]>
Commit | Line | Data |
---|---|---|
b44a9630 C |
1 | # Uncomment this line in order to enable debugging through logs |
2 | # debug = true | |
3 | defaultEntryPoints = ["http", "https"] | |
fef13f14 | 4 | |
b44a9630 C |
5 | [entryPoints] |
6 | [entryPoints.http] | |
7 | address = ":80" | |
fef13f14 FA |
8 | [entryPoints.http.redirect] |
9 | entryPoint = "https" | |
b44a9630 C |
10 | [entryPoints.https] |
11 | address = ":443" | |
12 | [entryPoints.https.tls] | |
1dd59831 RK |
13 | MinVersion = "VersionTLS12" |
14 | CurvePreferences = [ | |
15 | "CurveP521", | |
16 | "CurveP384", | |
17 | "CurveP256" | |
18 | ] | |
19 | PreferServerCipherSuites = true | |
20 | CipherSuites = [ | |
21 | "TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305", | |
22 | "TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305", | |
23 | "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384", | |
24 | "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256", | |
25 | "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA", | |
26 | "TLS_RSA_WITH_AES_256_GCM_SHA384", | |
27 | "TLS_RSA_WITH_AES_256_CBC_SHA" | |
28 | ] | |
29 | FrameDeny = false # here we don't want to deny frames since we have an embed | |
30 | STSIncludeSubdomains = true | |
31 | STSSeconds = 315360000 | |
32 | STSPreload = true | |
33 | ContentTypeNosniff = true | |
34 | BrowserXssFilter = true | |
35 | ||
b44a9630 C |
36 | |
37 | # Enable ACME (Let's Encrypt): automatic SSL. | |
38 | [acme] | |
39 | ||
b44a9630 C |
40 | # File or key used for certificates storage. |
41 | # | |
42 | # Required | |
43 | # | |
44 | storage = "/etc/acme.json" | |
45 | # or `storage = "traefik/acme/account"` if using KV store. | |
46 | ||
47 | # Entrypoint to proxy acme apply certificates to. | |
48 | # WARNING, if the TLS-SNI-01 challenge is used, it must point to an entrypoint on port 443 | |
49 | # | |
50 | # Required | |
51 | # | |
52 | entryPoint = "https" | |
53 | ||
b44a9630 C |
54 | # Use a HTTP-01 acme challenge rather than TLS-SNI-01 challenge |
55 | # | |
56 | # Optional but recommend | |
57 | # | |
58 | [acme.httpChallenge] | |
59 | ||
60 | # EntryPoint to use for the challenges. | |
61 | # | |
62 | # Required | |
63 | # | |
64 | entryPoint = "http" |