Repository/Traefik
0
Fork 0
Code Actions Releases 1 Activity

Inital Commit
All checks were successful
Traefik / Traefik [arm64] (push) Successful in 1m10s
Details
Traefik / Traefik [amd64] (push) Successful in 1m14s
Details

Browse Source
This commit is contained in:
Cantibra
2025-10-26 21:11:06 +01:00
commit 45f4e96f60
17 changed files with 1257 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

87
root/etc/init.d/traefik Normal file
View File

@@ -0,0 +1,87 @@
#!/usr/bin/sh
### BEGIN INIT INFO
# Provides: traefik
# Required-Start: $local_fs $network $remote_fs
# Required-Stop: $local_fs $network $remote_fs
# Default-Start: 2 3 4 5
# Default-Stop: 0 1 6
# Short-Description: Traefik Reverse Proxy
# Description: Traefik is an open-source reverse proxy and load balancer
# designed for microservices and containerized applications.
# It automatically discovers services and routes traffic
# based on defined rules. Traefik supports HTTP, HTTPS, and
# TCP protocols, offers automatic SSL certificate
# management, and provides a user-friendly dashboard for
# monitoring traffic and service health.
### END INIT INFO
NAME='traefik'
DESC='Traefik Reverse Proxy'
USER='traefik'
GROUP='traefik'
PIDFOLDER="/run/traefik"
PIDFILE="${PIDFOLDER}/traefik.pid"
DAEMON='/usr/sbin/traefik'
DAEMON_CONFIG='/etc/traefik/traefik.yml'
DAEMON_OPTS="--configfile ${DAEMON_CONFIG}"
set -e
[ -f "${DAEMON_CONFIG}" ]
. /lib/lsb/init-functions
[ -x "${DAEMON}" ]
case "${1}" in
start)
/usr/bin/install --directory --group="${GROUP}" ---mode='0755' --owner="${USER}" "${PIDFOLDER}"
log_daemon_msg "Starting ${DESC}" "${NAME}"
if /usr/sbin/start-stop-daemon --quiet \
--start \
--oknodo \
--make-pidfile \
--pidfile "${PIDFILE}" \
--user "${USER}" \
--group "${GROUP}" \
--exec "${DAEMON}" -- "${DAEMON_OPTS}"; then
log_end_msg 0
else
log_end_msg 1
/usr/bin/test -f "${PIDFILE}" && \
/usr/bin/rm --force "${PIDFILE}"
fi
;;
stop)
log_daemon_msg "Stopping ${DESC}" "${NAME}"
if /usr/sbin/start-stop-daemon --quiet \
--stop \
--oknodo \
--retry 30 \
--remove-pidfile \
--pidfile "${PIDFILE}" \
--user "${USER}" \
--group "${GROUP}" \
--exec "${DAEMON}"; then
/usr/bin/test -f "${PIDFILE}" && \
/usr/bin/rm --force "${PIDFILE}"
log_end_msg 0
else
log_end_msg 1
fi
;;
restart)
"${0}" stop
"${0}" start
;;
status)
status_of_proc -p "${PIDFILE}" "${DAEMON}" "${NAME}" && \
exit 0 || \
exit "${?}"
;;
*)
echo "Usage: /etc/init.d/${NAME} {start|stop|restart|status}" >&2
exit 1
;;
esac

71
root/etc/logrotate.d/traefik Normal file
View File

@@ -0,0 +1,71 @@
/var/log/traefik/*.log {
# Truncate the original log file in place after creating a copy,
# instead of moving the old log file and optionally creating a
# new one. It can be used when some program cannot be told to
# close its logfile and thus might continue writing (appending)
# to the previous log file forever. Note that there is a very
# small time slice between copying the file and truncating it, so
# some logging data might be lost. When this option is used, the
# create option will have no effect, as the old log file stays in
# place.
copytruncate
# Log files are rotated every day.
daily
# Archive old versions of log files adding a daily extension like
# YYYYMMDD instead of simply adding a number. The extension may
# be configured using the dateformat option.
dateext
# Specify the extension for dateext using the notation similar to
# strftime(3) function. Only %Y %m %d and %s specifiers are allowed.
# The default value is -%Y%m%d. Note that also the character
# separating log name from the extension is part of the dateformat
# string. The system clock must be set past Sep 9th 2001 for %s to
# work correctly. Note that the datestamps generated by this format
# must be lexically sortable (i.e., first the year, then the month
# then the day. e.g., 2001/12/01 is ok, but 01/12/2001 is not, since
# 01/11/2002 would sort lower while it is later). This is because when
# using the rotate option, logrotate sorts all rotated filenames to
# find out which logfiles are older and should be removed.
dateformat .%Y-%m-%d
# Use yesterday's instead of today's date to create the dateext
# extension, so that the rotated log file has a date in its name that
# is the same as the timestamps within it.
dateyesterday
# Postpone compression of the previous log file to the next rotation
# cycle. This only has effect when used in combination with compress.
# It can be used when some program cannot be told to close its logfile
# and thus might continue writing to the previous log file for some time.
delaycompress
# Do not copy the original log file and leave it in place.
nocopy
# New log files are not created.
nocreate
# Don't mail old log files to any address.
nomail
# Do not use shred when deleting old log files.
noshred
# Do not rotate the log if it is empty.
notifempty
# Logs are moved into directory for rotation. The directory must be on the
# same physical device as the log file being rotated, and is assumed to be
# relative to the directory holding the log file unless an absolute path
# name is specified. When this option is used all old versions of the log
# end up in directory.
olddir /var/logrotate/traefik
# Log files are rotated count times before being removed or mailed to the
# address specified in a mail directive. If count is 0, old versions are
# removed rather than rotated.
rotate 7
}

