This gets us started on adding a Traefik role and hooking Traefik: - directly to services which support Traefik - we only have a few of these right now, but the list will grow - to matrix-nginx-proxy for most services that integrate with matrix-nginx-proxy right now Traefik usage should be disabled by default for now and nothing should change for people just yet. Enabling these experiments requires additional configuration like this: ```yaml devture_traefik_ssl_email_address: '.....' matrix_playbook_traefik_role_enabled: true matrix_playbook_traefik_labels_enabled: true matrix_ssl_retrieval_method: none matrix_nginx_proxy_https_enabled: false matrix_nginx_proxy_container_http_host_bind_port: '' matrix_nginx_proxy_container_federation_host_bind_port: '' matrix_nginx_proxy_trust_forwarded_proto: true matrix_nginx_proxy_x_forwarded_for: '$proxy_add_x_forwarded_for' matrix_coturn_enabled: false ``` What currently works is: reverse-proxying for all nginx-proxy based services **except** for the Matrix homeserver (both Client-Server an Federation traffic for the homeserver don't work yet)housekeeping^2
parent
946bbe9734
commit
f983604695
@ -0,0 +1,144 @@
|
|||||||
|
{% if matrix_nginx_proxy_container_labels_traefik_enabled %}
|
||||||
|
traefik.enable=true
|
||||||
|
|
||||||
|
{% if matrix_nginx_proxy_container_labels_traefik_docker_network %}
|
||||||
|
traefik.docker.network={{ matrix_nginx_proxy_container_labels_traefik_docker_network }}
|
||||||
|
{% endif %}
|
||||||
|
|
||||||
|
|
||||||
|
{% if matrix_nginx_proxy_container_labels_traefik_proxy_element_enabled %}
|
||||||
|
# Element
|
||||||
|
traefik.http.routers.matrix-nginx-proxy-element.rule={{ matrix_nginx_proxy_container_labels_traefik_proxy_element_rule }}
|
||||||
|
traefik.http.routers.matrix-nginx-proxy-element.service=matrix-nginx-proxy-web
|
||||||
|
traefik.http.routers.matrix-nginx-proxy-element.tls={{ matrix_nginx_proxy_container_labels_traefik_proxy_element_tls | to_json }}
|
||||||
|
{% if matrix_nginx_proxy_container_labels_traefik_proxy_element_tls %}
|
||||||
|
traefik.http.routers.matrix-nginx-proxy-element.tls.certResolver={{ matrix_nginx_proxy_container_labels_traefik_tls_certResolver }}
|
||||||
|
{% endif %}
|
||||||
|
traefik.http.routers.matrix-nginx-proxy-element.entrypoints={{ matrix_nginx_proxy_container_labels_traefik_entrypoints }}
|
||||||
|
{% endif %}
|
||||||
|
|
||||||
|
|
||||||
|
{% if matrix_nginx_proxy_container_labels_traefik_proxy_hydrogen_enabled %}
|
||||||
|
# Hydrogen
|
||||||
|
traefik.http.routers.matrix-nginx-proxy-hydrogen.rule={{ matrix_nginx_proxy_container_labels_traefik_proxy_hydrogen_rule }}
|
||||||
|
traefik.http.routers.matrix-nginx-proxy-hydrogen.service=matrix-nginx-proxy-web
|
||||||
|
traefik.http.routers.matrix-nginx-proxy-hydrogen.tls={{ matrix_nginx_proxy_container_labels_traefik_proxy_hydrogen_tls | to_json }}
|
||||||
|
