################################################################ # Global configuration ################################################################ global: checkNewVersion: true sendAnonymousUsage: false ################################################################ # EntryPoints configuration ################################################################ # EntryPoints definition # # Optional # entryPoints: http: address: :80 http: redirections: entryPoint: to: https scheme: https https: address: :443 http: tls: options: tls-opts@file certResolver: cloudflarels domains: - main: gurulandia.eu sans: - '*.gurulandia.eu' - main: local.gurulandia.eu sans: - '*.local.gurulandia.eu' - main: gurulandia.fi sans: - '*.gurulandia.fi' - main: local.gurulandia.fi sans: - '*.local.gurulandia.fi' forwardedHeaders: trustedIPs: &trustedIps - "127.0.0.1/32" - "10.0.0.0/8" - "192.168.0.0/16" - "172.16.0.0/12" - "173.245.48.0/20" - "103.21.244.0/22" - "103.22.200.0/22" - "103.31.4.0/22" - "141.101.64.0/18" - "108.162.192.0/18" - "190.93.240.0/20" - "188.114.96.0/20" - "197.234.240.0/22" - "198.41.128.0/17" - "162.158.0.0/15" - "172.64.0.0/13" - "131.0.72.0/22" - "104.16.0.0/13" - "104.24.0.0/14" serversTransport: insecureSkipVerify: true ################################################################ # Traefik logs configuration ################################################################ # Traefik logs # Enabled by default and log to stdout # # Optional # log: # Log level # # Optional # Default: "ERROR" # level: INFO # Sets the filepath for the traefik log. If not specified, stdout will be used. # Intermediate directories are created if necessary. # # Optional # Default: os.Stdout # filePath: "/var/log/traefik/traefik.log" # Format is either "json" or "common". # # Optional # Default: "common" # # format: json ################################################################ # Access logs configuration ################################################################ # Enable access logs # By default it will write to stdout and produce logs in the textual # Common Log Format (CLF), extended with additional fields. # # Optional # accessLog: # Sets the file path for the access log. If not specified, stdout will be used. # Intermediate directories are created if necessary. # # Optional # Default: os.Stdout # filePath: "/var/log/traefik/access.log" # Format is either "json" or "common". # # Optional # Default: "common" # # format: json ################################################################ # API and dashboard configuration ################################################################ # Enable API and dashboard # # Optional # api: # Enable the API in insecure mode # # Optional # Default: false # #insecure: true # Enabled Dashboard # # Optional # Default: true # dashboard: true ################################################################ # Ping configuration ################################################################ # Enable ping #ping: # Name of the related entry point # # Optional # Default: "traefik" # # entryPoint: traefik ################################################################ # Providers configuration ################################################################ providers: # Enable Docker configuration backend docker: # Docker server endpoint. Can be a tcp or a unix socket endpoint. # # Required # Default: "unix:///var/run/docker.sock" # endpoint: tcp://socket-proxy:2375 network: proxy # Default host rule. # # Optional # Default: "Host(`{{ normalize .Name }}`)" # # defaultRule: Host(`{{ normalize .Name }}.docker.localhost`) # Expose containers by default in traefik # # Optional # Default: true # exposedByDefault: false # Enable File configuration backend file: directory: /config watch: true # Enable Redis configuration backend #redis: #endpoints: # - "redis:6379" ################################################################ # Certificate Resolvers ################################################################ certificatesResolvers: cloudflare: acme: email: ${CF_API_EMAIL} storage: acme.json dnsChallenge: provider: cloudflare #disablePropagationCheck: true # uncomment this if you have issues pulling certificates through cloudflare, By setting this flag to true disables the need to wait for the propagation of the TXT record to all authoritative name servers. resolvers: - "1.1.1.1:53" - "1.0.0.1:53"