forked from coop-cloud/traefik
Compare commits
25 Commits
anubis
...
feat-relea
| Author | SHA1 | Date | |
|---|---|---|---|
324933a9cc
|
|||
| dc3e50838f | |||
| d59f6e0302 | |||
| 139202fa9c | |||
| de7989f3ca | |||
| d3bf1bce24 | |||
| 1ce9d9ca72 | |||
| a233438f80 | |||
|
ed257bd0b2
|
|||
| 7dd833dbec | |||
| d5f19d3b11 | |||
|
f16f434877
|
|||
| 5d656ccb72 | |||
| fa55efb0c3 | |||
| 98fe0de193 | |||
| 862bc9a3a5 | |||
| 0238b73f77 | |||
| 5df55f7833 | |||
|
5a8c72eb00
|
|||
| 8eaee04b5d | |||
| fde0e9fa62 | |||
| c5eac61766 | |||
| 34d22375d3 | |||
|
bd24d893c2
|
|||
| e647fd9c45 |
@ -1,5 +1,5 @@
|
|||||||
TYPE=traefik
|
TYPE=traefik
|
||||||
TIMEOUT=300
|
#TIMEOUT=300
|
||||||
ENABLE_AUTO_UPDATE=true
|
ENABLE_AUTO_UPDATE=true
|
||||||
ENABLE_BACKUPS=true
|
ENABLE_BACKUPS=true
|
||||||
|
|
||||||
@ -185,3 +185,6 @@ COMPOSE_FILE="compose.yml"
|
|||||||
#ANUBIS_OG_EXPIRY_TIME=1h
|
#ANUBIS_OG_EXPIRY_TIME=1h
|
||||||
#ANUBIS_OG_CACHE_CONSIDER_HOST=true
|
#ANUBIS_OG_CACHE_CONSIDER_HOST=true
|
||||||
#ANUBIS_SERVE_ROBOTS_TXT=true
|
#ANUBIS_SERVE_ROBOTS_TXT=true
|
||||||
|
|
||||||
|
## Enable onion service support
|
||||||
|
#ONION_ENABLED=1
|
||||||
|
|||||||
16
.gitea/PULL_REQUEST_TEMPLATE.md
Normal file
16
.gitea/PULL_REQUEST_TEMPLATE.md
Normal file
@ -0,0 +1,16 @@
|
|||||||
|
---
|
||||||
|
name: "Traefik pull request template"
|
||||||
|
about: "Traefik pull request template"
|
||||||
|
---
|
||||||
|
|
||||||
|
<!--
|
||||||
|
Thank you for doing recipe maintenance work!
|
||||||
|
Please mark all checklist items which are relevant for your changes.
|
||||||
|
Please remove the checklist items which are not relevant for your changes.
|
||||||
|
Feel free to remove this comment.
|
||||||
|
-->
|
||||||
|
|
||||||
|
* [ ] I have deployed and tested my changes
|
||||||
|
* [ ] I have [updated relevant versions in `abra.sh`](https://docs.coopcloud.tech/maintainers/upgrade/#updating-versions-in-the-abrash)
|
||||||
|
* [ ] I have made my environment variable changes [backwards compatible](https://docs.coopcloud.tech/maintainers/upgrade/#backwards-compatible-environment-variable-changes)
|
||||||
|
* [ ] I have added a [release note entry](https://docs.coopcloud.tech/maintainers/upgrade/#creating-new-release-notes)
|
||||||
@ -1,24 +1,32 @@
|
|||||||
# Traefik Recipe Maintenance
|
# Traefik Recipe Maintenance
|
||||||
|
|
||||||
All contributions should be made via a pull request. This is to ensure a certain quality / consistency, that others can rely on.
|
All contributions should be made via a pull request. This is to ensure a
|
||||||
|
certain quality and consistency, that others can rely on.
|
||||||
|
|
||||||
## Maintainer Responsibilities
|
## Maintainer Responsibilities
|
||||||
|
|
||||||
A recipe maintainer has the following responsibilities:
|
A recipe maintainer has the following responsibilities:
|
||||||
- respond to pull requests / issues within a week
|
|
||||||
- make image security updates within a day
|
- Respond to pull requests / issues within a week
|
||||||
- make image patch / minor updates within a week
|
- Make image security updates within a day
|
||||||
- make image major updates within a month
|
- Make image patch / minor updates within a week
|
||||||
|
- Make image major updates within a month
|
||||||
|
|
||||||
In order to fullfill these responsibilities a recipe maintainer:
|
In order to fullfill these responsibilities a recipe maintainer:
|
||||||
- has to watch the repository (to get notifications)
|
|
||||||
- needs to make sure renovate is configured properly
|
|
||||||
|
|
||||||
## Merge rules
|
- Has to watch the repository (to get notifications)
|
||||||
|
- Needs to make sure renovate is configured properly
|
||||||
|
|
||||||
A pull request can be merged if it is approved by at least one maintainer. For pull requests opened by a maintainer they need to be approved by another maintainer.
