Refactoring

- Update Træfik to v2.11

Refactoring
78e622b4 · Olivier Benz · 76874a03 · 78e622b4 · 78e622b4 · 78e622b4
Verified Commit 78e622b4 authored 1 year ago by Olivier Benz
--- a/.editorconfig
+++ b/.editorconfig
+root = true
+
+[*]
+charset = utf-8
+end_of_line = lf
+indent_style = space
+indent_size = 2
+insert_final_newline = true
+trim_trailing_whitespace = true
+
+[*.{markdown,md}]
+trim_trailing_whitespace = false
--- a/.gitattributes
+++ b/.gitattributes
+* text=auto eol=lf
--- a/.gitignore
+++ b/.gitignore
-# File created using '.gitignore Generator' for Visual Studio Code: https://bit.ly/vscode-gig
-
-# Created by https://www.toptal.com/developers/gitignore/api/windows,macos,linux
-# Edit at https://www.toptal.com/developers/gitignore?templates=windows,macos,linux
-
-### Linux ###
-*~
-
-# temporary files which can be created if a process still has a handle open of a deleted file
-.fuse_hidden*
-
-# KDE directory preferences
-.directory
-
-# Linux trash folder which might appear on any partition or disk
-.Trash-*
-
-# .nfs files are created when an open file is removed but is still being accessed
-.nfs*
-
-### macOS ###
-# General
-.DS_Store
-.AppleDouble
-.LSOverride
-
-# Icon must end with two \r
-Icon
-
-# Thumbnails
-._*
-
-# Files that might appear in the root of a volume
-.DocumentRevisions-V100
-.fseventsd
-.Spotlight-V100
-.TemporaryItems
-.Trashes
-.VolumeIcon.icns
-.com.apple.timemachine.donotpresent
-
-# Directories potentially created on remote AFP share
-.AppleDB
-.AppleDesktop
-Network Trash Folder
-Temporary Items
-.apdisk
-
-### Windows ###
-# Windows thumbnail cache files
-Thumbs.db
-Thumbs.db:encryptable
-ehthumbs.db
-ehthumbs_vista.db
-
-# Dump file
-*.stackdump
-
-# Folder config file
-[Dd]esktop.ini
-
-# Recycle Bin used on file shares
-$RECYCLE.BIN/
-
-# Windows Installer files
-*.cab
-*.msi
-*.msix
-*.msm
-*.msp
-
-# Windows shortcuts
-*.lnk
-
-# End of https://www.toptal.com/developers/gitignore/api/windows,macos,linux
-
-# Custom rules (everything added below won't be overriden by 'Generate .gitignore File' if you use 'Update' option)
-
-.env
-docker-compose.yml
-
-config/**/*.json
-config/**/*.toml
-config/certs/**
-custom/**
+*
+
+!/.github/
+!/config/
+!/config/acme/
+!/config/certs/
+!/config/files/
+!/custom/
+!/references/
+
+!/.github/FUNDING.yml
+!/config/files/middlewares_basic.toml
+!/config/files/tls.toml
+!/references/info.yml
+!/references/traefik.sample.toml
+
+!/.editorconfig
+!/.gitattributes
+!/.gitignore
+!/.markdownlint.yml
+!/CODE_OF_CONDUCT.md
+!/LICENSE
+!/README.md
+!/sample..env
+!/sample.docker-compose.yml

 !.keep
-!config/files/middlewares_basic.toml
-!config/files/tls.toml
--- a/.markdownlint.yml
+++ b/.markdownlint.yml
+MD033: false
--- a/CODE_OF_CONDUCT.md
+++ b/CODE_OF_CONDUCT.md
@@ -45,16 +45,16 @@ or harmful.

 Community leaders have the right and responsibility to remove, edit, or reject
 comments, commits, code, wiki edits, issues, and other contributions that are
-not aligned to this Code of Conduct, and will communicate reasons for
-moderation decisions when appropriate.
+not aligned to this Code of Conduct, and will communicate reasons for moderation
+decisions when appropriate.

 ## Scope

 This Code of Conduct applies within all community spaces, and also applies when
 an individual is officially representing the community in public spaces.
-Examples of representing our community include using an official e-mail
-address, posting via an official social media account, or acting as an
-appointed representative at an online or offline event.
+Examples of representing our community include using an official e-mail address,
+posting via an official social media account, or acting as an appointed
+representative at an online or offline event.

 ## Enforcement

@@ -116,13 +116,17 @@ the community.

 This Code of Conduct is adapted from the [Contributor Covenant][homepage],
 version 2.0, available at
-https://www.contributor-covenant.org/version/2/0/code_of_conduct.html.
+[https://www.contributor-covenant.org/version/2/0/code_of_conduct.html][v2.0].