{% if matrix_nginx_proxy_container_labels_traefik_proxy_hydrogen_tls %}
|
||||||
|
traefik.http.routers.matrix-nginx-proxy-hydrogen.tls.certResolver={{ matrix_nginx_proxy_container_labels_traefik_tls_certResolver }}
|
||||||
|
{% endif %}
|
||||||
|
traefik.http.routers.matrix-nginx-proxy-hydrogen.entrypoints={{ matrix_nginx_proxy_container_labels_traefik_entrypoints }}
|
||||||
|
{% endif %}
|
||||||
|
|
||||||
|
|
||||||
|
{% if matrix_nginx_proxy_container_labels_traefik_proxy_cinny_enabled %}
|
||||||
|
# Cinny
|
||||||
|
traefik.http.routers.matrix-nginx-proxy-cinny.rule={{ matrix_nginx_proxy_container_labels_traefik_proxy_cinny_rule }}
|
||||||
|
traefik.http.routers.matrix-nginx-proxy-cinny.service=matrix-nginx-proxy-web
|
||||||
|
traefik.http.routers.matrix-nginx-proxy-cinny.tls={{ matrix_nginx_proxy_container_labels_traefik_proxy_cinny_tls | to_json }}
|
||||||
|
{% if matrix_nginx_proxy_container_labels_traefik_proxy_cinny_tls %}
|
||||||
|
traefik.http.routers.matrix-nginx-proxy-cinny.tls.certResolver={{ matrix_nginx_proxy_container_labels_traefik_tls_certResolver }}
|
||||||
|
{% endif %}
|
||||||
|
traefik.http.routers.matrix-nginx-proxy-cinny.entrypoints={{ matrix_nginx_proxy_container_labels_traefik_entrypoints }}
|
||||||
|
{% endif %}
|
||||||
|
|
||||||
|
|
||||||
|
{% if matrix_nginx_proxy_container_labels_traefik_proxy_buscarron_enabled %}
|
||||||
|
# Buscarron
|
||||||
|
traefik.http.routers.matrix-nginx-proxy-buscarron.rule={{ matrix_nginx_proxy_container_labels_traefik_proxy_buscarron_rule }}
|
||||||
|
traefik.http.routers.matrix-nginx-proxy-buscarron.service=matrix-nginx-proxy-web
|
||||||
|
traefik.http.routers.matrix-nginx-proxy-buscarron.tls={{ matrix_nginx_proxy_container_labels_traefik_proxy_buscarron_tls | to_json }}
|
||||||
|
{% if matrix_nginx_proxy_container_labels_traefik_proxy_buscarron_tls %}
|
||||||
|
traefik.http.routers.matrix-nginx-proxy-buscarron.tls.certResolver={{ matrix_nginx_proxy_container_labels_traefik_tls_certResolver }}
|
||||||
|
{% endif %}
|
||||||
|
traefik.http.routers.matrix-nginx-proxy-buscarron.entrypoints={{ matrix_nginx_proxy_container_labels_traefik_entrypoints }}
|
||||||
|
{% endif %}
|
||||||
|
|
||||||
|
|
||||||
|
{% if matrix_nginx_proxy_container_labels_traefik_proxy_dimension_enabled %}
|
||||||
|
# Dimension
|
||||||
|
traefik.http.routers.matrix-nginx-proxy-dimension.rule={{ matrix_nginx_proxy_container_labels_traefik_proxy_dimension_rule }}
|
||||||
|
traefik.http.routers.matrix-nginx-proxy-dimension.service=matrix-nginx-proxy-web
|
||||||
|
traefik.http.routers.matrix-nginx-proxy-dimension.tls={{ matrix_nginx_proxy_container_labels_traefik_proxy_dimension_tls | to_json }}
|
||||||
|
{% if matrix_nginx_proxy_container_labels_traefik_proxy_dimension_tls %}
|
||||||
|
traefik.http.routers.matrix-nginx-proxy-dimension.tls.certResolver={{ matrix_nginx_proxy_container_labels_traefik_tls_certResolver }}
