Commit graph

33 commits

Author SHA1 Message Date
ddd6af21cf
Allow Traefik to use DNS-01 challenge to Gandi
All checks were successful
/ ansible (push) Successful in 2m55s
/ terraform (push) Successful in 33s
2023-04-23 20:26:37 +01:00
d52f0bc8b2
Remove gitlab configuration 2023-03-30 22:56:35 +01:00
4c8d5ffe44
Remove all references to traefik pages 2022-11-01 20:30:16 +00:00
41582f50db
Set up GitLab pages 2022-10-08 15:51:37 +01:00
0d5913ce3c
Disable any hub integrations 2022-06-18 22:09:59 +01:00
793506492f
No shenanigans by default
This causes strange problems with nextcloud
2022-03-23 19:30:22 +00:00
6c0314b758
Add an nginx container to do crazy things with traefik 2022-01-16 14:08:38 +00:00
d5c7d94ac8
Run traefik as dockeruser, and without host networking
This required port forwarding, a docker proxy, and a docker network, but the end result should be much more secure!
2022-01-15 23:44:06 +00:00
4cdaba4692
Swap certificates for wildcards 2021-10-18 21:59:10 +01:00
48934ad2c5
Apply gzip to everything
The middleware is smart enough to only apply it when needed, and only when it's not already compressed, so it's fine.
2021-09-19 22:48:48 +01:00
33fcf1a9e5
Fix matrix federation
Apparently this has been broken since like March...

It seems communication over port 8448 is required for server-to-server
comms, even if the client doesn't use it.
2021-06-12 17:32:47 +01:00
03affd269f
FLoC Block
https://paramdeo.com/blog/opting-your-website-out-of-googles-floc-network
2021-04-18 22:30:26 +01:00
22d43c16a7
Correctly redirect http traffic to https
Bug caused by https://github.com/traefik/traefik/issues/8035
2021-04-06 11:56:05 +01:00
6973fb536f
Add fail2ban for traefik
Remote action coming soon
2021-03-28 13:05:38 +01:00
8398a2df21
Use endpoint middleware rather than hacky router 2021-03-27 23:34:34 +00:00
116e1adb50
Disable Traefik pilot on dashboard 2021-03-24 23:14:01 +00:00
b264e5cbcc
Monitor traefik with prometheus rather than influxdb 2021-03-04 16:37:53 +00:00
ec0c78e6d9
Read emails from secrets 2021-02-14 12:29:14 +00:00
058290b321
Keep track of IPs for PVE hosts
Yea they're all random, I'll deal with that later
2021-01-31 12:46:43 +00:00
0f9802a46c
Install duplicati on PVE docker machine
Requires some changes to how private IPs are specified, which I really need to clean up at some point!
2021-01-20 21:38:01 +00:00
604202fdce
Add traefik pages
Add it ready for the migration in future
2021-01-16 23:29:55 +00:00
fef7f2c2b4
Move docker containers to new PVE container 2021-01-09 18:02:17 +00:00
bdfd38c9fe
Allow traefik to run on non-wireguard host 2020-12-28 15:55:45 +00:00
b11dbfc829
Move traefik file provider to use directory rather than single file
This makes future composition possible
2020-12-22 15:53:03 +00:00
5079599b9d
Require TLS 1.2 2020-09-27 12:36:49 +01:00
ea54d1be69
Expose pages sites 2020-09-05 20:33:57 +01:00
e9aeed26ee
Use cloudflare DNS challenge for Traefik 2020-09-05 18:27:04 +01:00
ec751ffa1a
Add influxdb to monitor traefik 2020-08-30 15:58:03 +01:00
3c49c80ff1
Ensure traefik only listens on wireguard network 2020-07-12 19:29:18 +01:00
f878866f10
Update yamllint 2020-06-18 20:49:12 +01:00
7dd31c0556
Allow nextcloud to be reached over internal SSL
This removes the need for a custom config, and means traefik is proxying HTTP2, which is nice
2020-05-24 19:21:17 +01:00
3e523bd04b
Remove traefik subdomain 2020-04-25 12:15:28 +01:00
89ba23719c
Move traefik into its own role 2020-04-23 20:49:43 +01:00
Renamed from ansible/roles/docker/files/traefik/traefik.yml (Browse further)