-Community Impact Guidelines were inspired by [Mozilla's code of conduct
-enforcement ladder](https://github.com/mozilla/diversity).
-
-[homepage]: https://www.contributor-covenant.org
+Community Impact Guidelines were inspired by
+[Mozilla's code of conduct enforcement ladder][Mozilla CoC].

 For answers to common questions about this code of conduct, see the FAQ at
-https://www.contributor-covenant.org/faq. Translations are available at
-https://www.contributor-covenant.org/translations.
+[https://www.contributor-covenant.org/faq][FAQ]. Translations are available
+at [https://www.contributor-covenant.org/translations][translations].
+
+[homepage]: https://www.contributor-covenant.org
+[v2.0]: https://www.contributor-covenant.org/version/2/0/code_of_conduct.html
+[Mozilla CoC]: https://github.com/mozilla/diversity
+[FAQ]: https://www.contributor-covenant.org/faq
+[translations]: https://www.contributor-covenant.org/translations
--- a/README.md
+++ b/README.md
-[![minimal-readme compliant](https://img.shields.io/badge/readme%20style-minimal-brightgreen.svg)](https://github.com/RichardLitt/standard-readme/blob/master/example-readmes/minimal-readme.md) [![Project Status: Active – The project has reached a stable, usable state and is being actively developed.](https://www.repostatus.org/badges/latest/active.svg)](https://www.repostatus.org/#active) <a href="https://liberapay.com/benz0li/donate"><img src="https://liberapay.com/assets/widgets/donate.svg" alt="Donate using Liberapay" height="20"></a>
-
 # Træfik

+<!-- markdownlint-disable line-length -->
+[![minimal-readme compliant](https://img.shields.io/badge/readme%20style-minimal-brightgreen.svg)](https://github.com/RichardLitt/standard-readme/blob/master/example-readmes/minimal-readme.md) [![Project Status: Active – The project has reached a stable, usable state and is being actively developed.](https://www.repostatus.org/badges/latest/active.svg)](https://www.repostatus.org/#active) <a href="https://liberapay.com/benz0li/donate"><img src="https://liberapay.com/assets/widgets/donate.svg" alt="Donate using Liberapay" height="20"></a>
+<!-- markdownlint-enable line-length -->
+
 [This project](https://gitlab.com/b-data/docker/deployments/traefik) serves as
-a template to run [Træfik](https://hub.docker.com/_/traefik) v2.8 in a docker
+a template to run [Træfik](https://hub.docker.com/_/traefik) v2.11 in a docker
 container using docker compose.

 The goal is to set up a TLS termination proxy for all Docker containers
 providing web services on a **single host**.

-**Features**
+Features:

-*  Automatic creation/renewal of Let's Encrypt certificates (HTTP challenge).
-*  Provision of the following basic Middlewares:
-    *  RedirectScheme: Redirect from HTTP to HTTPS
-    *  RateLimit: Limit to a _fair_ amount of requests
-        *  average: 100 requests per second
-        *  burst: 50 requests (per second)
-    *  Headers: HTTP Strict Transport Security with long duration
-*  Provision of three configurations (modern, intermediate [default], old) for
-   TLS.  
-   → See [Mozilla SSL Configuration Generator](https://ssl-config.mozilla.org)
-   for more information.
-*  Use of an [.env file](https://docs.docker.com/compose/env-file/) for
-   [variable substitution in the Compose file](https://docs.docker.com/compose/compose-file/#variable-substitution).
-   
+* Automatic creation/renewal of Let's Encrypt certificates (HTTP challenge).
+* Provision of the following basic Middlewares:
+  * RedirectScheme: Redirect from HTTP to HTTPS
+  * RateLimit: Limit to a _fair_ amount of requests
+    * average: 100 requests per second
+    * burst: 50 requests (per second)
+  * Headers: HTTP Strict Transport Security with long duration
+* Provision of three configurations (modern, intermediate [default], old) for
+  TLS.  
+  → See [Mozilla SSL Configuration Generator](https://ssl-config.mozilla.org)
+  for more information.
+* Use of an [.env file](https://docs.docker.com/compose/env-file/) for
+  [variable substitution in the Compose file](https://docs.docker.com/compose/compose-file/#variable-substitution).

-**About træfik**
+About træfik:

-*  Homepage: https://traefik.io/traefik/
-*  Documentation: https://doc.traefik.io/traefik/
+* Homepage: <https://traefik.io/traefik/>
+* Documentation: <https://doc.traefik.io/traefik/>

 ## Table of Contents

-*  [Prerequisites](#prerequisites)
-*  [Install](#install)
-*  [Usage](#usage)
-*  [Contributing](#contributing)
-*  [License](#license)
+* [Prerequisites](#prerequisites)
+* [Install](#install)
+* [Usage](#usage)
+* [Contributing](#contributing)
+* [License](#license)

 ## Prerequisites

 For the HTTP challenge you require:

-*  A publicly accessible host allowing connections on port 80 & 443.
-*  A DNS record for the domain you want to expose pointing to this host.
+* A publicly accessible host allowing connections on port 80 & 443.
+* A DNS record for the domain you want to expose pointing to this host.

