Skip to content

Commit

Permalink
Merge pull request #26 from frigi83/dev
Browse files Browse the repository at this point in the history
✨ HTTP/3 example
  • Loading branch information
frigi83 authored Jul 28, 2022
2 parents 1c712b1 + 1bbeb25 commit fefc925
Show file tree
Hide file tree
Showing 3 changed files with 96 additions and 0 deletions.
17 changes: 17 additions & 0 deletions example_http3/FileProvider/file-provider.toml
Original file line number Diff line number Diff line change
@@ -0,0 +1,17 @@
[tls.options]

[tls.options.default]
minVersion = "VersionTLS12"

cipherSuites = [
"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256",
"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384",
"TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305",
"TLS_AES_128_GCM_SHA256",
"TLS_AES_256_GCM_SHA384",
"TLS_CHACHA20_POLY1305_SHA256"
]

sniStrict = true

[http]
5 changes: 5 additions & 0 deletions example_http3/README.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,5 @@

See this post https://frigi.ch/en/2022/07/activate-http/3-in-traefik/


If you find a problem in this guide or in the configurations files you can open an [issue](https://github.com/frigi83/traefik-examples/issues) on GitHub. Thanks!
74 changes: 74 additions & 0 deletions example_http3/docker-compose.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,74 @@
version: '3.7'

services:

# =============================================================
#
# TRAEFIK - reverse proxy
#
# =============================================================

traefik:
image: traefik:v2.8
container_name: traefik
command:
# - "--log.level=DEBUG"
- "--api.dashboard=true"
- "--providers.file.directory=/FileProvider/"
- "--providers.file.watch=true"
- "--providers.docker=true"
- "--providers.docker.exposedbydefault=false"
- "--entrypoints.web.address=:80"
- "--entrypoints.web.http.redirections.entryPoint.to=web-secure"
- "--entrypoints.web.http.redirections.entryPoint.scheme=https"
- "--entrypoints.web-secure.address=:443"
- "--entrypoints.web-secure.http3"
- "--experimental.http3=true"
- "--serverstransport.insecureskipverify=true"
- "--certificatesresolvers.certificato.acme.dnschallenge=true"
- "--certificatesresolvers.certificato.acme.dnschallenge.provider=cloudflare"
- "--certificatesresolvers.certificato.acme.dnschallenge.delaybeforecheck=10"
- "--certificatesresolvers.certificato.acme.dnschallenge.resolvers=1.1.1.1:53"
# - "--certificatesresolvers.certificato.acme.caserver=https://acme-staging-v02.api.letsencrypt.org/directory"
- "--certificatesresolvers.certificato.acme.email=${ACME_EMAIL}"
- "--certificatesresolvers.certificato.acme.storage=acme.json"
- "--ping=true"
environment:
CF_API_EMAIL: ${CF_API_EMAIL}
CF_API_KEY: ${CF_API_KEY}
CLOUDFLARE_EMAIL: ${CLOUDFLARE_EMAIL}
CLOUDFLARE_API_KEY: ${CLOUDFLARE_API_KEY}
labels:
- "traefik.enable=true"
- "traefik.http.routers.api.rule=Host(`traefik.${DOMAIN}`)"
- "traefik.http.routers.api.entrypoints=web-secure"
- "traefik.http.routers.api.tls.certresolver=certificato"
- "traefik.http.routers.api.tls.domains[0].main=*.${DOMAIN}"
- "traefik.http.routers.api.service=api@internal"
ports:
- 80:80
- 443:443/tcp
- 443:443/udp
volumes:
- /var/run/docker.sock:/var/run/docker.sock # So that Traefik can listen to the Docker events
- /path/to/docker/traefik/acme.json:/acme.json
- /path/to/docker/traefik/FileProvider/:/FileProvider/
restart: always


# =============================================================
#
# WHOAMI
#
# =============================================================

whoami:
image: containous/whoami
container_name: whoami
labels:
- "traefik.enable=true"
- "traefik.http.routers.whoami.rule=Host(`whoami.${DOMAIN}`)"
- "traefik.http.routers.whoami.entrypoints=web-secure"
- 'traefik.http.routers.whoami.tls=true'
- "traefik.http.routers.whoami.tls.certresolver=certificato"
- "traefik.http.routers.whoami.tls.domains[0].main=*.${DOMAIN}"

0 comments on commit fefc925

Please sign in to comment.