diff --git a/services/traefik/config/config.yml b/services/traefik/config/config.yml index 1f04cf7..d2f621e 100644 --- a/services/traefik/config/config.yml +++ b/services/traefik/config/config.yml @@ -8,7 +8,7 @@ http: enabled: true logLevel: INFO updateIntervalSeconds: 60 - crowdsecMode: stream + crowdsecMode: live crowdsecAppsecEnabled: true crowdsecAppsecFailureBlock: true crowdsecAppsecUnreachableBlock: true @@ -21,12 +21,12 @@ http: - 10.0.0.0/8 clientTrustedIPs: - 192.168.178.0/24 - captchaProvider: hcaptcha - captchaSiteKey: b2d20610-8dda-4f40-8688-7ca8e1e628f8 # found in hcaptcha account - captchaSecretKey: {{ env "TRAEFIK_CAPTCHA_KEY" }} - captchaGracePeriodSeconds: 1800 - captchaHTMLFilePath: /captcha.html - banHTMLFilePath: /ban.html + # captchaProvider: hcaptcha + # captchaSiteKey: b2d20610-8dda-4f40-8688-7ca8e1e628f8 # found in hcaptcha account + # captchaSecretKey: {{ env "TRAEFIK_CAPTCHA_KEY" }} + # captchaGracePeriodSeconds: 1800 + # captchaHTMLFilePath: /captcha.html + # banHTMLFilePath: /ban.html routers: authelia: diff --git a/services/traefik/traefik.yml b/services/traefik/traefik.yml index f8c5e01..dfac435 100644 --- a/services/traefik/traefik.yml +++ b/services/traefik/traefik.yml @@ -16,6 +16,11 @@ services: TRAEFIK_PUBLIC_DOMAIN: ${PUBLIC_DOMAIN} TRAEFIK_MAIN_SERVER_NODE_IP: ${MAIN_SERVER_NODE_IP} TRAEFIK_CROWDSEC_API_KEY: ${CROWDSEC_API_KEY} + deploy: + resources: + limits: + cpus: "0.3" + memory: 150M volumes: - "/var/log/traefik/:/var/log/traefik/" - "/var/run/docker.sock:/var/run/docker.sock:ro" @@ -50,6 +55,11 @@ services: TRAEFIK_LOG_DASHBOARD_AUTH_TOKEN: ${TRAEFIK_DASHBOARD_TOKEN} TRAEFIK_LOG_DASHBOARD_SYSTEM_MONITORING: true TRAEFIK_LOG_DASHBOARD_LOG_FORMAT: json + deploy: + resources: + limits: + cpus: "0.10" + memory: 50M healthcheck: test: [ @@ -86,6 +96,11 @@ services: depends_on: traefik-agent: condition: service_healthy + deploy: + resources: + limits: + cpus: "0.1" + memory: 50M labels: # traefik - "traefik.enable=true"