move tls configuration from static configuration to dynamic configuration
This commit is contained in:
parent
f119bd7c37
commit
85ca1d8890
3 changed files with 18 additions and 16 deletions
config
11
config/dynamic/tls.yml
Normal file
11
config/dynamic/tls.yml
Normal file
|
@ -0,0 +1,11 @@
|
|||
tls:
|
||||
options:
|
||||
default:
|
||||
minVersion: VersionTLS12
|
||||
cipherSuites:
|
||||
- TLS_CHACHA20_POLY1305_SHA256
|
||||
- TLS_AES_128_GCM_SHA256
|
||||
- TLS_AES_256_GCM_SHA384
|
||||
- TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256
|
||||
- TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
|
||||
- TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
|
|
@ -34,6 +34,10 @@
|
|||
exposedByDefault = false
|
||||
defaultRule = "Host(`{{ normalize .Name }}.docker.localhost`)"
|
||||
|
||||
[providers.file]
|
||||
directory = "/etc/traefik/dynamic"
|
||||
watch = true
|
||||
|
||||
[certificatesResolvers.default.acme]
|
||||
email = "hostmaster@zom.bi"
|
||||
storage = "/cert/acme.json"
|
||||
|
@ -48,18 +52,4 @@
|
|||
keyFile = "cert/bitmask.me.origin.key"
|
||||
[[tls.certificates]]
|
||||
certFile = "cert/grun.host.origin.pem"
|
||||
keyFile = "cert/grun.host.origin.key"
|
||||
|
||||
[tls.options]
|
||||
[tls.options.default]
|
||||
minVersion = "VersionTLS12"
|
||||
cipherSuites = [
|
||||
"TLS_CHACHA20_POLY1305_SHA256",
|
||||
"TLS_AES_128_GCM_SHA256",
|
||||
"TLS_AES_256_GCM_SHA384",
|
||||
"TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256",
|
||||
"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256",
|
||||
"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384"
|
||||
]
|
||||
[tls.options.mintls13]
|
||||
minVersion = "VersionTLS13"
|
||||
keyFile = "cert/grun.host.origin.key"
|
Loading…
Add table
Add a link
Reference in a new issue