log: level: DEBUG accessLog: {} api: # Dashboard dashboard: true # https://docs.traefik.io/master/operations/api/#insecure # insecure: true entryPoints: web: # http address: ":80" http: # https://docs.traefik.io/routing/entrypoints/#entrypoint redirections: entryPoint: to: web-secure scheme: https permanent: true # mqtt: # # mqtt # address: ":1883" web-secure: # https address: ":443" web-socket: address: ":8083" web-socket-secure: address: ":8084" bolt-socket: address: ":7687" # osrm: # address: ":5000" certificatesResolvers: letsencrypt: # https://docs.traefik.io/master/https/acme/#lets-encrypt acme: email: "furyx@hotmail.com" storage: /etc/traefik/acme/acme.json # https://docs.traefik.io/master/https/acme/#httpchallenge httpChallenge: entryPoint: web tcp: routers: neo4j-bolt-router: entryPoints: - bolt-socket rule: "HostSNI(`*.furyhawk.lol`)" tls: certResolver: letsencrypt service: neo4j-bolt # emqx-web-socket-router: # entryPoints: # - web-socket # rule: "HostSNI(`*.furyhawk.lol`)" # service: emqx-web-socket-service # emqx-web-socket-secure-router: # entryPoints: # - web-socket-secure # rule: "HostSNI(`*.furyhawk.lol`)" # service: emqx-web-socket-secure-service # tls: # passthrough: true services: neo4j-bolt: loadBalancer: servers: - address: "neo4j_server:7687" emqx-web-socket-service: loadBalancer: servers: - address: "emqx1:8083" - address: "emqx2:8083" emqx-web-socket-secure-service: loadBalancer: servers: - address: "emqx1:8084" - address: "emqx2:8084" http: routers: dashboard: entryPoints: - web-secure rule: "Host(`dashboard.furyhawk.lol`) && PathPrefix(`/api`) || PathPrefix(`/dashboard`)" middlewares: - auth tls: # https://docs.traefik.io/master/routing/routers/#certresolver certResolver: letsencrypt service: api@internal portainer-router: entryPoints: - web-secure rule: "Host(`portainer.furyhawk.lol`) || Host(`port.furyhawk.lol`)" middlewares: - csrf tls: certResolver: letsencrypt service: portainer_service edge-router: entryPoints: - web-secure rule: "Host(`edge.furyhawk.lol`)" middlewares: - csrf tls: certResolver: letsencrypt service: edge_service adminer-router: entryPoints: - web-secure rule: "Host(`adminer.furyhawk.lol`)" middlewares: - csrf tls: certResolver: letsencrypt service: adminer_app api-router: entryPoints: - web-secure rule: "Host(`api.furyhawk.lol`)" middlewares: - auth - csrf tls: certResolver: letsencrypt service: api_server chat-router: entryPoints: - web-secure rule: "Host(`bot.furyhawk.lol`) || Host(`chat.furyhawk.lol`)" middlewares: - csrf tls: certResolver: letsencrypt service: librechat_app cheatsheets-router: entryPoints: - web-secure rule: "Host(`cheat.furyhawk.lol`)" middlewares: - csrf tls: certResolver: letsencrypt service: cheatsheets_app forum-router: entryPoints: - web-secure rule: "Host(`forum.furyhawk.lol`)" middlewares: - csrf # - sslheader tls: certResolver: letsencrypt service: forum_server heynote-router: entryPoints: - web-secure rule: "Host(`note.furyhawk.lol`) || Host(`pad.furyhawk.lol`)" middlewares: - csrf tls: certResolver: letsencrypt service: heynote_app jellyfin-router: entryPoints: - web-secure rule: "Host(`media.furyhawk.lol`)" middlewares: - csrf tls: certResolver: letsencrypt service: jellyfin_app kestra-router: entryPoints: - web-secure rule: "Host(`kestra.furyhawk.lol`)" middlewares: - csrf tls: certResolver: