hyperpiped/_traefik/hyperpipe.yml

# 2023-10-13

http:


  routers:

    pipedproxy:
      entryPoints:
        - https
      rule: Host(`pipedproxy.domain.com`)
      middlewares:
        - hyperpipe@file
      tls: {}
      service: pipedproxy

    pipedapi:
      entryPoints:
        - https
      rule: Host(`pipedapi.domain.com`)
      middlewares:
        - hyperpipe@file
      tls: {}
      service: pipedapi

    hyperpipeapi:
      entryPoints:
        - https
      rule: Host(`hyperpipeapi.domain.com`)
      middlewares:
        - hyperpipe@file
      tls: {}
      service: hyperpipeapi

    piped:
      entryPoints:
        - https
      rule: Host(`piped.domain.com`)
      middlewares:
        - hyperpipe@file
      tls: {}
      service: piped

    hyperpipe:
      entryPoints:
        - https
      rule: Host(`hyperpipe.domain.com`)
      middlewares:
        - hyperpipe@file
      tls: {}
      service: hyperpipe


  services:

    pipedproxy:
      loadBalancer:
        servers:
          - url: "http://xxx.xxx.xxx.xxx:8304/"

    pipedapi:
      loadBalancer:
        servers:
          - url: "http://xxx.xxx.xxx.xxx:8304/"

    piped:
      loadBalancer:
        servers:
          - url: "http://xxx.xxx.xxx.xxx:8304/"

    hyperpipeapi:
      loadBalancer:
        servers:
          - url: "http://xxx.xxx.xxx.xxx:8305/"

    hyperpipe:
      loadBalancer:
        servers:
          - url: "http://xxx.xxx.xxx.xxx:8306/"


  middlewares:

    hyperpipe-defaults:
      headers:
        frameDeny: false
        browserXssFilter: false
        forceSTSHeader: true
        stsIncludeSubdomains: true
        stsPreload: true
        stsSeconds: 15552000
        contentsecuritypolicy: "\
            script-src    'self' 'unsafe-hashes' 'unsafe-inline' 'unsafe-eval' blob: data: https: wss: http: ws:;\
            img-src       'self' 'unsafe-hashes' 'unsafe-inline' 'unsafe-eval' blob: data: https: wss: http: ws:;\
            font-src      'self' 'unsafe-hashes' 'unsafe-inline' 'unsafe-eval' blob: data: https: wss: http: ws:;\
            connect-src   'self' 'unsafe-hashes' 'unsafe-inline' 'unsafe-eval' blob: data: https: wss: http: ws:;\
            frame-src     'self' 'unsafe-hashes' 'unsafe-inline' 'unsafe-eval' blob: data: https: wss: http: ws:;\
            media-src     'self' 'unsafe-hashes' 'unsafe-inline' 'unsafe-eval' blob: data: https: wss: http: ws:;\
            style-src     'self' 'unsafe-hashes' 'unsafe-inline' 'unsafe-eval' blob: data: https: wss: http: ws:;\
            child-src     'self' 'unsafe-hashes' 'unsafe-inline' 'unsafe-eval' blob: data: https: wss: http: ws:;\
            default-src   'self' 'unsafe-hashes' 'unsafe-inline' 'unsafe-eval' blob: data: https: wss: http: ws:;\
            object-src    'none';\
          "

    hyperpipe-security:
      headers:
        customRequestheaders:
          X-Content-Type-Options: ""
        customResponseHeaders:
          X-Content-Type-Options: ""
          Permissions-Policy: "fullscreen=(*), display-capture=(self), accelerometer=(), battery=(), camera=(), autoplay=(self), vibrate=(self), geolocation=(self), midi=(self), notifications=(*), push=(*), microphone=(self), magnetometer=(self), gyroscope=(self), payment=(self)"
          X-Forwarded-Proto: https
          X-Permitted-Cross-Domain-Policies: all
        sslProxyHeaders:
          X-Forwarded-Proto: https
        referrerPolicy: strict-origin-when-cross-origin

