Compare commits
12 Commits
remove-def
...
master
| Author | SHA1 | Date | |
|---|---|---|---|
| 5f977f1cca | |||
| ee344cce5d | |||
| 27cc7efb72 | |||
324933a9cc
|
|||
| dc3e50838f | |||
| d59f6e0302 | |||
| c2cdfd80b6 | |||
| 139202fa9c | |||
| de7989f3ca | |||
| d3bf1bce24 | |||
| 1ce9d9ca72 | |||
| a233438f80 |
@ -185,3 +185,6 @@ COMPOSE_FILE="compose.yml"
|
||||
#ANUBIS_OG_EXPIRY_TIME=1h
|
||||
#ANUBIS_OG_CACHE_CONSIDER_HOST=true
|
||||
#ANUBIS_SERVE_ROBOTS_TXT=true
|
||||
|
||||
## Enable onion service support
|
||||
#ONION_ENABLED=1
|
||||
|
||||
@ -1,5 +1,6 @@
|
||||
---
|
||||
name: "Traefik pull request template"
|
||||
about: "Traefik pull request template"
|
||||
---
|
||||
|
||||
<!--
|
||||
|
||||
@ -68,4 +68,8 @@ After deploying these changes, go to each recipe that supports Anubis
|
||||
and follow the process there. **Enabling Anubis here is not enough for
|
||||
protection your apps.**
|
||||
|
||||
## Enabling onion service
|
||||
|
||||
Uncomment the line in the config setting `ONION_ENABLED=1`. This will create a new entrypoint on port 9052 which can be used to bypass forced SSL. For more details, see the [onion recipe](https://recipes.coopcloud.tech/onion).
|
||||
|
||||
[`abra`]: https://git.autonomic.zone/autonomic-cooperative/abra
|
||||
|
||||
2
abra.sh
2
abra.sh
@ -1,3 +1,3 @@
|
||||
export TRAEFIK_YML_VERSION=v28
|
||||
export TRAEFIK_YML_VERSION=v29
|
||||
export FILE_PROVIDER_YML_VERSION=v11
|
||||
export ENTRYPOINT_VERSION=v5
|
||||
|
||||
@ -3,7 +3,7 @@ version: "3.8"
|
||||
|
||||
services:
|
||||
app:
|
||||
image: "traefik:v3.6.6"
|
||||
image: "traefik:v3.6.7"
|
||||
# Note(decentral1se): *please do not* add any additional ports here.
|
||||
# Doing so could break new installs with port conflicts. Please use
|
||||
# the usual `compose.$app.yml` approach for any additional ports
|
||||
@ -48,7 +48,7 @@ services:
|
||||
- "traefik.http.routers.${STACK_NAME}.tls.certresolver=${LETS_ENCRYPT_ENV}"
|
||||
- "traefik.http.routers.${STACK_NAME}.service=api@internal"
|
||||
- "traefik.http.routers.${STACK_NAME}.middlewares=security@file"
|
||||
- "coop-cloud.${STACK_NAME}.version=3.9.0+v3.6.5"
|
||||
- "coop-cloud.${STACK_NAME}.version=3.10.0+v3.6.7"
|
||||
- "coop-cloud.${STACK_NAME}.timeout=${TIMEOUT}"
|
||||
- "backupbot.backup=${ENABLE_BACKUPS:-true}"
|
||||
|
||||
|
||||
10
release/3.10.0+v3.6.7
Normal file
10
release/3.10.0+v3.6.7
Normal file
@ -0,0 +1,10 @@
|
||||
Short summary of the latest changes:
|
||||
|
||||
* Traefik has been upgraded with a patch release, no issues expected.
|
||||
* "CurveP256" has been included to the TLS options.
|
||||
* The default TIMEOUT value has been removed from the label directly.
|
||||
* Anubis support is here, try out `compose.anubis.yml` and see the README.md for more.
|
||||
* Onion services with Tor are not supported! See the README.md for more.
|
||||
* There are now officially 3 recipe maintainers for Traefik!
