forked from coop-cloud/traefik
Compare commits
3 Commits
5f2fd0bf37
...
06340219da
Author | SHA1 | Date |
---|---|---|
|
06340219da | |
|
f541d4b0a1 | |
|
f9cbb5d989 |
11
.env.sample
11
.env.sample
|
@ -46,6 +46,17 @@ COMPOSE_FILE="compose.yml"
|
||||||
#GANDI_ENABLED=1
|
#GANDI_ENABLED=1
|
||||||
#SECRET_GANDIV5_API_KEY_VERSION=v1
|
#SECRET_GANDIV5_API_KEY_VERSION=v1
|
||||||
|
|
||||||
|
#####################################################################
|
||||||
|
# Manual wildcard certificate insertion #
|
||||||
|
#####################################################################
|
||||||
|
# Set wildcards = 1, and uncomment compose_file to enable.
|
||||||
|
# Create your certs elsewhere and add them like:
|
||||||
|
# abra app secrets insert v1 {myapp.example.coop} ssl_cert "$(cat /path/to/fullchain.pem)"
|
||||||
|
# abra app secrets insert v1 {myapp.example.coop} ssl_key "$(cat /path/to/privkey.pem)"
|
||||||
|
#WILDCARDS_ENABLED=1
|
||||||
|
#SECRET_WILDCARD_CERT_VERSION=v1
|
||||||
|
#COMPOSE_FILE="$COMPOSE_FILE:compose.wildcard.yml"
|
||||||
|
|
||||||
#####################################################################
|
#####################################################################
|
||||||
# Keycloak log-in #
|
# Keycloak log-in #
|
||||||
#####################################################################
|
#####################################################################
|
||||||
|
|
4
abra.sh
4
abra.sh
|
@ -1,3 +1,3 @@
|
||||||
export TRAEFIK_YML_VERSION=v17
|
export TRAEFIK_YML_VERSION=v18
|
||||||
export FILE_PROVIDER_YML_VERSION=v8
|
export FILE_PROVIDER_YML_VERSION=v9
|
||||||
export ENTRYPOINT_VERSION=v2
|
export ENTRYPOINT_VERSION=v2
|
||||||
|
|
|
@ -0,0 +1,16 @@
|
||||||
|
---
|
||||||
|
version: "3.8"
|
||||||
|
|
||||||
|
services:
|
||||||
|
app:
|
||||||
|
secrets:
|
||||||
|
- ssl_cert
|
||||||
|
- ssl_key
|
||||||
|
|
||||||
|
secrets:
|
||||||
|
ssl_cert:
|
||||||
|
name: ${STACK_NAME}_ssl_cert_${SECRET_WILDCARD_CERT_VERSION}
|
||||||
|
external: true
|
||||||
|
ssl_key:
|
||||||
|
name: ${STACK_NAME}_ssl_key_${SECRET_WILDCARD_CERT_VERSION}
|
||||||
|
external: true
|
|
@ -25,7 +25,6 @@ http:
|
||||||
security:
|
security:
|
||||||
headers:
|
headers:
|
||||||
frameDeny: true
|
frameDeny: true
|
||||||
sslRedirect: true
|
|
||||||
browserXssFilter: true
|
browserXssFilter: true
|
||||||
contentTypeNosniff: true
|
contentTypeNosniff: true
|
||||||
stsIncludeSubdomains: true
|
stsIncludeSubdomains: true
|
||||||
|
@ -45,3 +44,8 @@ tls:
|
||||||
- CurveP521
|
- CurveP521
|
||||||
- CurveP384
|
- CurveP384
|
||||||
sniStrict: true
|
sniStrict: true
|
||||||
|
{{ if eq (env "WILDCARDS_ENABLED") "1" }}
|
||||||
|
certificates:
|
||||||
|
- certFile: /run/secrets/ssl_cert
|
||||||
|
keyFile: /run/secrets/ssl_key
|
||||||
|
{{ end }}
|
Loading…
Reference in New Issue