maddox/scripts
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
scripts/configs/dyno.yml
Maddox 66ceea1359 Auto-sync dyno.yml 2026-01-27 01:57
2026-01-27 01:57:38 +00:00

1518 lines
39 KiB
YAML
Raw Blame History

http:
serversTransports:
mytransport:
insecureSkipVerify: true
middlewares:
secure-headers:
headers:
frameDeny: true
contentTypeNosniff: true
browserXssFilter: true
forceSTSHeader: true
stsSeconds: 31536000
stsIncludeSubdomains: true
stsPreload: true
redirect-to-https:
redirectScheme:
scheme: https
permanent: true
enable-websocket:
headers:
customRequestHeaders:
X-Forwarded-Proto: https
run-api-strip:
stripPrefix:
prefixes:
- /api/vi
authentik:
forwardAuth:
address: http://authentik-server:9000/outpost.goauthentik.io/auth/traefik
trustForwardHeader: true
authResponseHeaders:
- X-authentik-username
- X-authentik-groups
- X-authentik-email
- X-authentik-name
- X-authentik-uid
silverbullet-headers:
headers:
customResponseHeaders:
X-Robots-Tag: "noindex, nofollow"
X-Content-Type-Options: "nosniff"
Referrer-Policy: "strict-origin-when-cross-origin"
dvr-headers:
headers:
customRequestHeaders:
X-Forwarded-For: "{clientip}"
X-Forwarded-Proto: "https"
Host: "dvr.3ddbrewery.com"
weechat-websocket:
headers:
customRequestHeaders:
X-Forwarded-Proto: "https"
books-api-cors:
headers:
accessControlAllowMethods:
- "GET"
- "POST"
- "PUT"
- "DELETE"
- "OPTIONS"
- "PATCH"
accessControlAllowOriginList:
- "https://books.3ddbrewery.com"
- "https://books.fails.me"
accessControlAllowCredentials: true
accessControlAllowHeaders:
- "Content-Type"
- "Authorization"
- "X-Requested-With"
- "Accept"
- "Origin"
- "Cookie"
accessControlMaxAge: 600
proxmox-headers:
headers:
customRequestHeaders:
X-Forwarded-Proto: https
customResponseHeaders:
X-Frame-Options: "SAMEORIGIN" # Allows iframe from same origin
contentTypeNosniff: true
browserXssFilter: true
forceSTSHeader: true
stsSeconds: 31536000
stsIncludeSubdomains: true
stsPreload: true
routers:
# HTTP catchall
http-catchall:
rule: hostregexp(`{host:.+}`)
entryPoints:
- web
middlewares:
- redirect-to-https
service: noop@internal
priority: 1
###################
# NO AUTH SERVICES
###################
forgejo:
entryPoints:
- web-secure
tls:
certResolver: default
service: forgejo
rule: Host(`git.3ddbrewery.com`) || Host(`git.fails.me`)
middlewares:
- secure-headers
bookmarks:
entryPoints:
- web-secure
tls:
certResolver: default
service: bookmarks
rule: Host(`b.fails.me`) || Host(`bookmarks.fails.me`) || Host(`b.3ddbrewery.com`)
|| Host(`bookmarks.3ddbrewery.com`)
middlewares:
- secure-headers
pve:
entryPoints:
- web-secure
service: pve
rule: Host(`pve.3ddbrewery.com`) || Host(`pve.fails.me`) || Host(`pve-z620.3ddbrewery.com`) || Host(`pve-z620.fails.me`)
tls:
certResolver: default
middlewares:
- proxmox-headers
pve2:
entryPoints:
- web-secure
service: pve2
rule: Host(`pve2.3ddbrewery.com`) || Host(`pve2.fails.me`)
tls:
certResolver: default
middlewares:
- proxmox-headers
finance:
entryPoints:
- web-secure
tls:
certResolver: default
service: finance
rule: Host(`f.fails.me`) || Host(`finance.fails.me`) || Host(`f.3ddbrewery.com`)
