kelin
75906bc043
- Include commented staging caServer in config template - Add troubleshooting section for test environment certificate conflicts - Document rate limit avoidance strategies for development/testing
56 lines
1.3 KiB
YAML
56 lines
1.3 KiB
YAML
# Traefik Static Configuration
|
|
# Copy to /opt/stacks/traefik/traefik.yml
|
|
|
|
global:
|
|
checkNewVersion: true
|
|
sendAnonymousUsage: false
|
|
|
|
api:
|
|
dashboard: true
|
|
insecure: false # Dashboard accessible via Traefik route with Authelia
|
|
|
|
entryPoints:
|
|
web:
|
|
address: ":80"
|
|
http:
|
|
redirections:
|
|
entryPoint:
|
|
to: websecure
|
|
scheme: https
|
|
|
|
websecure:
|
|
address: ":443"
|
|
http:
|
|
tls:
|
|
certResolver: letsencrypt
|
|
|
|
certificatesResolvers:
|
|
letsencrypt:
|
|
acme:
|
|
email: ACME_EMAIL_PLACEHOLDER # Will be replaced by deploy script
|
|
storage: /acme.json
|
|
# For testing: Use staging to avoid production rate limits
|
|
# caServer: https://acme-staging-v02.api.letsencrypt.org/directory
|
|
# DNS challenge - For wildcard certificates (*.yourdomain.duckdns.org)
|
|
# Works with DuckDNS - requires DUCKDNS_TOKEN in environment
|
|
dnsChallenge:
|
|
provider: duckdns
|
|
|
|
providers:
|
|
docker:
|
|
endpoint: "unix:///var/run/docker.sock"
|
|
exposedByDefault: false # Only expose services with traefik.enable=true
|
|
network: traefik-network
|
|
|
|
file:
|
|
directory: /dynamic
|
|
watch: true
|
|
|
|
log:
|
|
level: INFO # DEBUG, INFO, WARN, ERROR
|
|
filePath: /var/log/traefik/traefik.log
|
|
|
|
accessLog:
|
|
filePath: /var/log/traefik/access.log
|
|
bufferingSize: 100
|