Merge branch 'master' of https://git.zom.bi/zombi/proxy

README.md

@@ -0,0 +1,5 @@
+run on stratholme:
+
+```
+docker-compose -f docker-compose.stratholme.yml up
+```

config/dynamic/tls.yml

@@ -0,0 +1,11 @@
+tls:
+  options:
+    default:
+      minVersion: VersionTLS12
+      cipherSuites:
+        - TLS_CHACHA20_POLY1305_SHA256
+        - TLS_AES_128_GCM_SHA256
+        - TLS_AES_256_GCM_SHA384
+        - TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256
+        - TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
+        - TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384

config/dynamic_conf.toml

@@ -1,14 +0,0 @@
-[tls.options]
-  [tls.options.default]
-    minVersion = "VersionTLS12"
-    cipherSuites = [
-      "TLS_CHACHA20_POLY1305_SHA256",
-      "TLS_AES_128_GCM_SHA256",
-      "TLS_AES_256_GCM_SHA384",
-      "TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256",
-      "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256",
-      "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384"
-    ]
-  [tls.options.mintls13]
-    minVersion = "VersionTLS13"
-

config/traefik.toml

@@ -38,7 +38,8 @@
 # we are loading an additional file, as some options can only be defined
 # in a 'dynamic' file config, not in this main config file.
 [providers.file]
-  filename = "/etc/traefik/dynamic_conf.toml"
+  directory = "/etc/traefik/dynamic"
+  watch = true
 
 [certificatesResolvers.default.acme]
   email = "hostmaster@zom.bi"
@@ -55,4 +56,3 @@
 [[tls.certificates]]
   certFile = "cert/grun.host.origin.pem"
   keyFile = "cert/grun.host.origin.key"
-

docker-compose.yml

@@ -6,11 +6,11 @@ services:
     ports:
       - "80:80"
       - "443:443"
-      - "10.0.0.1:8080:8080"
     volumes:
       - "/var/run/docker.sock:/var/run/docker.sock:ro"
       - "./cert/:/cert/"
       - "./config/:/etc/traefik/:ro"
+      - "./config/dynamic/:/etc/traefik/dynamic/:ro"
     labels:
       - "traefik.enable=true" # set to true to expose the Monitoring & API
       # middleware redirect