177 lines
4.9 KiB
YAML
177 lines
4.9 KiB
YAML
|
# 2023-10-13
|
||
|
|
||
|
http:
|
||
|
|
||
|
|
||
|
routers:
|
||
|
|
||
|
pipedproxy:
|
||
|
entryPoints:
|
||
|
- https
|
||
|
rule: Host(`pipedproxy.domain.com`)
|
||
|
middlewares:
|
||
|
- hyperpipe@file
|
||
|
tls: {}
|
||
|
service: pipedproxy
|
||
|
|
||
|
pipedapi:
|
||
|
entryPoints:
|
||
|
- https
|
||
|
rule: Host(`pipedapi.domain.com`)
|
||
|
middlewares:
|
||
|
- hyperpipe@file
|
||
|
tls: {}
|
||
|
service: pipedapi
|
||
|
|
||
|
hyperpipeapi:
|
||
|
entryPoints:
|
||
|
- https
|
||
|
rule: Host(`hyperpipeapi.domain.com`)
|
||
|
middlewares:
|
||
|
- hyperpipe@file
|
||
|
tls: {}
|
||
|
service: hyperpipeapi
|
||
|
|
||
|
piped:
|
||
|
entryPoints:
|
||
|
- https
|
||
|
rule: Host(`piped.domain.com`)
|
||
|
middlewares:
|
||
|
- hyperpipe@file
|
||
|
tls: {}
|
||
|
service: piped
|
||
|
|
||
|
hyperpipe:
|
||
|
entryPoints:
|
||
|
- https
|
||
|
rule: Host(`hyperpipe.domain.com`)
|
||
|
middlewares:
|
||
|
- hyperpipe@file
|
||
|
tls: {}
|
||
|
service: hyperpipe
|
||
|
|
||
|
|
||
|
|
||
|
services:
|
||
|
|
||
|
pipedproxy:
|
||
|
loadBalancer:
|
||
|
servers:
|
||
|
- url: "http://xxx.xxx.xxx.xxx:8304/"
|
||
|
|
||
|
pipedapi:
|
||
|
loadBalancer:
|
||
|
servers:
|
||
|
- url: "http://xxx.xxx.xxx.xxx:8304/"
|
||
|
|
||
|
piped:
|
||
|
loadBalancer:
|
||
|
servers:
|
||
|
- url: "http://xxx.xxx.xxx.xxx:8304/"
|
||
|
|
||
|
hyperpipeapi:
|
||
|
loadBalancer:
|
||
|
servers:
|
||
|
- url: "http://xxx.xxx.xxx.xxx:8305/"
|
||
|
|
||
|
hyperpipe:
|
||
|
loadBalancer:
|
||
|
servers:
|
||
|
- url: "http://xxx.xxx.xxx.xxx:8306/"
|
||
|
|
||
|
|
||
|
|
||
|
middlewares:
|
||
|
|
||
|
hyperpipe-defaults:
|
||
|
headers:
|
||
|
frameDeny: false
|
||
|
browserXssFilter: false
|
||
|
forceSTSHeader: true
|
||
|
stsIncludeSubdomains: true
|
||
|
stsPreload: true
|
||
|
stsSeconds: 15552000
|
||
|
contentsecuritypolicy: "\
|
||
|
script-src 'self' 'unsafe-hashes' 'unsafe-inline' 'unsafe-eval' blob: data: https: wss: http: ws:;\
|
||
|
img-src 'self' 'unsafe-hashes' 'unsafe-inline' 'unsafe-eval' blob: data: https: wss: http: ws:;\
|
||
|
font-src 'self' 'unsafe-hashes' 'unsafe-inline' 'unsafe-eval' blob: data: https: wss: http: ws:;\
|
||
|
connect-src 'self' 'unsafe-hashes' 'unsafe-inline' 'unsafe-eval' blob: data: https: wss: http: ws:;\
|
||
|
frame-src 'self' 'unsafe-hashes' 'unsafe-inline' 'unsafe-eval' blob: data: https: wss: http: ws:;\
|
||
|
