christian/docker_compose_company_stack
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
Files
master
docker_compose_company_stack/traefik-crowdsec-stack/traefik/dynamic_conf.yml
root f4efbc7a63 Initial commit
2023-08-09 14:01:28 +02:00

92 lines
2.1 KiB
YAML
Raw Permalink Blame History

tls:
options:
default:
minVersion: VersionTLS12
cipherSuites:
- TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
- TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
- TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305
- TLS_AES_128_GCM_SHA256
- TLS_AES_256_GCM_SHA384
- TLS_CHACHA20_POLY1305_SHA256
curvePreferences:
- CurveP521
- CurveP384
sniStrict: true
http:
middlewares:
default:
chain:
middlewares:
- default-security-headers
- gzip
default-security-headers:
headers:
browserXssFilter: true
contentTypeNosniff: true
forceSTSHeader: true
frameDeny: true
stsIncludeSubdomains: true
stsPreload: true
stsSeconds: 31536000
customFrameOptionsValue: "SAMEORIGIN"
gzip:
compress: {}
traefik-crowdsec-bouncer:
forwardauth:
address: http://traefik-crowdsec-bouncer:8080/api/v1/forwardAuth
trustForwardHeader: true
real-ip-cf:
plugin:
real-ip:
Proxy:
- proxyHeadername: "*"
realIP: Cf-Connecting-Ip
OverwriteXFF: true
hpnetwork-whitelist:
ipWhiteList:
sourceRange:
- "127.0.0.1/32"
- "10.1.0.0/24"
- "10.6.0.0/24"
- "192.168.0.0/24"
routers:
routerasteriskold:
rule: "Host(`asterisk.prothmann.com`)"
service: asteriskold@file
entryPoints: websecure
tls:
certResolver: http_resolver
middlewares:
- hpnetwork-whitelist
routerrspamdold:
rule: "Host(`rspamd.prothmann.com`)"
service: rspamdold@file
entryPoints: websecure
tls:
certResolver: http_resolver
middlewares:
- hpnetwork-whitelist
services:
nextcloud:
loadBalancer:
servers:
- url: "http://10.1.0.13:11000"
asteriskold:
loadBalancer:
servers:
- url: "http://10.3.0.28:80"
rspamdold:
loadBalancer:
servers:
- url: "http://mail.prothmann.com/rspamd/"
Reference in New Issue View Git Blame Copy Permalink