|| Host(`finance.3ddbrewery.com`)
middlewares:
- secure-headers
znc:
entryPoints:
- web-secure
tls:
certResolver: default
service: znc
rule: Host(`znc.fails.me`) || Host(`irc.fails.me`) || Host(`znc.3ddbrewery.com`)
|| Host(`irc.3ddbrewery.com`)
middlewares:
- secure-headers
NTFY:
entryPoints:
- web-secure
tls:
certResolver: default
service: NTFY
rule: Host(`notify.fails.me`) || Host(`ntfy.3ddbrewery.com`)
middlewares:
- secure-headers
- enable-websocket
stores-api:
entryPoints:
- web-secure
tls:
certResolver: default
service: stores-api
rule: Host(`api.stores.fails.me`) || Host(`api.stores.3ddbrewery.com`)
middlewares:
- secure-headers
finance-dev:
entryPoints:
- web-secure
tls:
certResolver: default
service: finance-dev
rule: Host(`fin-dev.fails.me`) || Host(`fin-dev.3ddbrewery.com`)
middlewares:
- secure-headers
immich:
entryPoints:
- web-secure
tls:
certResolver: default
service: immich
rule: Host(`photos.fails.me`) || Host(`photos.3ddbrewery.com`)
middlewares:
- secure-headers
navidrome:
entryPoints:
- web-secure
tls:
certResolver: default
service: navidrome
rule: Host(`music.fails.me`) || Host(`music.3ddbrewery.com`)
middlewares:
- secure-headers
weechat-relay:
entryPoints:
- web-secure
tls:
certResolver: default
service: weechat-relay
rule: Host(`weechat.fails.me`) || Host(`weechat.3ddbrewery.com`)
middlewares:
- weechat-websocket
###################
# AUTH SERVICES (simple - no API split)
###################
uptime:
entryPoints:
- web-secure
tls:
certResolver: default
service: uptime
rule: Host(`uptime.fails.me`) || Host(`uptime.3ddbrewery.com`)
middlewares:
- secure-headers
- authentik
phpmyadmin:
entryPoints:
- web-secure
tls:
certResolver: default
service: phpmyadmin
rule: Host(`php.fails.me`) || Host(`phpmyadmin.fails.me`) || Host(`php.3ddbrewery.com`)
|| Host(`phpmyadmin.3ddbrewery.com`)
middlewares:
- secure-headers
- authentik
portainer:
entryPoints:
- web-secure
tls:
certResolver: default
service: portainer
rule: Host(`portainer.fails.me`) || Host(`docker.fails.me`) || Host(`portainer.3ddbrewery.com`)
|| Host(`docker.3ddbrewery.com`)
middlewares:
- secure-headers
- authentik
nms:
entryPoints:
- web-secure
tls:
certResolver: default
service: nms
rule: Host(`nms.fails.me`) || Host(`nms.3ddbrewery.com`)
middlewares:
- secure-headers
- authentik
books:
entryPoints:
- web-secure
tls:
certResolver: default
service: books
rule: Host(`books.fails.me`) || Host(`books.3ddbrewery.com`)
middlewares:
- secure-headers
- authentik
# OPTIONS requests - no auth (high priority)
books-api-options:
entryPoints:
- web-secure
tls:
certResolver: default
service: books-api
rule: (Host(`api.books.fails.me`) || Host(`api.books.3ddbrewery.com`)) && Method(`OPTIONS`)
middlewares:
- books-api-cors
priority: 100
# All other requests - with auth
books-api:
entryPoints:
- web-secure
tls:
certResolver: default
service: books-api
rule: Host(`api.books.fails.me`) || Host(`api.books.3ddbrewery.com`)
middlewares:
- secure-headers
- books-api-cors
- authentik
stores:
entryPoints:
- web-secure
tls:
certResolver: default
service: stores
rule: Host(`stores.fails.me`) || Host(`stores.3ddbrewery.com`)
