186 lines
4.1 KiB
YAML
186 lines
4.1 KiB
YAML
http:
|
|
#region routers
|
|
routers:
|
|
pve01:
|
|
entryPoints:
|
|
- "http"
|
|
- "https"
|
|
rule: "Host(`pve01.office.kh3group.com`)"
|
|
middlewares:
|
|
- default-headers
|
|
tls: {}
|
|
service: pve01
|
|
pve02:
|
|
entryPoints:
|
|
- "https"
|
|
rule: "Host(`pve02.office.kh3group.com`)"
|
|
middlewares:
|
|
- default-headers
|
|
tls: {}
|
|
service: pve02
|
|
pve03:
|
|
entryPoints:
|
|
- "https"
|
|
rule: "Host(`pve03.office.kh3group.com`)"
|
|
middlewares:
|
|
- default-headers
|
|
tls: {}
|
|
service: pve03
|
|
pihole:
|
|
entryPoints:
|
|
- "https"
|
|
rule: "Host(`dns.office.kh3group.com`) || Host(`dns.kh3group.com`) "
|
|
middlewares:
|
|
- default-headers
|
|
- addprefix-pihole
|
|
tls: {}
|
|
service: pihole
|
|
pfsense:
|
|
entryPoints:
|
|
- "https"
|
|
rule: "Host(`firewall.office.kh3group.com`)"
|
|
middlewares:
|
|
- default-headers
|
|
tls: {}
|
|
service: pfsense
|
|
mysite:
|
|
entryPoints:
|
|
- "https"
|
|
rule: "Host(`my.office.kh3group.com`)"
|
|
middlewares:
|
|
- default-headers
|
|
tls: {}
|
|
service: mysite
|
|
portal:
|
|
entryPoints:
|
|
- "https"
|
|
rule: "Host(`portal.office.kh3group.com`)"
|
|
middlewares:
|
|
- default-headers
|
|
tls: {}
|
|
service: portal
|
|
printer:
|
|
entryPoints:
|
|
- "https"
|
|
rule: "Host(`printer.office.kh3group.com`)"
|
|
middlewares:
|
|
- default-headers
|
|
# - prefix-printer
|
|
tls: {}
|
|
service: printer
|
|
#endregion
|
|
#region services
|
|
services:
|
|
pve01:
|
|
loadBalancer:
|
|
servers:
|
|
- url: "https://192.168.2.3:8006"
|
|
passHostHeader: true
|
|
pve02:
|
|
loadBalancer:
|
|
servers:
|
|
- url: "https://192.168.2.10:8006"
|
|
passHostHeader: true
|
|
pve03:
|
|
loadBalancer:
|
|
servers:
|
|
- url: "https://192.168.100.60:8006"
|
|
passHostHeader: true
|
|
pihole:
|
|
loadBalancer:
|
|
servers:
|
|
- url: "http://192.168.2.2:80"
|
|
passHostHeader: true
|
|
pfsense:
|
|
loadBalancer:
|
|
servers:
|
|
- url: "https://192.168.100.1:443"
|
|
passHostHeader: true
|
|
mysite:
|
|
loadBalancer:
|
|
serversTransport: sptransport
|
|
servers:
|
|
- url: "http://192.168.2.34:80"
|
|
passHostHeader: true
|
|
portal:
|
|
loadBalancer:
|
|
serversTransport: sptransport
|
|
servers:
|
|
- url: "http://192.168.2.33:80"
|
|
passHostHeader: true
|
|
printer:
|
|
loadBalancer:
|
|
servers:
|
|
- url: "https://192.168.100.100"
|
|
passHostHeader: true
|
|
#endregion
|
|
serversTransports:
|
|
sptransport:
|
|
disableHTTP2: true
|
|
|
|
middlewares:
|
|
addprefix-pihole:
|
|
addPrefix:
|
|
prefix: "/admin"
|
|
https-redirect:
|
|
redirectScheme:
|
|
scheme: https
|
|
prefix-printer:
|
|
addPrefix:
|
|
prefix: "/main"
|
|
|
|
default-headers:
|
|
headers:
|
|
frameDeny: true
|
|
sslRedirect: true
|
|
browserXssFilter: true
|
|
contentTypeNosniff: true
|
|
forceSTSHeader: true
|
|
stsIncludeSubdomains: true
|
|
stsPreload: true
|
|
stsSeconds: 15552000
|
|
customFrameOptionsValue: SAMEORIGIN
|
|
customRequestHeaders:
|
|
X-Forwarded-Proto: https
|
|
|
|
idrac:
|
|
headers:
|
|
frameDeny: true
|
|
sslRedirect: true
|
|
browserXssFilter: true
|
|
forceSTSHeader: true
|
|
stsIncludeSubdomains: true
|
|
stsSeconds: 15552000
|
|
customFrameOptionsValue: SAMEORIGIN
|
|
customRequestHeaders:
|
|
X-Forwarded-Proto: https
|
|
|
|
default-whitelist:
|
|
ipWhiteList:
|
|
sourceRange:
|
|
- "10.0.0.0/8"
|
|
- "192.168.100.0/24"
|
|
- "172.16.16.0/32"
|
|
|
|
secured:
|
|
chain:
|
|
middlewares:
|
|
- default-whitelist
|
|
- default-headers
|
|
|
|
crowdsec-bouncer:
|
|
forwardauth:
|
|
address: http://bouncer-traefik:8080/api/v1/forwardAuth
|
|
trustForwardHeader: true
|
|
|
|
#tcp:
|
|
# routers:
|
|
# mysites:
|
|
# rule: "HostSNI(`my.office.kh3group.com`)"
|
|
# tls: {}
|
|
# service: mysites
|
|
# services:
|
|
# mysites:
|
|
# loadBalancer:
|
|
# servers:
|
|
# - address: "192.168.2.34:80"
|