add default headers
This commit is contained in:
parent
15e90e0443
commit
f4cfb51b8e
@ -23,6 +23,9 @@ spec:
|
||||
routes:
|
||||
- match: Host(`aetheria-grafana.fascinated.cc`)
|
||||
kind: Rule
|
||||
middlewares:
|
||||
- name: default-headers
|
||||
namespace: traefik
|
||||
services:
|
||||
- name: aetheria-grafana-external
|
||||
port: 3000
|
||||
|
@ -23,6 +23,9 @@ spec:
|
||||
routes:
|
||||
- match: Host(`aetheria-influx.fascinated.cc`)
|
||||
kind: Rule
|
||||
middlewares:
|
||||
- name: default-headers
|
||||
namespace: traefik
|
||||
services:
|
||||
- name: aetheria-influx-external
|
||||
port: 8086
|
||||
|
@ -23,6 +23,9 @@ spec:
|
||||
routes:
|
||||
- match: Host(`analytics.fascinated.cc`)
|
||||
kind: Rule
|
||||
middlewares:
|
||||
- name: default-headers
|
||||
namespace: traefik
|
||||
services:
|
||||
- name: analytics-external
|
||||
port: 8000
|
||||
|
@ -23,6 +23,9 @@ spec:
|
||||
routes:
|
||||
- match: Host(`api.mcutils.xyz`)
|
||||
kind: Rule
|
||||
middlewares:
|
||||
- name: default-headers
|
||||
namespace: traefik
|
||||
services:
|
||||
- name: mc-utils-api-external
|
||||
port: 80
|
||||
|
@ -23,6 +23,9 @@ spec:
|
||||
routes:
|
||||
- match: Host(`azure-metrics.fascinated.cc`)
|
||||
kind: Rule
|
||||
middlewares:
|
||||
- name: default-headers
|
||||
namespace: traefik
|
||||
services:
|
||||
- name: azure-metrics-external
|
||||
port: 3000
|
||||
|
@ -23,6 +23,9 @@ spec:
|
||||
routes:
|
||||
- match: Host(`azure-phpma.fascinated.cc`)
|
||||
kind: Rule
|
||||
middlewares:
|
||||
- name: default-headers
|
||||
namespace: traefik
|
||||
services:
|
||||
- name: azure-phpma-external
|
||||
port: 8080
|
||||
|
@ -23,6 +23,9 @@ spec:
|
||||
routes:
|
||||
- match: Host(`bitmagnet.local.fascinated.cc`)
|
||||
kind: Rule
|
||||
middlewares:
|
||||
- name: default-headers
|
||||
namespace: traefik
|
||||
services:
|
||||
- name: bitmagnet-local-external
|
||||
port: 3333
|
||||
|
@ -23,6 +23,9 @@ spec:
|
||||
routes:
|
||||
- match: Host(`cdn.fascinated.cc`)
|
||||
kind: Rule
|
||||
middlewares:
|
||||
- name: default-headers
|
||||
namespace: traefik
|
||||
services:
|
||||
- name: cdn-external
|
||||
port: 8087
|
||||
|
@ -23,6 +23,9 @@ spec:
|
||||
routes:
|
||||
- match: Host(`cloud.fascinated.cc`)
|
||||
kind: Rule
|
||||
middlewares:
|
||||
- name: default-headers
|
||||
namespace: traefik
|
||||
services:
|
||||
- name: nextcloud-external
|
||||
port: 80
|
||||
|
@ -23,6 +23,9 @@ spec:
|
||||
routes:
|
||||
- match: Host(`docs.fascinated.cc`)
|
||||
kind: Rule
|
||||
middlewares:
|
||||
- name: default-headers
|
||||
namespace: traefik
|
||||
services:
|
||||
- name: docs-external
|
||||
port: 80
|
||||
|
@ -23,6 +23,9 @@ spec:
|
||||
routes:
|
||||
- match: Host(`fascinated.cc`)
|
||||
kind: Rule
|
||||
middlewares:
|
||||
- name: default-headers
|
||||
namespace: traefik
|
||||
services:
|
||||
- name: main-site-external
|
||||
port: 3000
|
||||
|
@ -23,6 +23,9 @@ spec:
|
||||
routes:
|
||||
- match: Host(`git.fascinated.cc`)
|
||||
kind: Rule
|
||||
middlewares:
|
||||
- name: default-headers
|
||||
namespace: traefik
|
||||
services:
|
||||
- name: git-external
|
||||
port: 3003
|
||||
|
@ -23,6 +23,9 @@ spec:
|
||||
routes:
|
||||
- match: Host(`glitchtip.fascinated.cc`)
|
||||
kind: Rule
|
||||
middlewares:
|
||||
- name: default-headers
|
||||
namespace: traefik
|
||||
services:
