171 lines
4.7 KiB
YAML
171 lines
4.7 KiB
YAML
http:
|
|
middlewares:
|
|
|
|
# Crowdsec
|
|
crowdsec-bouncer:
|
|
plugin:
|
|
crowdsec-bouncer-traefik-plugin:
|
|
enabled: true
|
|
logLevel: INFO
|
|
updateIntervalSeconds: 60
|
|
crowdsecMode: stream
|
|
crowdsecAppsecEnabled: true
|
|
crowdsecAppsecHost: crowdsec:7422
|
|
crowdsecLapiScheme: http
|
|
crowdsecLapiHost: crowdsec:8080
|
|
# generated using "docker exec crowdsec cscli bouncers add crowdsecBouncer"
|
|
crowdseclapikey: {{ env "TRAEFIK_CROWDSEC_API_KEY" }}
|
|
forwardedHeadersTrustedIPs:
|
|
- 10.0.0.0/8
|
|
clientTrustedIPs:
|
|
- 192.168.178.0/24
|
|
captchaProvider: hcaptcha
|
|
captchaSiteKey: b2d20610-8dda-4f40-8688-7ca8e1e628f8 # found in hcaptcha account
|
|
captchaSecretKey: {{ env "TRAEFIK_CAPTCHA_KEY" }}
|
|
captchaGracePeriodSeconds: 1800
|
|
captchaHTMLFilePath: /captcha.html
|
|
banHTMLFilePath: /ban.html
|
|
|
|
routers:
|
|
authelia:
|
|
rule: "Host(`auth.{{ env "TRAEFIK_PUBLIC_DOMAIN" }}`)"
|
|
service: node
|
|
entryPoints: http,https
|
|
tls:
|
|
certresolver: myresolver
|
|
middlewares: crowdsec-bouncer@file
|
|
|
|
audiobookshelf:
|
|
rule: "Host(`audiobookshelf.{{ env "TRAEFIK_PUBLIC_DOMAIN" }}`)"
|
|
service: node
|
|
entryPoints: http,https
|
|
tls:
|
|
certresolver: myresolver
|
|
middlewares: crowdsec-bouncer@file
|
|
|
|
gitea:
|
|
rule: "Host(`gitea.{{ env "TRAEFIK_PUBLIC_DOMAIN" }}`)"
|
|
service: node
|
|
entryPoints: http,https
|
|
tls:
|
|
certresolver: myresolver
|
|
middlewares: crowdsec-bouncer@file
|
|
|
|
headscale:
|
|
rule: "Host(`headscale.{{ env "TRAEFIK_PUBLIC_DOMAIN" }}`)"
|
|
service: node
|
|
entryPoints: http,https
|
|
tls:
|
|
certresolver: myresolver
|
|
middlewares: crowdsec-bouncer@file
|
|
|
|
immich:
|
|
rule: "Host(`immich.{{ env "TRAEFIK_PUBLIC_DOMAIN" }}`)"
|
|
service: node
|
|
entryPoints: http,https
|
|
tls:
|
|
certresolver: myresolver
|
|
middlewares: crowdsec-bouncer@file
|
|
|
|
lldap:
|
|
rule: "Host(`ldap.{{ env "TRAEFIK_PUBLIC_DOMAIN" }}`)"
|
|
service: node
|
|
entryPoints: http,https
|
|
tls:
|
|
certresolver: myresolver
|
|
middlewares: crowdsec-bouncer@file
|
|
|
|
linkwarden:
|
|
rule: "Host(`linkwarden.{{ env "TRAEFIK_PUBLIC_DOMAIN" }}`)"
|
|
service: node
|
|
entryPoints: http,https
|
|
tls:
|
|
certresolver: myresolver
|
|
middlewares: crowdsec-bouncer@file
|
|
|
|
mealie:
|
|
rule: "Host(`mealie.{{ env "TRAEFIK_PUBLIC_DOMAIN" }}`)"
|
|
service: node
|
|
entryPoints: http,https
|
|
tls:
|
|
certresolver: myresolver
|
|
middlewares: crowdsec-bouncer@file
|
|
|
|
navidrome:
|
|
rule: "Host(`navidrome.{{ env "TRAEFIK_PUBLIC_DOMAIN" }}`)"
|
|
service: node
|
|
entryPoints: http,https
|
|
tls:
|
|
certresolver: myresolver
|
|
middlewares: crowdsec-bouncer@file
|
|
|
|
ntfy:
|
|
rule: "Host(`ntfy.{{ env "TRAEFIK_PUBLIC_DOMAIN" }}`)"
|
|
service: node
|
|
entryPoints: http,https
|
|
tls:
|
|
certresolver: myresolver
|
|
middlewares: crowdsec-bouncer@file
|
|
|
|
paperless:
|
|
rule: "Host(`paperless.{{ env "TRAEFIK_PUBLIC_DOMAIN" }}`)"
|
|
service: node
|
|
entryPoints: http,https
|
|
tls:
|
|
certresolver: myresolver
|
|
middlewares: crowdsec-bouncer@file
|
|
|
|
pdf:
|
|
rule: "Host(`pdf.{{ env "TRAEFIK_PUBLIC_DOMAIN" }}`)"
|
|
service: node
|
|
entryPoints: http,https
|
|
tls:
|
|
certresolver: myresolver
|
|
middlewares: crowdsec-bouncer@file
|
|
|
|
radicale:
|
|
rule: "Host(`radicale.{{ env "TRAEFIK_PUBLIC_DOMAIN" }}`)"
|
|
service: node
|
|
entryPoints: http,https
|
|
tls:
|
|
certresolver: myresolver
|
|
middlewares: crowdsec-bouncer@file
|
|
|
|
rss:
|
|
rule: "Host(`rss.{{ env "TRAEFIK_PUBLIC_DOMAIN" }}`)"
|
|
service: node
|
|
entryPoints: http,https
|
|
tls:
|
|
certresolver: myresolver
|
|
middlewares: crowdsec-bouncer@file
|
|
|
|
# superset:
|
|
# rule: "Host(`superset.{{ env "TRAEFIK_PUBLIC_DOMAIN" }}`)"
|
|
# service: node
|
|
# entryPoints: http,https
|
|
# tls:
|
|
# certresolver: myresolver
|
|
# middlewares: crowdsec-bouncer@file
|
|
|
|
vaultwarden:
|
|
rule: "Host(`vaultwarden.{{ env "TRAEFIK_PUBLIC_DOMAIN" }}`)"
|
|
service: node
|
|
entryPoints: http,https
|
|
tls:
|
|
certresolver: myresolver
|
|
middlewares: crowdsec-bouncer@file
|
|
|
|
vikunja:
|
|
rule: "Host(`vikunja.{{ env "TRAEFIK_PUBLIC_DOMAIN" }}`)"
|
|
service: node
|
|
entryPoints: http,https
|
|
tls:
|
|
certresolver: myresolver
|
|
middlewares: crowdsec-bouncer@file
|
|
|
|
services:
|
|
node:
|
|
loadBalancer:
|
|
servers:
|
|
- url: http://{{ env "TRAEFIK_MAIN_SERVER_NODE_IP" }}
|