86 lines
1.6 KiB
YAML
86 lines
1.6 KiB
YAML
# Static Configuration for Traefik
|
|
|
|
# Global Configuration
|
|
global:
|
|
checkNewVersion: true
|
|
sendAnonymousUsage: false
|
|
|
|
# API and Dashboard
|
|
api:
|
|
dashboard: true
|
|
insecure: false
|
|
|
|
# Entry Points
|
|
entryPoints:
|
|
web:
|
|
address: ":80"
|
|
# No global redirect - ACME challenges need HTTP access
|
|
# Redirects are handled per-router via middleware
|
|
|
|
websecure:
|
|
address: ":443"
|
|
http:
|
|
tls:
|
|
certResolver: letsencrypt
|
|
domains:
|
|
- main: michaelschiemer.de
|
|
sans:
|
|
- "*.michaelschiemer.de"
|
|
middlewares:
|
|
- security-headers@docker
|
|
- compression@docker
|
|
|
|
# Certificate Resolvers
|
|
certificatesResolvers:
|
|
letsencrypt:
|
|
acme:
|
|
email: kontakt@michaelschiemer.de
|
|
storage: /acme.json
|
|
caServer: https://acme-v02.api.letsencrypt.org/directory
|
|
# Use HTTP-01 challenge (requires port 80 accessible)
|
|
httpChallenge:
|
|
entryPoint: web
|
|
# Uncomment for DNS challenge (requires DNS provider)
|
|
# dnsChallenge:
|
|
# provider: cloudflare
|
|
# delayBeforeCheck: 30
|
|
|
|
# Providers
|
|
providers:
|
|
docker:
|
|
endpoint: "unix:///var/run/docker.sock"
|
|
exposedByDefault: false
|
|
network: traefik-public
|
|
watch: true
|
|
|
|
file:
|
|
directory: /dynamic
|
|
watch: true
|
|
|
|
# Logging
|
|
log:
|
|
level: INFO
|
|
filePath: /logs/traefik.log
|
|
format: json
|
|
|
|
# Access Logs
|
|
accessLog:
|
|
filePath: /logs/access.log
|
|
format: json
|
|
bufferingSize: 100
|
|
filters:
|
|
statusCodes:
|
|
- "400-499"
|
|
- "500-599"
|
|
|
|
# Metrics
|
|
metrics:
|
|
prometheus:
|
|
addEntryPointsLabels: true
|
|
addRoutersLabels: true
|
|
addServicesLabels: true
|
|
|
|
# Ping
|
|
ping:
|
|
entryPoint: web
|