http: middlewares: internal-only: ipWhiteList: sourceRange: - "{{ wireguard.cidr }}" - "192.168.1.0/24" hsts: redirectScheme: scheme: https routers: hsts: service: "ping@internal" rule: "PathPrefix(`/`)" entryPoints: - web middlewares: - hsts ping: service: "ping@internal" rule: "Host(`traefik.jakehoward.tech`) && Path(`/ping/`)" middlewares: - hsts tls: certResolver: le dashboard: service: "dashboard@internal" rule: "Host(`traefik.jakehoward.tech`)" middlewares: - hsts - internal-only tls: certResolver: le api: service: "api@internal" rule: "Host(`traefik.jakehoward.tech`) && PathPrefix(`/api`)" middlewares: - hsts - internal-only tls: certResolver: le