From 0ddb8df76350fa8e667dcb1d268a4611d710e2a9 Mon Sep 17 00:00:00 2001 From: Lionel Sambuc Date: Thu, 15 Aug 2024 08:26:09 +0200 Subject: [PATCH] Upgrading to Traefik 3 --- conf/files-examples/headers-policy-domain.yml | 4 ++-- conf/files/headers-base.yml | 10 +++++----- conf/files/headers-policy-self.yml | 4 ++-- conf/files/headers-sts.yml | 6 +++--- conf/files/net-home.yml | 2 +- docker-compose.yml | 6 ++++-- 6 files changed, 17 insertions(+), 15 deletions(-) diff --git a/conf/files-examples/headers-policy-domain.yml b/conf/files-examples/headers-policy-domain.yml index b8cafb7..24efc21 100644 --- a/conf/files-examples/headers-policy-domain.yml +++ b/conf/files-examples/headers-policy-domain.yml @@ -3,5 +3,5 @@ http: headers-policy-domain: headers: customFrameOptionsValue: "ALLOW-FROM https://example.net" - contentsecuritypolicy: "frame-ancestors 'self' example.net *.example.net" - referrerpolicy: "strict-origin-when-cross-origin" + contentSecurityPolicy: "frame-ancestors 'self' example.net *.example.net" + referrerPolicy: "strict-origin-when-cross-origin" diff --git a/conf/files/headers-base.yml b/conf/files/headers-base.yml index a73f090..cbfa04a 100644 --- a/conf/files/headers-base.yml +++ b/conf/files/headers-base.yml @@ -2,8 +2,8 @@ http: middlewares: headers-base: headers: - sslredirect: true - framedeny: true - browserxssfilter: true - contenttypenosniff: true - isdevelopment: false + sslRedirect: true + frameDeny: true + browserXssFilter: true + contentTypeNoSniff: true + isDevelopment: false diff --git a/conf/files/headers-policy-self.yml b/conf/files/headers-policy-self.yml index e611b63..bfd6be7 100644 --- a/conf/files/headers-policy-self.yml +++ b/conf/files/headers-policy-self.yml @@ -2,5 +2,5 @@ http: middlewares: headers-policy-self: headers: - contentsecuritypolicy: "script-src 'self'" - referrerpolicy: "strict-origin-when-cross-origin" + contentSecurityPolicy: "script-src 'self'" + referrerPolicy: "strict-origin-when-cross-origin" diff --git a/conf/files/headers-sts.yml b/conf/files/headers-sts.yml index 1067a1c..d57eb3e 100644 --- a/conf/files/headers-sts.yml +++ b/conf/files/headers-sts.yml @@ -2,6 +2,6 @@ http: middlewares: headers-sts: headers: - stsincludesubdomains: true - stspreload: true - stsseconds: 31536000 + stsIncludeSubdomains: true + stsPreload: true + stsSeconds: 31536000 diff --git a/conf/files/net-home.yml b/conf/files/net-home.yml index e5f28b7..0702d25 100644 --- a/conf/files/net-home.yml +++ b/conf/files/net-home.yml @@ -1,5 +1,5 @@ http: middlewares: net-home: - ipwhitelist: + ipallowlist: sourcerange: "192.168.2.0/28" diff --git a/docker-compose.yml b/docker-compose.yml index fca6ac4..3c732ee 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -10,12 +10,12 @@ networks: services: traefik: - image: "traefik:v2.4.8" + image: "traefik:v3.1.2" restart: always command: + #- "--core.defaultRuleSyntax=v2" #- "--log.level=DEBUG" - "--global.sendanonymoususage=false" - - "--pilot.dashboard=false" - "--api.dashboard=true" #- "--api.insecure=true" - "--providers.docker=true" @@ -28,6 +28,8 @@ services: - "--entrypoints.web.http.redirections.entrypoint.scheme=https" - "--entrypoints.web-secure.address=:443" - "--entrypoints.ssh-git.address=:2201" + #- "--entrypoints.turn-udp.address=:80/udp" + #- "--entrypoints.turns-udp.address=:443/udp" - "--certificatesresolvers.letsencrypt.acme.httpchallenge=true" - "--certificatesresolvers.letsencrypt.acme.httpchallenge.entrypoint=web" #- "--certificatesresolvers.letsencrypt.acme.caserver=https://acme-staging-v02.api.letsencrypt.org/directory"