eightball/all-in-one
1
0
Fork 0
mirror of https://github.com/nextcloud/all-in-one.git synced 2025-12-20 06:26:57 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 10

Add Treafik HTTP/3 Support (#3965)

Browse source 
Signed-off-by: wuast94 <mihauku@googlemail.com>
Signed-off-by: wuast94 <github@wuast24.de>
Signed-off-by: Simon L. <szaimen@e.mail.de>
Signed-off-by: Marc <github@wuast24.de>
Co-authored-by: wuast94 <mihauku@googlemail.com>
Co-authored-by: Simon L <szaimen@e.mail.de>
This commit is contained in:
Marc 2024-01-14 10:04:36 +01:00 committed by GitHub
parent cf54794be2
commit 72fe749644
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 48 additions and 42 deletions
Download patch file Download diff file Expand all files Collapse all files

88
reverse-proxy.md
View file

@ -556,61 +556,67 @@ The examples below define the dynamic configuration in YAML files. If you rather
# STATIC CONFIGURATION # STATIC CONFIGURATION
entryPoints: entryPoints:
https: https:
address: ":443" # Create an entrypoint called "https" that uses port 443 address: ":443" # Create an entrypoint called "https" that uses port 443
# If you want to enable HTTP/3 support, uncomment the line below
# http3: {}
certificatesResolvers: certificatesResolvers:
# Define "letsencrypt" certificate resolver # Define "letsencrypt" certificate resolver
letsencrypt: letsencrypt:
acme: acme:
storage: /letsencrypt/acme.json # Defines the path where certificates should be stored storage: /letsencrypt/acme.json # Defines the path where certificates should be stored
email: <your-email-address> # Where LE sends notification about certificates expiring email: <your-email-address> # Where LE sends notification about certificates expiring
tlschallenge: true tlschallenge: true
providers: providers:
file: file:
directory: "/path/to/dynamic/conf" # Adjust the path according your needs. directory: "/path/to/dynamic/conf" # Adjust the path according your needs.
watch: true watch: true
# Enable HTTP/3 feature by uncommenting the lines below. Don't forget to route 443 UDP to Traefik (Firewall\NAT\Traefik Container)
# experimental:
# http3: true
``` ```
1. Declare the router, service and middlewares for Nextcloud in `/path/to/dynamic/conf/nextcloud.yml`: 1. Declare the router, service and middlewares for Nextcloud in `/path/to/dynamic/conf/nextcloud.yml`:
```yml ```yml
http: http:
routers: routers:
nextcloud: nextcloud:
rule: "Host(`<your-nc-domain>`)" rule: "Host(`<your-nc-domain>`)"
entrypoints: entrypoints:
- "https" - "https"
service: nextcloud service: nextcloud
middlewares: middlewares:
- nextcloud-chain - nextcloud-chain
tls: tls:
certresolver: "letsencrypt" certresolver: "letsencrypt"
services: services:
nextcloud: nextcloud:
loadBalancer: loadBalancer:
servers: servers:
- url: "http://localhost:11000" # Use the host's IP address if Traefik runs outside the host network - url: "http://localhost:11000" # Use the host's IP address if Traefik runs outside the host network
middlewares: middlewares:
nextcloud-secure-headers: nextcloud-secure-headers:
headers: headers:
hostsProxyHeaders: hostsProxyHeaders:
- "X-Forwarded-Host" - "X-Forwarded-Host"
referrerPolicy: "same-origin" referrerPolicy: "same-origin"
https-redirect: https-redirect:
redirectscheme: redirectscheme:
scheme: https scheme: https
nextcloud-chain: nextcloud-chain:
chain: chain:
middlewares: middlewares:
# - ... (e.g. rate limiting middleware) # - ... (e.g. rate limiting middleware)
- https-redirect - https-redirect
- nextcloud-secure-headers - nextcloud-secure-headers
``` ```
--- ---