|
||||||
|
{% endif %}
|
||||||
|
traefik.http.routers.matrix-nginx-proxy-dimension.entrypoints={{ matrix_nginx_proxy_container_labels_traefik_entrypoints }}
|
||||||
|
{% endif %}
|
||||||
|
|
||||||
|
|
||||||
|
{% if matrix_nginx_proxy_container_labels_traefik_proxy_etherpad_enabled %}
|
||||||
|
# Etherpad
|
||||||
|
traefik.http.routers.matrix-nginx-proxy-etherpad.rule={{ matrix_nginx_proxy_container_labels_traefik_proxy_etherpad_rule }}
|
||||||
|
traefik.http.routers.matrix-nginx-proxy-etherpad.service=matrix-nginx-proxy-web
|
||||||
|
traefik.http.routers.matrix-nginx-proxy-etherpad.tls={{ matrix_nginx_proxy_container_labels_traefik_proxy_etherpad_tls | to_json }}
|
||||||
|
{% if matrix_nginx_proxy_container_labels_traefik_proxy_etherpad_tls %}
|
||||||
|
traefik.http.routers.matrix-nginx-proxy-etherpad.tls.certResolver={{ matrix_nginx_proxy_container_labels_traefik_tls_certResolver }}
|
||||||
|
{% endif %}
|
||||||
|
traefik.http.routers.matrix-nginx-proxy-etherpad.entrypoints={{ matrix_nginx_proxy_container_labels_traefik_entrypoints }}
|
||||||
|
{% endif %}
|
||||||
|
|
||||||
|
|
||||||
|
{% if matrix_nginx_proxy_container_labels_traefik_proxy_bot_go_neb_enabled %}
|
||||||
|
# Go NEB bot
|
||||||
|
traefik.http.routers.matrix-nginx-proxy-bot_go_neb.rule={{ matrix_nginx_proxy_container_labels_traefik_proxy_bot_go_neb_rule }}
|
||||||
|
traefik.http.routers.matrix-nginx-proxy-bot_go_neb.service=matrix-nginx-proxy-web
|
||||||
|
traefik.http.routers.matrix-nginx-proxy-bot_go_neb.tls={{ matrix_nginx_proxy_container_labels_traefik_proxy_bot_go_neb_tls | to_json }}
|
||||||
|
{% if matrix_nginx_proxy_container_labels_traefik_proxy_bot_go_neb_tls %}
|
||||||
|
traefik.http.routers.matrix-nginx-proxy-bot_go_neb.tls.certResolver={{ matrix_nginx_proxy_container_labels_traefik_tls_certResolver }}
|
||||||
|
{% endif %}
|
||||||
|
traefik.http.routers.matrix-nginx-proxy-bot_go_neb.entrypoints={{ matrix_nginx_proxy_container_labels_traefik_entrypoints }}
|
||||||
|
{% endif %}
|
||||||
|
|
||||||
|
|
||||||
|
{% if matrix_nginx_proxy_container_labels_traefik_proxy_jitsi_enabled %}
|
||||||
|
# Jitsi
|
||||||
|
traefik.http.routers.matrix-nginx-proxy-jitsi.rule={{ matrix_nginx_proxy_container_labels_traefik_proxy_jitsi_rule }}
|
||||||
|
traefik.http.routers.matrix-nginx-proxy-jitsi.service=matrix-nginx-proxy-web
|
||||||
|
traefik.http.routers.matrix-nginx-proxy-jitsi.tls={{ matrix_nginx_proxy_container_labels_traefik_proxy_jitsi_tls | to_json }}
|
||||||
|
{% if matrix_nginx_proxy_container_labels_traefik_proxy_jitsi_tls %}
|
||||||
|
traefik.http.routers.matrix-nginx-proxy-jitsi.tls.certResolver={{ matrix_nginx_proxy_container_labels_traefik_tls_certResolver }}
|
||||||
|
{% endif %}
|
||||||
|
traefik.http.routers.matrix-nginx-proxy-jitsi.entrypoints={{ matrix_nginx_proxy_container_labels_traefik_entrypoints }}
|
||||||
|
{% endif %}