letsencrypt service: kestra_app plane-router: entryPoints: - web-secure rule: "Host(`plan.furyhawk.lol`) || Host(`plane.furyhawk.lol`)" middlewares: - csrf tls: certResolver: letsencrypt service: plane_app privatebin-router: entryPoints: - web-secure rule: "Host(`bin.furyhawk.lol`) || Host(`paste.furyhawk.lol`)" middlewares: - csrf tls: certResolver: letsencrypt service: bin_app redlib-router: entryPoints: - web-secure rule: "Host(`redlib.furyhawk.lol`)" middlewares: - csrf tls: certResolver: letsencrypt service: redlib_app thelounge-router: entryPoints: - web-secure rule: "Host(`irc.furyhawk.lol`)" middlewares: - csrf tls: certResolver: letsencrypt service: thelounge_app minio-router: entryPoints: - web-secure rule: "Host(`drive.furyhawk.lol`) || Host(`storage.furyhawk.lol`)" middlewares: - csrf tls: certResolver: letsencrypt service: minio_server minio-api-router: entryPoints: - web-secure rule: "Host(`minio.furyhawk.lol`) || Host(`s3.furyhawk.lol`)" middlewares: - csrf tls: certResolver: letsencrypt service: minio_service neo4j-router: entryPoints: - web-secure rule: "Host(`neo4j.furyhawk.lol`) && PathPrefix(`/neo4j`)||PathPrefix(`/browser`)" middlewares: - csrf - neo4j_strip tls: certResolver: letsencrypt service: neo4j-browser graph-router: entryPoints: - web-secure rule: "Host(`neo4j.furyhawk.lol`)" middlewares: - csrf tls: certResolver: letsencrypt service: neo4j-bolt mqtt-http-router: entryPoints: - web-secure rule: "Host(`mqtt.furyhawk.lol`)" middlewares: - csrf tls: certResolver: letsencrypt service: emqx-dashboard # mqtt-socket-router: # rule: "Host(`mqtt.furyhawk.lol`)" # entryPoints: # - mqtt # service: emqx-mqtt-socket mqtt-ws-http-router: entryPoints: - web-socket rule: "Host(`broker.furyhawk.lol`) || Host(`mqtt.furyhawk.lol`) || Host(`mqttx.furyhawk.lol`)" middlewares: - csrf tls: certResolver: letsencrypt service: emqx-web-socket mqtt-wss-https-router: entryPoints: - web-socket-secure rule: "Host(`broker.furyhawk.lol`) || Host(`mqtt.furyhawk.lol`) || Host(`mqttx.furyhawk.lol`)" middlewares: - csrf service: emqx-web-socket-secure mqttx-router: entryPoints: - web-secure rule: "Host(`mqttx.furyhawk.lol`)" middlewares: - csrf tls: certResolver: letsencrypt service: mqttx-web osrm-router: entryPoints: - "web-secure" rule: "Host(`osrm.furyhawk.lol`)" # - "osrm" middlewares: - csrf tls: certResolver: letsencrypt service: osrm_service syncthing-router: entryPoints: - web-secure rule: "Host(`sync.furyhawk.lol`)" middlewares: - csrf tls: certResolver: letsencrypt service: syncthing_app bai-router: entryPoints: - web-secure rule: "Host(`bai.furyhawk.lol`)" middlewares: - csrf tls: certResolver: letsencrypt service: streamlit_bai_app fin-router: entryPoints: - web-secure rule: "Host(`fin.furyhawk.lol`)" middlewares: - csrf tls: certResolver: letsencrypt service: streamlit_fin_app info-router: entryPoints: - web-secure rule: "Host(`furyhawk.lol`) || Host(`www.furyhawk.lol`) || Host(`info.furyhawk.lol`) || Host(`124c41.furyhawk.lol`)" middlewares: - csrf - no-www tls: certResolver: letsencrypt service: site_server resume-router: entryPoints: - web-secure rule: "Host(`resume.furyhawk.lol`)" # redirect to resume middlewares: - csrf - redirect-resume tls: certResolver: letsencrypt service: resume_server blog-router: entryPoints: - web-secure rule: "Host(`blog.furyhawk.lol`)" # redirect