Update config dir values to match install

2026-01-28 22:00:51 +00:00 · 2026-01-19 13:55:22 -08:00
parent 5743c0bb72
commit 90f66baf85
3 changed files with 79 additions and 29 deletions
--- a/config/traefik/dynamic_config.yml
+++ b/config/traefik/dynamic_config.yml
@@ -1,5 +1,9 @@
 http:
  middlewares:
+    badger:
+      plugin:
+        badger:
+          disableForwardAuth: true
    redirect-to-https:
      redirectScheme:
        scheme: https
@@ -13,14 +17,16 @@ http:
        - web
      middlewares:
        - redirect-to-https
+        - badger

    # Next.js router (handles everything except API and WebSocket paths)
    next-router:
-      rule: "Host(`{{.DashboardDomain}}`)"
+      rule: "Host(`{{.DashboardDomain}}`) && !PathPrefix(`/api/v1`)"
      service: next-service
-      priority: 10
      entryPoints:
        - websecure
+      middlewares:
+        - badger
      tls:
        certResolver: letsencrypt

@@ -28,9 +34,21 @@ http:
    api-router:
      rule: "Host(`{{.DashboardDomain}}`) && PathPrefix(`/api/v1`)"
      service: api-service
-      priority: 100
      entryPoints:
        - websecure
+      middlewares:
+        - badger
+      tls:
+        certResolver: letsencrypt
+
+    # WebSocket router
+    ws-router:
+      rule: "Host(`{{.DashboardDomain}}`)"
+      service: api-service
+      entryPoints:
+        - websecure
+      middlewares:
+        - badger
      tls:
        certResolver: letsencrypt

@@ -44,3 +62,12 @@ http:
      loadBalancer:
        servers:
          - url: "http://pangolin:3000"  # API/WebSocket server
+
+tcp:
+  serversTransports:
+    pp-transport-v1:
+      proxyProtocol:
+        version: 1
+    pp-transport-v2:
+      proxyProtocol:
+        version: 2
--- a/config/traefik/traefik_config.yml
+++ b/config/traefik/traefik_config.yml
@@ -3,32 +3,52 @@ api:
  dashboard: true

 providers:
+  http:
+    endpoint: "http://pangolin:3001/api/v1/traefik-config"
+    pollInterval: "5s"
  file:
-    directory: "/var/dynamic"
-    watch: true
+    filename: "/etc/traefik/dynamic_config.yml"

 experimental:
  plugins:
    badger:
      moduleName: "github.com/fosrl/badger"
-      version: "v1.3.0"
+      version: "{{.BadgerVersion}}"

 log:
-  level: "DEBUG"
+  level: "INFO"
  format: "common"
  maxSize: 100
  maxBackups: 3
  maxAge: 3
  compress: true

+certificatesResolvers:
+  letsencrypt:
+    acme:
+      httpChallenge:
+        entryPoint: web
+      email: "{{.LetsEncryptEmail}}"
+      storage: "/letsencrypt/acme.json"
+      caServer: "https://acme-v02.api.letsencrypt.org/directory"
+
 entryPoints:
  web:
    address: ":80"
  websecure:
-    address: ":9443"
+    address: ":443"
    transport:
      respondingTimeouts:
        readTimeout: "30m"
+    http:
+      tls:
+        certResolver: "letsencrypt"
+      encodedCharacters:
+        allowEncodedSlash: true
+        allowEncodedQuestionMark: true

 serversTransport:
  insecureSkipVerify: true
+
+ping:
+  entryPoint: "web"