michael/michaelschiemer
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
76ec4cf28d32cf0e3bf5c08df31d6b2f496f8545
michaelschiemer/deployment/stacks/traefik/traefik.local.yml
Michael Schiemer 77c656af62 feat(deployment): update Semaphore stack and Traefik configuration 
- Add QUICKSTART.md and SETUP_REPOSITORY.md for Semaphore stack
- Add playbooks directory for Semaphore deployment
- Update Semaphore docker-compose.yml, env.example, and README
- Add Traefik local configuration files
- Disable semaphore.yml in Traefik dynamic config
- Update docker-compose.local.yml and build-image workflow
2025-11-02 22:55:51 +01:00

99 lines
3.2 KiB
YAML
Raw Blame History

# Local Development Configuration for Traefik
# This configuration is optimized for local development without Let's Encrypt/ACME
# Global Configuration
global:
checkNewVersion: true
sendAnonymousUsage: false
# API and Dashboard
# For local development, we enable insecure access on port 8080
# Dashboard automatically accessible at:
# - http://localhost:8080/dashboard/ (with trailing slash)
# - http://localhost:8080/api/rawdata
# - http://localhost:8080/api/http/routers
api:
dashboard: true
insecure: true # HTTP-only for local development - enables direct dashboard access
# Note: With insecure=true, dashboard is accessible at:
# - http://localhost:8080/dashboard/
# - http://localhost:8080/api/rawdata
# - http://localhost:8080/api/http/routers
# The insecure mode works directly on the entrypoint (web) without needing router labels
# Entry Points
entryPoints:
web:
address: ":80"
# No redirects for local development - HTTP is acceptable
websecure:
address: ":443"
# Note: Even though we don't use HTTPS locally, we need this entrypoint
# because dynamic configurations (gitea.yml, semaphore.yml) reference it
# We use HTTP only, but the entrypoint must exist to avoid errors
traefik:
address: ":8080"
# This entrypoint is used by api.insecure=true for dashboard access
# It must be on port 8080 (which maps to host port 8080) to match our port mapping
# Certificate Resolvers
# Note: For local development, we don't configure ACME/Let's Encrypt
# Dynamic configs (gitea.yml, semaphore.yml) that reference letsencrypt will show errors
# but won't break Traefik functionality. We can ignore these errors for local dev.
# If you need to test with real certificates locally, configure ACME manually.
# certificatesResolvers:
# letsencrypt:
# acme:
# email: your-email@example.com
# storage: /tmp/acme.json
# caServer: "https://acme-staging-v02.api.letsencrypt.org/directory"
# Providers
providers:
docker:
endpoint: "unix:///var/run/docker.sock"
exposedByDefault: false
# Use Docker bridge network for local development
network: traefik-public
watch: true
file:
directory: /dynamic
watch: true
# Note: Dynamic configs (gitea.yml, semaphore.yml) will show errors
# because they reference letsencrypt resolver which we don't configure locally
# These errors are harmless and won't affect local development
# Forwarded Headers Configuration
# Simplified for local development
forwardedHeaders:
trustedIPs:
- "127.0.0.1/32" # Localhost
- "172.17.0.0/16" # Docker bridge network
- "172.18.0.0/16" # Docker user-defined networks
insecure: true # Allow insecure forwarded headers for local dev
# Logging - Console output for local development (easier to debug)
log:
level: INFO
format: common # Human-readable format for local development
# Access Logs - Console output for local development
accessLog:
format: common # Human-readable format for local development
# Metrics (optional for local development)
# Can be enabled if needed for monitoring
# metrics:
# prometheus:
# addEntryPointsLabels: true
# addRoutersLabels: true
# addServicesLabels: true
# Ping endpoint for health checks
ping:
entryPoint: web
Reference in New Issue View Git Blame Copy Permalink