logLevel = "INFO"
debug = true
defaultEntryPoints = ["http", "https"]

[docker]
endpoint = "unix:///var/run/docker.sock"
watch = true
exposedbydefault = false

[api]

[entryPoints]
 [entryPoints.http]
  address = ":80"
  compress = false
  [entryPoints.http.redirect]
   entryPoint = "https"
 [entryPoints.https]
  address = ":443"
  compress = false
  [entryPoints.https.tls]
   # Accept only TLS1.1 and 1.2
   MinVersion = "VersionTLS11"
   # Accept all ciphers excepting TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA and TLS_RSA_WITH_3DES_EDE_CBC_SHA
   # CipherSuites = ["TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA","TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA","TLS_RSA_WITH_AES_128_GCM_SHA256","TLS_RSA_WITH_AES_256_GCM_SHA384","TLS_RSA_WITH_AES_128_CBC_SHA","TLS_RSA_WITH_AES_256_CBC_SHA" ]
   # Keep only ECDHE :
   CipherSuites = ["TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA","TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA" ]

[acme]
 email = "picasoft@assos.utc.fr"
 storage = "/certs/acme.json"
 entryPoint = "https"
 onHostRule = true
 [acme.httpChallenge]
  entryPoint = "http"