The configuration of Traefik v2 that can be defined dynamically
| [http] | |
| [http.middlewares] | |
| [http.middlewares.https-redirect.redirectscheme] | |
| scheme = "https" | |
| permanent = true | |
| [http.middlewares.security-headers.headers] | |
| # CORS | |
| AccessControlAllowMethods = ["GET", "OPTIONS", "PUT"] | |
| AccessControlAllowOrigin = "origin-list-or-null" | |
| AccessControlMaxAge = 100 | |
| #AddVaryHeader = true | |
| BrowserXssFilter = true | |
| ContentTypeNosniff = true | |
| ForceSTSHeader = true | |
| FrameDeny = true | |
| SSLRedirect = true | |
| STSIncludeSubdomains = true | |
| STSPreload = true | |
| ContentSecurityPolicy = "default-src 'self' 'unsafe-inline'" | |
| CustomFrameOptionsValue = "SAMEORIGIN" | |
| ReferrerPolicy = "same-origin" | |
| FeaturePolicy = "vibrate 'self'" | |
| STSSeconds = 315360000 |
| [http] | |
| [http.routers] | |
| [http.routers.redirecttohttps] | |
| entryPoints = ["web"] | |
| middlewares = ["https-redirect"] | |
| rule = "HostRegexp(`{host:.+}`)" | |
| service = "noop" | |
| [http.routers.router0] | |
| entryPoints = ["websecure", "web"] | |
| middlewares = ["https-redirect", "security-headers"] | |
| service = "b1" | |
| rule = "Host(`sm.aele8noh.4static.pl`)" | |
| [http.routers.router0.tls] | |
| #certResolver = "le" | |
| options = "default" | |
| [http.routers.router1] | |
| entryPoints = ["websecure", "web"] | |
| middlewares = ["https-redirect", "security-headers"] | |
| service = "b1" | |
| rule = "Host(`bo.ongu0cha.4static.pl`)" | |
| [http.routers.router1.tls] | |
| #certResolver = "le" | |
| options = "default" | |
| [http.routers.router2] | |
| entryPoints = ["websecure", "web"] | |
| middlewares = ["https-redirect", "security-headers"] | |
| service = "b0" | |
| rule = "Host(`sh.ui0weis3.4static.pl`)" | |
| [http.routers.router2.tls] | |
| #certResolver = "le" | |
| options = "default" | |
| [http.services] | |
| [http.services.b0] | |
| [http.services.b0.loadBalancer] | |
| passHostHeader = true | |
| [[http.services.b0.loadBalancer.servers]] | |
| url = "http://node3vm.ids/" | |
| [http.services.b1] | |
| [http.services.b1.loadBalancer] | |
| passHostHeader = true | |
| [[http.services.b1.loadBalancer.servers]] | |
| url = "http://172.16.0.52/" | |
| [http.services.noop] | |
| [http.services.noop.loadBalancer] | |
| [[http.services.noop.loadBalancer.servers]] | |
| url = "http://localhost" |
| [tls] | |
| [tls.options] | |
| [tls.options.default] | |
| # https://community.containo.us/t/improving-the-ssl-rating/939/3 | |
| # minVersion = "VersionTLS12" | |
| sniStrict = true | |
| cipherSuites = [ | |
| "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256", | |
| "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256", | |
| "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256", # TLS 1.2 | |
| "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256", | |
| "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384", # TLS 1.2 | |
| "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384", | |
| "TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305", | |
| "TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305", | |
| "TLS_AES_128_GCM_SHA256", | |
| "TLS_AES_256_GCM_SHA384", | |
| "TLS_CHACHA20_POLY1305_SHA256", | |
| "TLS_FALLBACK_SCSV" | |
| ] |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment