369 lines
8.3 KiB
YAML
369 lines
8.3 KiB
YAML
log:
|
|
level: DEBUG
|
|
api:
|
|
# Dashboard
|
|
dashboard: true
|
|
# https://docs.traefik.io/master/operations/api/#insecure
|
|
# insecure: true
|
|
|
|
entryPoints:
|
|
web:
|
|
# http
|
|
address: ":80"
|
|
http:
|
|
# https://docs.traefik.io/routing/entrypoints/#entrypoint
|
|
redirections:
|
|
entryPoint:
|
|
to: web-secure
|
|
|
|
web-secure:
|
|
# https
|
|
address: ":443"
|
|
|
|
web-socket:
|
|
address: ":8083"
|
|
|
|
web-socket-secure:
|
|
address: ":8084"
|
|
|
|
# osrm:
|
|
# address: ":5000"
|
|
|
|
certificatesResolvers:
|
|
letsencrypt:
|
|
# https://docs.traefik.io/master/https/acme/#lets-encrypt
|
|
acme:
|
|
email: "furyx@hotmail.com"
|
|
storage: /etc/traefik/acme/acme.json
|
|
# https://docs.traefik.io/master/https/acme/#httpchallenge
|
|
httpChallenge:
|
|
entryPoint: web
|
|
|
|
# tcp:
|
|
# routers:
|
|
# emqx-web-socket-router:
|
|
# rule: "HostSNI(`mqttx.furyhawk.lol`)"
|
|
# entryPoints:
|
|
# - web-socket
|
|
# service: emqx-web-socket-service
|
|
|
|
# emqx-web-socket-secure-router:
|
|
# rule: "HostSNI(`mqttx.furyhawk.lol`)"
|
|
# entryPoints:
|
|
# - web-socket-secure
|
|
# service: emqx-web-socket-secure-service
|
|
# tls:
|
|
# certResolver: letsencrypt
|
|
|
|
# services:
|
|
# emqx-web-socket-service:
|
|
# loadBalancer:
|
|
# servers:
|
|
# - url: http://emqx1:8083
|
|
# emqx-web-socket-secure-service:
|
|
# loadBalancer:
|
|
# servers:
|
|
# - url: http://emqx1:8084
|
|
|
|
http:
|
|
routers:
|
|
dashboard:
|
|
rule: "Host(`dashboard.furyhawk.lol`) && PathPrefix(`/api`, `/dashboard`)"
|
|
entryPoints:
|
|
- web-secure
|
|
middlewares:
|
|
- auth
|
|
service: api@internal
|
|
tls:
|
|
# https://docs.traefik.io/master/routing/routers/#certresolver
|
|
certResolver: letsencrypt
|
|
|
|
portainer-router:
|
|
rule: "Host(`portainer.furyhawk.lol`, `port.furyhawk.lol`)"
|
|
entryPoints:
|
|
- web-secure
|
|
middlewares:
|
|
- csrf
|
|
service: portainer_service
|
|
tls:
|
|
certResolver: letsencrypt
|
|
|
|
edge-router:
|
|
rule: "Host(`edge.furyhawk.lol`)"
|
|
entryPoints:
|
|
- web-secure
|
|
middlewares:
|
|
- csrf
|
|
service: edge_service
|
|
tls:
|
|
certResolver: letsencrypt
|
|
|
|
forum-router:
|
|
rule: "Host(`forum.furyhawk.lol`)"
|
|
entryPoints:
|
|
- web-secure
|
|
middlewares:
|
|
- csrf
|
|
# - sslheader
|
|
service: forum_server
|
|
tls:
|
|
certResolver: letsencrypt
|
|
|
|
heynote-router:
|
|
rule: "Host(`note.furyhawk.lol`)"
|
|
entryPoints:
|
|
- web-secure
|
|
middlewares:
|
|
- csrf
|
|
service: heynote_app
|
|
tls:
|
|
certResolver: letsencrypt
|
|
|
|
cheatsheets-router:
|
|
rule: "Host(`cheat.furyhawk.lol`)"