|
||||
|
||||
All changes: https://git.coopcloud.tech/coop-cloud/traefik/compare/3.9.0+v3.6.5...master
|
||||
@ -11,14 +11,14 @@ providers:
|
||||
endpoint: "tcp://socket-proxy:2375"
|
||||
exposedByDefault: false
|
||||
network: proxy
|
||||
{{ if eq (env "FILE_PROVIDER_DIRECTORY_ENABLED") "1" }}
|
||||
{{- if eq (env "FILE_PROVIDER_DIRECTORY_ENABLED") "1" }}
|
||||
file:
|
||||
directory: /etc/traefik/file-providers
|
||||
watch: true
|
||||
{{ else }}
|
||||
{{- else }}
|
||||
file:
|
||||
filename: /etc/traefik/file-provider.yml
|
||||
{{ end }}
|
||||
{{- end }}
|
||||
|
||||
api:
|
||||
dashboard: {{ env "DASHBOARD_ENABLED" }}
|
||||
@ -42,86 +42,90 @@ entrypoints:
|
||||
allowEncodedPercent: true
|
||||
allowEncodedQuestionMark: true
|
||||
allowEncodedHash: true
|
||||
{{ if eq (env "GITEA_SSH_ENABLED") "1" }}
|
||||
{{- if eq (env "GITEA_SSH_ENABLED") "1" }}
|
||||
gitea-ssh:
|
||||
address: ":2222"
|
||||
{{ end }}
|
||||
{{ if eq (env "P2PANDA_ENABLED") "1" }}
|
||||
{{- end }}
|
||||
{{- if eq (env "P2PANDA_ENABLED") "1" }}
|
||||
p2panda-udp-v4:
|
||||
address: ":2022/udp"
|
||||
p2panda-udp-v6:
|
||||
address: ":2023/udp"
|
||||
{{ end }}
|
||||
{{ if eq (env "GARAGE_RPC_ENABLED") "1" }}
|
||||
{{- end }}
|
||||
{{- if eq (env "GARAGE_RPC_ENABLED") "1" }}
|
||||
garage-rpc:
|
||||
address: ":3901"
|
||||
{{ end }}
|
||||
{{ if eq (env "FOODSOFT_SMTP_ENABLED") "1" }}
|
||||
{{- end }}
|
||||
{{- if eq (env "FOODSOFT_SMTP_ENABLED") "1" }}
|
||||
foodsoft-smtp:
|
||||
address: ":2525"
|
||||
{{ end }}
|
||||
{{ if eq (env "SMTP_ENABLED") "1" }}
|
||||
{{- end }}
|
||||
{{- if eq (env "SMTP_ENABLED") "1" }}
|
||||
smtp-submission:
|
||||
address: ":587"
|
||||
{{ end }}
|
||||
{{ if eq (env "PEERTUBE_RTMP_ENABLED") "1" }}
|
||||
{{- end }}
|
||||
{{- if eq (env "PEERTUBE_RTMP_ENABLED") "1" }}
|
||||
peertube-rtmp:
|
||||
address: ":1935"
|
||||
{{ end }}
|
||||
{{ if eq (env "WEB_ALT_ENABLED") "1" }}
|
||||
{{- end }}
|
||||
{{- if eq (env "WEB_ALT_ENABLED") "1" }}
|
||||
web-alt:
|
||||
address: ":8000"
|
||||
{{ end }}
|
||||
{{ if eq (env "SSB_MUXRPC_ENABLED") "1" }}
|
||||
{{- end }}
|
||||
{{- if eq (env "SSB_MUXRPC_ENABLED") "1" }}
|
||||
ssb-muxrpc:
|
||||
address: ":8008"
|
||||
{{ end }}
|
||||
{{ if eq (env "MSSQL_ENABLED") "1" }}
|
||||
{{- end }}
|
||||
{{- if eq (env "MSSQL_ENABLED") "1" }}
|
||||
mssql:
|
||||
address: ":1433"
|
||||
{{ end }}
|
||||
{{ if eq (env "MUMBLE_ENABLED") "1" }}
|
||||
{{- end }}
|
||||
{{- if eq (env "MUMBLE_ENABLED") "1" }}
|
||||
mumble:
|
||||
address: ":64738"
|
||||
