289 lines
6.6 KiB
TOML
289 lines
6.6 KiB
TOML
################################################################
|
|
#
|
|
# Configuration sample for Traefik v2.
|
|
#
|
|
# For Traefik v1: https://github.com/traefik/traefik/blob/v1.7/traefik.sample.toml
|
|
#
|
|
################################################################
|
|
|
|
################################################################
|
|
# Global configuration
|
|
################################################################
|
|
[global]
|
|
checkNewVersion = true
|
|
sendAnonymousUsage = false
|
|
|
|
################################################################
|
|
# Entrypoints configuration
|
|
################################################################
|
|
|
|
# Entrypoints definition
|
|
#
|
|
# Optional
|
|
# Default:
|
|
[entryPoints]
|
|
[entryPoints.web]
|
|
address = ":80"
|
|
[entryPoints.web.http]
|
|
[entryPoints.web.http.redirections]
|
|
[entryPoints.web.http.redirections.entryPoint]
|
|
to = "websecure"
|
|
scheme = "https"
|
|
|
|
[entryPoints.websecure]
|
|
address = ":443"
|
|
|
|
[entryPoints.websecure.http.tls]
|
|
certResolver = "myresolver"
|
|
|
|
## Dynamic configuration
|
|
[http.routers]
|
|
[http.routers.docker]
|
|
# rule = "Host(`czechman.dynvpn.de`) && Path(`/`)"
|
|
[http.routers.docker.tls]
|
|
certResolver = "myresolver"
|
|
[[http.routers.docker.tls.domains]]
|
|
main = "czechman.dynvpn.de"
|
|
# sans = ["*.czechman.dynvpn.de"]
|
|
|
|
|
|
################################################################
|
|
# Traefik logs configuration
|
|
################################################################
|
|
|
|
# Traefik logs
|
|
# Enabled by default and log to stdout
|
|
#
|
|
# Optional
|
|
#
|
|
[log]
|
|
|
|
# Log level
|
|
#
|
|
# Optional
|
|
# Default: "ERROR"
|
|
#
|
|
level = "DEBUG"
|
|
|
|
# Sets the filepath for the traefik log. If not specified, stdout will be used.
|
|
# Intermediate directories are created if necessary.
|
|
#
|
|
# Optional
|
|
# Default: os.Stdout
|
|
#
|
|
# filePath = "log/traefik.log"
|
|
|
|
# Format is either "json" or "common".
|
|
#
|
|
# Optional
|
|
# Default: "common"
|
|
#
|
|
# format = "json"
|
|
|
|
################################################################
|
|
# Access logs configuration
|
|
################################################################
|
|
|
|
# Enable access logs
|
|
# By default it will write to stdout and produce logs in the textual
|
|
# Common Log Format (CLF), extended with additional fields.
|
|
#
|
|
# Optional
|
|
#
|
|
# [accessLog]
|
|
|
|
# Sets the file path for the access log. If not specified, stdout will be used.
|
|
# Intermediate directories are created if necessary.
|
|
#
|
|
# Optional
|
|
# Default: os.Stdout
|
|
#
|
|
# filePath = "/path/to/log/log.txt"
|
|
|
|
# Format is either "json" or "common".
|
|
#
|
|
# Optional
|
|
# Default: "common"
|
|
#
|
|
# format = "json"
|
|
|
|
################################################################
|
|
# API and dashboard configuration
|
|
################################################################
|
|
|
|
# Enable API and dashboard
|
|
[api]
|
|
|
|
# Enable the API in insecure mode
|
|
#
|
|
# Optional
|
|
# Default: false
|
|
#
|
|
insecure = true
|
|
|
|
# Enabled Dashboard
|
|
#
|
|
# Optional
|
|
# Default: true
|
|
#
|
|
# dashboard = false
|
|
|
|
################################################################
|
|
# Ping configuration
|
|
################################################################
|
|
|
|
# Enable ping
|
|
[ping]
|
|
|
|
# Name of the related entry point
|
|
#
|
|
# Optional
|
|
# Default: "traefik"
|
|
#
|
|
# entryPoint = "traefik"
|
|
|
|
################################################################
|
|
# Docker configuration backend
|
|
################################################################
|
|
|
|
# Enable Docker configuration backend
|
|
[providers.docker]