|
|
entryPoints:
|
|
- web-secure
|
|
middlewares:
|
|
- csrf
|
|
service: cheatsheets_app
|
|
tls:
|
|
certResolver: letsencrypt
|
|
|
|
thelounge-router:
|
|
rule: "Host(`irc.furyhawk.lol`)"
|
|
entryPoints:
|
|
- web-secure
|
|
middlewares:
|
|
- csrf
|
|
service: thelounge_app
|
|
tls:
|
|
certResolver: letsencrypt
|
|
|
|
chat-router:
|
|
rule: "Host(`chat.furyhawk.lol`)"
|
|
entryPoints:
|
|
- web-secure
|
|
middlewares:
|
|
- csrf
|
|
service: librechat_app
|
|
tls:
|
|
certResolver: letsencrypt
|
|
|
|
mqtt-router:
|
|
rule: "Host(`mqtt.furyhawk.lol`)"
|
|
entryPoints:
|
|
- web-secure
|
|
middlewares:
|
|
- csrf
|
|
service: emqx-dashboard
|
|
tls:
|
|
certResolver: letsencrypt
|
|
|
|
mqtt-ws-http-router:
|
|
rule: "Host(`mqttx.furyhawk.lol`)"
|
|
entryPoints:
|
|
- web-socket
|
|
service: emqx-web-socket
|
|
|
|
mqtt-wss-https-router:
|
|
rule: "Host(`mqttx.furyhawk.lol`)"
|
|
entryPoints:
|
|
- web-socket-secure
|
|
service: emqx-web-socket-secure
|
|
tls:
|
|
passthrough: true
|
|
|
|
mqttx-router:
|
|
rule: "Host(`mqttx.furyhawk.lol`)"
|
|
entryPoints:
|
|
- web-secure
|
|
middlewares:
|
|
- csrf
|
|
service: mqttx-web
|
|
tls:
|
|
certResolver: letsencrypt
|
|
|
|
bai-router:
|
|
rule: "Host(`bai.furyhawk.lol`)"
|
|
entryPoints:
|
|
- web-secure
|
|
middlewares:
|
|
- csrf
|
|
service: streamlit_bai_app
|
|
tls:
|
|
certResolver: letsencrypt
|
|
|
|
# fin-router:
|
|
# rule: "Host(`fin.furyhawk.lol`)"
|
|
# entryPoints:
|
|
# - web-secure
|
|
# middlewares:
|
|
# - csrf
|
|
# service: streamlit_fin_app
|
|
# tls:
|
|
# certResolver: letsencrypt
|
|
|
|
info-router:
|
|
rule: "Host(`furyhawk.lol`, `www.furyhawk.lol`, `info.furyhawk.lol`, `124c41.furyhawk.lol`)"
|
|
entryPoints:
|
|
- web-secure
|
|
middlewares:
|
|
- csrf
|
|
- no-www
|
|
service: site_server
|
|
tls:
|
|
certResolver: letsencrypt
|
|
|
|
resume-router:
|
|
rule: "Host(`resume.furyhawk.lol`)"
|
|
entryPoints:
|
|
- web-secure
|
|
# redirect to resume
|
|
middlewares:
|
|
- csrf
|
|
- redirect-resume
|
|
service: resume_server
|
|
tls:
|
|
certResolver: letsencrypt
|
|
|
|
blog-router:
|
|
rule: "Host(`blog.furyhawk.lol`)"
|
|
entryPoints:
|
|
- web-secure
|
|
# redirect to external blog
|
|
middlewares:
|
|
- redirect-blog
|
|
service: blog
|
|
tls:
|
|
certResolver: letsencrypt
|
|
|
|
osrm-router:
|
|
rule: "Host(`osrm.furyhawk.lol`)"
|
|
entryPoints:
|
|
- "web-secure"
|
|
# - "osrm"
|
|
middlewares:
|
|
- csrf
|
|
service: osrm_service
|
|
tls:
|
|
certResolver: letsencrypt
|
|
# domains:
|
|
# - main: "furyhawk.lol"
|
|
# sans:
|
|
# - "*.furyhawk.lol"
|
|
|
|
middlewares:
|
|
auth:
|
|
basicAuth:
