infrastructure/ansible/roles/traefik/files/traefik.yml
2020-12-22 15:53:03 +00:00

58 lines
1 KiB
YAML

entryPoints:
web:
address: :80
proxyProtocol:
trustedIPs:
- "{{ wireguard.cidr }}"
web-secure:
address: :443
proxyProtocol:
trustedIPs:
- "{{ wireguard.cidr }}"
matrix:
address: :8448
proxyProtocol:
trustedIPs:
- "{{ wireguard.cidr }}"
traefik:
address: "{{ wireguard.clients[ansible_fqdn].ip }}:8080"
ping: {}
providers:
docker:
endpoint: unix:///var/run/docker.sock
watch: true
exposedByDefault: false
file:
directory: /etc/traefik/conf
api:
dashboard: true
insecure: true
certificatesResolvers:
le:
acme:
email: hosting@theorangeone.net
storage: /etc/traefik/acme.json
dnsChallenge:
provider: cloudflare
delayBeforeCheck: 0
resolvers:
- 1.1.1.1:53
- 1.0.0.1:53
serversTransport:
insecureSkipVerify: true
metrics:
influxDB:
address: "{{ wireguard.clients[ansible_fqdn].ip }}:38089"
database: traefik
pushInterval: 30s
tls:
options:
default:
minVersion: VersionTLS12