Téléverser les fichiers vers "_traefik"

2023-10-13 19:36:06 +02:00 · 2023-10-13 19:36:06 +02:00 · 93678f3a57
commit 93678f3a57
parent a8d05ea070
1 changed files with 176 additions and 0 deletions
--- a/_traefik/hyperpipe.yml
+++ b/_traefik/hyperpipe.yml
@ -0,0 +1,176 @@
+# 2023-10-13
+
+http:
+
+
+  routers:
+
+    pipedproxy:
+      entryPoints:
+        - https
+      rule: Host(`pipedproxy.domain.com`)
+      middlewares:
+        - hyperpipe@file
+      tls: {}
+      service: pipedproxy
+
+    pipedapi:
+      entryPoints:
+        - https
+      rule: Host(`pipedapi.domain.com`)
+      middlewares:
+        - hyperpipe@file
+      tls: {}
+      service: pipedapi
+
+    hyperpipeapi:
+      entryPoints:
+        - https
+      rule: Host(`hyperpipeapi.domain.com`)
+      middlewares:
+        - hyperpipe@file
+      tls: {}
+      service: hyperpipeapi
+
+    piped:
+      entryPoints:
+        - https
+      rule: Host(`piped.domain.com`)
+      middlewares:
+        - hyperpipe@file
+      tls: {}
+      service: piped
+
+    hyperpipe:
+      entryPoints:
+        - https
+      rule: Host(`hyperpipe.domain.com`)
+      middlewares:
+        - hyperpipe@file
+      tls: {}
+      service: hyperpipe
+
+
+
+  services:
+
+    pipedproxy:
+      loadBalancer:
+        servers:
+          - url: "http://xxx.xxx.xxx.xxx:8304/"
+
+    pipedapi:
+      loadBalancer:
+        servers:
+          - url: "http://xxx.xxx.xxx.xxx:8304/"
+
+    piped:
+      loadBalancer:
+        servers:
+          - url: "http://xxx.xxx.xxx.xxx:8304/"
+
+    hyperpipeapi:
+      loadBalancer:
+        servers:
+          - url: "http://xxx.xxx.xxx.xxx:8305/"
+
+    hyperpipe:
+      loadBalancer:
+        servers:
+          - url: "http://xxx.xxx.xxx.xxx:8306/"
+
+
+
+  middlewares:
+
+    hyperpipe-defaults:
+      headers:
+        frameDeny: false
+        browserXssFilter: false
+        forceSTSHeader: true
+        stsIncludeSubdomains: true
+        stsPreload: true
+        stsSeconds: 15552000
+        contentsecuritypolicy: "\
+            script-src    'self' 'unsafe-hashes' 'unsafe-inline' 'unsafe-eval' blob: data: https: wss: http: ws:;\
+            img-src       'self' 'unsafe-hashes' 'unsafe-inline' 'unsafe-eval' blob: data: https: wss: http: ws:;\
+            font-src      'self' 'unsafe-hashes' 'unsafe-inline' 'unsafe-eval' blob: data: https: wss: http: ws:;\
+            connect-src   'self' 'unsafe-hashes' 'unsafe-inline' 'unsafe-eval' blob: data: https: wss: http: ws:;\
+            frame-src     'self' 'unsafe-hashes' 'unsafe-inline' 'unsafe-eval' blob: data: https: wss: http: ws:;\
+            media-src     'self' 'unsafe-hashes' 'unsafe-inline' 'unsafe-eval' blob: data: https: wss: http: ws:;\
+            style-src     'self' 'unsafe-hashes' 'unsafe-inline' 'unsafe-eval' blob: data: https: wss: http: ws:;\
+            child-src     'self' 'unsafe-hashes' 'unsafe-inline' 'unsafe-eval' blob: data: https: wss: http: ws:;\
+            default-src   'self' 'unsafe-hashes' 'unsafe-inline' 'unsafe-eval' blob: data: https: wss: http: ws:;\
+            object-src    'none';\
+          "
+
+    hyperpipe-security:
+      headers:
+        customRequestheaders:
+          X-Content-Type-Options: ""
+        customResponseHeaders:
+          X-Content-Type-Options: ""
+          Permissions-Policy: "fullscreen=(*), display-capture=(self), accelerometer=(), battery=(), camera=(), autoplay=(self), vibrate=(self), geolocation=(self), midi=(self), notifications=(*), push=(*), microphone=(self), magnetometer=(self), gyroscope=(self), payment=(self)"
+          X-Forwarded-Proto: https
+          X-Permitted-Cross-Domain-Policies: all
+        sslProxyHeaders:
+          X-Forwarded-Proto: https
+        referrerPolicy: strict-origin-when-cross-origin
+
+    hyperpipe-cors:
+      headers:
+        customRequestHeaders:
+          Access-Control-Allow-Origin: "*"
+          Sec-Fetch-Site: cross-site
+          X-Forwarded-Proto: https
+          Access-Control-Allow-Headers: "*, Authorization"
+        customResponseHeaders:
+          Access-Control-Allow-Origin: "*"
+          Sec-Fetch-Site: cross-site
+          X-Forwarded-Proto: https
+          Access-Control-Allow-Headers: "*, Authorization"
+        accessControlAllowMethods:
+          - OPTIONS
+          - POST
+          - GET
+          - PUT
+          - DELETE
+          - PATCH
+          - FETCH
+        accessControlAllowHeaders:
+          - "*, Authorization"
+        accessControlExposeHeaders:
+          - "*, Authorization"
+        accessControlMaxAge: 100
+        addVaryHeader: true
+        accessControlAllowCredentials: true
+        accessControlAllowOriginList:
+          - "*"
+
+    hyperpipe-inflightreq:
+      inFlightReq:
+        amount: 4096
+
+    hyperpipe-ratelimit:
+      rateLimit:
+        average: 1024
+        burst: 1024
+
+    hyperpipe-retry:
+      retry:
+        attempts: 64
+        initialInterval: 100ms
+
+    hyperpipe:
+      chain:
+        middlewares:
+          - httpsredirect
+          - ipwhitelist
+          - hyperpipe-inflightreq
+          - hyperpipe-ratelimit
+          - hyperpipe-retry
+          - autodetect
+          - hyperpipe-defaults
+          - hyperpipe-security
+          - hyperpipe-cors
+          - compress