hyperpiped/_traefik/hyperpipe.yml

177 lines
4.9 KiB
YAML
Raw Normal View History

# 2023-10-13
http:
routers:
pipedproxy:
entryPoints:
- https
rule: Host(`pipedproxy.domain.com`)
middlewares:
- hyperpipe@file
tls: {}
service: pipedproxy
pipedapi:
entryPoints:
- https
rule: Host(`pipedapi.domain.com`)
middlewares:
- hyperpipe@file
tls: {}
service: pipedapi
hyperpipeapi:
entryPoints:
- https
rule: Host(`hyperpipeapi.domain.com`)
middlewares:
- hyperpipe@file
tls: {}
service: hyperpipeapi
piped:
entryPoints:
- https
rule: Host(`piped.domain.com`)
middlewares:
- hyperpipe@file
tls: {}
service: piped
hyperpipe:
entryPoints:
- https
rule: Host(`hyperpipe.domain.com`)
middlewares:
- hyperpipe@file
tls: {}
service: hyperpipe
services:
pipedproxy:
loadBalancer:
servers:
- url: "http://xxx.xxx.xxx.xxx:8304/"
pipedapi:
loadBalancer:
servers:
- url: "http://xxx.xxx.xxx.xxx:8304/"
piped:
loadBalancer:
servers:
- url: "http://xxx.xxx.xxx.xxx:8304/"
hyperpipeapi:
loadBalancer:
servers:
- url: "http://xxx.xxx.xxx.xxx:8305/"
hyperpipe:
loadBalancer:
servers:
- url: "http://xxx.xxx.xxx.xxx:8306/"
middlewares:
hyperpipe-defaults:
headers:
frameDeny: false
browserXssFilter: false
forceSTSHeader: true
stsIncludeSubdomains: true
stsPreload: true
stsSeconds: 15552000
contentsecuritypolicy: "\
script-src 'self' 'unsafe-hashes' 'unsafe-inline' 'unsafe-eval' blob: data: https: wss: http: ws:;\
img-src 'self' 'unsafe-hashes' 'unsafe-inline' 'unsafe-eval' blob: data: https: wss: http: ws:;\
font-src 'self' 'unsafe-hashes' 'unsafe-inline' 'unsafe-eval' blob: data: https: wss: http: ws:;\
connect-src 'self' 'unsafe-hashes' 'unsafe-inline' 'unsafe-eval' blob: data: https: wss: http: ws:;\
frame-src 'self' 'unsafe-hashes' 'unsafe-inline' 'unsafe-eval' blob: data: https: wss: http: ws:;\
media-src 'self' 'unsafe-hashes' 'unsafe-inline' 'unsafe-eval' blob: data: https: wss: http: ws:;\
style-src 'self' 'unsafe-hashes' 'unsafe-inline' 'unsafe-eval' blob: data: https: wss: http: ws:;\
child-src 'self' 'unsafe-hashes' 'unsafe-inline' 'unsafe-eval' blob: data: https: wss: http: ws:;\
default-src 'self' 'unsafe-hashes' 'unsafe-inline' 'unsafe-eval' blob: data: https: wss: http: ws:;\
object-src 'none';\
"
hyperpipe-security:
headers:
customRequestheaders:
X-Content-Type-Options: ""
customResponseHeaders:
X-Content-Type-Options: ""
Permissions-Policy: "fullscreen=(*), display-capture=(self), accelerometer=(), battery=(), camera=(), autoplay=(self), vibrate=(self), geolocation=(self), midi=(self), notifications=(*), push=(*), microphone=(self), magnetometer=(self), gyroscope=(self), payment=(self)"
X-Forwarded-Proto: https
X-Permitted-Cross-Domain-Policies: all
sslProxyHeaders:
X-Forwarded-Proto: https
referrerPolicy: strict-origin-when-cross-origin
hyperpipe-cors:
headers:
customRequestHeaders:
Access-Control-Allow-Origin: "*"
Sec-Fetch-Site: cross-site
X-Forwarded-Proto: https
Access-Control-Allow-Headers: "*, Authorization"
customResponseHeaders:
Access-Control-Allow-Origin: "*"
Sec-Fetch-Site: cross-site
X-Forwarded-Proto: https
Access-Control-Allow-Headers: "*, Authorization"
accessControlAllowMethods:
- OPTIONS
- POST
- GET
- PUT
- DELETE
- PATCH
- FETCH
accessControlAllowHeaders:
- "*, Authorization"
accessControlExposeHeaders:
- "*, Authorization"
accessControlMaxAge: 100
addVaryHeader: true
accessControlAllowCredentials: true
accessControlAllowOriginList:
- "*"
hyperpipe-inflightreq:
inFlightReq:
amount: 4096
hyperpipe-ratelimit:
rateLimit:
average: 1024
burst: 1024
hyperpipe-retry:
retry:
attempts: 64
initialInterval: 100ms
hyperpipe:
chain:
middlewares:
- httpsredirect
- ipwhitelist
- hyperpipe-inflightreq
- hyperpipe-ratelimit
- hyperpipe-retry
- autodetect
- hyperpipe-defaults
- hyperpipe-security
- hyperpipe-cors
- compress