################################################################ # # Configuration sample for Traefik v2. # # For Traefik v1: https://github.com/traefik/traefik/blob/v1.7/traefik.sample.toml # ################################################################ ################################################################ # Global configuration ################################################################ global: checkNewVersion: true sendAnonymousUsage: true ################################################################ # EntryPoints configuration ################################################################ # EntryPoints definition # # Optional # entryPoints: web: address: :80 http: redirections: entryPoint: to: websecure scheme: https websecure: address: :443 http: tls: certResolver: letsencrypt domains: - main: domain.tld sans: - "*.domain.tld" middlewares: - "authelia@docker" ################################################################ # Traefik logs configuration ################################################################ # Traefik logs # Enabled by default and log to stdout # # Optional # log: # Log level # # Optional # Default: "ERROR" # level: DEBUG # Sets the filepath for the traefik log. If not specified, stdout will be used. # Intermediate directories are created if necessary. # # Optional # Default: os.Stdout # # filePath: log/traefik.log # Format is either "json" or "common". # # Optional # Default: "common" # # format: json ################################################################ # Access logs configuration ################################################################ # Enable access logs # By default it will write to stdout and produce logs in the textual # Common Log Format (CLF), extended with additional fields. # # Optional # accessLog: # Sets the file path for the access log. If not specified, stdout will be used. # Intermediate directories are created if necessary. # # Optional # Default: os.Stdout # # filePath: /path/to/log/log.txt filePath: "/etc/traefik/access.log" format: common # Format is either "json" or "common". # # Optional # Default: "common" # # format: json ################################################################ # API and dashboard configuration ################################################################ # Enable API and dashboard # # Optional # api: # Enable the API in insecure mode # # Optional # Default: false # insecure: true # Enabled Dashboard # # Optional # Default: true # dashboard: true ################################################################ # Ping configuration ################################################################ # Enable ping ping: # Name of the related entry point # # Optional # Default: "traefik" # entryPoint: traefik ################################################################ # Docker configuration backend ################################################################ providers: # Enable Docker configuration backend docker: # Docker server endpoint. Can be a tcp or a unix socket endpoint. # # Required # Default: "unix:///var/run/docker.sock" # endpoint: unix:///tmp/docker.sock # Default host rule. # # Optional # Default: "Host(`{{ normalize .Name }}`)" # defaultRule: Host(`{{ normalize .Name }}.domain.tld`) # Expose containers by default in traefik # # Optional # Default: true # exposedByDefault: true network: home-proxy file: directory: /etc/traefik/custom watch: true #tls: # stores: # default: # defaultCertificate: # certFile: /certs/star.domain.tld.crt # keyFile: /certs/star.domain.tld..key # certificates: # - certFile: /certs/star.domain.tld..crt # keyFile: /certs/star.domain.tld..key # stores: # - default # certificatesResolvers: letsencrypt: acme: email: email@address.com storage: /letsencrypt/acme.json dnsChallenge: provider: cloudflare # Used to make sure the dns challenge is propagated to the rights dns servers # resolvers: # - "1.1.1.1:53" # - "1.0.0.1:53" # experimental: plugins: traefik-real-ip: moduleName: "github.com/soulbalz/traefik-real-ip" version: "v1.0.3" http: middlewares: my-traefik-real-ip: plugin: traefik-real-ip: excludednets: - 1.1.1.1/24 authelia: forwardAuth: address: https://authelia:9091/api/verify?rd=https%3A%2F%2Flogin.dudenhoeffer.casa%2F trustForwardHeader: true authResponseHeaders: - "Remote-User" - "Remote-Groups" - "Remote-Email" - "Remote-Name" authelia-basic: forwardAuth: address: https://authelia:9091/api/verify?auth=basic trustForwardHeader: true authResponseHeaders: - "Remote-User" - "Remote-Groups" - "Remote-Email" - "Remote-Name"