log: level: DEBUG accessLog: {} api: # Dashboard dashboard: true # https://docs.traefik.io/master/operations/api/#insecure # insecure: true entryPoints: web: # http address: ":80" http: # https://docs.traefik.io/routing/entrypoints/#entrypoint redirections: entryPoint: to: web-secure scheme: https permanent: true web-secure: # https address: ":443" # web-socket: # address: ":8083" # web-socket-secure: # address: ":8084" # osrm: # address: ":5000" certificatesResolvers: letsencrypt: # https://docs.traefik.io/master/https/acme/#lets-encrypt acme: email: "furyx@hotmail.com" storage: /etc/traefik/acme/acme.json # https://docs.traefik.io/master/https/acme/#httpchallenge httpChallenge: entryPoint: web # tcp: # routers: # emqx-web-socket-router: # rule: "HostSNI(`mqttx.furyhawk.lol`)" # entryPoints: # - web-socket # service: emqx-web-socket-service # emqx-web-socket-secure-router: # rule: "HostSNI(`mqttx.furyhawk.lol`)" # entryPoints: # - web-socket-secure # service: emqx-web-socket-secure-service # tls: # certResolver: letsencrypt # services: # emqx-web-socket-service: # loadBalancer: # servers: # - url: http://emqx1:8083 # emqx-web-socket-secure-service: # loadBalancer: # servers: # - url: http://emqx1:8084 http: routers: dashboard: rule: "Host(`dashboard.furyhawk.lol`) && PathPrefix(`/api`, `/dashboard`)" entryPoints: - web-secure middlewares: - auth service: api@internal tls: # https://docs.traefik.io/master/routing/routers/#certresolver certResolver: letsencrypt portainer-router: rule: "Host(`portainer.furyhawk.lol`, `port.furyhawk.lol`)" entryPoints: - web-secure middlewares: - csrf service: portainer_service tls: certResolver: letsencrypt edge-router: rule: "Host(`edge.furyhawk.lol`)" entryPoints: - web-secure middlewares: - csrf service: edge_service tls: certResolver: letsencrypt forum-router: rule: "Host(`forum.furyhawk.lol`)" entryPoints: - web-secure middlewares: - csrf # - sslheader service: forum_server tls: certResolver: letsencrypt privatebin-router: rule: "Host(`bin.furyhawk.lol`, `paste.furyhawk.lol`)" entryPoints: - web-secure middlewares: - csrf service: bin_app tls: certResolver: letsencrypt heynote-router: rule: "Host(`note.furyhawk.lol`, `pad.furyhawk.lol`)" entryPoints: - web-secure middlewares: - csrf service: heynote_app tls: certResolver: letsencrypt cheatsheets-router: rule: "Host(`cheat.furyhawk.lol`)" entryPoints: - web-secure middlewares: - csrf service: cheatsheets_app tls: certResolver: letsencrypt thelounge-router: rule: "Host(`irc.furyhawk.lol`)" entryPoints: - web-secure middlewares: - csrf service: thelounge_app tls: certResolver: letsencrypt chat-router: rule: "Host(`bot.furyhawk.lol`, `chat.furyhawk.lol`)" entryPoints: - web-secure middlewares: - csrf service: librechat_app tls: certResolver: letsencrypt minio-router: rule: "Host(`drive.furyhawk.lol`, `storage.furyhawk.lol`)" entryPoints: - web-secure middlewares: - csrf service: minio_server tls: certResolver: letsencrypt minio-api-router: rule: "Host(`minio.furyhawk.lol`, `s3.furyhawk.lol`)" entryPoints: - web-secure middlewares: - csrf service: minio_service tls: certResolver: letsencrypt neo4j-router: rule: "Host(`neo4j.furyhawk.lol`) && PathPrefix(`/neo4j`)||PathPrefix(`/browser`)" entryPoints: - web-secure middlewares: - csrf - neo4j_strip service: neo4j-browser tls: certResolver: letsencrypt graph-router: rule: "Host(`neo4j.furyhawk.lol`)" entryPoints: - web-secure middlewares: - csrf service: neo4j-bolt tls: certResolver: letsencrypt mqtt-router: rule: "Host(`mqtt.furyhawk.lol`)" entryPoints: - web-secure middlewares: - csrf service: emqx-dashboard tls: certResolver: letsencrypt # mqtt-ws-http-router: # rule: "Host(`mqttx.furyhawk.lol`)" # entryPoints: # - web-socket # service: emqx-web-socket # mqtt-wss-https-router: # rule: "Host(`mqttx.furyhawk.lol`)" # entryPoints: # - web-socket-secure # service: emqx-web-socket-secure # tls: # certResolver: letsencrypt