    hyperpipe-cors:
      headers:
        customRequestHeaders:
          Access-Control-Allow-Origin: "*"
          Sec-Fetch-Site: cross-site
          X-Forwarded-Proto: https
          Access-Control-Allow-Headers: "*, Authorization"
        customResponseHeaders:
          Access-Control-Allow-Origin: "*"
          Sec-Fetch-Site: cross-site
          X-Forwarded-Proto: https
          Access-Control-Allow-Headers: "*, Authorization"
        accessControlAllowMethods:
          - OPTIONS
          - POST
          - GET
          - PUT
          - DELETE
          - PATCH
          - FETCH
        accessControlAllowHeaders:
          - "*, Authorization"
        accessControlExposeHeaders:
          - "*, Authorization"
        accessControlMaxAge: 100
        addVaryHeader: true
        accessControlAllowCredentials: true
        accessControlAllowOriginList:
          - "*"

    hyperpipe-inflightreq:
      inFlightReq:
        amount: 4096

    hyperpipe-ratelimit:
      rateLimit:
        average: 1024
        burst: 1024

    hyperpipe-retry:
      retry:
        attempts: 64
        initialInterval: 100ms

    hyperpipe:
      chain:
        middlewares:
          - httpsredirect
          - ipwhitelist
          - hyperpipe-inflightreq
          - hyperpipe-ratelimit
          - hyperpipe-retry
          - autodetect
          - hyperpipe-defaults
          - hyperpipe-security
          - hyperpipe-cors
          - compress
Téléverser les fichiers vers "_traefik" 2023-10-13 17:36:06 +00:00			`# 2023-10-13`

			`http:`


			`routers:`

			`pipedproxy:`
			`entryPoints:`
			`- https`
			rule: Host(`pipedproxy.domain.com`)
			`middlewares:`
			`- hyperpipe@file`
			`tls: {}`
			`service: pipedproxy`

			`pipedapi:`
			`entryPoints:`
			`- https`
			rule: Host(`pipedapi.domain.com`)
			`middlewares:`
			`- hyperpipe@file`
			`tls: {}`
			`service: pipedapi`

			`hyperpipeapi:`
			`entryPoints:`
			`- https`
			rule: Host(`hyperpipeapi.domain.com`)
			`middlewares:`
			`- hyperpipe@file`
			`tls: {}`
			`service: hyperpipeapi`

			`piped:`
			`entryPoints:`
			`- https`
			rule: Host(`piped.domain.com`)
			`middlewares:`
			`- hyperpipe@file`
			`tls: {}`
			`service: piped`

			`hyperpipe:`
			`entryPoints:`
			`- https`
			rule: Host(`hyperpipe.domain.com`)
			`middlewares:`
			`- hyperpipe@file`
			`tls: {}`
			`service: hyperpipe`



			`services:`

			`pipedproxy:`
			`loadBalancer:`
			`servers:`
			`- url: "http://xxx.xxx.xxx.xxx:8304/"`

			`pipedapi:`
			`loadBalancer:`
			`servers:`
			`- url: "http://xxx.xxx.xxx.xxx:8304/"`

			`piped:`
			`loadBalancer:`
			`servers:`
			`- url: "http://xxx.xxx.xxx.xxx:8304/"`

			`hyperpipeapi:`
			`loadBalancer:`
			`servers:`
			`- url: "http://xxx.xxx.xxx.xxx:8305/"`

			`hyperpipe:`
			`loadBalancer:`
			`servers:`
			`- url: "http://xxx.xxx.xxx.xxx:8306/"`