media-src 'self' 'unsafe-hashes' 'unsafe-inline' 'unsafe-eval' blob: data: https: wss: http: ws:;\
|
||
|
style-src 'self' 'unsafe-hashes' 'unsafe-inline' 'unsafe-eval' blob: data: https: wss: http: ws:;\
|
||
|
child-src 'self' 'unsafe-hashes' 'unsafe-inline' 'unsafe-eval' blob: data: https: wss: http: ws:;\
|
||
|
default-src 'self' 'unsafe-hashes' 'unsafe-inline' 'unsafe-eval' blob: data: https: wss: http: ws:;\
|
||
|
object-src 'none';\
|
||
|
"
|
||
|
|
||
|
hyperpipe-security:
|
||
|
headers:
|
||
|
customRequestheaders:
|
||
|
X-Content-Type-Options: ""
|
||
|
customResponseHeaders:
|
||
|
X-Content-Type-Options: ""
|
||
|
Permissions-Policy: "fullscreen=(*), display-capture=(self), accelerometer=(), battery=(), camera=(), autoplay=(self), vibrate=(self), geolocation=(self), midi=(self), notifications=(*), push=(*), microphone=(self), magnetometer=(self), gyroscope=(self), payment=(self)"
|
||
|
X-Forwarded-Proto: https
|
||
|
X-Permitted-Cross-Domain-Policies: all
|
||
|
sslProxyHeaders:
|
||
|
X-Forwarded-Proto: https
|
||
|
referrerPolicy: strict-origin-when-cross-origin
|
||
|
|
||
|
hyperpipe-cors:
|
||
|
headers:
|
||
|
customRequestHeaders:
|
||
|
Access-Control-Allow-Origin: "*"
|
||
|
Sec-Fetch-Site: cross-site
|
||
|
X-Forwarded-Proto: https
|
||
|
Access-Control-Allow-Headers: "*, Authorization"
|
||
|
customResponseHeaders:
|
||
|
Access-Control-Allow-Origin: "*"
|
||
|
Sec-Fetch-Site: cross-site
|
||
|
X-Forwarded-Proto: https
|
||
|
Access-Control-Allow-Headers: "*, Authorization"
|
||
|
accessControlAllowMethods:
|
||
|
- OPTIONS
|
||
|
- POST
|
||
|
- GET
|
||
|
- PUT
|
||
|
- DELETE
|
||
|
- PATCH
|
||
|
- FETCH
|
||
|
accessControlAllowHeaders:
|
||
|
- "*, Authorization"
|
||
|
accessControlExposeHeaders:
|
||
|
- "*, Authorization"
|
||
|
accessControlMaxAge: 100
|
||
|
addVaryHeader: true
|
||
|
accessControlAllowCredentials: true
|
||
|
accessControlAllowOriginList:
|
||
|
- "*"
|
||
|
|
||
|
hyperpipe-inflightreq:
|
||
|
inFlightReq:
|
||
|
amount: 4096
|
||
|
|
||
|
hyperpipe-ratelimit:
|
||
|
rateLimit:
|
||
|
average: 1024
|
||
|
burst: 1024
|
||
|
|
||
|
hyperpipe-retry:
|
||
|
retry:
|
||
|
attempts: 64
|
||
|
initialInterval: 100ms
|
||
|
|
||
|
hyperpipe:
|
||
|
chain:
|
||
|
middlewares:
|
||
|
- httpsredirect
|
||
|
- ipwhitelist
|
||
|
- hyperpipe-inflightreq
|
||
|
- hyperpipe-ratelimit
|
||
|
- hyperpipe-retry
|
||
|
- autodetect
|
||
|
- hyperpipe-defaults
|
||
|
- hyperpipe-security
|
||
|
- hyperpipe-cors
|
||
|
- compress
|