|
## Pull Requests
|
||||||
|
|
||||||
## Becoming a maintainer
|
A pull request can be merged if it is approved by at least one maintainer. For
|
||||||
|
pull requests opened by a maintainer they need to be approved by another
|
||||||
|
maintainer. Even though it is okay to merge a pull request with one approval, it
|
||||||
|
is always better if all maintainers looked at the pull request and approved it.
|
||||||
|
|
||||||
Everyone can apply to be a recipe maintainer. Simply add your self to the list in the [README.md](./README.md) and open a new pull request with the change.
|
## Become a maintainer
|
||||||
|
|
||||||
|
Everyone can apply to be a recipe maintainer:
|
||||||
|
1. Watch the repository to always get updates
|
||||||
|
2. Simply add your self to the list in the [README.md](./README.md) and open a new pull request with the change.
|
||||||
|
3. Once the pull request gets merged you will be added to the [traefik maintainers team](https://git.coopcloud.tech/org/coop-cloud/teams/traefik-maintainers).
|
||||||
|
|||||||
@ -5,7 +5,7 @@
|
|||||||
> https://docs.traefik.io
|
> https://docs.traefik.io
|
||||||
|
|
||||||
<!-- metadata -->
|
<!-- metadata -->
|
||||||
* **Maintainer**: [@p4u1](https://git.coopcloud.tech/p4u1)
|
* **Maintainer**: [@p4u1](https://git.coopcloud.tech/p4u1), [@decentral1se](https://git.coopcloud.tech/decentral1se), [@javielico](https://git.coopcloud.tech/javielico)
|
||||||
* **Status**: `stable`
|
* **Status**: `stable`
|
||||||
* **Category**: Utilities
|
* **Category**: Utilities
|
||||||
* **Features**: ?
|
* **Features**: ?
|
||||||
@ -68,4 +68,8 @@ After deploying these changes, go to each recipe that supports Anubis
|
|||||||
and follow the process there. **Enabling Anubis here is not enough for
|
and follow the process there. **Enabling Anubis here is not enough for
|
||||||
protection your apps.**
|
protection your apps.**
|
||||||
|
|
||||||
|
## Enabling onion service
|
||||||
|
|
||||||
|
Uncomment the line in the config setting `ONION_ENABLED=1`. This will create a new entrypoint on port 9052 which can be used to bypass forced SSL. For more details, see the [onion recipe](https://recipes.coopcloud.tech/onion).
|
||||||
|
|
||||||
[`abra`]: https://git.autonomic.zone/autonomic-cooperative/abra
|
[`abra`]: https://git.autonomic.zone/autonomic-cooperative/abra
|
||||||
|
|||||||
4
abra.sh
4
abra.sh
@ -1,3 +1,3 @@
|
|||||||
export TRAEFIK_YML_VERSION=v28
|
export TRAEFIK_YML_VERSION=v29
|
||||||
export FILE_PROVIDER_YML_VERSION=v10
|
export FILE_PROVIDER_YML_VERSION=v11
|
||||||
export ENTRYPOINT_VERSION=v5
|
export ENTRYPOINT_VERSION=v5
|
||||||
|
|||||||
@ -3,7 +3,7 @@ version: "3.8"
|
|||||||
|
|
||||||
services:
|
services:
|
||||||
app:
|
app:
|
||||||
image: "traefik:v3.6.5"
|
image: "traefik:v3.6.6"