to external blog middlewares: - redirect-blog tls: certResolver: letsencrypt service: blog middlewares: auth: basicAuth: usersFile: "/etc/traefik/usersfile" csrf: # https://doc.traefik.io/traefik/middlewares/http/headers/#hostsproxyheaders # https://docs.djangoproject.com/en/dev/ref/csrf/#ajax headers: hostsProxyHeaders: ["X-CSRFToken"] sslheader: # https://docs.traefik.io/master/middlewares/headers/ headers: sslProxyHeaders: X-Forwarded-Proto: "https,wss" sslRedirect: true no-www: redirectRegex: regex: "^https?://www\\.(.+)" replacement: https://${1} permanent: true # redirect to resume redirect-resume: redirectRegex: regex: "^https://resume.furyhawk.lol/(.*)" replacement: "https://info.furyhawk.lol/resume/${1}" permanent: true redirect-blog: # https://docs.traefik.io/master/middlewares/redirectscheme/ redirectregex: regex: "^https://blog.furyhawk.lol/(.*)" replacement: "https://furyhawk.github.io/124c41/${1}" permanent: true neo4j_strip: # https://docs.traefik.io/master/middlewares/stripprefix/ stripprefix: prefixes: - "/neo4j" services: portainer_service: loadBalancer: servers: - url: http://portainer:9000 edge_service: loadBalancer: servers: - url: http://portainer:8000 osrm_service: loadBalancer: servers: - url: http://osrm_backend:5000 adminer_app: loadBalancer: servers: - url: http://adminer:8080 api_server: loadBalancer: servers: - url: http://api_server:8000 bin_app: loadBalancer: servers: - url: http://privatebin:8080 cheatsheets_app: loadBalancer: servers: - url: http://cheatsheets_app:80 forum_server: loadBalancer: servers: - url: http://flarum-web:80 heynote_app: loadBalancer: servers: - url: http://heynote_app:5173 jellyfin_app: loadBalancer: servers: - url: http://jellyfin:8096 kestra_app: loadBalancer: servers: - url: http://kestra:8080 librechat_app: loadBalancer: servers: - url: http://LibreChat:3080 redlib_app: loadBalancer: servers: - url: http://redlib:3080 thelounge_app: loadBalancer: servers: - url: http://thelounge:9000 minio_server: loadBalancer: servers: - url: http://minio_server:9001 minio_service: loadBalancer: servers: - url: http://minio_server:9000 neo4j-browser: loadBalancer: servers: - url: http://neo4j_server:7474 neo4j-bolt: loadBalancer: servers: - url: http://neo4j_server:7687 plane_app: loadBalancer: servers: - url: http://node01:80 streamlit_bai_app: loadBalancer: servers: - url: http://streamlit_bai_app:8502 streamlit_fin_app: loadBalancer: servers: - url: http://streamlit_fin_app:8501 emqx-mqtt-socket: loadBalancer: servers: - url: http://emqx1:1883 emqx-web-socket: loadBalancer: servers: - url: http://emqx1:8083 - url: http://emqx2:8083 emqx-web-socket-secure: loadBalancer: servers: - url: http://emqx1:8084 - url: http://emqx2:8084 emqx-dashboard: loadBalancer: servers: - url: http://emqx1:18083 mqttx-web: loadBalancer: servers: - url: http://mqttx_web:80 syncthing_app: loadBalancer: servers: - url: http://syncthing:8384 site_server: loadBalancer: servers: - url: http://site_server:80 resume_server: loadBalancer: servers: - url: http://site_server:80 blog: loadBalancer: servers: - url: https://furyhawk.github.io/124c41/ providers: # https://docs.traefik.io/master/providers/file/ file: filename: /etc/traefik/traefik.yml watch: true docker: network: web exposedByDefault: false endpoint: "unix:///var/run/docker.sock"