entryPoints: web: address: :80 proxyProtocol: trustedIPs: - "{{ wireguard.cidr }}" - "{{ pve_hosts.internal_cidr }}" - "{{ nebula.cidr }}" web-secure: address: :443 proxyProtocol: trustedIPs: - "{{ wireguard.cidr }}" - "{{ pve_hosts.internal_cidr }}" - "{{ nebula.cidr }}" matrix: address: :8448 proxyProtocol: trustedIPs: - "{{ wireguard.cidr }}" - "{{ pve_hosts.internal_cidr }}" - "{{ nebula.cidr }}" traefik: address: "{{ private_ip }}:8080" ping: {} providers: docker: endpoint: unix:///var/run/docker.sock watch: true exposedByDefault: false file: directory: /etc/traefik/conf {% if with_traefik_pages %} http: endpoint: - "http://{{ traefik_pages_password }}@127.0.0.1:5000/.traefik-pages/provider" {% endif %} api: dashboard: true insecure: true certificatesResolvers: le: acme: email: "{{ letsencrypt_email }}" storage: /etc/traefik/acme.json dnsChallenge: provider: cloudflare delayBeforeCheck: 0 resolvers: - 1.1.1.1:53 - 1.0.0.1:53 serversTransport: insecureSkipVerify: true metrics: influxDB: address: "{{ private_ip }}:38089" database: traefik pushInterval: 30s tls: options: default: minVersion: VersionTLS12