|
|
|
|
# Docker server endpoint. Can be a tcp or a unix socket endpoint.
|
|
#
|
|
# Required
|
|
# Default: "unix:///var/run/docker.sock"
|
|
#
|
|
# endpoint = "tcp://10.10.10.10:2375"
|
|
endpoint = "unix:///var/run/docker.sock"
|
|
|
|
# Default host rule.
|
|
#
|
|
# Optional
|
|
# Default: "Host(`{{ normalize .Name }}`)"
|
|
#
|
|
# defaultRule = "Host(`{{ normalize .Name }}.docker.localhost`)"
|
|
|
|
# Expose containers by default in traefik
|
|
#
|
|
# Optional
|
|
# Default: true
|
|
#
|
|
watch = true
|
|
exposedByDefault = false
|
|
network = "traefik"
|
|
[providers]
|
|
[providers.file]
|
|
directory = "/etc/traefik/fileconf/"
|
|
watch = true
|
|
|
|
# Enable ACME (Let's Encrypt): automatic SSL.
|
|
[certificatesResolvers.myresolver.acme]
|
|
|
|
# Email address used for registration.
|
|
#
|
|
# Required
|
|
#
|
|
email = "ddns@mcseeno.de"
|
|
|
|
# File or key used for certificates storage.
|
|
#
|
|
# Required
|
|
#
|
|
storage = "acme.json"
|
|
|
|
# CA server to use.
|
|
# Uncomment the line to use Let's Encrypt's staging server,
|
|
# leave commented to go to prod.
|
|
#
|
|
# Optional
|
|
# Default: "https://acme-v02.api.letsencrypt.org/directory"
|
|
#
|
|
caServer = "https://acme-staging-v02.api.letsencrypt.org/directory"
|
|
|
|
# The certificates' duration in hours.
|
|
# It defaults to 2160 (90 days) to follow Let's Encrypt certificates' duration.
|
|
#
|
|
# Optional
|
|
# Default: 2160
|
|
#
|
|
# certificatesDuration=2160
|
|
|
|
# Preferred chain to use.
|
|
#
|
|
# If the CA offers multiple certificate chains, prefer the chain with an issuer matching this Subject Common Name.
|
|
# If no match, the default offered chain will be used.
|
|
#
|
|
# Optional
|
|
# Default: ""
|
|
#
|
|
# preferredChain = "ISRG Root X1"
|
|
|
|
# KeyType to use.
|
|
#
|
|
# Optional
|
|
# Default: "RSA4096"
|
|
#
|
|
# Available values : "EC256", "EC384", "RSA2048", "RSA4096", "RSA8192"
|
|
#
|
|
# keyType = "RSA4096"
|
|
|
|
# Use a TLS-ALPN-01 ACME challenge.
|
|
#
|
|
# Optional (but recommended)
|
|
#
|
|
[certificatesResolvers.myresolver.acme.tlsChallenge]
|
|
|
|
# Use a HTTP-01 ACME challenge.
|
|
#
|
|
# Optional
|
|
#
|
|
# [certificatesResolvers.myresolver.acme.httpChallenge]
|
|
|
|
# EntryPoint to use for the HTTP-01 challenges.
|
|
#
|
|
# Required
|
|
#
|
|
# entrypoint = "web"
|
|
|
|
# Use a DNS-01 ACME challenge rather than HTTP-01 challenge.
|
|
# Note: mandatory for wildcard certificate generation.
|
|
#
|
|
# Optional
|
|
#
|
|
# [certificatesResolvers.myresolver.acme.dnsChallenge]
|
|
|
|
# DNS provider used.
|
|
#
|
|
# Required
|
|
#
|
|
# provider = "digitalocean"
|
|
|
|
# By default, the provider will verify the TXT DNS challenge record before letting ACME verify.
|
|
# If delayBeforeCheck is greater than zero, this check is delayed for the configured duration in seconds.
|
|
# Useful if internal networks block external DNS queries.
|
|
#
|
|
# Optional
|
|
# Default: 0
|
|
#
|
|
# delayBeforeCheck = 0
|
|
|
|
# Use following DNS servers to resolve the FQDN authority.
|
|
#
|
|
# Optional
|
|
# Default: empty
|
|
#
|
|
# resolvers = ["1.1.1.1:53", "8.8.8.8:53"]
|
|
|
|
# Disable the DNS propagation checks before notifying ACME that the DNS challenge is ready.
|
|
#
|
|
# NOT RECOMMENDED:
|
|
# Increase the risk of reaching Let's Encrypt's rate limits.
|
|
#
|
|
# Optional
|
|
# Default: false
|
|
#
|
|
# disablePropagationCheck = true
|
|
|
|
|