54 lines
1.3 KiB
YAML
54 lines
1.3 KiB
YAML
http:
|
|
middlewares:
|
|
block-ip-access:
|
|
headers:
|
|
customRequestHeaders:
|
|
Host: "" # This will catch requests with no Host header or invalid ones
|
|
cloudflarewarp:
|
|
plugin:
|
|
cloudflare:
|
|
trustedCIDRs: []
|
|
overwriteRequestHeader: true
|
|
debug: true
|
|
crowdsec:
|
|
plugin:
|
|
bouncer:
|
|
enabled: true
|
|
crowdsecMode: stream
|
|
crowdsecLapiHost: "localhost:8080"
|
|
crowdsecLapiKey: gFJjSzdbB0GCe/1Y9HcxMPP1vQmoa4psZOFyleJZJVQ
|
|
compress-middleware:
|
|
compress:
|
|
encodings:
|
|
- zstd
|
|
- br
|
|
- gzip
|
|
defaultEncoding: zstd
|
|
includedContentTypes:
|
|
- text/html
|
|
- text/css
|
|
- application/javascript
|
|
- application/json
|
|
- text/plain
|
|
routers:
|
|
block-direct-access:
|
|
rule: "HostRegexp(`{host:.+}`)" # Matches any host
|
|
service: noop@internal
|
|
priority: 1 # Low priority to catch unmatched requests
|
|
entryPoints:
|
|
- web
|
|
- websecure
|
|
middlewares:
|
|
- block-ip-access
|
|
netdata:
|
|
rule: Host(`netdata.gbanyan.net`)
|
|
service: netdata
|
|
entryPoints: ["internal_websecure"]
|
|
tls:
|
|
certResolver: letsencrypt
|
|
|
|
services:
|
|
netdata:
|
|
loadBalancer:
|
|
servers:
|
|
- url: "http://127.0.0.1:19999" |