Skip to content

Commit

Permalink
✨ traefik 2.11
Browse files Browse the repository at this point in the history
closes #8
  • Loading branch information
juftin authored Apr 4, 2024
1 parent bcc3535 commit f5843db
Show file tree
Hide file tree
Showing 3 changed files with 9 additions and 16 deletions.
1 change: 1 addition & 0 deletions traefik/oauth/docker-compose.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -33,5 +33,6 @@ services:
traefik.http.routers.oauth-rtr.rule: Host(`${OAUTH_SUBDOMAIN:-oauth}.${DOMAIN_NAME}`)
traefik.http.routers.oauth-rtr.entrypoints: https
traefik.http.routers.oauth-rtr.service: oauth-svc
traefik.http.routers.oauth-rtr.tls: true
traefik.http.services.oauth-svc.loadbalancer.server.port: 4181
traefik.http.routers.oauth-rtr.middlewares: chain-oauth-google@file
20 changes: 7 additions & 13 deletions traefik/traefik/docker-compose.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -5,8 +5,7 @@
services:
traefik:
container_name: traefik
image: library/traefik:v2.6
hostname: ${TRAEFIK_SUBDOMAIN:-traefik}
image: library/traefik:v2.11
ports:
- published: 80
target: 80
Expand All @@ -20,7 +19,6 @@ services:
CF_API_EMAIL: ${CLOUDFLARE_EMAIL}
CF_API_KEY: ${CLOUDFLARE_API_KEY}
volumes:
- /var/run/docker.sock:/var/run/docker.sock:ro
- ${TRAEFIK_DIRECTORY}/traefik/rules:/rules
- ${TRAEFIK_DIRECTORY}/traefik/config/logs:/logs
- ${TRAEFIK_DIRECTORY}/traefik/config/traefik:/etc/traefik
Expand All @@ -46,14 +44,10 @@ services:
# LOGGING SETTINGS
- --log=true
- --log.level=INFO # DEBUG, INFO, WARN, ERROR, FATAL, PANIC
- --log.format=COMMON
- --accessLog=true
- --accessLog.filePath=/logs/access.log
- --accessLog.format=JSON
- --accessLog.bufferingSize=100
- --accessLog.filters.statusCodes=400-499
- --accessLog.filters.retryAttempts=true
- --accessLog.filters.minDuration=10ms
- --accessLog.filters.statusCodes=204-299,400-499,500-599
# PROVIDERS
- --providers.docker=true
- --providers.docker.endpoint=tcp://socket-proxy:2375
Expand All @@ -66,10 +60,14 @@ services:
- --entryPoints.http.address=:80
- --entryPoints.https.address=:443
- --entryPoints.traefik.address=:8080
- --entrypoints.https.forwardedHeaders.trustedIPs=173.245.48.0/20,103.21.244.0/22,103.22.200.0/22,103.31.4.0/22,141.101.64.0/18,108.162.192.0/18,190.93.240.0/20,188.114.96.0/20,197.234.240.0/22,198.41.128.0/17,162.158.0.0/15,104.16.0.0/12,172.64.0.0/13,131.0.72.0/22
- --entrypoints.http.http.redirections.entrypoint.to=https
- --entrypoints.http.http.redirections.entrypoint.scheme=https
- --entrypoints.http.http.redirections.entrypoint.permanent=true
- --entrypoints.https.forwardedHeaders.trustedIPs=173.245.48.0/20,103.21.244.0/22,103.22.200.0/22,103.31.4.0/22,141.101.64.0/18,108.162.192.0/18,190.93.240.0/20,188.114.96.0/20,197.234.240.0/22,198.41.128.0/17,162.158.0.0/15,104.16.0.0/13,104.24.0.0/14,172.64.0.0/13,131.0.72.0/22
- --entrypoints.https.http.tls.certresolver=dns-cloudflare
- --entrypoints.https.http.tls.domains[0].main=${DOMAIN_NAME}
- --entrypoints.https.http.tls.domains[0].sans=*.${DOMAIN_NAME}
- --entrypoints.https.http.tls=true
- --entrypoints.https.http.tls.options=tls-opts@file
# CERTIFICATE RESOLVERS
- --certificatesResolvers.dns-cloudflare.acme.email=${CLOUDFLARE_EMAIL}
Expand All @@ -82,8 +80,4 @@ services:
traefik.http.routers.traefik-rtr.rule: Host(`${TRAEFIK_SUBDOMAIN:-traefik}.${DOMAIN_NAME}`)
traefik.http.routers.traefik-rtr.entrypoints: https
traefik.http.routers.traefik-rtr.service: api@internal
traefik.http.routers.http-catchall.entrypoints: http
traefik.http.routers.http-catchall.rule: HostRegexp(`{host:.+}`)
traefik.http.routers.http-catchall.middlewares: redirect-to-https
traefik.http.middlewares.redirect-to-https.redirectscheme.scheme: https
traefik.http.routers.traefik-rtr.middlewares: chain-oauth-google@file
4 changes: 1 addition & 3 deletions traefik/traefik/rules/middlewares.yml
Original file line number Diff line number Diff line change
Expand Up @@ -18,17 +18,15 @@ http:
accessControlMaxAge: 100
hostsProxyHeaders:
- X-Forwarded-Host
sslRedirect: true
stsSeconds: 63072000
stsIncludeSubdomains: true
stsPreload: true
forceSTSHeader: true
frameDeny: false
customFrameOptionsValue: SAMEORIGIN
contentTypeNosniff: true
browserXssFilter: true
referrerPolicy: same-origin
featurePolicy: camera 'none'; geolocation 'none'; microphone 'none'; payment 'none'; usb 'none'; vr 'none';
permissionsPolicy: camera=(), microphone=(), geolocation=(), payment=(), usb=(), vr=()
customResponseHeaders:
X-Robots-Tag: none,noarchive,nosnippet,notranslate,noimageindex,
server: ""
Expand Down

0 comments on commit f5843db

Please sign in to comment.