groales/traefik
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
f3815ae8dfe645ed453d5421f3d2a6be44137ad6
traefik/dynamic/middlewares.yml

99 lines
2.6 KiB
YAML
Raw Blame History

http:
middlewares:
# Headers de seguridad
security-headers:
headers:
stsSeconds: 63072000
forceSTSHeader: true
stsIncludeSubdomains: true
stsPreload: true
frameDeny: true
contentTypeNosniff: true
browserXssFilter: true
referrerPolicy: "strict-origin-when-cross-origin"
customResponseHeaders:
X-Robots-Tag: "none,noarchive,nosnippet,notranslate,noimageindex"
# Rate limiting
rate-limit:
rateLimit:
average: 100
burst: 200
period: 1m
# IP Allow List (ejemplo - ajusta tus IPs)
ip-allowlist:
ipAllowList:
sourceRange:
- "127.0.0.1/32"
- "10.0.0.0/8"
- "172.16.0.0/12"
- "192.168.0.0/16"
# Autenticación básica (genera hash con: docker run --rm httpd:alpine htpasswd -nbB admin tu_password)
auth-basic:
basicAuth:
users:
- "admin:$2y$05$example_hash_CHANGE_THIS" # CAMBIA ESTE HASH
# Redirect www a root
redirect-www:
redirectRegex:
regex: "^https?://www\\.(.+)"
replacement: "https://${1}"
permanent: true
# ============================================
# ROUTERS Y SERVICIOS (Ejemplos comentados)
# ============================================
# Descomentar y adaptar según necesites
# routers:
# # Ejemplo: Router para aplicación web con HTTPS y middlewares
# whoami:
# rule: "Host(`whoami.tudominio.com`)"
# entryPoints:
# - websecure
# middlewares:
# - security-headers
# - rate-limit
# service: whoami-service
# tls:
# certResolver: letsencrypt
#
# # Ejemplo: Router con autenticación básica y restricción IP
# admin-panel:
# rule: "Host(`admin.tudominio.com`)"
# entryPoints:
# - websecure
# middlewares:
# - auth-basic
# - ip-allowlist
# - security-headers
# service: admin-service
# tls:
# certResolver: letsencrypt
#
# services:
# # Ejemplo: Servicio apuntando a contenedor local
# whoami-service:
# loadBalancer:
# servers:
# - url: "http://whoami:80"
#
# # Ejemplo: Servicio apuntando a servidor externo
# admin-service:
# loadBalancer:
# servers:
# - url: "http://192.168.1.100:8080"
#
# # Ejemplo: Servicio con health check
# api-service:
# loadBalancer:
# servers:
# - url: "http://api:3000"
# healthCheck:
# path: "/health"
# interval: "10s"
# timeout: "3s"
Reference in New Issue View Git Blame Copy Permalink