Disable Traefik LE resolver and HSTS

Add base domain to the wildcard certificate
Remove basic auth on static nginx sites
2022-08-18 21:53:38 -04:00 · 2022-08-17 02:17:36 -04:00 · 2022-08-17 01:40:11 -04:00
3 changed files with 10 additions and 8 deletions
@@ -29,9 +29,9 @@
      - "{{ nginx_html }}:/usr/share/nginx/html:ro"
    labels:
      traefik.http.routers.nginx.rule: "Host(`{{ nginx_domain }}`)"
-      traefik.http.middlewares.nginxauth.basicauth.users: "{{ nginx_auth }}"
+      #traefik.http.middlewares.nginxauth.basicauth.users: "{{ nginx_auth }}"
      traefik.http.routers.nginx.entrypoints: websecure
-      traefik.http.routers.nginx.tls.certresolver: letsencrypt
+      #traefik.http.routers.nginx.tls.certresolver: letsencrypt
-      traefik.http.routers.nginx.middlewares: "securehttps@file,nginxauth"
+      #traefik.http.routers.nginx.middlewares: "securehttps@file,nginxauth"
      traefik.docker.network: traefik
      traefik.enable: "true"
@@ -78,7 +78,9 @@
            --email "{{ proxy.dns_cloudflare.email }}" \
            --dns-cloudflare \
            --dns-cloudflare-credentials /root/.cloudflare.ini \
-            -d "*.{{ item }}" {{ proxy.dns_cloudflare.opts | default("") }}'
+            -d "*.{{ item }}" \
            -d "{{ item }}" \
            {{ proxy.dns_cloudflare.opts | default("") }}'
  args:
    creates: "/etc/letsencrypt/live/{{ item }}/fullchain.pem"
  loop: "{{ proxy.dns_cloudflare.wildcard_domains }}"
@@ -42,10 +42,10 @@
      - name: traefik
    labels:
      traefik.http.routers.traefik.rule: "Host(`{{ traefik_domain }}`)"
-      traefik.http.middlewares.auth.basicauth.users: "{{ traefik_auth }}"
+      #traefik.http.middlewares.auth.basicauth.users: "{{ traefik_auth }}"
-      traefik.http.middlewares.localonly.ipwhitelist.sourcerange: "{{ traefik_localonly }}"
+      #traefik.http.middlewares.localonly.ipwhitelist.sourcerange: "{{ traefik_localonly }}"
-      traefik.http.routers.traefik.tls.certresolver: letsencrypt
+      #traefik.http.routers.traefik.tls.certresolver: letsencrypt
-      traefik.http.routers.traefik.middlewares: "securehttps@file,auth@docker,localonly"
+      #traefik.http.routers.traefik.middlewares: "securehttps@file,auth@docker,localonly"
      traefik.http.routers.traefik.service: "api@internal"
      traefik.http.routers.traefik.entrypoints: websecure
      traefik.http.routers.traefik.tls: "true"
Author	SHA1	Message	Date
kris	7522c333da	Disable Traefik LE resolver and HSTS	2022-08-18 21:53:38 -04:00
kris	344b79e97f	Add base domain to the wildcard certificate	2022-08-17 02:17:36 -04:00
kris	e4fed78193	Remove basic auth on static nginx sites	2022-08-17 01:40:11 -04:00