attempt using staticresponse

.env.sample

@@ -1,6 +1,4 @@
 TYPE=traefik
-TIMEOUT=300
-ENABLE_AUTO_UPDATE=true
 
 DOMAIN=traefik.example.com
 LETS_ENCRYPT_ENV=production
@@ -17,6 +15,9 @@ COMPOSE_FILE="compose.yml"
 # General settings                                                  #
 #####################################################################
 
+## Error pages
+COMPOSE_FILE="$COMPOSE_FILE:compose.error-pages.yml"
+
 ## Host-mode networking
 #COMPOSE_FILE="$COMPOSE_FILE:compose.host.yml"
 
@@ -63,15 +64,8 @@ COMPOSE_FILE="compose.yml"
 
 ## Enable prometheus metrics collection
 ## used used by the coop-cloud monitoring stack
-#COMPOSE_FILE="$COMPOSE_FILE:compose.metrics.yml"
 #METRICS_ENABLED=1
 
-#####################################################################
-# File provider directory configuration                             #
-# (Route bare metal and non-docker services on the machine!)        #
-#####################################################################
-#FILE_PROVIDER_DIRECTORY_ENABLED=1
-
 #####################################################################
 # Additional services                                               #
 #####################################################################
@@ -111,9 +105,3 @@ COMPOSE_FILE="compose.yml"
 ## Matrix
 #COMPOSE_FILE="$COMPOSE_FILE:compose.matrix.yml"
 #MATRIX_FEDERATION_ENABLED=1
-
-## BASIC_AUTH
-## Use httpasswd to generate the secret
-#COMPOSE_FILE="$COMPOSE_FILE:compose.basicauth.yml"
-#BASIC_AUTH=1
-#SECRET_USERSFILE_VERSION=v1

abra.sh

@@ -1,3 +1,3 @@
-export TRAEFIK_YML_VERSION=v17
-export FILE_PROVIDER_YML_VERSION=v8
+export TRAEFIK_YML_VERSION=v15
+export FILE_PROVIDER_YML_VERSION=v6
 export ENTRYPOINT_VERSION=v2

compose.basicauth.yml

@@ -1,12 +0,0 @@
-version: "3.8"
-services:
-  app:
-    environment:
-      - BASIC_AUTH
-    secrets:
-      - usersfile
-
-secrets:
-  usersfile:
-    name: ${STACK_NAME}_usersfile_${SECRET_USERSFILE_VERSION}
-    external: true

compose.error-pages.yml

@@ -0,0 +1,31 @@
+version: '3.8'
+
+services:
+
+  app:
+    command:
+      - --providers.docker
+      - --experimental.plugins.staticresponse.modulename=github.com/jdel/staticresponse
+      - --experimental.plugins.staticresponse.version=v0.0.1
+    deploy:
+      labels:
+        # custom traefik errors
+        - "traefik.http.middlewares.web-secure.errors.status=400-599"
+        - "traefik.http.middlewares.web-secure.errors.service=down-rule"
+        - "traefik.http.middlewares.web-secure.errors.query=/traefik-http-error/{status}"
+        # catchall rule
+        - "traefik.http.routers.http-catchall.entrypoints=web-secure"
+        - "traefik.http.routers.http-catchall.rule=PathPrefix(`/`)"
+        # lowest possible priority, evaluated when no other router is matched
+        - "traefik.http.routers.http-catchall.priority=1"
+        - "traefik.http.routers.http-catchall.middlewares=503down"
+        # static error message
+        - "traefik.http.middlewares.503down.plugin.staticresponse"
+        - "traefik.http.middlewares.503down.plugin.staticresponse.StatusCode=503"
+        - "traefik.http.middlewares.503down.plugin.staticresponse.Body=Sorry, currently under maintenance. Please try again later."
+        # error page
+        - "traefik.http.routers.down-rule.rule=PathPrefix(`/traefik-http-error`)"
+        - "traefik.http.routers.down-rule.service=noop@internal"
+        - "traefik.http.routers.down-rule.entrypoints=web-secure"
+        - "traefik.http.routers.down-rule.middlewares=503down"
+        

compose.metrics.yml

@@ -1,9 +0,0 @@
-version: "3.8"
-services:
-  app:
-    environment:
-      - METRICS_ENABLED
-    ports:
-      - target: 8082
-        published: 8082
-        mode: host

compose.yml

@@ -3,7 +3,7 @@ version: "3.8"
 
 services:
   app:
-    image: "traefik:v2.10.4"
+    image: "traefik:v2.9.9"
     # Note(decentral1se): *please do not* add any additional ports here.
     # Doing so could break new installs with port conflicts. Please use
     # the usual `compose.$app.yml` approach for any additional ports
@@ -13,7 +13,6 @@ services:
     volumes:
       - "/var/run/docker.sock:/var/run/docker.sock"
       - "letsencrypt:/etc/letsencrypt"
-      - "file-providers:/etc/traefik/file-providers"
     configs:
       - source: traefik_yml
         target: /etc/traefik/traefik.yml
@@ -47,8 +46,7 @@ services:
         - "traefik.http.routers.${STACK_NAME}.tls.certresolver=${LETS_ENCRYPT_ENV}"
         - "traefik.http.routers.${STACK_NAME}.service=api@internal"
         - "traefik.http.routers.${STACK_NAME}.middlewares=security@file"
-        - "coop-cloud.${STACK_NAME}.version=2.4.2+v2.10.4"
-        - "coop-cloud.${STACK_NAME}.timeout=${TIMEOUT:-120}"
+        - "coop-cloud.${STACK_NAME}.version=2.1.0+v2.9.9"
 
 networks:
   proxy:
@@ -70,4 +68,3 @@ configs:
 
 volumes:
   letsencrypt:
-  file-providers:

file-provider.yml.tmpl

@@ -17,11 +17,6 @@ http:
         authResponseHeaders:
           - X-Forwarded-User
     {{ end }}
-    {{ if eq (env "BASIC_AUTH") "1" }}
-    basicauth:
-      basicAuth:
-        usersFile: "/run/secrets/usersfile"
-    {{ end }}
     security:
       headers:
         frameDeny: true

traefik.yml.tmpl

@@ -8,14 +8,8 @@ providers:
     exposedByDefault: false
     network: proxy
     swarmMode: true
-  {{ if eq (env "FILE_PROVIDER_DIRECTORY_ENABLED") "1" }}
-  file:
-    directory: /etc/traefik/file-providers
-    watch: true
-  {{ else }}
   file:
     filename: /etc/traefik/file-provider.yml
-  {{ end }}
 
 api:
   dashboard: {{ env "DASHBOARD_ENABLED" }}
@@ -67,9 +61,6 @@ entrypoints:
   {{ if eq (env "METRICS_ENABLED") "1" }}
   metrics:
     address: ":8082"
-    http:
-      middlewares:
-        - basicauth@file
   {{ end }}
   {{ if eq (env "MATRIX_FEDERATION_ENABLED") "1" }}
   matrix-federation:
@@ -83,8 +74,6 @@ ping:
 metrics:
   prometheus:
     entryPoint: metrics
-    addRoutersLabels: true
-    addServicesLabels: true
 {{ end }}
 
 certificatesResolvers: