mirror of
https://github.com/nextcloud/all-in-one.git
synced 2024-12-25 08:10:48 +08:00
Add Treafik HTTP/3 Support (#3965)
Signed-off-by: wuast94 <mihauku@googlemail.com> Signed-off-by: wuast94 <github@wuast24.de> Signed-off-by: Simon L. <szaimen@e.mail.de> Signed-off-by: Marc <github@wuast24.de> Co-authored-by: wuast94 <mihauku@googlemail.com> Co-authored-by: Simon L <szaimen@e.mail.de>
This commit is contained in:
parent
cf54794be2
commit
72fe749644
1 changed files with 48 additions and 42 deletions
|
@ -556,61 +556,67 @@ The examples below define the dynamic configuration in YAML files. If you rather
|
|||
# STATIC CONFIGURATION
|
||||
|
||||
entryPoints:
|
||||
https:
|
||||
address: ":443" # Create an entrypoint called "https" that uses port 443
|
||||
https:
|
||||
address: ":443" # Create an entrypoint called "https" that uses port 443
|
||||
# If you want to enable HTTP/3 support, uncomment the line below
|
||||
# http3: {}
|
||||
|
||||
certificatesResolvers:
|
||||
# Define "letsencrypt" certificate resolver
|
||||
letsencrypt:
|
||||
acme:
|
||||
storage: /letsencrypt/acme.json # Defines the path where certificates should be stored
|
||||
email: <your-email-address> # Where LE sends notification about certificates expiring
|
||||
tlschallenge: true
|
||||
# Define "letsencrypt" certificate resolver
|
||||
letsencrypt:
|
||||
acme:
|
||||
storage: /letsencrypt/acme.json # Defines the path where certificates should be stored
|
||||
email: <your-email-address> # Where LE sends notification about certificates expiring
|
||||
tlschallenge: true
|
||||
|
||||
providers:
|
||||
file:
|
||||
directory: "/path/to/dynamic/conf" # Adjust the path according your needs.
|
||||
watch: true
|
||||
file:
|
||||
directory: "/path/to/dynamic/conf" # Adjust the path according your needs.
|
||||
watch: true
|
||||
|
||||
# Enable HTTP/3 feature by uncommenting the lines below. Don't forget to route 443 UDP to Traefik (Firewall\NAT\Traefik Container)
|
||||
# experimental:
|
||||
# http3: true
|
||||
```
|
||||
|
||||
1. Declare the router, service and middlewares for Nextcloud in `/path/to/dynamic/conf/nextcloud.yml`:
|
||||
|
||||
```yml
|
||||
http:
|
||||
routers:
|
||||
nextcloud:
|
||||
rule: "Host(`<your-nc-domain>`)"
|
||||
entrypoints:
|
||||
- "https"
|
||||
service: nextcloud
|
||||
middlewares:
|
||||
- nextcloud-chain
|
||||
tls:
|
||||
certresolver: "letsencrypt"
|
||||
routers:
|
||||
nextcloud:
|
||||
rule: "Host(`<your-nc-domain>`)"
|
||||
entrypoints:
|
||||
- "https"
|
||||
service: nextcloud
|
||||
middlewares:
|
||||
- nextcloud-chain
|
||||
tls:
|
||||
certresolver: "letsencrypt"
|
||||
|
||||
services:
|
||||
nextcloud:
|
||||
loadBalancer:
|
||||
servers:
|
||||
- url: "http://localhost:11000" # Use the host's IP address if Traefik runs outside the host network
|
||||
services:
|
||||
nextcloud:
|
||||
loadBalancer:
|
||||
servers:
|
||||
- url: "http://localhost:11000" # Use the host's IP address if Traefik runs outside the host network
|
||||
|
||||
middlewares:
|
||||
nextcloud-secure-headers:
|
||||
headers:
|
||||
hostsProxyHeaders:
|
||||
- "X-Forwarded-Host"
|
||||
referrerPolicy: "same-origin"
|
||||
middlewares:
|
||||
nextcloud-secure-headers:
|
||||
headers:
|
||||
hostsProxyHeaders:
|
||||
- "X-Forwarded-Host"
|
||||
referrerPolicy: "same-origin"
|
||||
|
||||
https-redirect:
|
||||
redirectscheme:
|
||||
scheme: https
|
||||
|
||||
nextcloud-chain:
|
||||
chain:
|
||||
middlewares:
|
||||
# - ... (e.g. rate limiting middleware)
|
||||
- https-redirect
|
||||
- nextcloud-secure-headers
|
||||
https-redirect:
|
||||
redirectscheme:
|
||||
scheme: https
|
||||
|
||||
nextcloud-chain:
|
||||
chain:
|
||||
middlewares:
|
||||
# - ... (e.g. rate limiting middleware)
|
||||
- https-redirect
|
||||
- nextcloud-secure-headers
|
||||
```
|
||||
|
||||
---
|
||||
|
|
Loading…
Reference in a new issue