|
||||
- name: sentry-external
|
||||
port: 8000
|
||||
|
@ -23,6 +23,9 @@ spec:
|
||||
routes:
|
||||
- match: Host(`grafana.mcutils.xyz`)
|
||||
kind: Rule
|
||||
middlewares:
|
||||
- name: default-headers
|
||||
namespace: traefik
|
||||
services:
|
||||
- name: mc-utils-grafana-external
|
||||
port: 3000
|
||||
|
@ -23,6 +23,9 @@ spec:
|
||||
routes:
|
||||
- match: Host(`img.fascinated.cc`)
|
||||
kind: Rule
|
||||
middlewares:
|
||||
- name: default-headers
|
||||
namespace: traefik
|
||||
services:
|
||||
- name: img-proxy-external
|
||||
port: 8080
|
||||
|
@ -23,6 +23,9 @@ spec:
|
||||
routes:
|
||||
- match: Host(`influx.mcutils.xyz`)
|
||||
kind: Rule
|
||||
middlewares:
|
||||
- name: default-headers
|
||||
namespace: traefik
|
||||
services:
|
||||
- name: mc-utils-influx-external
|
||||
port: 8086
|
||||
|
@ -11,6 +11,9 @@ spec:
|
||||
routes:
|
||||
- match: Host(`kubernetes-grafana.local.fascinated.cc`)
|
||||
kind: Rule
|
||||
middlewares:
|
||||
- name: default-headers
|
||||
namespace: traefik
|
||||
services:
|
||||
- name: kube-prometheus-stack-grafana
|
||||
port: 80
|
||||
|
@ -23,6 +23,9 @@ spec:
|
||||
routes:
|
||||
- match: Host(`mastodon.fascinated.cc`)
|
||||
kind: Rule
|
||||
middlewares:
|
||||
- name: default-headers
|
||||
namespace: traefik
|
||||
services:
|
||||
- name: mastodon-external
|
||||
port: 3000
|
||||
|
@ -23,6 +23,9 @@ spec:
|
||||
routes:
|
||||
- match: Host(`mc-tracker.fascinated.cc`)
|
||||
kind: Rule
|
||||
middlewares:
|
||||
- name: default-headers
|
||||
namespace: traefik
|
||||
services:
|
||||
- name: mc-tracker-external
|
||||
port: 3000
|
||||
|
@ -23,6 +23,9 @@ spec:
|
||||
routes:
|
||||
- match: Host(`mcutils.xyz`)
|
||||
kind: Rule
|
||||
middlewares:
|
||||
- name: default-headers
|
||||
namespace: traefik
|
||||
services:
|
||||
- name: mc-utils-external
|
||||
port: 80
|
||||
|
@ -23,6 +23,9 @@ spec:
|
||||
routes:
|
||||
- match: Host(`node-hl-01.fascinated.cc`)
|
||||
kind: Rule
|
||||
middlewares:
|
||||
- name: default-headers
|
||||
namespace: traefik
|
||||
services:
|
||||
- name: node-hl-01-external
|
||||
port: 443
|
||||
|
@ -23,6 +23,9 @@ spec:
|
||||
routes:
|
||||
- match: Host(`obsidian-sync.fascinated.cc`)
|
||||
kind: Rule
|
||||
middlewares:
|
||||
- name: default-headers
|
||||
namespace: traefik
|
||||
services:
|
||||
- name: obsidian-sync-external
|
||||
port: 5984
|
||||
|
@ -23,6 +23,9 @@ spec:
|
||||
routes:
|
||||
- match: Host(`overseerr.fascinated.cc`)
|
||||
kind: Rule
|
||||
middlewares:
|
||||
- name: default-headers
|
||||
namespace: traefik
|
||||
services:
|
||||
- name: overseerr-external
|
||||
port: 5055
|
||||
|
@ -23,6 +23,9 @@ spec:
|
||||
routes:
|
||||
- match: Host(`owntracks-web.fascinated.cc`)
|
||||
kind: Rule
|
||||
middlewares:
|
||||
- name: default-headers
|
||||
namespace: traefik
|
||||
services:
|
||||
- name: owntracks-web-external
|
||||
port: 6969
|
||||
|
@ -23,6 +23,9 @@ spec:
|
||||
routes:
|
||||
- match: Host(`owntracks.fascinated.cc`)
|
||||
kind: Rule
|
||||
middlewares:
|
||||
- name: default-headers
|
||||
namespace: traefik
|
||||
services:
|
||||
- name: owntracks-external
|
||||
port: 8083
|
||||
|
@ -23,6 +23,9 @@ spec:
|
||||
routes:
|
||||
- match: Host(`panel.fascinated.cc`)
|
||||
kind: Rule
|
||||
middlewares:
|
||||
- name: default-headers
|
||||
namespace: traefik
|
||||
