Jafner/Jafner.net
1
0
Fork 0
Code Issues 16 Pull Requests Actions Packages Projects Releases Wiki Activity

Switch Traefik dynamic config files from toml to yaml

Browse Source
This commit is contained in:
Joey Hafner 2022-07-06 17:34:52 -07:00
parent 5e982e7f7b
commit 2dc3fa2af1
7 changed files with 67 additions and 65 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
homelab/server/config/traefik/config/authentik.yaml
View File

@ -1,18 +0,0 @@
http:
middlewares:
authentik:
forwardauth:
address: http://authentik:9000/outpost.goauthentik.io/auth/traefik
trustForwardHeader: true
authResponseHeaders:
- X-authentik-username
- X-authentik-groups
- X-authentik-email
- X-authentik-name
- X-authentik-uid
- X-authentik-jwt
- X-authentik-meta-jwks
- X-authentik-meta-outpost
- X-authentik-meta-provider
- X-authentik-meta-app
- X-authentik-meta-version

43
homelab/server/config/traefik/config/middlewares.yaml Normal file
View File

@ -0,0 +1,43 @@
http:
middlewares:
lan-only:
ipWhiteList:
- "127.0.0.1/32"
- "192.168.1.1/24"
simple-auth:
basicAuth:
usersFile: "/.htpasswd"
authentik:
forwardauth:
address: http://authentik:9000/outpost.goauthentik.io/auth/traefik
trustForwardHeader: true
authResponseHeaders:
- X-authentik-username
- X-authentik-groups
- X-authentik-email
- X-authentik-name
- X-authentik-uid
- X-authentik-jwt
- X-authentik-meta-jwks
- X-authentik-meta-outpost
- X-authentik-meta-provider
- X-authentik-meta-app
- X-authentik-meta-version
security-headers:
headers:
customResponseHeaders:
X-Robots-Tag: "none,noarchive,nosnippet,notranslate,noimageindex"
server: ""
sslProxyHeaders:
X-Forwarded-Proto: https
referrerPolicy: "same-origin"
hostsProxyHeaders:
- "X-Forwarded-Host"
customRequestHeaders:
X-Forwarded-Proto: "https"
contentTypeNosniff: true
browserXssFilter: true
forceSTSHeader: true
stsIncludeSubdomains: true
stsSeconds: 63072000
stsPreload: true

16
homelab/server/config/traefik/config/nas.yaml Normal file
View File

@ -0,0 +1,16 @@
http:
routers:
nas:
rule: "Host(`nas.jafner.net`)"
entryPoints: "websecure"
middlewares: "lan-only@file"
service: "nas@file"
tls:
certResolver: "lets-encrypt"
services:
nas:
loadBalancer:
servers:
- url: "http://192.168.1.10/"

8
homelab/server/config/traefik/config/traefik_api.yaml Normal file
View File

@ -0,0 +1,8 @@
http:
routers:
api:
rule: "Host(`traefik.jafner.net`)"
entryPoints: "websecure"
service: "api@internal"
tls:
certResolver: "lets-encrypt"

12
homelab/server/config/traefik/config/traefik_config_dev.toml
View File

@ -1,12 +0,0 @@
[http.routers]
[http.routers.dev]
rule = "Host(`*.jafner.dev`)"
entrypoints = ["websecure"]
middlewares = "lan-only@file"
service = "dev@file"
[http.services]
[http.services.dev.loadBalancer]
[[http.services.dev.loadBalancer.servers]]
url = "http://192.168.1.21/"

19
homelab/server/config/traefik/config/traefik_config_dynamic.toml
View File

@ -1,19 +0,0 @@
[http]
[http.routers]
[http.routers.api]
rule = "Host(`traefik.jafner.net`)"
entryPoints = ["websecure"]
service = "api@internal"
[http.routers.api.tls]
certResolver = "lets-encrypt"
[http.middlewares]
[http.middlewares.lan-only]
[http.middlewares.lan-only.ipWhiteList]
sourceRange = ["127.0.0.1/32", "192.168.1.1/24"]
[http.middlewares.simpleauth]
[http.middlewares.simpleauth.basicAuth]
usersFile = "/.htpasswd"

16
homelab/server/config/traefik/config/traefik_config_nas.toml
View File

@ -1,16 +0,0 @@
[http.routers]
[http.routers.nas]
rule = "Host(`nas.jafner.net`)"
entrypoints = ["websecure"]
middlewares = "lan-only@file"
service = "nas@file"
[http.routers.nas.tls]
certResolver = "lets-encrypt"
[http.services]
[http.services.nas.loadBalancer]
[[http.services.nas.loadBalancer.servers]]
url = "http://192.168.1.10/"