traefik/.env.sample

TYPE=traefik
TIMEOUT=300
ENABLE_AUTO_UPDATE=true

DOMAIN=traefik.example.com
LETS_ENCRYPT_ENV=production

LETS_ENCRYPT_EMAIL=certs@example.com
# DASHBOARD_ENABLED=true
# WARN, INFO etc.
LOG_LEVEL=WARN

# This is here so later lines can extend it; you likely don't wanna edit
COMPOSE_FILE="compose.yml"

#####################################################################
# General settings                                                  #
#####################################################################

## Host-mode networking
#COMPOSE_FILE="$COMPOSE_FILE:compose.host.yml"

## "Headless mode" (no domain configured)
#COMPOSE_FILE="$COMPOSE_FILE:compose.headless.yml"

#####################################################################
# Automatic DNS set-up for Letsencrypt                              #
#####################################################################

## Enable dns challenge (for wildcard domains)
##   https://doc.traefik.io/traefik/https/acme/#dnschallenge
#LETS_ENCRYPT_DNS_CHALLENGE_ENABLED=1
#LETS_ENCRYPT_DNS_CHALLENGE_PROVIDER=ovh

## OVH, https://ovh.com
#COMPOSE_FILE="$COMPOSE_FILE:compose.ovh.yml"
#OVH_ENABLED=1
#OVH_APPLICATION_KEY=
#OVH_ENDPOINT=
#SECRET_OVH_APP_SECRET_VERSION=v1
#SECRET_OVH_CONSUMER_KEY=v1

## Gandi, https://gandi.net
## note(3wc): only "V5" (new) API is supported, so far
#COMPOSE_FILE="$COMPOSE_FILE:compose.gandi-api-key.yml"
#GANDI_API_KEY_ENABLED=1
#SECRET_GANDIV5_API_KEY_VERSION=v1

## Gandi, https://gandi.net
## note: uses GandiV5 Personal Access Token
#COMPOSE_FILE="$COMPOSE_FILE:compose.gandi-personal-access-token.yml"
#GANDI_PERSONAL_ACCESS_TOKEN_ENABLED=1
#SECRET_GANDIV5_PERSONAL_ACCESS_TOKEN_VERSION=v1

## DigitalOcean, https://digitalocean.com
#COMPOSE_FILE="$COMPOSE_FILE:compose.digitalocean.yml"
#DIGITALOCEAN_ENABLED=1
#SECRET_DIGITALOCEAN_AUTH_TOKEN_VERSION=v1

#####################################################################
# Manual wildcard certificate insertion                             #
#####################################################################

# Set wildcards = 1, and uncomment compose_file to enable.
# Create your certs elsewhere and add them like:
# abra app secret insert {myapp.example.coop} ssl_cert v1 "$(cat /path/to/fullchain.pem)"
# abra app secret insert {myapp.example.coop} ssl_key v1 "$(cat /path/to/privkey.pem)"
#WILDCARDS_ENABLED=1
#SECRET_WILDCARD_CERT_VERSION=v1
#SECRET_WILDCARD_KEY_VERSION=v1
#COMPOSE_FILE="$COMPOSE_FILE:compose.wildcard.yml"

#####################################################################
# Authentication                                                    #
#####################################################################

## Enable Keycloak
#COMPOSE_FILE="$COMPOSE_FILE:compose.keycloak.yml"
#KEYCLOAK_MIDDLEWARE_ENABLED=1
#KEYCLOAK_TFA_SERVICE=traefik-forward-auth_app
#KEYCLOAK_MIDDLEWARE_2_ENABLED=1
#KEYCLOAK_TFA_SERVICE_2=traefik-forward-auth_app

## BASIC_AUTH
## Use httpasswd to generate the secret
#COMPOSE_FILE="$COMPOSE_FILE:compose.basicauth.yml"
#BASIC_AUTH=1
#SECRET_USERSFILE_VERSION=v1

#####################################################################
# Prometheus metrics                                                #
#####################################################################

## Enable prometheus metrics collection
## used used by the coop-cloud monitoring stack
#COMPOSE_FILE="$COMPOSE_FILE:compose.metrics.yml"
#METRICS_ENABLED=1

#####################################################################
# File provider directory configuration                             #
# (Route bare metal and non-docker services on the machine!)        #
#####################################################################
#FILE_PROVIDER_DIRECTORY_ENABLED=1

#####################################################################
# Additional services                                               #
#####################################################################

## SMTP port 587
#COMPOSE_FILE="$COMPOSE_FILE:compose.smtp.yml"
#SMTP_ENABLED=1

## Compy
#COMPOSE_FILE="$COMPOSE_FILE:compose.compy.yml"
#COMPY_ENABLED=1

## Gitea SSH
# COMPOSE_FILE="$COMPOSE_FILE:compose.gitea.yml"
# GITEA_SSH_ENABLED=1

## Foodsoft SMTP
# COMPOSE_FILE="$COMPOSE_FILE:compose.foodsoft.yml"
# FOODSOFT_SMTP_ENABLED=1

## Peertube RTMP
#COMPOSE_FILE="$COMPOSE_FILE:compose.peertube.yml"
#PEERTUBE_RTMP_ENABLED=1

## Secure Scuttlebutt MUXRPC
#COMPOSE_FILE="$COMPOSE_FILE:compose.ssb.yml"
#SSB_MUXRPC_ENABLED=1

## MSSQL
#COMPOSE_FILE="$COMPOSE_FILE:compose.mssql.yml"
#MSSQL_ENABLED=1

## Mumble
#COMPOSE_FILE="$COMPOSE_FILE:compose.mumble.yml"
#MUMBLE_ENABLED=1

## Matrix
#COMPOSE_FILE="$COMPOSE_FILE:compose.matrix.yml"
#MATRIX_FEDERATION_ENABLED=1

## "Web alt", an alternative web port
# NOTE(3wc): as of 2024-04-01 only the `icecast` recipe uses this
#COMPOSE_FILE="$COMPOSE_FILE:compose.web-alt.yml"
#WEB_ALT_ENABLED=1