secHeaders & basic-auth
This commit is contained in:
parent
b16dfd88db
commit
50f5f50d59
|
|
@ -1,41 +1,6 @@
|
||||||
---
|
---
|
||||||
tls:
|
|
||||||
options:
|
|
||||||
myresolver:
|
|
||||||
minVersion: VersionTLS12
|
|
||||||
sniStrict: false
|
|
||||||
cipherSuites:
|
|
||||||
- TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
|
|
||||||
- TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
|
|
||||||
- TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305
|
|
||||||
- TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305
|
|
||||||
- TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
|
|
||||||
- TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
|
|
||||||
curvePreferences:
|
|
||||||
- CurveP521
|
|
||||||
- CurveP384
|
|
||||||
# mintls13:
|
|
||||||
# minVersion: VersionTLS13
|
|
||||||
# domains:
|
|
||||||
# main: "czechman.ipv64.de"
|
|
||||||
# sans:
|
|
||||||
# - "czechman.ipv64.de"
|
|
||||||
|
|
||||||
#http:
|
|
||||||
# middlewares:
|
|
||||||
# secHeaders:
|
|
||||||
# headers:
|
|
||||||
# browserXssFilter: true
|
|
||||||
# contentTypeNosniff: true
|
|
||||||
# frameDeny: true
|
|
||||||
# sslRedirect: true
|
|
||||||
# # HSTS Configuration
|
|
||||||
# stsIncludeSubdomains: true
|
|
||||||
# stsPreload: true
|
|
||||||
# stsSeconds: 31536000
|
|
||||||
# customRequestHeaders:
|
|
||||||
# X-Frame-Options: "SAMEORIGIN"
|
|
||||||
# customFrameOptionsValue: "SAMEORIGIN"
|
|
||||||
|
|
||||||
# Beispiel für externe Dienste
|
# Beispiel für externe Dienste
|
||||||
http:
|
http:
|
||||||
|
|
@ -47,6 +12,8 @@ http:
|
||||||
service: "utk" # Den Namen am besten ähnlich zu dem oben setzen
|
service: "utk" # Den Namen am besten ähnlich zu dem oben setzen
|
||||||
tls:
|
tls:
|
||||||
certresolver: "myresolver"
|
certresolver: "myresolver"
|
||||||
|
middlewares:
|
||||||
|
- "secHeaders"
|
||||||
bitwarden: # Tausche den Namen gegen etwas sprechendes aus
|
bitwarden: # Tausche den Namen gegen etwas sprechendes aus
|
||||||
entryPoints:
|
entryPoints:
|
||||||
- websecure
|
- websecure
|
||||||
|
|
@ -95,3 +62,45 @@ http:
|
||||||
# loadBalancer:
|
# loadBalancer:
|
||||||
# servers:
|
# servers:
|
||||||
# - url: "http://127.0.0.1" # Auf die richtige URL anpassen.
|
# - url: "http://127.0.0.1" # Auf die richtige URL anpassen.
|
||||||
|
|
||||||
|
middlewares:
|
||||||
|
secHeaders:
|
||||||
|
headers:
|
||||||
|
browserXssFilter: true
|
||||||
|
contentTypeNosniff: true
|
||||||
|
frameDeny: true
|
||||||
|
sslRedirect: true
|
||||||
|
# HSTS Configuration
|
||||||
|
stsIncludeSubdomains: true
|
||||||
|
stsPreload: true
|
||||||
|
stsSeconds: 31536000
|
||||||
|
customRequestHeaders:
|
||||||
|
X-Frame-Options: "SAMEORIGIN"
|
||||||
|
customFrameOptionsValue: "SAMEORIGIN"
|
||||||
|
basic-auth:
|
||||||
|
basicAuth:
|
||||||
|
users:
|
||||||
|
- "McSeeno:$$2y$$13$$maYBYazCRDGmcKdSy/QA0eWBUEIpobxcUy.z68fnifcpoCqWm18wW"
|
||||||
|
|
||||||
|
|
||||||
|
tls:
|
||||||
|
options:
|
||||||
|
myresolver:
|
||||||
|
minVersion: VersionTLS12
|
||||||
|
sniStrict: false
|
||||||
|
cipherSuites:
|
||||||
|
- TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
|
||||||
|
- TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
|
||||||
|
- TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305
|
||||||
|
- TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305
|
||||||
|
- TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
|
||||||
|
- TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
|
||||||
|
curvePreferences:
|
||||||
|
- CurveP521
|
||||||
|
- CurveP384
|
||||||
|
# mintls13:
|
||||||
|
# minVersion: VersionTLS13
|
||||||
|
# domains:
|
||||||
|
# main: "czechman.ipv64.de"
|
||||||
|
# sans:
|
||||||
|
# - "czechman.ipv64.de"
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue