remove default TIMEOUT (abra #596 )

2025-12-30 14:07:55 +01:00
9 changed files with 45 additions and 137 deletions
--- a/.env.sample
+++ b/.env.sample
@ -175,16 +175,3 @@ COMPOSE_FILE="compose.yml"
 ## Nextcloud Talk HPB
 #COMPOSE_FILE="$COMPOSE_FILE:compose.nextcloud-talk-hpb.yml"
 #NEXTCLOUD_TALK_HPB_ENABLED=1
-
-## Anubis
-#COMPOSE_FILE="$COMPOSE_FILE:compose.anubis.yml"
-#ANUBIS_COOKIE_DOMAIN=example.com
-#ANUBIS_DOMAIN=anubis.example.com
-#ANUBIS_REDIRECT_DOMAINS=
-#ANUBIS_OG_PASSTHROUGH=true
-#ANUBIS_OG_EXPIRY_TIME=1h
-#ANUBIS_OG_CACHE_CONSIDER_HOST=true
-#ANUBIS_SERVE_ROBOTS_TXT=true
-
-## Enable onion service support
-#ONION_ENABLED=1
--- a/.gitea/PULL_REQUEST_TEMPLATE.md
+++ b/.gitea/PULL_REQUEST_TEMPLATE.md
@ -1,16 +0,0 @@
---
-name: "Traefik pull request template"
-about: "Traefik pull request template"
---
-
-<!-- 
-Thank you for doing recipe maintenance work!
-Please mark all checklist items which are relevant for your changes.
-Please remove the checklist items which are not relevant for your changes.
-Feel free to remove this comment.
-->
-
-* [ ] I have deployed and tested my changes
-* [ ] I have [updated relevant versions in `abra.sh`](https://docs.coopcloud.tech/maintainers/upgrade/#updating-versions-in-the-abrash)
-* [ ] I have made my environment variable changes [backwards compatible](https://docs.coopcloud.tech/maintainers/upgrade/#backwards-compatible-environment-variable-changes)
-* [ ] I have added a [release note entry](https://docs.coopcloud.tech/maintainers/upgrade/#creating-new-release-notes)
--- a/MAINTENANCE.md
+++ b/MAINTENANCE.md
@ -21,12 +21,9 @@ In order to fullfill these responsibilities a recipe maintainer:

 A pull request can be merged if it is approved by at least one maintainer. For
 pull requests opened by a maintainer they need to be approved by another
-maintainer. Even though it is okay to merge a pull request with one approval, it
-is always better if all maintainers looked at the pull request and approved it.
+maintainer.

 ## Become a maintainer

-Everyone can apply to be a recipe maintainer:
-1. Watch the repository to always get updates
-2. Simply add your self to the list in the [README.md](./README.md) and open a new pull request with the change.
-3. Once the pull request gets merged you will be added to the [traefik maintainers team](https://git.coopcloud.tech/org/coop-cloud/teams/traefik-maintainers).
+Everyone can apply to be a recipe maintainer. Simply add your self to the list
+in the [README.md](./README.md) and open a new pull request with the change.
--- a/README.md
+++ b/README.md
@ -5,7 +5,7 @@
 > https://docs.traefik.io

 <!-- metadata -->
-* **Maintainer**: [@p4u1](https://git.coopcloud.tech/p4u1), [@decentral1se](https://git.coopcloud.tech/decentral1se), [@javielico](https://git.coopcloud.tech/javielico)
+* **Maintainer**: [@p4u1](https://git.coopcloud.tech/p4u1), [@decentral1se](https://git.coopcloud.tech/decentral1se)
 * **Status**: `stable`
 * **Category**: Utilities
 * **Features**: ?
@ -55,21 +55,4 @@ Letsencrypt DNS challenges.
     Access Token, in which case use compose.gandi-personal-access-token.yml.
 6. Redeploy Traefik, using e.g. `abra app deploy YOURAPPDOMAIN -f`