|
||||||
# Note(decentral1se): *please do not* add any additional ports here.
|
# Note(decentral1se): *please do not* add any additional ports here.
|
||||||
# Doing so could break new installs with port conflicts. Please use
|
# Doing so could break new installs with port conflicts. Please use
|
||||||
# the usual `compose.$app.yml` approach for any additional ports
|
# the usual `compose.$app.yml` approach for any additional ports
|
||||||
@ -49,7 +49,7 @@ services:
|
|||||||
- "traefik.http.routers.${STACK_NAME}.service=api@internal"
|
- "traefik.http.routers.${STACK_NAME}.service=api@internal"
|
||||||
- "traefik.http.routers.${STACK_NAME}.middlewares=security@file"
|
- "traefik.http.routers.${STACK_NAME}.middlewares=security@file"
|
||||||
- "coop-cloud.${STACK_NAME}.version=3.9.0+v3.6.5"
|
- "coop-cloud.${STACK_NAME}.version=3.9.0+v3.6.5"
|
||||||
- "coop-cloud.${STACK_NAME}.timeout=${TIMEOUT:-120}"
|
- "coop-cloud.${STACK_NAME}.timeout=${TIMEOUT}"
|
||||||
- "backupbot.backup=${ENABLE_BACKUPS:-true}"
|
- "backupbot.backup=${ENABLE_BACKUPS:-true}"
|
||||||
|
|
||||||
socket-proxy:
|
socket-proxy:
|
||||||
|
|||||||
@ -43,6 +43,7 @@ tls:
|
|||||||
curvePreferences:
|
curvePreferences:
|
||||||
- CurveP521
|
- CurveP521
|
||||||
- CurveP384
|
- CurveP384
|
||||||
|
- CurveP256
|
||||||
sniStrict: true
|
sniStrict: true
|
||||||
{{ if eq (env "WILDCARDS_ENABLED") "1" }}
|
{{ if eq (env "WILDCARDS_ENABLED") "1" }}
|
||||||
certificates:
|
certificates:
|
||||||
|
|||||||
10
release/next
Normal file
10
release/next
Normal file
@ -0,0 +1,10 @@
|
|||||||
|
Short summary of the latest changes:
|
||||||
|
|
||||||
|
* Traefik has been upgraded with a patch release, no issues expected.
|
||||||
|
* "CurveP256" has been included to the TLS options.
|
||||||
|
* The default TIMEOUT value has been removed from the label directly.
|
||||||
|
* Anubis support is here, try out `compose.anubis.yml` and see the README.md for more.
|
||||||
|
* Onion services with Tor are not supported! See the README.md for more.
|
||||||
|
* There are now officially 3 recipe maintainers for Traefik!
|
||||||
|
|
||||||
|
All changes: https://git.coopcloud.tech/coop-cloud/traefik/compare/3.9.0+v3.6.5...master
|
||||||
@ -11,14 +11,14 @@ providers:
|
|||||||
endpoint: "tcp://socket-proxy:2375"
|
endpoint: "tcp://socket-proxy:2375"
|
||||||
exposedByDefault: false
|
exposedByDefault: false
|
||||||
network: proxy
|
network: proxy
|
||||||
{{ if eq (env "FILE_PROVIDER_DIRECTORY_ENABLED") "1" }}
|
{{- if eq (env "FILE_PROVIDER_DIRECTORY_ENABLED") "1" }}
|
||||||
file:
|
file:
|
||||||
directory: /etc/traefik/file-providers
|
directory: /etc/traefik/file-providers
|
||||||
watch: true
|
watch: true
|
||||||
{{ else }}
|
{{- else }}
|
||||||
file:
|
file:
|
||||||
filename: /etc/traefik/file-provider.yml
|
filename: /etc/traefik/file-provider.yml
|
||||||
{{ end }}
|
{{- end }}
|
||||||
|
|
||||||
api:
|
api:
|
||||||
dashboard: {{ env "DASHBOARD_ENABLED" }}
|
dashboard: {{ env "DASHBOARD_ENABLED" }}