 ## Install

 To install docker and docker compose, follow the instructions for your platform:

-*  [Install Docker Engine | Docker Documentation > Supported platforms](https://docs.docker.com/engine/install/#supported-platforms)
-   *  Includes Docker Compose V2
-*  [Post-installation steps for Linux](https://docs.docker.com/engine/install/linux-postinstall/)
+* [Install Docker Engine | Docker Documentation > Supported platforms](https://docs.docker.com/engine/install/#supported-platforms)
+  * Includes Docker Compose V2
+* [Post-installation steps for Linux](https://docs.docker.com/engine/install/linux-postinstall/)

 ## Usage

-1.  Create an external docker network named "webproxy":  
-    ```bash
-    docker network create webproxy
-    ```
-1.  Change file mode of `config/acme`:
-    ```bash
-    chmod go+w config/acme
-    ```
-1.  Make a copy of all `sample.` files:  
-    ```bash
-    for file in sample.*; do cp "$file" "${file#sample.}"; done;
-    ```
-1.  Update environment variables `TF_ACME_EMAIL` and `TF_CERTRESOLVER_NAME1` in
-    '.env':
-    *  Replace `postmaster@mydomain.com` with a valid email address of yours.
-    *  Replace `mydomain-com` with a suitable name to identify this certificate
-       resolvers configuration.  
-       → Dots (`.`) in the name are not allowed!
-1.  Start the container in detached mode:  
-    ```bash
-    docker compose up -d
-    ```
+1. Create an external docker network named "webproxy":  
+
+       docker network create webproxy
+
+1. Change file mode of `config/acme`:
+
+       chmod go+w config/acme
+
+1. Make a copy of all `sample.` files:  
+
+       for file in sample.*; do cp "$file" "${file#sample.}"; done;
+
+1. Update environment variables `TF_ACME_EMAIL` and `TF_CERTRESOLVER_NAME1` in
+   '.env':
+    * Replace `postmaster@mydomain.com` with a valid email address of yours.
+    * Replace `mydomain-com` with a suitable name to identify this certificate
+      resolvers configuration.  
+      → Dots (`.`) in the name are not allowed!
+1. Start the container in detached mode:  
+
+       docker compose up -d

 `docker compose` commands must be run in the root directory of the project, i.e.
 where 'docker-compose.yml' is located!

 ### Test

-1.  Uncomment lines 43 to 55 in 'docker-compose.yml' to enable service "whoami"
-    and configure as follows:
-    *  Replace `whoami.mydomain.com` with the intended domain from
-    [Prerequisites](#prerequisites).
-    *  Replace `mydomain-com` with the value set for `TF_CERTRESOLVER_NAME1` in
-    '.env'.
-2.  Start the container in detached mode:  
-    ```bash
-    docker compose up -d
-    ```
-3.  Wait a bit and visit http://whoami.mydomain.com to confirm everything went
-fine.
+1. Uncomment lines 43 to 55 in 'docker-compose.yml' to enable service "whoami"
+   and configure as follows:
+    * Replace `whoami.mydomain.com` with the intended domain from
+      [Prerequisites](#prerequisites).
+    * Replace `mydomain-com` with the value set for `TF_CERTRESOLVER_NAME1` in
+      '.env'.
+2. Start the container in detached mode:  
+
+       docker compose up -d
+
+3. Wait a bit and visit <http://whoami.mydomain.com> to confirm everything went
+   fine.

 ### Debugging

-Use [docker logs](https://docs.docker.com/engine/reference/commandline/logs/)
-to see the output of the container:
+Use [docker logs](https://docs.docker.com/engine/reference/commandline/logs/) to
+see the output of the container:

-```bash
-docker logs webproxy-traefik-1
-```
+    docker logs webproxy-traefik-1

 ## Contributing

-PRs accepted.
+PRs accepted. Please submit to the
+[GitLab repository](https://gitlab.com/b-data/docker/deployments/traefik).

 This project follows the
 [Contributor Covenant](https://www.contributor-covenant.org)

--- a/references/info.yml
+++ b/references/info.yml
-sources: 
+sources:
  - file_name: traefik.sample.toml
    url: https://raw.githubusercontent.com/traefik/traefik/master/traefik.sample.toml
-    date: 2021-10-07
+    date: 2023-02-20
--- a/sample..env
+++ b/sample..env
@@ -7,7 +7,7 @@ COMPOSE_PROJECT_NAME=webproxy
 TF_HOME=

 ## Version
-TF_VERSION=2.9
+TF_VERSION=2.11

 ## Certificate Resolvers
 TF_ACME_EMAIL=postmaster@mydomain.com