54 lines
1.5 KiB
YAML
54 lines
1.5 KiB
YAML
http:
|
|
middlewares:
|
|
lan-only:
|
|
ipWhiteList:
|
|
sourceRange:
|
|
- "127.0.0.1/32"
|
|
- "192.168.1.1/24"
|
|
simple-auth:
|
|
basicAuth:
|
|
usersFile: "/.htpasswd"
|
|
authentik:
|
|
forwardauth:
|
|
address: http://authentik-server:9000/outpost.goauthentik.io/auth/traefik
|
|
trustForwardHeader: true
|
|
authResponseHeaders:
|
|
- X-authentik-username
|
|
- X-authentik-groups
|
|
- X-authentik-email
|
|
- X-authentik-name
|
|
- X-authentik-uid
|
|
- X-authentik-jwt
|
|
- X-authentik-meta-jwks
|
|
- X-authentik-meta-outpost
|
|
- X-authentik-meta-provider
|
|
- X-authentik-meta-app
|
|
- X-authentik-meta-version
|
|
securityheaders:
|
|
headers:
|
|
customResponseHeaders:
|
|
X-Robots-Tag: "none,noarchive,nosnippet,notranslate,noimageindex"
|
|
server: ""
|
|
sslProxyHeaders:
|
|
X-Forwarded-Proto: https
|
|
referrerPolicy: "same-origin"
|
|
hostsProxyHeaders:
|
|
- "X-Forwarded-Host"
|
|
customRequestHeaders:
|
|
X-Forwarded-Proto: "https"
|
|
X-Scheme: https
|
|
contentTypeNosniff: true
|
|
browserXssFilter: true
|
|
forceSTSHeader: true
|
|
stsIncludeSubdomains: true
|
|
stsSeconds: 63072000
|
|
stsPreload: true
|
|
pihole:
|
|
addprefix:
|
|
prefix: "/admin"
|
|
traefik-forward-auth:
|
|
forwardauth:
|
|
address: http://forwardauth:4181
|
|
trustForwardHeader: true
|
|
authResponseHeaders:
|
|
- X-Forwarded-User |