beatz174-bit
44 lines
1.1 KiB
YAML
44 lines
1.1 KiB
YAML
http:
|
|
middlewares:
|
|
crowdsec:
|
|
plugin:
|
|
crowdsec-bouncer:
|
|
crowdsecMode: live
|
|
crowdsecLapiKey: HeneLa2mazFVzl5+DQRKOdchBuJxKdjrHsHBE/03Acs
|
|
crowdsecLapiHost: crowdsec:8080
|
|
crowdsecLapiScheme: http
|
|
|
|
secHeaders:
|
|
headers:
|
|
browserXssFilter: true
|
|
contentTypeNosniff: true
|
|
frameDeny: true
|
|
# sslRedirect: true
|
|
#HSTS Configuration
|
|
stsIncludeSubdomains: true
|
|
stsPreload: true
|
|
stsSeconds: 15552000
|
|
forceSTSHeader: true
|
|
customFrameOptionsValue: "SAMEORIGIN"
|
|
# tracing-middleware:
|
|
# tracing:
|
|
# serviceName: traefik
|
|
# sampleRate: 1.0
|
|
default-chain:
|
|
chain:
|
|
middlewares:
|
|
- secHeaders@file
|
|
- crowdsec@file
|
|
# - tracing-middleware@file
|
|
- error-pages-middleware@docker
|
|
|
|
tls:
|
|
options:
|
|
mtls-private-admin:
|
|
minVersion: VersionTLS12
|
|
sniStrict: true
|
|
clientAuth:
|
|
caFiles:
|
|
- /etc/traefik/certs/ca/clients-ca.crt
|
|
clientAuthType: RequireAndVerifyClientCert
|