Michael Schiemer
77c656af62
- Add QUICKSTART.md and SETUP_REPOSITORY.md for Semaphore stack - Add playbooks directory for Semaphore deployment - Update Semaphore docker-compose.yml, env.example, and README - Add Traefik local configuration files - Disable semaphore.yml in Traefik dynamic config - Update docker-compose.local.yml and build-image workflow
99 lines
3.2 KiB
YAML
99 lines
3.2 KiB
YAML
# Local Development Configuration for Traefik
|
|
# This configuration is optimized for local development without Let's Encrypt/ACME
|
|
|
|
# Global Configuration
|
|
global:
|
|
checkNewVersion: true
|
|
sendAnonymousUsage: false
|
|
|
|
# API and Dashboard
|
|
# For local development, we enable insecure access on port 8080
|
|
# Dashboard automatically accessible at:
|
|
# - http://localhost:8080/dashboard/ (with trailing slash)
|
|
# - http://localhost:8080/api/rawdata
|
|
# - http://localhost:8080/api/http/routers
|
|
api:
|
|
dashboard: true
|
|
insecure: true # HTTP-only for local development - enables direct dashboard access
|
|
# Note: With insecure=true, dashboard is accessible at:
|
|
# - http://localhost:8080/dashboard/
|
|
# - http://localhost:8080/api/rawdata
|
|
# - http://localhost:8080/api/http/routers
|
|
# The insecure mode works directly on the entrypoint (web) without needing router labels
|
|
|
|
# Entry Points
|
|
entryPoints:
|
|
web:
|
|
address: ":80"
|
|
# No redirects for local development - HTTP is acceptable
|
|
|
|
websecure:
|
|
address: ":443"
|
|
# Note: Even though we don't use HTTPS locally, we need this entrypoint
|
|
# because dynamic configurations (gitea.yml, semaphore.yml) reference it
|
|
# We use HTTP only, but the entrypoint must exist to avoid errors
|
|
|
|
traefik:
|
|
address: ":8080"
|
|
# This entrypoint is used by api.insecure=true for dashboard access
|
|
# It must be on port 8080 (which maps to host port 8080) to match our port mapping
|
|
|
|
# Certificate Resolvers
|
|
# Note: For local development, we don't configure ACME/Let's Encrypt
|
|
# Dynamic configs (gitea.yml, semaphore.yml) that reference letsencrypt will show errors
|
|
# but won't break Traefik functionality. We can ignore these errors for local dev.
|
|
# If you need to test with real certificates locally, configure ACME manually.
|
|
# certificatesResolvers:
|
|
# letsencrypt:
|
|
# acme:
|
|
# email: your-email@example.com
|
|
# storage: /tmp/acme.json
|
|
# caServer: "https://acme-staging-v02.api.letsencrypt.org/directory"
|
|
|
|
# Providers
|
|
providers:
|
|
docker:
|
|
endpoint: "unix:///var/run/docker.sock"
|
|
exposedByDefault: false
|
|
# Use Docker bridge network for local development
|
|
network: traefik-public
|
|
watch: true
|
|
|
|
file:
|
|
directory: /dynamic
|
|
watch: true
|
|
# Note: Dynamic configs (gitea.yml, semaphore.yml) will show errors
|
|
# because they reference letsencrypt resolver which we don't configure locally
|
|
# These errors are harmless and won't affect local development
|
|
|
|
# Forwarded Headers Configuration
|
|
# Simplified for local development
|
|
forwardedHeaders:
|
|
trustedIPs:
|
|
- "127.0.0.1/32" # Localhost
|
|
- "172.17.0.0/16" # Docker bridge network
|
|
- "172.18.0.0/16" # Docker user-defined networks
|
|
insecure: true # Allow insecure forwarded headers for local dev
|
|
|
|
# Logging - Console output for local development (easier to debug)
|
|
log:
|
|
level: INFO
|
|
format: common # Human-readable format for local development
|
|
|
|
# Access Logs - Console output for local development
|
|
accessLog:
|
|
format: common # Human-readable format for local development
|
|
|
|
# Metrics (optional for local development)
|
|
# Can be enabled if needed for monitoring
|
|
# metrics:
|
|
# prometheus:
|
|
# addEntryPointsLabels: true
|
|
# addRoutersLabels: true
|
|
# addServicesLabels: true
|
|
|
|
# Ping endpoint for health checks
|
|
ping:
|
|
entryPoint: web
|
|
|