			`middlewares:`

			`hyperpipe-defaults:`
			`headers:`
			`frameDeny: false`
			`browserXssFilter: false`
			`forceSTSHeader: true`
			`stsIncludeSubdomains: true`
			`stsPreload: true`
			`stsSeconds: 15552000`
			`contentsecuritypolicy: "\`
			`script-src 'self' 'unsafe-hashes' 'unsafe-inline' 'unsafe-eval' blob: data: https: wss: http: ws:;\`
			`img-src 'self' 'unsafe-hashes' 'unsafe-inline' 'unsafe-eval' blob: data: https: wss: http: ws:;\`
			`font-src 'self' 'unsafe-hashes' 'unsafe-inline' 'unsafe-eval' blob: data: https: wss: http: ws:;\`
			`connect-src 'self' 'unsafe-hashes' 'unsafe-inline' 'unsafe-eval' blob: data: https: wss: http: ws:;\`
			`frame-src 'self' 'unsafe-hashes' 'unsafe-inline' 'unsafe-eval' blob: data: https: wss: http: ws:;\`
			`media-src 'self' 'unsafe-hashes' 'unsafe-inline' 'unsafe-eval' blob: data: https: wss: http: ws:;\`
			`style-src 'self' 'unsafe-hashes' 'unsafe-inline' 'unsafe-eval' blob: data: https: wss: http: ws:;\`
			`child-src 'self' 'unsafe-hashes' 'unsafe-inline' 'unsafe-eval' blob: data: https: wss: http: ws:;\`
			`default-src 'self' 'unsafe-hashes' 'unsafe-inline' 'unsafe-eval' blob: data: https: wss: http: ws:;\`
			`object-src 'none';\`
			`"`

			`hyperpipe-security:`
			`headers:`
			`customRequestheaders:`
			`X-Content-Type-Options: ""`
			`customResponseHeaders:`
			`X-Content-Type-Options: ""`
			`Permissions-Policy: "fullscreen=(), display-capture=(self), accelerometer=(), battery=(), camera=(), autoplay=(self), vibrate=(self), geolocation=(self), midi=(self), notifications=(), push=(*), microphone=(self), magnetometer=(self), gyroscope=(self), payment=(self)"`
			`X-Forwarded-Proto: https`
			`X-Permitted-Cross-Domain-Policies: all`
			`sslProxyHeaders:`
			`X-Forwarded-Proto: https`
			`referrerPolicy: strict-origin-when-cross-origin`

			`hyperpipe-cors:`
			`headers:`
			`customRequestHeaders:`
			`Access-Control-Allow-Origin: "*"`
			`Sec-Fetch-Site: cross-site`
			`X-Forwarded-Proto: https`
			`Access-Control-Allow-Headers: "*, Authorization"`
			`customResponseHeaders:`
			`Access-Control-Allow-Origin: "*"`
			`Sec-Fetch-Site: cross-site`
			`X-Forwarded-Proto: https`
			`Access-Control-Allow-Headers: "*, Authorization"`
			`accessControlAllowMethods:`
			`- OPTIONS`
			`- POST`
			`- GET`
			`- PUT`
			`- DELETE`
			`- PATCH`
			`- FETCH`
			`accessControlAllowHeaders:`
			`- "*, Authorization"`
			`accessControlExposeHeaders:`
			`- "*, Authorization"`
			`accessControlMaxAge: 100`
			`addVaryHeader: true`
			`accessControlAllowCredentials: true`
			`accessControlAllowOriginList:`
			`- "*"`

			`hyperpipe-inflightreq:`
			`inFlightReq:`
			`amount: 4096`

			`hyperpipe-ratelimit:`
			`rateLimit:`
			`average: 1024`
			`burst: 1024`

			`hyperpipe-retry:`
			`retry:`
			`attempts: 64`
			`initialInterval: 100ms`

			`hyperpipe:`
			`chain:`
			`middlewares:`
			`- httpsredirect`
			`- ipwhitelist`
			`- hyperpipe-inflightreq`
			`- hyperpipe-ratelimit`
			`- hyperpipe-retry`
			`- autodetect`
			`- hyperpipe-defaults`
			`- hyperpipe-security`
			`- hyperpipe-cors`
			`- compress`