middlewares:
- secure-headers
- authentik
subgen:
entryPoints:
- web-secure
tls:
certResolver: default
service: subgen
rule: Host(`subgen.fails.me`) || Host(`subgen.3ddbrewery.com`)
middlewares:
- secure-headers
- authentik
n8n:
entryPoints:
- web-secure
tls:
certResolver: default
service: n8n
rule: Host(`n8n.fails.me`) || Host(`n8n.3ddbrewery.com`)
middlewares:
- secure-headers
- authentik
nerco:
entryPoints:
- web-secure
tls:
certResolver: default
service: nerco
rule: Host(`nerco.fails.me`) || Host(`nerco.3ddbrewery.com`)
middlewares:
- secure-headers
- authentik
homepage:
entryPoints:
- web-secure
tls:
certResolver: default
service: homepage
rule: Host(`h.fails.me`) || Host(`h.3ddbrewery.com`)
middlewares:
- secure-headers
- authentik
phppgadmin:
entryPoints:
- web-secure
tls:
certResolver: default
service: phppgadmin
rule: Host(`phppgadmin.fails.me`) || Host(`phppgadmin.3ddbrewery.com`)
middlewares:
- secure-headers
- authentik
archiveforge:
entryPoints:
- web-secure
tls:
certResolver: default
service: archiveforge
rule: Host(`archiveforge.3ddbrewery.com`)
middlewares:
- secure-headers
- authentik
silverbullet:
entryPoints:
- web-secure
tls:
certResolver: default
service: silverbullet
rule: Host(`sb.fails.me`) || Host(`sb.3ddbrewery.com`)
middlewares:
- silverbullet-headers
- authentik
###################
# AUTH SERVICES (with API split - no auth on /api)
###################
sonarr-web:
entryPoints:
- web-secure
tls:
certResolver: default
service: sonarr
rule: (Host(`sonarr.fails.me`) || Host(`sonarr.3ddbrewery.com`)) && !PathPrefix(`/api`)
middlewares:
- secure-headers
- authentik
sonarr-api:
entryPoints:
- web-secure
tls:
certResolver: default
service: sonarr
rule: (Host(`sonarr.fails.me`) || Host(`sonarr.3ddbrewery.com`)) && PathPrefix(`/api`)
middlewares:
- secure-headers
radarr-web:
entryPoints:
- web-secure
tls:
certResolver: default
service: radarr
rule: (Host(`radarr.fails.me`) || Host(`movies.fails.me`) || Host(`radarr.3ddbrewery.com`)
|| Host(`movies.3ddbrewery.com`)) && !PathPrefix(`/api`)
middlewares:
- secure-headers
- authentik
radarr-api:
entryPoints:
- web-secure
tls:
certResolver: default
service: radarr
rule: (Host(`radarr.fails.me`) || Host(`movies.fails.me`) || Host(`radarr.3ddbrewery.com`)
|| Host(`movies.3ddbrewery.com`)) && PathPrefix(`/api`)
middlewares:
- secure-headers
hass-web:
entryPoints:
- web-secure
tls:
certResolver: default
service: hass
rule: (Host(`home.fails.me`) || Host(`home.3ddbrewery.com`)) && !PathPrefix(`/api`)
middlewares:
- secure-headers
- authentik
hass-api:
entryPoints:
- web-secure
tls:
certResolver: default
service: hass
rule: (Host(`home.fails.me`) || Host(`home.3ddbrewery.com`)) && PathPrefix(`/api`)
middlewares:
- secure-headers
audiobookshelf-web:
entryPoints:
- web-secure
tls:
certResolver: default
service: audiobookshelf
rule: (Host(`podcasts.fails.me`) || Host(`audiobookshelf.fails.me`) || Host(`podcasts.3ddbrewery.com`)
|| Host(`audiobookshelf.3ddbrewery.com`)) && !PathPrefix(`/audiobookshelf/feed`)
middlewares:
- secure-headers
- authentik
audiobookshelf-api:
