From eef5a0ade3cb052d1079b9e3c1cea5df322b98db Mon Sep 17 00:00:00 2001 From: John Date: Mon, 10 Nov 2025 10:23:05 +0000 Subject: [PATCH] remove conf from gitignore --- .gitignore | 2 +- conf/traefik-conf/cloudflre service token.txt | 3 + conf/traefik-conf/dynamic.yml | 50 +++++++++++++++++ conf/traefik-conf/static.yml | 56 +++++++++++++++++++ 4 files changed, 110 insertions(+), 1 deletion(-) create mode 100644 conf/traefik-conf/cloudflre service token.txt create mode 100644 conf/traefik-conf/dynamic.yml create mode 100644 conf/traefik-conf/static.yml diff --git a/.gitignore b/.gitignore index 3b7e381..8b13789 100644 --- a/.gitignore +++ b/.gitignore @@ -1 +1 @@ -conf/ + diff --git a/conf/traefik-conf/cloudflre service token.txt b/conf/traefik-conf/cloudflre service token.txt new file mode 100644 index 0000000..3eeafe3 --- /dev/null +++ b/conf/traefik-conf/cloudflre service token.txt @@ -0,0 +1,3 @@ +cloudflre service token= +CF-Access-Client-Id: dd8446c2a917e1f281a6f7e79c9171a9.access +CF-Access-Client-Secret: 7285e7b3b02510087774c06f52654c76932e8c83c758d9f3649dfe56a1d5385b \ No newline at end of file diff --git a/conf/traefik-conf/dynamic.yml b/conf/traefik-conf/dynamic.yml new file mode 100644 index 0000000..50f30e7 --- /dev/null +++ b/conf/traefik-conf/dynamic.yml @@ -0,0 +1,50 @@ +# Traefik Dynamic Configuration for External Services +# This file handles routing to services NOT managed by Docker Swarm +http: + #----------------------------------------------------------------------------------- + # EXTERNAL SERVICES SECTION + #----------------------------------------------------------------------------------- + services: + unraid: + loadBalancer: + servers: + - url: "http://10.0.4.10:80" + # emby: + # loadBalancer: + # servers: + # - url: "http://10.0.4.10:8096" + + #----------------------------------------------------------------------------------- + # ROUTERS SECTION + #----------------------------------------------------------------------------------- + routers: + # Local VPN-only services (*.swarm.home) + unraid-local: + rule: "Host(`unraid.swarm.home`)" + entryPoints: + - web + - websecure + service: unraid + tls: {} + # emby: + # rule: "Host(`movies.swarm.home`)" + # entryPoints: + # - web + # - websecure + # service: emby + # tls: {} + + #----------------------------------------------------------------------------------- + # MIDDLEWARES SECTION + #----------------------------------------------------------------------------------- + middlewares: + authentik: + forwardAuth: + address: "http://authentik_server:9000/outpost.goauthentik.io/auth/traefik" + trustForwardHeader: true + authResponseHeaders: + - X-authentik-username + - X-authentik-groups + - X-authentik-email + - X-authentik-name + - X-authentik-uid diff --git a/conf/traefik-conf/static.yml b/conf/traefik-conf/static.yml new file mode 100644 index 0000000..0eec2d7 --- /dev/null +++ b/conf/traefik-conf/static.yml @@ -0,0 +1,56 @@ +# /etc/traefik/traefik.yml or /etc/traefik/static.yml + +# Global configuration +global: + checkNewVersion: false + sendAnonymousUsage: false + +# API and Dashboard +api: + dashboard: true + insecure: true + +# Health check endpoint +ping: {} + +# Entry points +entryPoints: + web: + address: ":80" + http: + redirections: + entrypoint: + to: websecure + scheme: https + + websecure: + address: ":443" + +# Providers +providers: + # Docker Swarm provider + swarm: + endpoint: "unix:///var/run/docker.sock" + exposedByDefault: false + network: homelab + watch: true + + # File provider for dynamic configuration + file: + directory: /etc/traefik/dynamic + watch: true + +# Certificate resolvers +# certificatesResolvers: +# cloudflare: +# acme: +# email: john.allisonwin@outlook.com +# storage: /certificates/acme.json +# dnsChallenge: +# provider: cloudflare + +# Logging +log: + level: DEBUG + +accessLog: {}