taqi/homeserver
1
1
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
ca4a2f705136879a113bfb1c6a9a54e79514e8ef
homeserver/docker/traefik/traefik-rules.yaml

37 lines
1.1 KiB
YAML
Raw Blame History

http:
middlewares:
# Rate Limiting Middleware
middlewares-rate-limit:
rateLimit:
average: 100
burst: 100
period: 1m
# Security Headers Middleware
middlewares-secure-headers:
headers:
browserXssFilter: true
contentTypeNosniff: true
frameDeny: true
permissionsPolicy: "GEOLOCATION 'none'; MICROPHONE 'none'; CAMERA 'none'"
referrerPolicy: "strict-origin-when-cross-origin"
stsIncludeSubdomains: true
stsMaxAge: 63072000
stsPreload: true
customFrameOptionsValue: "SAMEORIGIN"
customRequestHeaders:
X-Forwarded-Proto: "https"
tls:
options:
default:
#sniStrict: true # prevents leaking default cert; see https://doc.traefik.io/traefik/v2.2/https/tls/#strict-sni-checking
minVersion: VersionTLS12
cipherSuites:
- TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
- TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
- TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
- TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
- TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305
- TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305
Reference in New Issue View Git Blame Copy Permalink