mqttx-router: rule: "Host(`mqttx.furyhawk.lol`)" entryPoints: - web-secure middlewares: - csrf service: mqttx-web tls: certResolver: letsencrypt bai-router: rule: "Host(`bai.furyhawk.lol`)" entryPoints: - web-secure middlewares: - csrf service: streamlit_bai_app tls: certResolver: letsencrypt # fin-router: # rule: "Host(`fin.furyhawk.lol`)" # entryPoints: # - web-secure # middlewares: # - csrf # service: streamlit_fin_app # tls: # certResolver: letsencrypt info-router: rule: "Host(`furyhawk.lol`, `www.furyhawk.lol`, `info.furyhawk.lol`, `124c41.furyhawk.lol`)" entryPoints: - web-secure middlewares: - csrf - no-www service: site_server tls: certResolver: letsencrypt resume-router: rule: "Host(`resume.furyhawk.lol`)" entryPoints: - web-secure # redirect to resume middlewares: - csrf - redirect-resume service: resume_server tls: certResolver: letsencrypt blog-router: rule: "Host(`blog.furyhawk.lol`)" entryPoints: - web-secure # redirect to external blog middlewares: - redirect-blog service: blog tls: certResolver: letsencrypt osrm-router: rule: "Host(`osrm.furyhawk.lol`)" entryPoints: - "web-secure" # - "osrm" middlewares: - csrf service: osrm_service tls: certResolver: letsencrypt # domains: # - main: "furyhawk.lol" # sans: # - "*.furyhawk.lol" middlewares: auth: basicAuth: usersFile: "/etc/traefik/usersfile" csrf: # https://doc.traefik.io/traefik/middlewares/http/headers/#hostsproxyheaders # https://docs.djangoproject.com/en/dev/ref/csrf/#ajax headers: hostsProxyHeaders: ["X-CSRFToken"] sslheader: # https://docs.traefik.io/master/middlewares/headers/ headers: sslProxyHeaders: X-Forwarded-Proto: "https,wss" sslRedirect: true no-www: redirectRegex: regex: "^https?://www\\.(.+)" replacement: https://${1} permanent: true # redirect to resume redirect-resume: redirectRegex: regex: "^https://resume.furyhawk.lol/(.*)" replacement: "https://info.furyhawk.lol/resume/${1}" permanent: true redirect-blog: # https://docs.traefik.io/master/middlewares/redirectscheme/ redirectregex: regex: "^https://blog.furyhawk.lol/(.*)" replacement: "https://furyhawk.github.io/124c41/${1}" permanent: true neo4j_strip: # https://docs.traefik.io/master/middlewares/stripprefix/ stripprefix: prefixes: - "/neo4j" services: portainer_service: loadBalancer: servers: - url: http://portainer:9000 edge_service: loadBalancer: servers: - url: http://portainer:8000 osrm_service: loadBalancer: servers: - url: http://osrm_backend:5000 forum_server: loadBalancer: servers: - url: http://flarum-web:80 bin_app: loadBalancer: servers: - url: http://privatebin:8080 heynote_app: loadBalancer: servers: - url: http://heynote_app:5173 cheatsheets_app: loadBalancer: servers: - url: http://cheatsheets_app:80 thelounge_app: loadBalancer: servers: - url: http://thelounge:9000 librechat_app: loadBalancer: servers: - url: http://LibreChat:3080 minio_server: loadBalancer: servers: - url: http://minio_server:9001 minio_service: loadBalancer: servers: - url: http://minio_server:9000 neo4j-browser: loadBalancer: servers: - url: http://neo4j_server:7474 neo4j-bolt: loadBalancer: servers: - url: http://neo4j_server:7687 emqx-web-socket: loadBalancer: servers: - url: ws://emqx1:8083 emqx-web-socket-secure: loadBalancer: servers: - url: wss://emqx1:8084 emqx-dashboard: loadBalancer: servers: - url: http://emqx1:18083 mqttx-web: loadBalancer: servers: - url: http://mqttx_web:8888 streamlit_bai_app: loadBalancer: servers: - url: http://streamlit_bai_app:8502 streamlit_fin_app: loadBalancer: servers: - url: http://streamlit_fin_app:8501 site_server: loadBalancer: servers: - url: http://site_server:80 resume_server: loadBalancer: servers: - url: http://site_server:80 blog: loadBalancer: servers: - url: https://furyhawk.github.io/124c41/ providers: # https://docs.traefik.io/master/providers/file/ file: filename: /etc/traefik/traefik.yml watch: true docker: network: web exposedByDefault: false endpoint: "unix:///var/run/docker.sock"