first commit

2024-06-03 18:43:35 +02:00
parent 2da01a3f6e
commit f501d519af
883 changed files with 71550 additions and 2 deletions
--- a/dockers/traefik/conf/dynamic/certificates.yml.tmpl
+++ b/dockers/traefik/conf/dynamic/certificates.yml.tmpl
@ -0,0 +1,20 @@
+#tls:
+#  certificates:
+#    - certFile: __SSL_CERT__
+#      keyFile: __SSL_KEY__
+#
+#  stores:
+#    default:
+#      defaultCertificate:
+#        certFile: __SSL_CERT__
+#        keyFile: __SSL_KEY__
+#  options:
+#    default:
+#      minVersion: VersionTLS12
+#      cipherSuites:
+#        - TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
+#        - TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
+#        - TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
+#        - TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
+#        - TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305
+#        - TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305
--- a/dockers/traefik/conf/dynamic/conf.yml
+++ b/dockers/traefik/conf/dynamic/conf.yml
@ -0,0 +1,17 @@
+http:
+  middlewares:
+    hsts:
+      headers:
+        stsincludesubdomains: true
+        stspreload: true
+        stsseconds: 31536000 # 1 an
+    nextcloud-redirectregex1:
+      redirectregex:
+        permanent: true
+        regex: https?://([^/]*)/.well-known/(card|cal)dav
+        replacement: https://${1}/remote.php/dav/
+    nextcloud-redirectregex2:
+      redirectregex:
+        permanent: true
+        regex: https?://([^/]*)(/.well-known[^#]*)
+        replacement: https://${1}/index.php${2}
--- a/dockers/traefik/conf/traefik.yml.old
+++ b/dockers/traefik/conf/traefik.yml.old
@ -0,0 +1,54 @@
+providers:
+  file:
+     directory: "/etc/traefik/dynamic"
+     watch: true
+  docker: {}
+
+entryPoints:
+  web:
+    address: ":80"
+  websecure:
+    address: ":443"
+    http:
+      tls:
+        certResolver: letsencrypt
+  # Ajout d'un point d'entrée sur le port 8289
+  metrics:
+    address: ":8289"
+
+#serversTransport:
+#  rootCAs:
+#    - /etc/letsencrypt/local/rootCA.pem
+
+
+api:
+  dashboard: true
+
+accessLog:
+  filePath: "/var/log/traefik/access.log"
+  format: json
+
+certificatesresolvers:
+  letsencrypt:
+    acme:
+    #  email: sysadmins@kaz.bzh
+      storage: /letsencrypt/acme.json
+    #  caServer: "https://acme-staging.api.letsencrypt.org/directory"
+      httpChallenge:
+        entryPoint: web
+
+# Ajout de la partie métrique qui concerne Prometheus
+metrics:
+  prometheus:
+    # Nom du point d'entrée défini au dessus
+    entryPoint: metrics
+    # On configure la latence des métriques
+    buckets:
+      - 0.1
+      - 0.3
+      - 1.2
+      - 5.0
+    # Ajout des métriques sur les points d'entrée
+    addEntryPointsLabels: true
+    # Ajout des services
+    addServicesLabels: true