-## Blocking scrapers with [Anubis](https://anubis.techaro.lol/)
-
-Uncomment the lines on the Anubis section of the configuration.  Set
-a domain name for the cookies and a domain that will serve Anubis
-redirection service.  Optionally and for [added
-security](https://anubis.techaro.lol/docs/admin/configuration/redirect-domains),
-set a list of the domain names for the apps that are going to be
-protected.
-
-After deploying these changes, go to each recipe that supports Anubis
-and follow the process there.  **Enabling Anubis here is not enough for
-protection your apps.**
-
-## Enabling onion service
-
-Uncomment the line in the config setting `ONION_ENABLED=1`. This will create a new entrypoint on port 9052 which can be used to bypass forced SSL. For more details, see the [onion recipe](https://recipes.coopcloud.tech/onion).
-
 [`abra`]: https://git.autonomic.zone/autonomic-cooperative/abra
--- a/abra.sh
+++ b/abra.sh
@ -1,3 +1,3 @@
-export TRAEFIK_YML_VERSION=v29
+export TRAEFIK_YML_VERSION=v28
 export FILE_PROVIDER_YML_VERSION=v11
 export ENTRYPOINT_VERSION=v5
--- a/compose.anubis.yml
+++ b/compose.anubis.yml
@ -1,29 +0,0 @@
---
-version: "3.8"
-services:
-  app:
-    deploy:
-      labels:
-      - "traefik.http.middlewares.anubis.forwardauth.address=http://anubis:8080/.within.website/x/cmd/anubis/api/check"
-  anubis:
-    image: "ghcr.io/techarohq/anubis:v1.24.0"
-    environment:
-      BIND: ":8080"
-      TARGET: " "
-      REDIRECT_DOMAINS: "${ANUBIS_REDIRECT_DOMAINS}"
-      COOKIE_DOMAIN: "${ANUBIS_COOKIE_DOMAIN}"
-      PUBLIC_URL: "https://${ANUBIS_DOMAIN}"
-      OG_PASSTHROUGH: "${ANUBIS_OG_PASSTHROUGH}"
-      OG_EXPIRY_TIME: "${ANUBIS_OG_EXPIRY_TIME}"
-      OG_CACHE_CONSIDER_HOST: "${ANUBIS_OG_CACHE_CONSIDER_HOST}"
-      SERVE_ROBOTS_TXT: "${ANUBIS_SERVE_ROBOTS_TXT}"
-    networks:
-    - proxy
-    deploy:
-      labels:
-      - "traefik.enable=true"
-      - "traefik.http.routers.anubis.rule=Host(`${ANUBIS_DOMAIN}`)"
-      - "traefik.http.routers.anubis.tls.certresolver=${LETS_ENCRYPT_ENV}"
-      - "traefik.http.routers.anubis.entrypoints=web-secure"
-      - "traefik.http.services.anubis.loadbalancer.server.port=8080"
-      - "traefik.http.routers.anubis.service=anubis"
--- a/compose.yml
+++ b/compose.yml
@ -3,7 +3,7 @@ version: "3.8"

 services:
  app:
-    image: "traefik:v3.6.6"
+    image: "traefik:v3.6.5"
    # Note(decentral1se): *please do not* add any additional ports here.
    # Doing so could break new installs with port conflicts. Please use
    # the usual `compose.$app.yml` approach for any additional ports
--- a/release/next
+++ b/release/next
@ -1,10 +0,0 @@
-Short summary of the latest changes:
-
-* Traefik has been upgraded with a patch release, no issues expected.
-* "CurveP256" has been included to the TLS options.
-* The default TIMEOUT value has been removed from the label directly.
-* Anubis support is here, try out `compose.anubis.yml` and see the README.md for more.
-* Onion services with Tor are not supported! See the README.md for more.
-* There are now officially 3 recipe maintainers for Traefik!
-
-All changes: https://git.coopcloud.tech/coop-cloud/traefik/compare/3.9.0+v3.6.5...master
--- a/traefik.yml.tmpl
+++ b/traefik.yml.tmpl
@ -11,14 +11,14 @@ providers:
    endpoint: "tcp://socket-proxy:2375"
    exposedByDefault: false
    network: proxy
-  {{- if eq (env "FILE_PROVIDER_DIRECTORY_ENABLED") "1" }}
+  {{ if eq (env "FILE_PROVIDER_DIRECTORY_ENABLED") "1" }}
  file:
    directory: /etc/traefik/file-providers
    watch: true
-  {{- else }}
+  {{ else }}
  file:
    filename: /etc/traefik/file-provider.yml
-  {{- end }}
+  {{ end }}

