infrastructure/ansible/roles/traefik/files/file-provider-main.yml
Jake Howard f88d224168
Some checks failed
/ terraform (push) Failing after 41s
/ ansible (push) Successful in 1m41s
Allow only exposing services over Tailscale
This works using public DNS, so doesn't need Tailscale's magic DNS to override my local.
2024-03-07 22:30:10 +00:00

16 lines
382 B
YAML

http:
middlewares:
compress:
compress: {}
# https://paramdeo.com/blog/opting-your-website-out-of-googles-floc-network
floc-block:
headers:
customResponseHeaders:
Permissions-Policy: interest-cohort=()
tailscale-only:
ipAllowList:
sourceRange:
- "{{ tailscale_cidr }}"
- "{{ tailscale_cidr_ipv6 }}"