entryPoints:
- web-secure
tls:
certResolver: default
service: audiobookshelf
rule: (Host(`podcasts.fails.me`) || Host(`audiobookshelf.fails.me`) || Host(`podcasts.3ddbrewery.com`)
|| Host(`audiobookshelf.3ddbrewery.com`)) && PathPrefix(`/audiobookshelf/feed`)
middlewares:
- secure-headers
bazarr-web:
entryPoints:
- web-secure
tls:
certResolver: default
service: bazarr
rule: (Host(`bazarr.fails.me`) || Host(`bazarr.3ddbrewery.com`)) && !PathPrefix(`/api`)
middlewares:
- secure-headers
- authentik
bazarr-api:
entryPoints:
- web-secure
tls:
certResolver: default
service: bazarr
rule: (Host(`bazarr.fails.me`) || Host(`bazarr.3ddbrewery.com`)) && PathPrefix(`/api`)
middlewares:
- secure-headers
channels-dvr-streaming:
entryPoints:
- web-secure
tls:
certResolver: default
service: channels-dvr
rule: (Host(`channels-dvr.fails.me`) || Host(`dvr.fails.me`) || Host(`channels-dvr.3ddbrewery.com`)
|| Host(`dvr.3ddbrewery.com`)) && (PathPrefix(`/devices`) || PathPrefix(`/dvr`) || PathPrefix(`/stream`) || PathPrefix(`/api`))
middlewares:
- dvr-headers
channels-dvr-web:
entryPoints:
- web-secure
tls:
certResolver: default
service: channels-dvr
rule: Host(`channels-dvr.fails.me`) || Host(`dvr.fails.me`) || Host(`channels-dvr.3ddbrewery.com`)
|| Host(`dvr.3ddbrewery.com`)
middlewares:
- dvr-headers
- authentik
priority: 1
channeltube-web:
entryPoints:
- web-secure
tls:
certResolver: default
service: channeltube
rule: (Host(`channeltube.fails.me`) || Host(`channeltube.3ddbrewery.com`)) &&
!PathPrefix(`/api`)
middlewares:
- secure-headers
- authentik
channeltube-api:
entryPoints:
- web-secure
tls:
certResolver: default
service: channeltube
rule: (Host(`channeltube.fails.me`) || Host(`channeltube.3ddbrewery.com`)) &&
PathPrefix(`/api`)
middlewares:
- secure-headers
cyberchef-web:
entryPoints:
- web-secure
tls:
certResolver: default
service: cyberchef
rule: (Host(`cyberchef.fails.me`) || Host(`cyberchef.3ddbrewery.com`)) && !PathPrefix(`/api`)
middlewares:
- secure-headers
- authentik
cyberchef-api:
entryPoints:
- web-secure
tls:
certResolver: default
service: cyberchef
rule: (Host(`cyberchef.fails.me`) || Host(`cyberchef.3ddbrewery.com`)) && PathPrefix(`/api`)
middlewares:
- secure-headers
emby-bypass:
entryPoints:
- web-secure
tls:
certResolver: default
service: emby
rule: (Host(`m.fails.me`) || Host(`tv.fails.me`) || Host(`m.3ddbrewery.com`)
|| Host(`tv.3ddbrewery.com`)) && (PathPrefix(`/emby`) || PathPrefix(`/videos`) || PathPrefix(`/socket`) || PathPrefix(`/api`) || PathPrefix(`/System`) || PathPrefix(`/Users`))
middlewares:
- secure-headers
emby-web:
entryPoints:
- web-secure
tls:
certResolver: default
service: emby
rule: Host(`m.fails.me`) || Host(`tv.fails.me`) || Host(`m.3ddbrewery.com`)
|| Host(`tv.3ddbrewery.com`)
middlewares:
- secure-headers
- authentik
priority: 1
requests-web:
entryPoints:
- web-secure
tls:
certResolver: default
service: requests
rule: (Host(`requests.fails.me`) || Host(`requests.3ddbrewery.com`)) && !PathPrefix(`/api`)
middlewares:
- secure-headers
- authentik
requests-api:
entryPoints:
- web-secure
tls:
certResolver: default
service: requests