services:
|
||||
- name: panel-external
|
||||
port: 80
|
||||
|
@ -23,6 +23,9 @@ spec:
|
||||
routes:
|
||||
- match: Host(`paste-grafana.local.fascinated.cc`)
|
||||
kind: Rule
|
||||
middlewares:
|
||||
- name: default-headers
|
||||
namespace: traefik
|
||||
services:
|
||||
- name: paste-grafana-local-external
|
||||
port: 3035
|
||||
|
@ -23,6 +23,9 @@ spec:
|
||||
routes:
|
||||
- match: Host(`plex.fascinated.cc`)
|
||||
kind: Rule
|
||||
middlewares:
|
||||
- name: default-headers
|
||||
namespace: traefik
|
||||
services:
|
||||
- name: plex-external
|
||||
port: 32400
|
||||
|
@ -23,6 +23,9 @@ spec:
|
||||
routes:
|
||||
- match: Host(`proxmox.local.fascinated.cc`)
|
||||
kind: Rule
|
||||
middlewares:
|
||||
- name: default-headers
|
||||
namespace: traefik
|
||||
services:
|
||||
- name: proxmox-luna-local-external
|
||||
port: 8006
|
||||
|
@ -23,6 +23,9 @@ spec:
|
||||
routes:
|
||||
- match: Host(`repo.fascinated.cc`)
|
||||
kind: Rule
|
||||
middlewares:
|
||||
- name: default-headers
|
||||
namespace: traefik
|
||||
services:
|
||||
- name: repo-external
|
||||
port: 8080
|
||||
|
@ -23,6 +23,9 @@ spec:
|
||||
routes:
|
||||
- match: Host(`restic.fascinated.cc`)
|
||||
kind: Rule
|
||||
middlewares:
|
||||
- name: default-headers
|
||||
namespace: traefik
|
||||
services:
|
||||
- name: restic-backups-external
|
||||
port: 8000
|
||||
|
@ -23,6 +23,9 @@ spec:
|
||||
routes:
|
||||
- match: Host(`s.fascinated.cc`)
|
||||
kind: Rule
|
||||
middlewares:
|
||||
- name: default-headers
|
||||
namespace: traefik
|
||||
services:
|
||||
- name: slash-external
|
||||
port: 5231
|
||||
|
@ -23,6 +23,9 @@ spec:
|
||||
routes:
|
||||
- match: Host(`sonarr-anime.local.fascinated.cc`)
|
||||
kind: Rule
|
||||
middlewares:
|
||||
- name: default-headers
|
||||
namespace: traefik
|
||||
services:
|
||||
- name: sonarr-anime-local-external
|
||||
port: 8988
|
||||
|
@ -23,6 +23,9 @@ spec:
|
||||
routes:
|
||||
- match: Host(`sonarr.local.fascinated.cc`)
|
||||
kind: Rule
|
||||
middlewares:
|
||||
- name: default-headers
|
||||
namespace: traefik
|
||||
services:
|
||||
- name: sonarr-local-external
|
||||
port: 8989
|
||||
|
@ -23,6 +23,9 @@ spec:
|
||||
routes:
|
||||
- match: Host(`ssr-staging.fascinated.cc`)
|
||||
kind: Rule
|
||||
middlewares:
|
||||
- name: default-headers
|
||||
namespace: traefik
|
||||
services:
|
||||
- name: ssr-staging-external
|
||||
port: 80
|
||||
|
@ -23,6 +23,9 @@ spec:
|
||||
routes:
|
||||
- match: Host(`status.fascinated.cc`)
|
||||
kind: Rule
|
||||
middlewares:
|
||||
- name: default-headers
|
||||
namespace: traefik
|
||||
services:
|
||||
- name: status-external
|
||||
port: 3001
|
||||
|
@ -23,6 +23,9 @@ spec:
|
||||
routes:
|
||||
- match: Host(`subscriptions.fascinated.cc`)
|
||||
kind: Rule
|
||||
middlewares:
|
||||
- name: default-headers
|
||||
namespace: traefik
|
||||
services:
|
||||
- name: subscriptions-external
|
||||
port: 8282
|
||||
|
@ -23,6 +23,9 @@ spec:
|
||||
routes:
|
||||
- match: Host(`tautulli.fascinated.cc`)
|
||||
kind: Rule
|
||||
middlewares:
|
||||
- name: default-headers
|
||||
namespace: traefik
|
||||
services:
|
||||
- name: tautulli-external
|
||||
port: 8181
|
||||
|
@ -23,6 +23,9 @@ spec:
|
||||
routes:
|
||||
- match: Host(`tdarr.local.fascinated.cc`)
|
||||
kind: Rule
|
||||
middlewares:
|
||||
- name: default-headers
|
||||
namespace: traefik