|
||||||
@ -42,86 +42,90 @@ entrypoints:
|
|||||||
allowEncodedPercent: true
|
allowEncodedPercent: true
|
||||||
allowEncodedQuestionMark: true
|
allowEncodedQuestionMark: true
|
||||||
allowEncodedHash: true
|
allowEncodedHash: true
|
||||||
{{ if eq (env "GITEA_SSH_ENABLED") "1" }}
|
{{- if eq (env "GITEA_SSH_ENABLED") "1" }}
|
||||||
gitea-ssh:
|
gitea-ssh:
|
||||||
address: ":2222"
|
address: ":2222"
|
||||||
{{ end }}
|
{{- end }}
|
||||||
{{ if eq (env "P2PANDA_ENABLED") "1" }}
|
{{- if eq (env "P2PANDA_ENABLED") "1" }}
|
||||||
p2panda-udp-v4:
|
p2panda-udp-v4:
|
||||||
address: ":2022/udp"
|
address: ":2022/udp"
|
||||||
p2panda-udp-v6:
|
p2panda-udp-v6:
|
||||||
address: ":2023/udp"
|
address: ":2023/udp"
|
||||||
{{ end }}
|
{{- end }}
|
||||||
{{ if eq (env "GARAGE_RPC_ENABLED") "1" }}
|
{{- if eq (env "GARAGE_RPC_ENABLED") "1" }}
|
||||||
garage-rpc:
|
garage-rpc:
|
||||||
address: ":3901"
|
address: ":3901"
|
||||||
{{ end }}
|
{{- end }}
|
||||||
{{ if eq (env "FOODSOFT_SMTP_ENABLED") "1" }}
|
{{- if eq (env "FOODSOFT_SMTP_ENABLED") "1" }}
|
||||||
foodsoft-smtp:
|
foodsoft-smtp:
|
||||||
address: ":2525"
|
address: ":2525"
|
||||||
{{ end }}
|
{{- end }}
|
||||||
{{ if eq (env "SMTP_ENABLED") "1" }}
|
{{- if eq (env "SMTP_ENABLED") "1" }}
|
||||||
smtp-submission:
|
smtp-submission:
|
||||||
address: ":587"
|
address: ":587"
|
||||||
{{ end }}
|
{{- end }}
|
||||||
{{ if eq (env "PEERTUBE_RTMP_ENABLED") "1" }}
|
{{- if eq (env "PEERTUBE_RTMP_ENABLED") "1" }}
|
||||||
peertube-rtmp:
|
peertube-rtmp:
|
||||||
address: ":1935"
|
address: ":1935"
|
||||||
{{ end }}
|
{{- end }}
|
||||||
{{ if eq (env "WEB_ALT_ENABLED") "1" }}
|
{{- if eq (env "WEB_ALT_ENABLED") "1" }}
|
||||||
web-alt:
|
web-alt:
|
||||||
address: ":8000"
|
address: ":8000"
|
||||||
{{ end }}
|
{{- end }}
|
||||||
{{ if eq (env "SSB_MUXRPC_ENABLED") "1" }}
|
{{- if eq (env "SSB_MUXRPC_ENABLED") "1" }}
|
||||||
ssb-muxrpc:
|
ssb-muxrpc:
|
||||||
address: ":8008"
|
address: ":8008"
|
||||||
{{ end }}
|
{{- end }}
|
||||||
{{ if eq (env "MSSQL_ENABLED") "1" }}
|
{{- if eq (env "MSSQL_ENABLED") "1" }}
|
||||||
mssql:
|
mssql:
|
||||||
address: ":1433"
|
address: ":1433"
|
||||||
{{ end }}
|
{{- end }}
|
||||||
{{ if eq (env "MUMBLE_ENABLED") "1" }}
|
{{- if eq (env "MUMBLE_ENABLED") "1" }}
|
||||||
mumble:
|
mumble:
|
||||||
address: ":64738"
|
address: ":64738"
|
||||||
mumble-udp:
|
mumble-udp:
|
||||||
address: ":64738/udp"
|
address: ":64738/udp"
|
||||||
{{ end }}
|
{{- end }}
|
||||||
{{ if eq (env "COMPY_ENABLED") "1" }}
|
{{- if eq (env "COMPY_ENABLED") "1" }}
|
||||||
compy:
|
compy:
|
||||||
address: ":9999"
|
address: ":9999"
|
||||||
{{ end }}
|
{{- end }}
|
||||||
{{ if eq (env "IRC_ENABLED") "1" }}
|
{{- if eq (env "IRC_ENABLED") "1" }}
|
||||||
irc:
|
irc:
|
||||||
address: ":6697"
|
address: ":6697"
|
||||||
{{ end }}
|
{{- end }}
|
||||||
{{ if eq (env "METRICS_ENABLED") "1" }}
|
{{- if eq (env "METRICS_ENABLED") "1" }}
|
||||||
metrics:
|
