fejy/traefik-config
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: fejy:5ba8d67e66897ad322fae7226bcadfce488cedf5
Branches Tags
fejy:master
...
compare: fejy:master
Branches Tags
fejy:master

8 Commits
5ba8d67e66 ... master

Author SHA1 Message Date
fejy
821aa80952 Merge pull request 'Adding proxmox and homeassistant' (#4) from proxmox into master 
Reviewed-on: #4
 2026-04-20 07:03:47 -07:00
Jeff Near
6f6dd2a981 Adding proxmox and homeassistant 2026-04-20 14:02:46 +00:00
fejy
cc7299e71b Merge pull request 'Adding support for ssh connections to gitea' (#3) from gitea into master 
Reviewed-on: #3
 2026-04-08 14:17:04 -07:00
Jeff Near
f08b21f914 Adding support for ssh connections to gitea 2026-04-08 21:15:06 +00:00
fejy
7fcf612932 Merge pull request 'Enable logging' (#2) from updates into master 
Reviewed-on: http://gitea.nearfuture/fejy/traefik-config/pulls/2
 2026-04-06 16:14:29 -07:00
Jeff Near
d56496aab2 Enable logging 
Add synamic configs for authentik + gitea
 2026-04-06 23:12:57 +00:00
fejy
375bcb66bc Merge pull request 'Adding some custom reverse proxy services' (#1) from updates into master 
Reviewed-on: http://gitea.nearfuture/fejy/traefik-config/pulls/1
 2026-03-28 12:46:31 -07:00
Jeff Near
17a28f46e3 Adding some custom reverse proxy services 
Adding cert resolver for auto-creating/renewing certs
 2026-03-28 19:44:54 +00:00
8 changed files with 140 additions and 2 deletions
Expand all files Collapse all files

18
custom/authentik.yml Normal file
View File

@@ -0,0 +1,18 @@
http:
middlewares:
authentik:
forwardAuth:
address: "http://authentik-server:9000/outpost.goauthentik.io/auth/traefik"
trustForwardHeader: true
authResponseHeaders:
- X-authentik-username
- X-authentik-groups
- X-authentik-email
- X-authentik-name
- X-authentik-uid
- X-authentik-jwt
- X-authentik-meta-jwks
- X-authentik-meta-outpost
- X-authentik-meta-provider
- X-authentik-meta-app
- X-authentik-meta-version

26
custom/gitea_conf.yml Normal file
View File

@@ -0,0 +1,26 @@
http:
routers:
gitea:
entryPoints:
- websecure
service: gitea
rule: "Host(`gitea.nearfuture.industries`)"
tls:
certresolver: myresolver
services:
gitea:
loadBalancer:
servers:
- url: "http://192.168.1.101:8418"
tcp:
routers:
gitea-ssh:
rule: "HostSNI(`*`)"
entrypoints:
- git-ssh
service: gitea-ssh
services:
gitea-ssh:
loadBalancer:
servers:
- address: "192.168.1.101:2128"

16
custom/homeassistant_conf.yml Normal file
View File

@@ -0,0 +1,16 @@
http:
# Router for Home Assistant
routers:
homeassistant:
entryPoints:
- web
service: homeassistant
rule: Host(`homeassistant.nearfuture`)
# Add the service for Home Assistant
services:
homeassistant:
loadBalancer:
servers:
- url: http://192.168.1.195:8123

7
custom/lan-only.yml Normal file
View File

@@ -0,0 +1,7 @@
http:
middlewares:
lan-only:
ipAllowList:
sourceRange:
- "192.168.1.1/24"
- "127.0.0.1/24"

15
custom/omv_conf.yml Normal file
View File

@@ -0,0 +1,15 @@
http:
# Router for Open Media Vault
routers:
omv:
entryPoints:
- web
service: omv
rule: Host(`omv.nearfuture`)
# Add the service for OMV
services:
omv:
loadBalancer:
servers:
- url: http://avaritia:80

21
custom/proxmox_conf.yml Normal file
View File

@@ -0,0 +1,21 @@
http:
# Router for Proxmox
routers:
pve:
entryPoints:
- websecure
service: pve
rule: Host(`pve.nearfuture`)
# Add the service for Proxmox
services:
pve:
loadBalancer:
passHostHeader: true
serversTransport: "pve"
servers:
- url: https://192.168.1.191:8006
serversTransports:
pve:
insecureSkipVerify: true

10
custom/tls.yml
View File

@@ -2,3 +2,13 @@ tls:
certificates:
- certFile: /ssl/overseerr.nearfuture.crt
keyFile: /ssl/overseerr.nearfuture.key
- certFile: /ssl/privatebin.nearfuture.crt
keyFile: /ssl/privatebin.nearfuture.key
- certFile: /ssl/privatebin.nearfuture.industries.crt
keyFile: /ssl/privatebin.nearfuture.industries.key
- certFile: /ssl/revolt.nearfuture.crt
keyFile: /ssl/revolt.nearfuture.key
#- certFile: /ssl/matrix.nearfuture.industries.crt
#keyFile: /ssl/matrix.nearfuture.industries.key
#- certFile: /ssl/synapse.nearfuture.industries.crt
#keyFile: /ssl/synapse.nearfuture.industries.key

29
traefik.yml
View File

@@ -27,6 +27,15 @@ entryPoints:
websecure:
address: :443
http:
tls:
certResolver: myresolver
domains:
- main: "nearfuture.industries"
sans:
- "*.nearfuture.industries"
git-ssh:
address: :2128
################################################################
# Traefik logs configuration
@@ -37,13 +46,13 @@ entryPoints:
#
# Optional
#
#log:
log:
# Log level
#
# Optional
# Default: "ERROR"
#
# level: DEBUG
level: DEBUG
# Sets the filepath for the traefik log. If not specified, stdout will be used.
# Intermediate directories are created if necessary.
@@ -154,3 +163,19 @@ providers:
file:
directory: /etc/traefik/custom
watch: true
certificatesResolvers:
myresolver:
acme:
email: "jeff@nearfuture.industries"
storage: "acme.json"
caServer: https://acme-v02.api.letsencrypt.org/directory
#caServer: https://acme-staging-v02.api.letsencrypt.org/directory
dnsChallenge:
provider: "namecheap"
delayBeforeCheck: 60
disablePropagationCheck: true
resolvers:
- "192.168.1.201:53"
#- "1.1.1.1:53"
#- "8.8.8.8:53"