rule: (Host(`requests.fails.me`) || Host(`requests.3ddbrewery.com`)) && PathPrefix(`/api`)
middlewares:
- secure-headers
lidarr-web:
entryPoints:
- web-secure
tls:
certResolver: default
service: lidarr
rule: (Host(`lidarr.fails.me`) || Host(`lidarr.3ddbrewery.com`)) && !PathPrefix(`/api`)
middlewares:
- secure-headers
- authentik
lidarr-api:
entryPoints:
- web-secure
tls:
certResolver: default
service: lidarr
rule: (Host(`lidarr.fails.me`) || Host(`lidarr.3ddbrewery.com`)) && PathPrefix(`/api`)
middlewares:
- secure-headers
node-red-web:
entryPoints:
- web-secure
tls:
certResolver: default
service: node-red
rule: (Host(`node-red.fails.me`) || Host(`node-red.3ddbrewery.com`)) && !PathPrefix(`/api`)
middlewares:
- secure-headers
- authentik
node-red-api:
entryPoints:
- web-secure
tls:
certResolver: default
service: node-red
rule: (Host(`node-red.fails.me`) || Host(`node-red.3ddbrewery.com`)) && PathPrefix(`/api`)
middlewares:
- secure-headers
node-red-hass-web:
entryPoints:
- web-secure
tls:
certResolver: default
service: node-red-hass
rule: (Host(`nr.fails.me`) || Host(`nr.3ddbrewery.com`)) && !PathPrefix(`/endpoint`)
middlewares:
- secure-headers
- authentik
node-red-hass-api:
entryPoints:
- web-secure
tls:
certResolver: default
service: node-red-hass
rule: (Host(`nr.fails.me`) || Host(`nr.3ddbrewery.com`)) && PathPrefix(`/endpoint`)
middlewares:
- secure-headers
nzb-web:
entryPoints:
- web-secure
tls:
certResolver: default
service: nzb
rule: (Host(`nzb.fails.me`) || Host(`dl.fails.me`) || Host(`nzb.3ddbrewery.com`)
|| Host(`dl.3ddbrewery.com`)) && !PathPrefix(`/xmlrpc`)
middlewares:
- secure-headers
- authentik
nzb-api:
entryPoints:
- web-secure
tls:
certResolver: default
service: nzb
rule: (Host(`nzb.fails.me`) || Host(`dl.fails.me`) || Host(`nzb.3ddbrewery.com`)
|| Host(`dl.3ddbrewery.com`)) && PathPrefix(`/xmlrpc`)
middlewares:
- secure-headers
prowlarr-web:
entryPoints:
- web-secure
tls:
certResolver: default
service: prowlarr
rule: (Host(`prowlarr.fails.me`) || Host(`prowlarr.3ddbrewery.com`)) && !PathPrefix(`/api`)
middlewares:
- secure-headers
- authentik
prowlarr-api:
entryPoints:
- web-secure
tls:
certResolver: default
service: prowlarr
rule: (Host(`prowlarr.fails.me`) || Host(`prowlarr.3ddbrewery.com`)) && PathPrefix(`/api`)
middlewares:
- secure-headers
readarr-web:
entryPoints:
- web-secure
tls:
certResolver: default
service: readarr
rule: (Host(`readarr.fails.me`) || Host(`readarr.3ddbrewery.com`)) && !PathPrefix(`/api`)
middlewares:
- secure-headers
- authentik
readarr-api:
entryPoints:
- web-secure
tls:
certResolver: default
service: readarr
rule: (Host(`readarr.fails.me`) || Host(`readarr.3ddbrewery.com`)) && PathPrefix(`/api`)
middlewares:
- secure-headers
rutorrent-web:
entryPoints:
- web-secure
tls:
certResolver: default
service: rutorrent
rule: (Host(`tor.fails.me`) || Host(`tor.3ddbrewery.com`)) && !PathPrefix(`/RPC2`)
middlewares:
- secure-headers
- authentik
rutorrent-api:
entryPoints:
- web-secure
tls:
certResolver: default
service: rutorrent
rule: (Host(`tor.fails.me`) || Host(`tor.3ddbrewery.com`)) && PathPrefix(`/RPC2`)
