api:
  dashboard: true

log:
  level: "INFO"

serversTransport:
  insecureSkipVerify: true

accessLog:
  filePath: "/var/log/traefik/access.log" # location of traefik logs for crowdsec
  format: json
  bufferingSize: 100 # Configuring a buffer of 100 lines
  filters:
    statusCodes:
      - "204-299"
      - "400-499"
      - "500-559" # logged status codes

entryPoints:
  http:
    address: "[::]:80" # Create the HTTP entrypoint on port 80
    forwardedHeaders:
      insecure: false
      trustedIPs:
        - "10.0.0.0/8"
        - "192.168.178.0/16"
        - "2a07:600:200:1::/64"
    proxyProtocol:
      insecure: false
      trustedIPs:
        - "10.0.0.0/8"
        - "192.168.178.0/16"
        - "2a07:600:200:1::/64"

  https:
    address: "[::]:443" # Create the HTTPS entrypoint on port 443
    forwardedHeaders:
      insecure: false
      trustedIPs:
        - "10.0.0.0/8"
        - "192.168.178.0/16"
        - "2a07:600:200:1::/64"
    proxyProtocol:
      insecure: false
      trustedIPs:
        - "10.0.0.0/8"
        - "192.168.178.0/16"
        - "2a07:600:200:1::/64"

certificatesResolvers:
  myresolver:
    acme:
      email: chris.windler@crescentec.ch
      storage: letsencrypt/acme.json
      # caServer: "https://acme-staging-v02.api.letsencrypt.org/directory"
      httpChallenge:
        # used during the challenge
        entryPoint: http

providers:
  docker:
    endpoint: "unix:///var/run/docker.sock" # Listen to the UNIX Docker socket
    exposedByDefault: false
  file:
    directory: "/etc/traefik" # Link to the dynamic configuration
    watch: true # Watch for modifications
  providersThrottleDuration: "10" # Configuration reload frequency

metrics:
  prometheus: {}

experimental:
  plugins:
    crowdsec-bouncer-traefik-plugin:
      moduleName: "github.com/maxlerebourg/crowdsec-bouncer-traefik-plugin"
      version: "v1.5.0-beta1"