107 lines
2.5 KiB
TOML
107 lines
2.5 KiB
TOML
# accept invalid SSL certs for backends
|
|
InsecureSkipVerify = true
|
|
|
|
defaultEntryPoints = ["http", "https"]
|
|
|
|
[acme]
|
|
email = "hostmaster@zom.bi"
|
|
storage = "cert/acme.json"
|
|
entryPoint = "https"
|
|
onDemand = false
|
|
#OnHostRule = true
|
|
OnHostRule = false
|
|
|
|
|
|
[acme.httpChallenge]
|
|
entryPoint = "http"
|
|
|
|
[entryPoints]
|
|
[entryPoints.http]
|
|
address = ":80"
|
|
[entryPoints.http.redirect]
|
|
entryPoint = "https"
|
|
[entryPoints.https]
|
|
address = ":443"
|
|
[entryPoints.https.tls]
|
|
# first certificate is default, serve nonsense to
|
|
# mitigate TLS probing
|
|
[[entryPoints.https.tls.certificates]]
|
|
certFile = "cert/snakeoil.pem"
|
|
keyFile = "cert/snakeoil.key"
|
|
[[entryPoints.https.tls.certificates]]
|
|
certFile = "cert/bitmask.me.origin.pem"
|
|
keyFile = "cert/bitmask.me.origin.key"
|
|
[[entryPoints.https.tls.certificates]]
|
|
certFile = "cert/grun.host.origin.pem"
|
|
keyFile = "cert/grun.host.origin.key"
|
|
|
|
[web]
|
|
address = ":8080"
|
|
|
|
[docker]
|
|
endpoint = "unix:///var/run/docker.sock"
|
|
domain = "docker.localhost"
|
|
watch = true
|
|
exposedbydefault = false
|
|
|
|
# new domains and subdomains can be configured here.
|
|
# note that domains and subdomains not defined in this file will still work,
|
|
# when defined in a container Host-Rule. However, they will generate
|
|
# their own ACME request, and will count towards LetsEncrypt's rate limit.
|
|
[[acme.domains]]
|
|
main = "zom.bi"
|
|
sans = [
|
|
"conference.zom.bi",
|
|
"mumble.zom.bi",
|
|
"mx.zom.bi",
|
|
"user.zom.bi",
|
|
"xmpp.zom.bi",
|
|
"irc.zom.bi",
|
|
|
|
# web vhosts:
|
|
"api.zom.bi",
|
|
"autoconfig.zom.bi",
|
|
"blog.zom.bi",
|
|
"cloud.zom.bi",
|
|
"docker.zom.bi",
|
|
"download.zom.bi",
|
|
"gdpr.zom.bi",
|
|
"git.zom.bi",
|
|
"kanban.zom.bi",
|
|
"mail.zom.bi",
|
|
"music.zom.bi",
|
|
"org.zom.bi",
|
|
"ovpn.zom.bi",
|
|
"pad.zom.bi",
|
|
"push.zom.bi",
|
|
"static.zom.bi",
|
|
"stream.zom.bi",
|
|
"tube.zom.bi",
|
|
"upload.zom.bi",
|
|
"wiki.zom.bi",
|
|
"www.zom.bi",
|
|
|
|
# test subdomain
|
|
"test.zom.bi",
|
|
]
|
|
|
|
[[acme.domains]]
|
|
main = "suprememachines.de"
|
|
sans = [
|
|
"www.suprememachines.de",
|
|
"git.suprememachines.de",
|
|
"pad.suprememachines.de",
|
|
]
|
|
|
|
[[acme.domains]]
|
|
main = "aloneonline.net"
|
|
sans = ["www.aloneonline.net"]
|
|
|
|
[[acme.domains]]
|
|
main = "graphs.xhain.space"
|
|
|
|
# You can define multiple of these blocks, each of which will result in one
|
|
# certificate.
|
|
#[[acme.domains]]
|
|
# main = "zombi.systems"
|
|
# sans = ["www.zombi.systems", "blog.zombi.systems"]
|