add config for Traefik
This commit is contained in:
parent
d5a5d4a85a
commit
401736c7a0
49
traefik.yaml
49
traefik.yaml
|
@ -0,0 +1,49 @@
|
|||
# traefik.yaml
|
||||
providers:
|
||||
docker:
|
||||
exposedByDefault: false
|
||||
file:
|
||||
directory: /etc/traefik/
|
||||
|
||||
entryPoints:
|
||||
websecure:
|
||||
address: ":443"
|
||||
|
||||
certificatesResolvers:
|
||||
myresolver:
|
||||
acme:
|
||||
email: "admin@example.ch"
|
||||
storage: "/letsencrypt/acme.json"
|
||||
tlsChallenge: true
|
||||
#caserver: "https://acme-staging-v02.api.letsencrypt.org/directory"
|
||||
|
||||
tls:
|
||||
options:
|
||||
default:
|
||||
minVersion: VersionTLS12
|
||||
sniStrict : true
|
||||
cipherSuites:
|
||||
- TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
|
||||
- TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
|
||||
- TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
|
||||
- TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
|
||||
- TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305
|
||||
- TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305
|
||||
curvePreferences:
|
||||
- secp521r1
|
||||
- secp384r1
|
||||
|
||||
mintls13:
|
||||
minVersion: VersionTLS13
|
||||
|
||||
http:
|
||||
middlewares:
|
||||
default-headers:
|
||||
headers:
|
||||
frameDeny: true
|
||||
browserXssFilter: true
|
||||
contentTypeNosniff: true
|
||||
forceSTSHeader: true
|
||||
stsIncludeSubdomains: true
|
||||
stsPreload: true
|
||||
stsSeconds: 63072000
|
Reference in New Issue