metrics:
|
||||||
address: ":8082"
|
address: ":8082"
|
||||||
http:
|
http:
|
||||||
middlewares:
|
middlewares:
|
||||||
- basicauth@file
|
- basicauth@file
|
||||||
{{ end }}
|
{{- end }}
|
||||||
{{ if eq (env "MATRIX_FEDERATION_ENABLED") "1" }}
|
{{- if eq (env "MATRIX_FEDERATION_ENABLED") "1" }}
|
||||||
matrix-federation:
|
matrix-federation:
|
||||||
address: ":9001"
|
address: ":9001"
|
||||||
{{ end }}
|
{{- end }}
|
||||||
{{ if eq (env "NEXTCLOUD_TALK_HPB_ENABLED") "1" }}
|
{{- if eq (env "NEXTCLOUD_TALK_HPB_ENABLED") "1" }}
|
||||||
nextcloud-talk-hpb:
|
nextcloud-talk-hpb:
|
||||||
address: ":3478"
|
address: ":3478"
|
||||||
nextcloud-talk-hpb-udp:
|
nextcloud-talk-hpb-udp:
|
||||||
address: ":3478/udp"
|
address: ":3478/udp"
|
||||||
{{ end }}
|
{{- end }}
|
||||||
|
{{- if eq (env "ONION_ENABLED") "1" }}
|
||||||
|
onion:
|
||||||
|
address: ":9052"
|
||||||
|
{{- end }}
|
||||||
|
|
||||||
ping:
|
ping:
|
||||||
entryPoint: web
|
entryPoint: web
|
||||||
|
|
||||||
{{ if eq (env "METRICS_ENABLED") "1" }}
|
{{- if eq (env "METRICS_ENABLED") "1" }}
|
||||||
metrics:
|
metrics:
|
||||||
prometheus:
|
prometheus:
|
||||||
entryPoint: metrics
|
entryPoint: metrics
|
||||||
addRoutersLabels: true
|
addRoutersLabels: true
|
||||||
addServicesLabels: true
|
addServicesLabels: true
|
||||||
{{ end }}
|
{{- end }}
|
||||||
|
|
||||||
certificatesResolvers:
|
certificatesResolvers:
|
||||||
staging:
|
staging:
|
||||||
@ -131,23 +135,23 @@ certificatesResolvers:
|
|||||||
caServer: "https://acme-staging-v02.api.letsencrypt.org/directory"
|
caServer: "https://acme-staging-v02.api.letsencrypt.org/directory"
|
||||||
httpChallenge:
|
httpChallenge:
|
||||||
entryPoint: web
|
entryPoint: web
|
||||||
{{ if eq (env "LETS_ENCRYPT_DNS_CHALLENGE_ENABLED") "1" }}
|
{{- if eq (env "LETS_ENCRYPT_DNS_CHALLENGE_ENABLED") "1" }}
|
||||||
dnsChallenge:
|
dnsChallenge:
|
||||||
provider: {{ (env "LETS_ENCRYPT_DNS_CHALLENGE_PROVIDER") }}
|
provider: {{ (env "LETS_ENCRYPT_DNS_CHALLENGE_PROVIDER") }}
|
||||||
resolvers:
|
resolvers:
|
||||||
- "1.1.1.1:53"
|
- "1.1.1.1:53"
|
||||||
- "8.8.8.8:53"
|
- "8.8.8.8:53"
|
||||||
{{ end }}
|
{{- end }}
|
||||||
production:
|
production:
|
||||||
acme:
|
acme:
|
||||||
email: {{ env "LETS_ENCRYPT_EMAIL" }}
|
email: {{ env "LETS_ENCRYPT_EMAIL" }}
|
||||||
storage: /etc/letsencrypt/production-acme.json
|
storage: /etc/letsencrypt/production-acme.json
|
||||||
httpChallenge:
|
httpChallenge:
|
||||||
entryPoint: web
|
entryPoint: web
|
||||||
{{ if eq (env "LETS_ENCRYPT_DNS_CHALLENGE_ENABLED") "1" }}
|
{{- if eq (env "LETS_ENCRYPT_DNS_CHALLENGE_ENABLED") "1" }}
|
||||||
dnsChallenge:
|
dnsChallenge:
|
||||||
provider: {{ (env "LETS_ENCRYPT_DNS_CHALLENGE_PROVIDER") }}
|
provider: {{ (env "LETS_ENCRYPT_DNS_CHALLENGE_PROVIDER") }}
|
||||||
resolvers:
|
resolvers:
|
||||||
- "1.1.1.1:53"
|
- "1.1.1.1:53"
|
||||||
- "9.9.9.9:53"
|
- "9.9.9.9:53"
|
||||||
{{ end }}
|
{{- end }}
|
||||||
|
|||||||
Reference in New Issue
Block a user