48 lines
1.2 KiB
YAML
48 lines
1.2 KiB
YAML
http:
|
|
middlewares:
|
|
block-ip-access:
|
|
headers:
|
|
customRequestHeaders:
|
|
Host: "" # This will catch requests with no Host header or invalid ones
|
|
cloudflarewarp:
|
|
plugin:
|
|
cloudflare:
|
|
trustedCIDRs: []
|
|
overwriteRequestHeader: true
|
|
debug: true
|
|
crowdsec:
|
|
plugin:
|
|
bouncer:
|
|
enabled: true
|
|
crowdsecMode: stream
|
|
crowdsecLapiHost: "localhost:8080"
|
|
crowdsecLapiKey: gFJjSzdbB0GCe/1Y9HcxMPP1vQmoa4psZOFyleJZJVQ
|
|
compress-middleware:
|
|
compress:
|
|
encodings:
|
|
- br
|
|
- gzip
|
|
defaultEncoding: br
|
|
routers:
|
|
block-direct-access:
|
|
rule: "HostRegexp(`{host:.+}`)" # Matches any host
|
|
service: noop@internal
|
|
priority: 1 # Low priority to catch unmatched requests
|
|
entryPoints:
|
|
- web
|
|
- websecure
|
|
middlewares:
|
|
- block-ip-access
|
|
netdata:
|
|
rule: Host(`netdata.gbanyan.net`)
|
|
service: netdata
|
|
entryPoints: ["internal_websecure"]
|
|
tls:
|
|
certResolver: letsencrypt
|
|
|
|
services:
|
|
netdata:
|
|
loadBalancer:
|
|
servers:
|
|
- url: "http://127.0.0.1:19999"
|