|
||||
services:
|
||||
- name: tdarr-local-external
|
||||
port: 8265
|
||||
|
@ -23,6 +23,9 @@ spec:
|
||||
routes:
|
||||
- match: Host(`teleport.fascinated.cc`)
|
||||
kind: Rule
|
||||
middlewares:
|
||||
- name: default-headers
|
||||
namespace: traefik
|
||||
services:
|
||||
- name: teleport-external
|
||||
port: 3080
|
||||
|
@ -23,6 +23,9 @@ spec:
|
||||
routes:
|
||||
- match: Host(`torrent.local.fascinated.cc`)
|
||||
kind: Rule
|
||||
middlewares:
|
||||
- name: default-headers
|
||||
namespace: traefik
|
||||
services:
|
||||
- name: torrent-local-external
|
||||
port: 8080
|
||||
|
@ -23,6 +23,9 @@ spec:
|
||||
routes:
|
||||
- match: Host(`translate.fascinated.cc`)
|
||||
kind: Rule
|
||||
middlewares:
|
||||
- name: default-headers
|
||||
namespace: traefik
|
||||
services:
|
||||
- name: translate-external
|
||||
port: 5000
|
||||
|
@ -23,6 +23,9 @@ spec:
|
||||
routes:
|
||||
- match: Host(`tube.fascinated.cc`)
|
||||
kind: Rule
|
||||
middlewares:
|
||||
- name: default-headers
|
||||
namespace: traefik
|
||||
services:
|
||||
- name: tube-external
|
||||
port: 8209
|
||||
|
@ -23,6 +23,9 @@ spec:
|
||||
routes:
|
||||
- match: Host(`vaultwarden.fascinated.cc`)
|
||||
kind: Rule
|
||||
middlewares:
|
||||
- name: default-headers
|
||||
namespace: traefik
|
||||
services:
|
||||
- name: vaultwarden-external
|
||||
port: 4743
|
||||
|
@ -23,6 +23,9 @@ spec:
|
||||
routes:
|
||||
- match: Host(`vencloud.fascinated.cc`)
|
||||
kind: Rule
|
||||
middlewares:
|
||||
- name: default-headers
|
||||
namespace: traefik
|
||||
services:
|
||||
- name: vencloud-external
|
||||
port: 8080
|
||||
|
@ -23,6 +23,9 @@ spec:
|
||||
routes:
|
||||
- match: Host(`wakatime.fascinated.cc`)
|
||||
kind: Rule
|
||||
middlewares:
|
||||
- name: default-headers
|
||||
namespace: traefik
|
||||
services:
|
||||
- name: wakatime-external
|
||||
port: 3355
|
||||
|
@ -23,6 +23,9 @@ spec:
|
||||
routes:
|
||||
- match: Host(`wazuh.local.fascinated.cc`)
|
||||
kind: Rule
|
||||
middlewares:
|
||||
- name: default-headers
|
||||
namespace: traefik
|
||||
services:
|
||||
- name: wazuh-external
|
||||
port: 443
|
||||
|
@ -23,6 +23,9 @@ spec:
|
||||
routes:
|
||||
- match: Host(`wiki.fascinated.cc`)
|
||||
kind: Rule
|
||||
middlewares:
|
||||
- name: default-headers
|
||||
namespace: traefik
|
||||
services:
|
||||
- name: wiki-external
|
||||
port: 80
|
||||
|
18
apps/production/traefik/middlewares/default-headers.yaml
Normal file
18
apps/production/traefik/middlewares/default-headers.yaml
Normal file
@ -0,0 +1,18 @@
|
||||
apiVersion: traefik.io/v1alpha1
|
||||
kind: Middleware
|
||||
metadata:
|
||||
name: default-headers
|
||||
namespace: traefik
|
||||
spec:
|
||||
headers:
|
||||
browserXssFilter: true
|
||||
contentTypeNosniff: true
|
||||
forceSTSHeader: true
|
||||
stsIncludeSubdomains: true
|
||||
stsPreload: true
|
||||
stsSeconds: 15552000
|
||||
referrerPolicy: no-referrer
|
||||
contentSecurityPolicy: "default-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:; img-src 'self' data: https:; font-src 'self' https: data:; connect-src 'self' https:; frame-src 'self' https:; media-src 'self' https:; object-src 'none'; frame-ancestors 'self'; base-uri 'self'; form-action 'self';"
|
||||
customFrameOptionsValue: SAMEORIGIN
|
||||
customRequestHeaders:
|
||||
X-Forwarded-Proto: https
|
Reference in New Issue
Block a user