36 lines
1.1 KiB
TOML
36 lines
1.1 KiB
TOML
|
logLevel = "INFO"
|
||
|
|
debug = true
|
||
|
|
defaultEntryPoints = ["http", "https"]
|
||
|
|
|
||
|
|
[docker]
|
||
|
|
endpoint = "unix:///var/run/docker.sock"
|
||
|
|
watch = true
|
||
|
|
exposedbydefault = false
|
||
|
|
|
||
|
|
[api]
|
||
|
|
|
||
|
|
[entryPoints]
|
||
|
|
[entryPoints.http]
|
||
|
|
address = ":80"
|
||
|
|
compress = false
|
||
|
|
[entryPoints.http.redirect]
|
||
|
|
entryPoint = "https"
|
||
|
|
[entryPoints.https]
|
||
|
|
address = ":443"
|
||
|
|
compress = false
|
||
|
|
[entryPoints.https.tls]
|
||
|
|
# Accept only TLS1.1 and 1.2
|
||
|
|
MinVersion = "VersionTLS11"
|
||
|
|
# Accept all ciphers excepting TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA and TLS_RSA_WITH_3DES_EDE_CBC_SHA
|
||
|
|
# CipherSuites = ["TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA","TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA","TLS_RSA_WITH_AES_128_GCM_SHA256","TLS_RSA_WITH_AES_256_GCM_SHA384","TLS_RSA_WITH_AES_128_CBC_SHA","TLS_RSA_WITH_AES_256_CBC_SHA" ]
|
||
|
|
# Keep only ECDHE :
|
||
|
|
CipherSuites = ["TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA","TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA" ]
|
||
|
|
|
||
|
|
[acme]
|
||
|
|
email = "picasoft@assos.utc.fr"
|
||
|
|
storage = "/certs/acme.json"
|
||
|
|
entryPoint = "https"
|
||
|
|
onHostRule = true
|
||
|
|
[acme.httpChallenge]
|
||
|
|
entryPoint = "http"
|