From ab35c6cae855fbb900c5475f1a7aab6d40d8ca1a Mon Sep 17 00:00:00 2001
From: Joey Hafner <jafner425@gmail.com>
Date: Sun, 13 Nov 2022 20:23:19 -0800
Subject: [PATCH] Require TLS1.2 on homer

---
 server/config/homer/docker-compose.yml | 1 +
 server/config/traefik/config/tls.yaml  | 4 ++++
 2 files changed, 5 insertions(+)
 create mode 100644 server/config/traefik/config/tls.yaml

diff --git a/server/config/homer/docker-compose.yml b/server/config/homer/docker-compose.yml
index 657806a..b3cc7fd 100644
--- a/server/config/homer/docker-compose.yml
+++ b/server/config/homer/docker-compose.yml
@@ -21,6 +21,7 @@ services:
     labels:
       - traefik.http.routers.homer.rule=Host(`home.jafner.net`) || Host(`jafner.net`) || Host(`www.jafner.net`)
       - traefik.http.routers.homer.tls.certresolver=lets-encrypt
+      - traefik.http.routers.homer.tls.options=tls12
       - traefik.http.routers.homer.middlewares=securityheaders@file
 
 networks:
diff --git a/server/config/traefik/config/tls.yaml b/server/config/traefik/config/tls.yaml
new file mode 100644
index 0000000..17fc206
--- /dev/null
+++ b/server/config/traefik/config/tls.yaml
@@ -0,0 +1,4 @@
+tls:
+  options:
+    tls12:
+      minVersion: VersionTLS12
\ No newline at end of file