diff --git a/roles/traefik/templates/docker-compose.yml b/roles/traefik/templates/docker-compose.yml index 23ec1aa..b18c0e4 100644 --- a/roles/traefik/templates/docker-compose.yml +++ b/roles/traefik/templates/docker-compose.yml @@ -27,7 +27,6 @@ services: - "host.docker.internal:host-gateway" labels: - "traefik.enable=true" - - "traefik.http.middlewares.traefik-auth.basicauth.users=mrdev023:$$2y$$05$$t51tXUW6zO9dndSK1JEFS.utJ3th/RYVSgDlouOZhUigjbkTX1zQC$$" - "traefik.http.middlewares.traefik-stripprefix.stripprefix.prefixes=/traefik" - "traefik.http.routers.traefik-secure.entrypoints=https" - "traefik.http.routers.traefik-secure.rule=Host(`dash.{{ server.domain }}`) && (PathPrefix(`/traefik`) || PathPrefix(`/api`))" @@ -44,7 +43,7 @@ services: - "traefik.http.middlewares.tls-header.headers.featurePolicy=accelerometer 'none'; ambient-light-sensor 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; usb 'none'; midi 'none'; sync-xhr 'none'; vr 'none'" - "traefik.http.middlewares.tls-header.headers.referrerPolicy=strict-origin-when-cross-origin" - "traefik.http.middlewares.tls-chain.chain.middlewares=tls-rep,tls-header" - - "traefik.http.routers.traefik-secure.middlewares=traefik-stripprefix,tls-chain,traefik-auth" + - "traefik.http.routers.traefik-secure.middlewares=traefik-stripprefix,tls-chain,private-network@file" - "traefik.http.routers.traefik-secure.tls=true" - "traefik.http.routers.traefik-secure.tls.certresolver=sslResolver" - "traefik.http.routers.traefik-secure.service=api@internal" @@ -70,11 +69,10 @@ services: - internal labels: - "traefik.enable=true" - - "traefik.http.middlewares.prometheus-auth.basicauth.users=mrdev023:$$2y$$05$$t51tXUW6zO9dndSK1JEFS.utJ3th/RYVSgDlouOZhUigjbkTX1zQC$$" - "traefik.http.middlewares.prometheus-stripprefix.stripprefix.prefixes=/prometheus" - "traefik.http.routers.prometheus-secure.entrypoints=https" - "traefik.http.routers.prometheus-secure.rule=Host(`dash.{{ server.domain }}`) && PathPrefix(`/prometheus`)" - - "traefik.http.routers.prometheus-secure.middlewares=tls-chain,prometheus-stripprefix,prometheus-auth" + - "traefik.http.routers.prometheus-secure.middlewares=tls-chain,prometheus-stripprefix,private-network@file" - "traefik.http.routers.prometheus-secure.tls=true" - "traefik.http.routers.prometheus-secure.tls.certresolver=sslResolver" - "traefik.http.routers.prometheus-secure.service=prometheus" @@ -99,11 +97,10 @@ services: - internal labels: - "traefik.enable=true" - - "traefik.http.middlewares.grafana-auth.basicauth.users=mrdev023:$$2y$$05$$t51tXUW6zO9dndSK1JEFS.utJ3th/RYVSgDlouOZhUigjbkTX1zQC$$" - "traefik.http.middlewares.grafana-stripprefix.stripprefix.prefixes=/grafana" - "traefik.http.routers.grafana-secure.entrypoints=https" - "traefik.http.routers.grafana-secure.rule=Host(`dash.{{ server.domain }}`) && PathPrefix(`/grafana`)" - - "traefik.http.routers.grafana-secure.middlewares=tls-chain,grafana-stripprefix,grafana-auth" + - "traefik.http.routers.grafana-secure.middlewares=tls-chain,grafana-stripprefix,private-network@file" - "traefik.http.routers.grafana-secure.tls=true" - "traefik.http.routers.grafana-secure.tls.certresolver=http" - "traefik.http.routers.grafana-secure.service=grafana"