|
||||||
|
|
||||||
|
|
||||||
|
{% if matrix_nginx_proxy_container_labels_traefik_proxy_grafana_enabled %}
|
||||||
|
# Grafana
|
||||||
|
traefik.http.routers.matrix-nginx-proxy-grafana.rule={{ matrix_nginx_proxy_container_labels_traefik_proxy_grafana_rule }}
|
||||||
|
traefik.http.routers.matrix-nginx-proxy-grafana.service=matrix-nginx-proxy-web
|
||||||
|
traefik.http.routers.matrix-nginx-proxy-grafana.tls={{ matrix_nginx_proxy_container_labels_traefik_proxy_grafana_tls | to_json }}
|
||||||
|
{% if matrix_nginx_proxy_container_labels_traefik_proxy_grafana_tls %}
|
||||||
|
traefik.http.routers.matrix-nginx-proxy-grafana.tls.certResolver={{ matrix_nginx_proxy_container_labels_traefik_tls_certResolver }}
|
||||||
|
{% endif %}
|
||||||
|
traefik.http.routers.matrix-nginx-proxy-grafana.entrypoints={{ matrix_nginx_proxy_container_labels_traefik_entrypoints }}
|
||||||
|
{% endif %}
|
||||||
|
|
||||||
|
|
||||||
|
{% if matrix_nginx_proxy_container_labels_traefik_proxy_sygnal_enabled %}
|
||||||
|
# Sygnal
|
||||||
|
traefik.http.routers.matrix-nginx-proxy-sygnal.rule={{ matrix_nginx_proxy_container_labels_traefik_proxy_sygnal_rule }}
|
||||||
|
traefik.http.routers.matrix-nginx-proxy-sygnal.service=matrix-nginx-proxy-web
|
||||||
|
traefik.http.routers.matrix-nginx-proxy-sygnal.tls={{ matrix_nginx_proxy_container_labels_traefik_proxy_sygnal_tls | to_json }}
|
||||||
|
{% if matrix_nginx_proxy_container_labels_traefik_proxy_sygnal_tls %}
|
||||||
|
traefik.http.routers.matrix-nginx-proxy-sygnal.tls.certResolver={{ matrix_nginx_proxy_container_labels_traefik_tls_certResolver }}
|
||||||
|
{% endif %}
|
||||||
|
traefik.http.routers.matrix-nginx-proxy-sygnal.entrypoints={{ matrix_nginx_proxy_container_labels_traefik_entrypoints }}
|
||||||
|
{% endif %}
|
||||||
|
|
||||||
|
|
||||||
|
{% if matrix_nginx_proxy_container_labels_traefik_proxy_ntfy_enabled %}
|
||||||
|
# ntfy
|
||||||
|
traefik.http.routers.matrix-nginx-proxy-ntfy.rule={{ matrix_nginx_proxy_container_labels_traefik_proxy_ntfy_rule }}
|
||||||
|
traefik.http.routers.matrix-nginx-proxy-ntfy.service=matrix-nginx-proxy-web
|
||||||
|
traefik.http.routers.matrix-nginx-proxy-ntfy.tls={{ matrix_nginx_proxy_container_labels_traefik_proxy_ntfy_tls | to_json }}
|
||||||
|
{% if matrix_nginx_proxy_container_labels_traefik_proxy_ntfy_tls %}
|
||||||
|
traefik.http.routers.matrix-nginx-proxy-ntfy.tls.certResolver={{ matrix_nginx_proxy_container_labels_traefik_tls_certResolver }}
|
||||||
|
{% endif %}
|
||||||
|
traefik.http.routers.matrix-nginx-proxy-ntfy.entrypoints={{ matrix_nginx_proxy_container_labels_traefik_entrypoints }}
|
||||||
|
{% endif %}
|
||||||
|
|
||||||
|
|
||||||
|
traefik.http.services.matrix-nginx-proxy-web.loadbalancer.server.port=8080
|
||||||
|
{% endif %}
|
||||||
|
|
||||||
|
{{ matrix_nginx_proxy_container_labels_additional_labels }}
|
Loading…
Reference in new issue