################################################################ # # Configuration sample for Traefik v2. # # For Traefik v1: https://github.com/traefik/traefik/blob/v1.7/traefik.sample.toml # ################################################################ ################################################################ # Global configuration ################################################################ [global] checkNewVersion = true sendAnonymousUsage = false ################################################################ # Entrypoints configuration ################################################################ # Entrypoints definition # # Optional # Default: [entryPoints] [entryPoints.web] address = ":80" [entryPoints.web.http] [entryPoints.web.http.redirections] [entryPoints.web.http.redirections.entryPoint] to = "websecure" scheme = "https" [entryPoints.websecure] address = ":443" ################################################################ # Traefik logs configuration ################################################################ # Traefik logs # Enabled by default and log to stdout # # Optional # [log] # Log level # # Optional # Default: "ERROR" # level = "DEBUG" # Sets the filepath for the traefik log. If not specified, stdout will be used. # Intermediate directories are created if necessary. # # Optional # Default: os.Stdout # # filePath = "log/traefik.log" # Format is either "json" or "common". # # Optional # Default: "common" # # format = "json" ################################################################ # Access logs configuration ################################################################ # Enable access logs # By default it will write to stdout and produce logs in the textual # Common Log Format (CLF), extended with additional fields. # # Optional # # [accessLog] # Sets the file path for the access log. If not specified, stdout will be used. # Intermediate directories are created if necessary. # # Optional # Default: os.Stdout # # filePath = "/path/to/log/log.txt" # Format is either "json" or "common". # # Optional # Default: "common" # # format = "json" ################################################################ # API and dashboard configuration ################################################################ # Enable API and dashboard [api] # Enable the API in insecure mode # # Optional # Default: false # insecure = true # Enabled Dashboard # # Optional # Default: true # # dashboard = false ################################################################ # Ping configuration ################################################################ # Enable ping [ping] # Name of the related entry point # # Optional # Default: "traefik" # # entryPoint = "traefik" ################################################################ # Docker configuration backend ################################################################ # Enable Docker configuration backend [providers.docker] # Docker server endpoint. Can be a tcp or a unix socket endpoint. # # Required # Default: "unix:///var/run/docker.sock" # # endpoint = "tcp://10.10.10.10:2375" # Default host rule. # # Optional # Default: "Host(`{{ normalize .Name }}`)" # # defaultRule = "Host(`{{ normalize .Name }}.docker.localhost`)" # Expose containers by default in traefik # # Optional # Default: true # watch = true exposedByDefault = false network = "traefik" #[providers] # [providers.file] # directory = "/path/to/config" # watch = true # Enable ACME (Let's Encrypt): automatic SSL. [certificatesResolvers.myresolver.acme] # Email address used for registration. # # Required # email = "ddns@mcseeno.de" # File or key used for certificates storage. # # Required # storage = "acme.json" # CA server to use. # Uncomment the line to use Let's Encrypt's staging server, # leave commented to go to prod. # # Optional # Default: "https://acme-v02.api.letsencrypt.org/directory" # caServer = "https://acme-staging-v02.api.letsencrypt.org/directory" # The certificates' duration in hours. # It defaults to 2160 (90 days) to follow Let's Encrypt certificates' duration. # # Optional # Default: 2160 # # certificatesDuration=2160 # Preferred chain to use. # # If the CA offers multiple certificate chains, prefer the chain with an issuer matching this Subject Common Name. # If no match, the default offered chain will be used. # # Optional # Default: "" # # preferredChain = "ISRG Root X1" # KeyType to use. # # Optional # Default: "RSA4096" # # Available values : "EC256", "EC384", "RSA2048", "RSA4096", "RSA8192" # # keyType = "RSA4096" # Use a TLS-ALPN-01 ACME challenge. # # Optional (but recommended) # [certificatesResolvers.myresolver.acme.tlsChallenge] # Use a HTTP-01 ACME challenge. # # Optional # [certificatesResolvers.myresolver.acme.httpChallenge] # EntryPoint to use for the HTTP-01 challenges. # # Required # entryPoint = "web" # Use a DNS-01 ACME challenge rather than HTTP-01 challenge. # Note: mandatory for wildcard certificate generation. # # Optional # # [certificatesResolvers.myresolver.acme.dnsChallenge] # DNS provider used. # # Required # # provider = "digitalocean" # By default, the provider will verify the TXT DNS challenge record before letting ACME verify. # If delayBeforeCheck is greater than zero, this check is delayed for the configured duration in seconds. # Useful if internal networks block external DNS queries. # # Optional # Default: 0 # # delayBeforeCheck = 0 # Use following DNS servers to resolve the FQDN authority. # # Optional # Default: empty # # resolvers = ["1.1.1.1:53", "8.8.8.8:53"] # Disable the DNS propagation checks before notifying ACME that the DNS challenge is ready. # # NOT RECOMMENDED: # Increase the risk of reaching Let's Encrypt's rate limits. # # Optional # Default: false # # disablePropagationCheck = true ## Dynamic configuration [http.routers] [http.routers.docker] rule = "Host(`czechman.dynvpn.de`) && Path(`/`)" [http.routers.docker.tls] certResolver = "myresolver" [[http.routers.docker.tls.domains]] main = "czechman.dynvpn.de" # sans = ["*.czechman.dynvpn.de"]