http: middlewares: # Crowdsec crowdsec-bouncer: plugin: crowdsec-bouncer-traefik-plugin: enabled: true logLevel: INFO updateIntervalSeconds: 60 crowdsecMode: stream crowdsecAppsecEnabled: true crowdsecAppsecHost: crowdsec:7422 crowdsecLapiScheme: http crowdsecLapiHost: crowdsec:8080 # generated using "docker exec crowdsec cscli bouncers add crowdsecBouncer" crowdseclapikey: {{ env "TRAEFIK_CROWDSEC_API_KEY" }} forwardedHeadersTrustedIPs: - 10.0.0.0/8 clientTrustedIPs: - 192.168.178.0/24 captchaProvider: hcaptcha captchaSiteKey: b2d20610-8dda-4f40-8688-7ca8e1e628f8 # found in hcaptcha account captchaSecretKey: {{ env "TRAEFIK_CAPTCHA_KEY" }} captchaGracePeriodSeconds: 1800 captchaHTMLFilePath: /captcha.html banHTMLFilePath: /ban.html routers: authelia: rule: "Host(`auth.{{ env "TRAEFIK_PUBLIC_DOMAIN" }}`)" service: node entryPoints: https tls: {} middlewares: crowdsec-bouncer@file audiobookshelf: rule: "Host(`audiobookshelf.{{ env "TRAEFIK_PUBLIC_DOMAIN" }}`)" service: node entryPoints: https tls: {} middlewares: crowdsec-bouncer@file gitea: rule: "Host(`gitea.{{ env "TRAEFIK_PUBLIC_DOMAIN" }}`)" service: node entryPoints: https tls: {} middlewares: crowdsec-bouncer@file headscale: rule: "Host(`headscale.{{ env "TRAEFIK_PUBLIC_DOMAIN" }}`)" service: node entryPoints: https tls: {} middlewares: crowdsec-bouncer@file immich: rule: "Host(`immich.{{ env "TRAEFIK_PUBLIC_DOMAIN" }}`)" service: node entryPoints: https tls: {} middlewares: crowdsec-bouncer@file lldap: rule: "Host(`lldap.{{ env "TRAEFIK_PUBLIC_DOMAIN" }}`)" service: node entryPoints: https tls: {} middlewares: crowdsec-bouncer@file linkwarden: rule: "Host(`linkwarden.{{ env "TRAEFIK_PUBLIC_DOMAIN" }}`)" service: node entryPoints: https tls: {} middlewares: crowdsec-bouncer@file mealie: rule: "Host(`mealie.{{ env "TRAEFIK_PUBLIC_DOMAIN" }}`)" service: node entryPoints: https tls: {} middlewares: crowdsec-bouncer@file navidrome: rule: "Host(`navidrome.{{ env "TRAEFIK_PUBLIC_DOMAIN" }}`)" service: node entryPoints: https tls: {} middlewares: crowdsec-bouncer@file ntfy: rule: "Host(`ntfy.{{ env "TRAEFIK_PUBLIC_DOMAIN" }}`)" service: node entryPoints: https tls: {} middlewares: crowdsec-bouncer@file paperless: rule: "Host(`paperless.{{ env "TRAEFIK_PUBLIC_DOMAIN" }}`)" service: node entryPoints: https tls: {} middlewares: crowdsec-bouncer@file pdf: rule: "Host(`pdf.{{ env "TRAEFIK_PUBLIC_DOMAIN" }}`)" service: node entryPoints: https tls: {} middlewares: crowdsec-bouncer@file radicale: rule: "Host(`radicale.{{ env "TRAEFIK_PUBLIC_DOMAIN" }}`)" service: node entryPoints: https tls: {} middlewares: crowdsec-bouncer@file rss: rule: "Host(`rss.{{ env "TRAEFIK_PUBLIC_DOMAIN" }}`)" service: node entryPoints: https tls: {} middlewares: crowdsec-bouncer@file superset: rule: "Host(`superset.{{ env "TRAEFIK_PUBLIC_DOMAIN" }}`)" service: node entryPoints: https tls: {} middlewares: crowdsec-bouncer@file vaultwarden: rule: "Host(`vaultwarden.{{ env "TRAEFIK_PUBLIC_DOMAIN" }}`)" service: node entryPoints: https tls: {} middlewares: crowdsec-bouncer@file vikunja: rule: "Host(`vikunja.{{ env "TRAEFIK_PUBLIC_DOMAIN" }}`)" service: node entryPoints: https tls: {} middlewares: crowdsec-bouncer@file services: node: loadBalancer: servers: - url: http://{{ env "TRAEFIK_MAIN_SERVER_NODE_IP" }}