1
0
mirror of https://yerbamate.ml/nutomic/peertube.social synced 2024-11-28 18:08:21 -05:00
peertube.social/traefik.toml
2019-03-15 01:26:19 +01:00

76 lines
1.7 KiB
TOML

# Uncomment this line in order to enable debugging through logs
# debug = true
defaultEntryPoints = ["http", "https"]
[entryPoints]
[entryPoints.http]
address = ":80"
[entryPoints.http.redirect]
entryPoint = "https"
[entryPoints.https]
address = ":443"
[entryPoints.https.tls]
MinVersion = "VersionTLS12"
CurvePreferences = [
"CurveP521",
"CurveP384",
"CurveP256"
]
PreferServerCipherSuites = true
CipherSuites = [
"TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305",
"TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305",
"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384",
"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256",
"TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA",
"TLS_RSA_WITH_AES_256_GCM_SHA384",
"TLS_RSA_WITH_AES_256_CBC_SHA"
]
FrameDeny = false # here we don't want to deny frames since we have an embed
STSIncludeSubdomains = true
STSSeconds = 315360000
STSPreload = true
ContentTypeNosniff = true
BrowserXssFilter = true
# Enable ACME (Let's Encrypt): automatic SSL.
[acme]
# Email address used for registration.
#
# Required
#
email = "me@nutomic.com"
# File or key used for certificates storage.
#
# Required
#
storage = "/etc/acme.json"
# or `storage = "traefik/acme/account"` if using KV store.
# Entrypoint to proxy acme apply certificates to.
# WARNING, if the TLS-SNI-01 challenge is used, it must point to an entrypoint on port 443
#
# Required
#
entryPoint = "https"
# Domains list.
#
[[acme.domains]]
main = "peertube.social"
# Use a HTTP-01 acme challenge rather than TLS-SNI-01 challenge
#
# Optional but recommend
#
[acme.httpChallenge]
# EntryPoint to use for the challenges.
#
# Required
#
entryPoint = "http"