2019-03-11 10:28:12 -04:00
|
|
|
# Uncomment this line in order to enable debugging through logs
|
|
|
|
# debug = true
|
|
|
|
defaultEntryPoints = ["http", "https"]
|
|
|
|
|
|
|
|
[entryPoints]
|
|
|
|
[entryPoints.http]
|
|
|
|
address = ":80"
|
|
|
|
[entryPoints.http.redirect]
|
|
|
|
entryPoint = "https"
|
|
|
|
[entryPoints.https]
|
|
|
|
address = ":443"
|
|
|
|
[entryPoints.https.tls]
|
|
|
|
MinVersion = "VersionTLS12"
|
|
|
|
CurvePreferences = [
|
|
|
|
"CurveP521",
|
|
|
|
"CurveP384",
|
|
|
|
"CurveP256"
|
|
|
|
]
|
|
|
|
PreferServerCipherSuites = true
|
|
|
|
CipherSuites = [
|
|
|
|
"TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305",
|
|
|
|
"TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305",
|
|
|
|
"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384",
|
|
|
|
"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256",
|
|
|
|
"TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA",
|
|
|
|
"TLS_RSA_WITH_AES_256_GCM_SHA384",
|
|
|
|
"TLS_RSA_WITH_AES_256_CBC_SHA"
|
|
|
|
]
|
|
|
|
|
|
|
|
# Enable ACME (Let's Encrypt): automatic SSL.
|
|
|
|
[acme]
|
|
|
|
|
|
|
|
# Email address used for registration.
|
|
|
|
#
|
|
|
|
# Required
|
|
|
|
#
|
2019-06-14 12:49:59 -04:00
|
|
|
email = "{{ letsencrypt_contact_email }}"
|
2019-03-11 10:28:12 -04:00
|
|
|
|
|
|
|
# File or key used for certificates storage.
|
|
|
|
#
|
|
|
|
# Required
|
|
|
|
#
|
|
|
|
storage = "/etc/acme.json"
|
|
|
|
# or `storage = "traefik/acme/account"` if using KV store.
|
|
|
|
|
|
|
|
# Entrypoint to proxy acme apply certificates to.
|
|
|
|
# WARNING, if the TLS-SNI-01 challenge is used, it must point to an entrypoint on port 443
|
|
|
|
#
|
|
|
|
# Required
|
|
|
|
#
|
|
|
|
entryPoint = "https"
|
|
|
|
|
|
|
|
# Domains list.
|
|
|
|
#
|
|
|
|
[[acme.domains]]
|
2019-04-10 15:43:16 -04:00
|
|
|
main = "{{ domain }}"
|
2019-03-11 10:28:12 -04:00
|
|
|
|
|
|
|
# Use a HTTP-01 acme challenge rather than TLS-SNI-01 challenge
|
|
|
|
#
|
|
|
|
# Optional but recommend
|
|
|
|
#
|
|
|
|
[acme.httpChallenge]
|
|
|
|
|
|
|
|
# EntryPoint to use for the challenges.
|
|
|
|
#
|
|
|
|
# Required
|
|
|
|
#
|
|
|
|
entryPoint = "http"
|
2019-05-17 06:04:13 -04:00
|
|
|
|
|
|
|
[docker]
|
2019-06-03 17:18:10 -04:00
|
|
|
endpoint = "unix:///var/run/docker.sock"
|
|
|
|
watch = true
|
|
|
|
exposedbydefault = false
|