cleanup gitignore, improve crowdsec

services/headscale/headscale.yml

@@ -3,19 +3,24 @@ services:
     extends:
       file: ${TEMPLATES_PATH}
       service: default
-    image: docker.io/headscale/headscale 
-    container_name: headscale 
+    image: docker.io/headscale/headscale
+    container_name: headscale
     volumes:
       - ${SERVICE_PATH}/headscale/config:/etc/headscale
       - ${SERVICE_PATH}/headscale/lib:/var/lib/headscale
       - ${SERVICE_PATH}/headscale/run:/var/run/headscale
     ports:
-      - 127.0.0.1:8080:8080 # api 
+      - 127.0.0.1:8080:8080 # api
       - 127.0.0.1:9090:9090 # metrics
     command: serve
     environment:
     networks:
       - ip4net
     labels:
-      # Watchtower
-      - "com.centurylinklabs.watchtower.enable=true"
+      # Traefik
+      - "traefik.enable=true"
+      - "traefik.http.routers.headscale.rule=Host(`headscale.${PUBLIC_DOMAIN}`)"
+      - "traefik.http.routers.headscale.entrypoints=https"
+      - "traefik.http.routers.headscale.tls.certresolver=myresolver"
+      - "traefik.http.routers.headscale.tls=true"
+      - "traefik.http.routers.headscale.middlewares=crowdsec-bouncer@file"