fileConfig.yml
Agora vamos vamos configurar o nosso ficheiro de configuração dinâmico para o Traefik. Utilizem o vosso editor preferido para adicionar/editar o ficheiro e colar a configuração a baixo. Neste exemplo vou usar o vim. Certifiquem-se que onde virem TEU_DOMINIO.TDL, alteram para o vosso domínio.
vi /mnt/user/appdata/traefik/dynamic/fileConfig.yml
http:
## EXTERNAL ROUTING - Only use if you want to proxy something manually ##
routers:
# jellyfin routing - Remove if not used
jellyfin:
entryPoints:
- https
rule: 'Host(`subdominio.TEU_DOMINIO.TDL`)'
service: jellyfin
## SERVICES ##
services:
# jellyfin service - Remove if not used
jellyfin:
loadBalancer:
servers:
- url: http://IP:PORTO/ # if on same dockernetwork use docker_app_name instead of ip
## MIDDLEWARES ##
middlewares:
# Only Allow Local networks
local-ipwhitelist:
ipWhiteList:
sourceRange:
- 127.0.0.1/32 # localhost
- 192.168.1.1/24 # LAN Subnet
# Security headers
securityHeaders:
headers:
customResponseHeaders:
X-Robots-Tag: "none,noarchive,nosnippet,notranslate,noimageindex"
X-Forwarded-Proto: "https"
server: ""
customRequestHeaders:
X-Forwarded-Proto: "https"
sslProxyHeaders:
X-Forwarded-Proto: "https"
referrerPolicy: "same-origin"
hostsProxyHeaders:
- "X-Forwarded-Host"
contentTypeNosniff: true
browserXssFilter: true
forceSTSHeader: true
stsIncludeSubdomains: true
stsSeconds: 63072000
stsPreload: true
# Only use secure ciphers - https://ssl-config.mozilla.org/#server=traefik&version=2.6.0&config=intermediate&guideline=5.6
tls:
options:
default:
minVersion: VersionTLS12
cipherSuites:
- TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
- TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
- TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
- TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
- TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305
- TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305Last updated