|
|
usersFile: "/etc/traefik/usersfile"
|
|
csrf:
|
|
# https://doc.traefik.io/traefik/middlewares/http/headers/#hostsproxyheaders
|
|
# https://docs.djangoproject.com/en/dev/ref/csrf/#ajax
|
|
headers:
|
|
hostsProxyHeaders: ["X-CSRFToken"]
|
|
sslheader:
|
|
# https://docs.traefik.io/master/middlewares/headers/
|
|
headers:
|
|
sslProxyHeaders:
|
|
X-Forwarded-Proto: "https"
|
|
sslRedirect: true
|
|
no-www:
|
|
redirectRegex:
|
|
regex: "^https?://www\\.(.+)"
|
|
replacement: https://${1}
|
|
permanent: true
|
|
|
|
# redirect to resume
|
|
redirect-resume:
|
|
redirectRegex:
|
|
regex: "^https://resume.furyhawk.lol/(.*)"
|
|
replacement: "https://info.furyhawk.lol/resume/${1}"
|
|
permanent: true
|
|
|
|
redirect-blog:
|
|
# https://docs.traefik.io/master/middlewares/redirectscheme/
|
|
redirectregex:
|
|
regex: "^https://blog.furyhawk.lol/(.*)"
|
|
replacement: "https://furyhawk.github.io/124c41/${1}"
|
|
permanent: true
|
|
|
|
services:
|
|
portainer_service:
|
|
loadBalancer:
|
|
servers:
|
|
- url: http://portainer:9000
|
|
edge_service:
|
|
loadBalancer:
|
|
servers:
|
|
- url: http://portainer:8000
|
|
osrm_service:
|
|
loadBalancer:
|
|
servers:
|
|
- url: http://osrm_backend:5000
|
|
forum_server:
|
|
loadBalancer:
|
|
servers:
|
|
- url: http://flarum-web:80
|
|
heynote_app:
|
|
loadBalancer:
|
|
servers:
|
|
- url: http://heynote_app:5173
|
|
cheatsheets_app:
|
|
loadBalancer:
|
|
servers:
|
|
- url: http://cheatsheets_app:80
|
|
thelounge_app:
|
|
loadBalancer:
|
|
servers:
|
|
- url: http://thelounge:9000
|
|
librechat_app:
|
|
loadBalancer:
|
|
servers:
|
|
- url: http://LibreChat:3080
|
|
emqx-web-socket:
|
|
loadBalancer:
|
|
servers:
|
|
- url: http://emqx1:8083
|
|
emqx-web-socket-secure:
|
|
loadBalancer:
|
|
servers:
|
|
- url: http://emqx1:8084
|
|
emqx-dashboard:
|
|
loadBalancer:
|
|
servers:
|
|
- url: http://emqx1:18083
|
|
mqttx-web:
|
|
loadBalancer:
|
|
servers:
|
|
- url: http://mqttx_web:8888
|
|
streamlit_bai_app:
|
|
loadBalancer:
|
|
servers:
|
|
- url: http://streamlit_bai_app:8502
|
|
streamlit_fin_app:
|
|
loadBalancer:
|
|
servers:
|
|
- url: http://streamlit_fin_app:8501
|
|
site_server:
|
|
loadBalancer:
|
|
servers:
|
|
- url: http://site_server:80
|
|
resume_server:
|
|
loadBalancer:
|
|
servers:
|
|
- url: http://site_server:80
|
|
blog:
|
|
loadBalancer:
|
|
servers:
|
|
- url: https://furyhawk.github.io/124c41/
|
|
|
|
providers:
|
|
# https://docs.traefik.io/master/providers/file/
|
|
file:
|
|
filename: /etc/traefik/traefik.yml
|
|
watch: true
|
|
docker:
|
|
network: web
|
|
exposedByDefault: false
|
|
endpoint: "unix:///var/run/docker.sock"
|