restructure services based on host machine

2024-01-06 01:33:42 +00:00
parent 350eee1ff0
commit f26bfb2063
49 changed files with 0 additions and 0 deletions
--- a/nuc/traefik/traefik.yml.example
+++ b/nuc/traefik/traefik.yml.example
@@ -0,0 +1,230 @@
+################################################################
+#
+# Configuration sample for Traefik v2.
+#
+# For Traefik v1: https://github.com/traefik/traefik/blob/v1.7/traefik.sample.toml
+#
+################################################################
+
+################################################################
+# Global configuration
+################################################################
+global:
+  checkNewVersion: true
+  sendAnonymousUsage: true
+
+################################################################
+# EntryPoints configuration
+################################################################
+
+# EntryPoints definition
+#
+# Optional
+#
+entryPoints:
+  web:
+    address: :80
+    http:
+      redirections:
+        entryPoint:
+          to: websecure
+          scheme: https
+  websecure:
+    address: :443
+    http:
+      tls:
+        certResolver: letsencrypt
+        domains:
+          - main: domain.tld
+            sans: 
+              - "*.domain.tld"
+      middlewares:
+        - "authelia@docker"
+  
+################################################################
+# Traefik logs configuration
+################################################################
+
+# Traefik logs
+# Enabled by default and log to stdout
+#
+# Optional
+#
+log:
+  # Log level
+  #
+  # Optional
+  # Default: "ERROR"
+  #
+  level: DEBUG
+
+  # Sets the filepath for the traefik log. If not specified, stdout will be used.
+  # Intermediate directories are created if necessary.
+  #
+  # Optional
+  # Default: os.Stdout
+  #
+#  filePath: log/traefik.log
+
+  # Format is either "json" or "common".
+  #
+  # Optional
+  # Default: "common"
+  #
+#  format: json
+
+################################################################
+# Access logs configuration
+################################################################
+
+# Enable access logs
+# By default it will write to stdout and produce logs in the textual
+# Common Log Format (CLF), extended with additional fields.
+#
+# Optional
+#
+accessLog: 
+  # Sets the file path for the access log. If not specified, stdout will be used.
+  # Intermediate directories are created if necessary.
+  #
+  # Optional
+  # Default: os.Stdout
+  #
+#  filePath: /path/to/log/log.txt
+  filePath: "/etc/traefik/access.log"
+  format: common
+
+  # Format is either "json" or "common".
+  #
+  # Optional
+  # Default: "common"
+  #
+#  format: json
+
+################################################################
+# API and dashboard configuration
+################################################################
+
+# Enable API and dashboard
+#
+# Optional
+#
+api:
+  # Enable the API in insecure mode
+  #
+  # Optional
+  # Default: false
+  #
+  insecure: true
+
+  # Enabled Dashboard
+  #
+  # Optional
+  # Default: true
+  #
+  dashboard: true
+
+################################################################
+# Ping configuration
+################################################################
+
+# Enable ping
+ping:
+  # Name of the related entry point
+  #
+  # Optional
+  # Default: "traefik"
+  #
+  entryPoint: traefik
+
+################################################################
+# Docker configuration backend
+################################################################
+
+providers:
+  # Enable Docker configuration backend
+  docker:
+    # Docker server endpoint. Can be a tcp or a unix socket endpoint.
+    #
+    # Required
+    # Default: "unix:///var/run/docker.sock"
+    #
+    endpoint: unix:///tmp/docker.sock
+
+    # Default host rule.
+    #
+    # Optional
+    # Default: "Host(`{{ normalize .Name }}`)"
+    #
+    defaultRule: Host(`{{ normalize .Name }}.domain.tld`)
+
+    # Expose containers by default in traefik
+    #
+    # Optional
+    # Default: true
+    #
+    exposedByDefault: true
+
+    network: home-proxy
+
+  file:
+    directory: /etc/traefik/custom
+    watch: true
+
+#tls:
+#  stores:
+#    default:
+#      defaultCertificate:
+#        certFile: /certs/star.domain.tld.crt
+#        keyFile: /certs/star.domain.tld..key
+#  certificates:
+#    - certFile: /certs/star.domain.tld..crt
+#      keyFile: /certs/star.domain.tld..key
+#      stores:
+#        - default
+#
+
+certificatesResolvers:
+  letsencrypt:
+    acme:
+     email: email@address.com
+     storage: /letsencrypt/acme.json
+     dnsChallenge:
+       provider: cloudflare
+        # Used to make sure the dns challenge is propagated to the rights dns servers
+        #       resolvers:
+        # - "1.1.1.1:53"
+        # - "1.0.0.1:53"
+        #
+experimental:
+  plugins:
+    traefik-real-ip:
+      moduleName: "github.com/soulbalz/traefik-real-ip"
+      version: "v1.0.3" 
+      
+http:
+  middlewares:
+    my-traefik-real-ip:
+      plugin:
+        traefik-real-ip:
+          excludednets:
+            - 1.1.1.1/24
+    authelia:
+      forwardAuth:
+        address: https://authelia:9091/api/verify?rd=https%3A%2F%2Flogin.dudenhoeffer.casa%2F
+        trustForwardHeader: true
+        authResponseHeaders:
+          - "Remote-User"
+          - "Remote-Groups"
+          - "Remote-Email"
+          - "Remote-Name"
+    authelia-basic:
+      forwardAuth:
+        address: https://authelia:9091/api/verify?auth=basic
+        trustForwardHeader: true
+        authResponseHeaders:
+          - "Remote-User"
+          - "Remote-Groups"
+          - "Remote-Email"
+          - "Remote-Name"
+