mumble-udp:
|
||||
address: ":64738/udp"
|
||||
{{ end }}
|
||||
{{ if eq (env "COMPY_ENABLED") "1" }}
|
||||
{{- end }}
|
||||
{{- if eq (env "COMPY_ENABLED") "1" }}
|
||||
compy:
|
||||
address: ":9999"
|
||||
{{ end }}
|
||||
{{ if eq (env "IRC_ENABLED") "1" }}
|
||||
{{- end }}
|
||||
{{- if eq (env "IRC_ENABLED") "1" }}
|
||||
irc:
|
||||
address: ":6697"
|
||||
{{ end }}
|
||||
{{ if eq (env "METRICS_ENABLED") "1" }}
|
||||
{{- end }}
|
||||
{{- if eq (env "METRICS_ENABLED") "1" }}
|
||||
metrics:
|
||||
address: ":8082"
|
||||
http:
|
||||
middlewares:
|
||||
- basicauth@file
|
||||
{{ end }}
|
||||
{{ if eq (env "MATRIX_FEDERATION_ENABLED") "1" }}
|
||||
{{- end }}
|
||||
{{- if eq (env "MATRIX_FEDERATION_ENABLED") "1" }}
|
||||
matrix-federation:
|
||||
address: ":9001"
|
||||
{{ end }}
|
||||
{{ if eq (env "NEXTCLOUD_TALK_HPB_ENABLED") "1" }}
|
||||
{{- end }}
|
||||
{{- if eq (env "NEXTCLOUD_TALK_HPB_ENABLED") "1" }}
|
||||
nextcloud-talk-hpb:
|
||||
address: ":3478"
|
||||
nextcloud-talk-hpb-udp:
|
||||
address: ":3478/udp"
|
||||
{{ end }}
|
||||
{{- end }}
|
||||
{{- if eq (env "ONION_ENABLED") "1" }}
|
||||
onion:
|
||||
address: ":9052"
|
||||
{{- end }}
|
||||
|
||||
ping:
|
||||
entryPoint: web
|
||||
|
||||
{{ if eq (env "METRICS_ENABLED") "1" }}
|
||||
{{- if eq (env "METRICS_ENABLED") "1" }}
|
||||
metrics:
|
||||
prometheus:
|
||||
entryPoint: metrics
|
||||
addRoutersLabels: true
|
||||
addServicesLabels: true
|
||||
{{ end }}
|
||||
{{- end }}
|
||||
|
||||
certificatesResolvers:
|
||||
staging:
|
||||
@ -131,23 +135,23 @@ certificatesResolvers:
|
||||
caServer: "https://acme-staging-v02.api.letsencrypt.org/directory"
|
||||
httpChallenge:
|
||||
entryPoint: web
|
||||
{{ if eq (env "LETS_ENCRYPT_DNS_CHALLENGE_ENABLED") "1" }}
|
||||
{{- if eq (env "LETS_ENCRYPT_DNS_CHALLENGE_ENABLED") "1" }}
|
||||
dnsChallenge:
|
||||
provider: {{ (env "LETS_ENCRYPT_DNS_CHALLENGE_PROVIDER") }}
|
||||
resolvers:
|
||||
- "1.1.1.1:53"
|
||||
- "8.8.8.8:53"
|
||||
{{ end }}
|
||||
{{- end }}
|
||||
production:
|
||||
acme:
|
||||
email: {{ env "LETS_ENCRYPT_EMAIL" }}
|
||||
storage: /etc/letsencrypt/production-acme.json
|
||||
httpChallenge:
|
||||
entryPoint: web
|
||||
{{ if eq (env "LETS_ENCRYPT_DNS_CHALLENGE_ENABLED") "1" }}
|
||||
{{- if eq (env "LETS_ENCRYPT_DNS_CHALLENGE_ENABLED") "1" }}
|
||||
dnsChallenge:
|
||||
provider: {{ (env "LETS_ENCRYPT_DNS_CHALLENGE_PROVIDER") }}
|
||||
resolvers:
|
||||
- "1.1.1.1:53"
|
||||
- "9.9.9.9:53"
|
||||
{{ end }}
|
||||
{{- end }}
|
||||
|
||||
Reference in New Issue
Block a user