
|
endpoint = "unix:///var/run/docker.sock"
|
|
|
|
domain = "bb8.fun"
|
|
|
|
watch = true
|
2018-05-05 20:15:12 +00:00
|
|
|
exposedbydefault = false
|
2017-11-29 21:15:38 +00:00
|
|
|
|
2017-11-26 11:23:34 +00:00
|
|
|
[file]
|
|
|
|
[backends]
|
|
|
|
|
2017-11-26 20:16:49 +00:00
|
|
|
# This is currently not exposed
|
|
|
|
# Since I can't apply a authentication
|
|
|
|
# on this yet
|
2018-02-03 07:36:06 +00:00
|
|
|
|
2017-11-04 21:27:00 +00:00
|
|
|
[web]
|
2017-11-26 11:23:34 +00:00
|
|
|
address = ":1111"
|
|
|
|
readOnly = true
|
|
|
|
|
2018-02-09 20:56:31 +00:00
|
|
|
# To enable Traefik to export internal metrics to Prometheus
|
|
|
|
[web.metrics.prometheus]
|
|
|
|
|
2017-11-26 11:23:34 +00:00
|
|
|
[acme]
|
|
|
|
email = "acme@captnemo.in"
|
|
|
|
storage = "/acme/acme.json"
|
|
|
|
entryPoint = "https"
|
2018-02-03 07:36:06 +00:00
|
|
|
onHostRule = false
|
2017-11-26 20:16:49 +00:00
|
|
|
onDemand = false
|
2017-12-04 06:11:13 +00:00
|
|
|
acmelogging = true
|
2017-11-26 14:22:49 +00:00
|
|
|
|
2018-02-17 21:32:12 +00:00
|
|
|
[acme.httpChallenge]
|
|
|
|
entryPoint = "http"
|
|
|
|
|
2018-03-28 10:15:44 +00:00
|
|
|
[acme.dnsChallenge]
|
|
|
|
provider = "cloudflare"
|
2022-01-08 16:49:38 +00:00
|
|
|
delayBeforeCheck = 120
|
2023-06-01 08:31:12 +00:00
|
|
|
resolvers = ["1.1.1.1:53", "8.8.8.8:53"]
|
2017-11-26 11:23:34 +00:00
|
|
|
|
2018-03-28 10:15:44 +00:00
|
|
|
# Primary 2 wildcard certs
|
|
|
|
[[acme.domains]]
|
|
|
|
main = "*.bb8.fun"
|
|
|
|
# Internal services are also protected!
|
|
|
|
[[acme.domains]]
|
|
|
|
main = "*.in.bb8.fun"
|