middlewares:
- secure-headers
run-web:
entryPoints:
- web-secure
tls:
certResolver: default
service: run
rule: (Host(`running.fails.me`) || Host(`run.fails.me`) || Host(`running.3ddbrewery.com`)
|| Host(`run.3ddbrewery.com`)) && !PathPrefix(`/api`)
middlewares:
- secure-headers
- authentik
run-api:
entryPoints:
- web-secure
tls:
certResolver: default
service: run-api
rule: (Host(`running.fails.me`) || Host(`run.fails.me`) || Host(`running.3ddbrewery.com`)
|| Host(`run.3ddbrewery.com`)) && PathPrefix(`/api`)
middlewares:
- secure-headers
- run-api-strip
unifi-web:
entryPoints:
- web-secure
tls:
certResolver: default
service: unifi
rule: (Host(`unifi.fails.me`) || Host(`unifi.3ddbrewery.com`)) && !PathPrefix(`/api`)
middlewares:
- secure-headers
- authentik
unifi-api:
entryPoints:
- web-secure
tls:
certResolver: default
service: unifi
rule: (Host(`unifi.fails.me`) || Host(`unifi.3ddbrewery.com`)) && PathPrefix(`/api`)
middlewares:
- secure-headers
webcheck-web:
entryPoints:
- web-secure
tls:
certResolver: default
service: webcheck
rule: (Host(`webcheck.fails.me`) || Host(`webcheck.3ddbrewery.com`)) && !PathPrefix(`/api`)
middlewares:
- secure-headers
- authentik
webcheck-api:
entryPoints:
- web-secure
tls:
certResolver: default
service: webcheck
rule: (Host(`webcheck.fails.me`) || Host(`webcheck.3ddbrewery.com`)) && PathPrefix(`/api`)
middlewares:
- secure-headers
dsm-web:
entryPoints:
- web-secure
tls:
certResolver: default
service: dsm
rule: (Host(`dsm.fails.me`) || Host(`dsm.3ddbrewery.com`)) && !PathPrefix(`/api`)
middlewares:
- secure-headers
- authentik
dsm-api:
entryPoints:
- web-secure
tls:
certResolver: default
service: dsm
rule: (Host(`dsm.fails.me`) || Host(`dsm.3ddbrewery.com`)) && PathPrefix(`/api`)
middlewares:
- secure-headers
autoscan-web:
entryPoints:
- web-secure
tls:
certResolver: default
service: autoscan
rule: (Host(`autoscan.fails.me`) || Host(`autoscan.3ddbrewery.com`)) && !PathPrefix(`/api`)
middlewares:
- secure-headers
- authentik
autoscan-api:
entryPoints:
- web-secure
tls:
certResolver: default
service: autoscan
rule: (Host(`autoscan.fails.me`) || Host(`autoscan.3ddbrewery.com`)) && PathPrefix(`/api`)
middlewares:
- secure-headers
watchstate-web:
entryPoints:
- web-secure
tls:
certResolver: default
service: watchstate
rule: (Host(`watchstate.fails.me`) || Host(`watchstate.3ddbrewery.com`)) &&
!PathPrefix(`/api`)
middlewares:
- secure-headers
- authentik
watchstate-api:
entryPoints:
- web-secure
tls:
certResolver: default
service: watchstate
rule: (Host(`watchstate.fails.me`) || Host(`watchstate.3ddbrewery.com`)) &&
PathPrefix(`/api`)
middlewares:
- secure-headers
node-red-het-web:
entryPoints:
- web-secure
tls:
certResolver: default
service: node-red-het
rule: (Host(`nr-het.fails.me`) || Host(`node-het.fails.me`) || Host(`nr-het.3ddbrewery.com`)
|| Host(`node-het.3ddbrewery.com`)) && !PathPrefix(`/api`)
middlewares:
- secure-headers
- authentik
node-red-het-api:
entryPoints:
- web-secure
tls:
certResolver: default
service: node-red-het
rule: (Host(`nr-het.fails.me`) || Host(`node-het.fails.me`) || Host(`nr-het.3ddbrewery.com`)
