Nemo
cce99c0b6a
- Traefik is advertising http/2 along with TLS it then forwards the unencrypted h2 to the php server which is then giving up. (╯°□°)╯︵ ┻━┻
46 lines
1.0 KiB
TOML
46 lines
1.0 KiB
TOML
# This configures docker service discovery
|
|
[providers.docker]
|
|
exposedByDefault = false
|
|
network = "traefik"
|
|
defaultRule = ""
|
|
|
|
[entryPoints]
|
|
[entryPoints.web]
|
|
address = ":80"
|
|
|
|
[entryPoints.web-secure]
|
|
address = ":443"
|
|
|
|
[http.middlewares]
|
|
[http.middlewares.everything.redirectScheme]
|
|
scheme = "https"
|
|
|
|
[tcp.routers]
|
|
[tcp.routers.forwardtohome]
|
|
entryPoints = ["web-secure"]
|
|
rule = "HostSNI(`emby.bb8.fun`, `git.captnemo.in`)"
|
|
service = "homeserver"
|
|
[tcp.routers.forwardtohome.tls]
|
|
passthrough = true
|
|
|
|
[tcp.services]
|
|
[tcp.services.homeserver.loadBalancer]
|
|
[[tcp.services.homeserver.loadBalancer.servers]]
|
|
address = "10.8.0.14:443"
|
|
|
|
[certificatesResolvers.default.acme]
|
|
email = "certs@captnemo.in"
|
|
storage = "/acme/acme.json"
|
|
[certificatesResolvers.default.acme.httpChallenge]
|
|
# used during the challenge
|
|
entryPoint = "web"
|
|
|
|
|
|
[tls.options]
|
|
[tls.options.foo]
|
|
minVersion = "VersionTLS12"
|
|
cipherSuites = [
|
|
"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256",
|
|
"TLS_RSA_WITH_AES_256_GCM_SHA384"
|
|
]
|