 api:
  dashboard: {{ env "DASHBOARD_ENABLED" }}
@ -42,90 +42,86 @@ entrypoints:
        allowEncodedPercent: true
        allowEncodedQuestionMark: true
        allowEncodedHash: true
-  {{- if eq (env "GITEA_SSH_ENABLED") "1" }}
+  {{ if eq (env "GITEA_SSH_ENABLED") "1" }}
  gitea-ssh:
    address: ":2222"
-  {{- end }}
-  {{- if eq (env "P2PANDA_ENABLED") "1" }}
+  {{ end }}
+  {{ if eq (env "P2PANDA_ENABLED") "1" }}
  p2panda-udp-v4:
    address: ":2022/udp"
  p2panda-udp-v6:
    address: ":2023/udp"
-  {{- end }}
-  {{- if eq (env "GARAGE_RPC_ENABLED") "1" }}
+  {{ end }}
+  {{ if eq (env "GARAGE_RPC_ENABLED") "1" }}
  garage-rpc:
    address: ":3901"
-  {{- end }}
-  {{- if eq (env "FOODSOFT_SMTP_ENABLED") "1" }}
+  {{ end }}
+  {{ if eq (env "FOODSOFT_SMTP_ENABLED") "1" }}
  foodsoft-smtp:
    address: ":2525"
-  {{- end }}
-  {{- if eq (env "SMTP_ENABLED") "1" }}
+  {{ end }}
+  {{ if eq (env "SMTP_ENABLED") "1" }}
  smtp-submission:
    address: ":587"
-  {{- end }}
-  {{- if eq (env "PEERTUBE_RTMP_ENABLED") "1" }}
+  {{ end }}
+  {{ if eq (env "PEERTUBE_RTMP_ENABLED") "1" }}
  peertube-rtmp:
    address: ":1935"
-  {{- end }}
-  {{- if eq (env "WEB_ALT_ENABLED") "1" }}
+  {{ end }}
+  {{ if eq (env "WEB_ALT_ENABLED") "1" }}
  web-alt:
    address: ":8000"
-  {{- end }}
-  {{- if eq (env "SSB_MUXRPC_ENABLED") "1" }}
+  {{ end }}
+  {{ if eq (env "SSB_MUXRPC_ENABLED") "1" }}
  ssb-muxrpc:
    address: ":8008"
-  {{- end }}
-  {{- if eq (env "MSSQL_ENABLED") "1" }}
+  {{ end }}
+  {{ if eq (env "MSSQL_ENABLED") "1" }}
  mssql:
    address: ":1433"
-  {{- end }}
-  {{- if eq (env "MUMBLE_ENABLED") "1" }}
+  {{ end }}
+  {{ if eq (env "MUMBLE_ENABLED") "1" }}
  mumble:
    address: ":64738"
  mumble-udp:
    address: ":64738/udp"
-  {{- end }}
-  {{- if eq (env "COMPY_ENABLED") "1" }}
+  {{ end }}
+  {{ if eq (env "COMPY_ENABLED") "1" }}
  compy:
    address: ":9999"
-  {{- end }}
-  {{- if eq (env "IRC_ENABLED") "1" }}
+  {{ end }}
+  {{ if eq (env "IRC_ENABLED") "1" }}
  irc:
    address: ":6697"
-  {{- end }}
-  {{- if eq (env "METRICS_ENABLED") "1" }}
+  {{ end }}
+  {{ if eq (env "METRICS_ENABLED") "1" }}
  metrics:
    address: ":8082"
    http:
      middlewares:
        - basicauth@file
-  {{- end }}
-  {{- if eq (env "MATRIX_FEDERATION_ENABLED") "1" }}
+  {{ end }}
+  {{ if eq (env "MATRIX_FEDERATION_ENABLED") "1" }}
  matrix-federation:
    address: ":9001"
-  {{- end }}
-  {{- if eq (env "NEXTCLOUD_TALK_HPB_ENABLED") "1" }}
+  {{ end }}
+  {{ if eq (env "NEXTCLOUD_TALK_HPB_ENABLED") "1" }}
  nextcloud-talk-hpb:
    address: ":3478"
  nextcloud-talk-hpb-udp:
    address: ":3478/udp"
-  {{- end }}
-  {{- if eq (env "ONION_ENABLED") "1" }}
-  onion:
-    address: ":9052"
-  {{- end }}
+  {{ end }}

 ping:
  entryPoint: web

-{{- if eq (env "METRICS_ENABLED") "1" }}
+{{ if eq (env "METRICS_ENABLED") "1" }}
 metrics:
  prometheus:
    entryPoint: metrics
    addRoutersLabels: true
    addServicesLabels: true
-{{- end }}
+{{ end }}

 certificatesResolvers:
  staging:
@ -135,23 +131,23 @@ certificatesResolvers:
      caServer: "https://acme-staging-v02.api.letsencrypt.org/directory"
      httpChallenge:
        entryPoint: web
-      {{- if eq (env "LETS_ENCRYPT_DNS_CHALLENGE_ENABLED") "1" }}
+      {{ if eq (env "LETS_ENCRYPT_DNS_CHALLENGE_ENABLED") "1" }}
      dnsChallenge:
        provider: {{ (env "LETS_ENCRYPT_DNS_CHALLENGE_PROVIDER") }}
        resolvers:
          - "1.1.1.1:53"
          - "8.8.8.8:53"
-      {{- end }}
+      {{ end }}
  production:
    acme:
      email: {{ env "LETS_ENCRYPT_EMAIL" }}
      storage: /etc/letsencrypt/production-acme.json
      httpChallenge:
        entryPoint: web
-      {{- if eq (env "LETS_ENCRYPT_DNS_CHALLENGE_ENABLED") "1" }}
+      {{ if eq (env "LETS_ENCRYPT_DNS_CHALLENGE_ENABLED") "1" }}
      dnsChallenge:
        provider: {{ (env "LETS_ENCRYPT_DNS_CHALLENGE_PROVIDER") }}
        resolvers:
          - "1.1.1.1:53"
          - "9.9.9.9:53"
-      {{- end }}
+      {{ end }}