131
root/etc/traefik/providers.yml Normal file
View File

@@ -0,0 +1,131 @@
# - - - - - HTTP - - - - - #
http:
middlewares:
# access-device:
# ipAllowList:
# sourceRange:
# - "127.0.0.1/32"
# - "::1/128"
access-network:
ipAllowList:
sourceRange:
- "10.0.0.0/8"
- "172.16.0.0/12"
- "192.168.0.0/16"
- "fc00::/7"
compression:
compress:
defaultEncoding: gzip
minResponseBodyBytes: 256
headers:
headers:
browserXssFilter: true
contentTypeNosniff: true
forceSTSHeader: true
referrerPolicy: strict-origin-when-cross-origin
stsIncludeSubdomains: true
stsSeconds: 31536000
routers:
default:
entryPoints:
- http
# - https
middlewares:
- access-device
- compression
- headers
rule: "Host(\`*\`)"
service: default
# tls:
# certResolver: letsencrypt-ecdsa
# domains:
# - main: "localhost"
# sans:
# - "127.0.0.1"
# - "::1"
proxy-api:
entryPoints:
- http
# - https
middlewares:
- access-device
- headers
rule: "Host(\`localhost\`) && PathPrefix(\`/api\`)"
service: api@internal
# tls:
# certResolver: letsencrypt-ecdsa
# domains:
# - main: "localhost"
# sans:
# - "127.0.0.1"
# - "::1"
proxy-dashboard:
entryPoints:
- http
# - https
middlewares:
- access-device
- compression
- headers
rule: "Host(\`localhost\`)"
service: dashboard@internal
# tls:
# certResolver: letsencrypt-ecdsa
# domains:
# - main: "localhost"
# sans:
# - "127.0.0.1"
# - "::1"
services:
default:
loadBalancer:
servers:
- url: "http://localhost"
# - - - - - TCP - - - - - #
#tcp:
# middlewares:
# access-network:
# ipAllowList:
# sourceRange:
# - "10.0.0.0/8"
# - "172.16.0.0/12"
# - "192.168.0.0/16"
# - "2a02:8109:3115:8d00::/64"
# - "fc00::/7"
# routers:
# example:
# entryPoints:
# - example-tcp
# rule: "HostSNI(\`*\`)"
# service: example
# services:
# example:
# loadBalancer:
# servers:
# - address: "localhost:53"
# - - - - - TLS - - - - - #
#tls:
# stores:
# default:
# defaultCertificate:
# certFile: '/etc/ssl/crt/root.crt'
# keyFile: '/etc/ssl/key/root.key'
# - - - - - UDP - - - - - #
#udp:
# routers:
# example:
# entryPoints:
# - example-udp
# service: example
# services:
# example:
# loadBalancer:
# servers:
# - address: "localhost:53"

83
root/etc/traefik/traefik.yml Normal file
View File

@@ -0,0 +1,83 @@
# - - - - - Access Log - - - - - #
accessLog:
filePath: '/var/log/traefik/access.log'
bufferingSize: 0
# - - - - - API - - - - - #
api:
disableDashboardAd: true
# - - - - - Certificates Resolver - - - - - #
#certificatesResolvers:
# letsencrypt-rsa:
# acme:
# email: "<EMAIL>"
# storage: '/var/lib/traefik/acme.json'
# keyType: RSA4096
# dnsChallenge:
# resolvers:
# - "localhost:53"
# propagation:
# delayBeforeChecks: 60s
# requireAllRNS: true
# provider: <PROVIDER>
# letsencrypt-ecdsa:
# acme:
# email: "<EMAIL>"
# storage: '/var/lib/traefik/acme.json'
# keyType: EC384
# dnsChallenge:
# resolvers:
# - "localhost:53"
# propagation:
# delayBeforeChecks: 60s
# requireAllRNS: true
# provider: <PROVIDER>
# - - - - - Entry Points - - - - - #
entryPoints:
# example-tcp:
# address: ':60788'
# example-udp:
# address: '53689:/udp'
# udp:
# timeout: 1s
http:
address: ':80'
# http:
# redirections:
# entryPoint:
# to: https
# scheme: https
# https:
# address: ':443'
# http3:
# advertisedPort: '443'
# observability:
# accessLogs: true
# - - - - - Log - - - - - #
log:
filePath: '/var/log/traefik/error.log'
level: ERROR
maxAge: 7
maxSize: 32
# - - - - - Providers - - - - - #
providers:
file:
filename: '/etc/traefik/providers.yml'
watch: true
# - - - - - TLS - - - - - #
tls:
options:
default:
sniStrict: true