124 lines
2.6 KiB
TOML
124 lines
2.6 KiB
TOML
defaultEntryPoints = ["http", "https"]
|
|
|
|
InsecureSkipVerify = true
|
|
|
|
[entryPoints]
|
|
[entryPoints.http]
|
|
address = ":80"
|
|
[entryPoints.http.redirect]
|
|
entryPoint = "https"
|
|
[entryPoints.https]
|
|
address = ":443"
|
|
# This is required for ACME support
|
|
[entryPoints.https.tls]
|
|
[[entryPoints.https.tls.certificates]]
|
|
certFile = "/etc/traefik/git.captnemo.in.crt"
|
|
keyFile = "/etc/traefik/git.captnemo.in.key"
|
|
[[entryPoints.https.tls.certificates]]
|
|
certFile = "/etc/traefik/rss.captnemo.in.crt"
|
|
keyFile = "/etc/traefik/rss.captnemo.in.key"
|
|
|
|
[docker]
|
|
# Make sure you mount this as readonly
|
|
endpoint = "unix:///var/run/docker.sock"
|
|
domain = "bb8.fun"
|
|
watch = true
|
|
exposedbydefault = false
|
|
|
|
[file]
|
|
[backends]
|
|
|
|
# This is currently not exposed
|
|
# Since I can't apply a authentication
|
|
# on this yet
|
|
|
|
[backends.elibsrv]
|
|
[backends.elibsrv.servers.default]
|
|
url = "http://elibsrv.captnemo.in:90"
|
|
|
|
[backends.scan]
|
|
[backends.scan.servers.default]
|
|
url = "http://scan.in.bb8.fun:90"
|
|
|
|
[frontends]
|
|
|
|
[frontends.scan]
|
|
backend = "scan"
|
|
[frontends.scan.headers]
|
|
SSLRedirect = true
|
|
SSLTemporaryRedirect = true
|
|
STSSeconds = 2592000
|
|
FrameDeny = true
|
|
ContentTypeNosniff = true
|
|
BrowserXssFilter = true
|
|
ReferrerPolicy = "no-referrer"
|
|
[frontends.scan.headers.customresponseheaders]
|
|
X-Powered-By = "Allomancy"
|
|
Server = "BlackBox"
|
|
X-Clacks-Overhead = "GNU Terry Pratchett"
|
|
[frontends.scan.routes.domain]
|
|
rule = "Host:scan.bb8.fun"
|
|
|
|
[web]
|
|
address = ":1111"
|
|
readOnly = true
|
|
|
|
# To enable Traefik to export internal metrics to Prometheus
|
|
[web.metrics.prometheus]
|
|
|
|
[acme]
|
|
|
|
email = "acme@captnemo.in"
|
|
storage = "/acme/acme.json"
|
|
entryPoint = "https"
|
|
onHostRule = false
|
|
onDemand = false
|
|
acmelogging = true
|
|
|
|
[acme.httpChallenge]
|
|
entryPoint = "http"
|
|
|
|
# Keep DNS challenge disabled
|
|
# for now
|
|
# [acme.dnsChallenge]
|
|
# provider = "cloudflare"
|
|
# delayBeforeCheck = 5
|
|
# Get wildcard once possible
|
|
|
|
[[acme.domains]]
|
|
main = "bb8.fun"
|
|
sans = [
|
|
"ads.bb8.fun",
|
|
"airsonic.bb8.fun",
|
|
"apps.bb8.fun",
|
|
"cadvisor.bb8.fun",
|
|
"debug.in.bb8.fun",
|
|
"dns.bb8.fun",
|
|
"emby.bb8.fun",
|
|
"emby.in.bb8.fun",
|
|
"falcon.bb8.fun",
|
|
"ghost.bb8.fun",
|
|
"grafana.bb8.fun",
|
|
"headphones.bb8.fun",
|
|
"home.bb8.fun",
|
|
"info.bb8.fun",
|
|
"jackett.bb8.fun",
|
|
"library.bb8.fun",
|
|
"luke.bb8.fun",
|
|
"monitoring.bb8.fun",
|
|
"ombi.bb8.fun",
|
|
"pics.bb8.fun",
|
|
"pics.in.bb8.fun",
|
|
"radarr.bb8.fun",
|
|
"read.bb8.fun",
|
|
"rey.bb8.fun",
|
|
"scan.bb8.fun",
|
|
"sonarr.bb8.fun",
|
|
"tatooine.bb8.fun",
|
|
"tie.bb8.fun",
|
|
"traefik.bb8.fun",
|
|
"transmission.bb8.fun",
|
|
"wifi.bb8.fun",
|
|
"wiki.bb8.fun"
|
|
]
|