|| Host(`node-het.3ddbrewery.com`)) && PathPrefix(`/api`)
middlewares:
- secure-headers
profilarr-web:
entryPoints:
- web-secure
tls:
certResolver: default
service: profilarr
rule: (Host(`profilarr.fails.me`) || Host(`profilarr.3ddbrewery.com`)) && !PathPrefix(`/api`)
middlewares:
- secure-headers
- authentik
profilarr-api:
entryPoints:
- web-secure
tls:
certResolver: default
service: profilarr
rule: (Host(`profilarr.fails.me`) || Host(`profilarr.3ddbrewery.com`)) && PathPrefix(`/api`)
middlewares:
- secure-headers
food-web:
entryPoints:
- web-secure
tls:
certResolver: default
service: food
rule: (Host(`food.fails.me`) || Host(`food.3ddbrewery.com`)) && !PathPrefix(`/api`)
middlewares:
- secure-headers
food-api:
entryPoints:
- web-secure
tls:
certResolver: default
service: food
rule: (Host(`food.fails.me`) || Host(`food.3ddbrewery.com`)) && PathPrefix(`/api`)
middlewares:
- secure-headers
maps-web:
entryPoints:
- web-secure
tls:
certResolver: default
service: maps
rule: (Host(`maps.fails.me`) || Host(`maps.3ddbrewery.com`)) && !PathPrefix(`/api`)
middlewares:
- secure-headers
- authentik
maps-api:
entryPoints:
- web-secure
tls:
certResolver: default
service: maps
rule: (Host(`maps.fails.me`) || Host(`maps.3ddbrewery.com`)) && PathPrefix(`/api`)
middlewares:
- secure-headers
calibre-web:
entryPoints:
- web-secure
tls:
certResolver: default
service: calibre
rule: (Host(`library-vnc.fails.me`) || Host(`library-vnc.3ddbrewery.com`)) &&
!PathPrefix(`/api`)
middlewares:
- secure-headers
- authentik
calibre-api:
entryPoints:
- web-secure
tls:
certResolver: default
service: calibre
rule: (Host(`library-vnc.fails.me`) || Host(`library-vnc.3ddbrewery.com`)) &&
PathPrefix(`/api`)
middlewares:
- secure-headers
calibre-web-web:
entryPoints:
- web-secure
tls:
certResolver: default
service: calibre-web
rule: (Host(`library.fails.me`) || Host(`library.3ddbrewery.com`)) && !PathPrefix(`/api`)
middlewares:
- secure-headers
- authentik
calibre-web-api:
entryPoints:
- web-secure
tls:
certResolver: default
service: calibre-web
rule: (Host(`library.fails.me`) || Host(`library.3ddbrewery.com`)) && PathPrefix(`/api`)
middlewares:
- secure-headers
beszel-web:
entryPoints:
- web-secure
tls:
certResolver: default
service: beszel
rule: (Host(`mon.fails.me`) || Host(`mon.3ddbrewery.com`)) && !PathPrefix(`/api`)
middlewares:
- secure-headers
- authentik
beszel-api:
entryPoints:
- web-secure
tls:
certResolver: default
service: beszel
rule: (Host(`mon.fails.me`) || Host(`mon.3ddbrewery.com`)) && PathPrefix(`/api`)
middlewares:
- secure-headers
dispatcharr-web:
entryPoints:
- web-secure
tls:
certResolver: default
service: dispatcharr
rule: (Host(`tv-guide.fails.me`) || Host(`dispatcharr.fails.me`) || Host(`tv-guide.3ddbrewery.com`)
|| Host(`dispatacharr.3ddbrewery.com`)) && !PathPrefix(`/api`)
middlewares:
- secure-headers
- authentik
dispatcharr-api:
entryPoints:
- web-secure
tls:
certResolver: default
service: dispatcharr
rule: (Host(`tv-guide.fails.me`) || Host(`dispatacharr.fails.me`) || Host(`tv-guide.3ddbrewery.com`)
|| Host(`dispatacharr.3ddbrewery.com`)) && PathPrefix(`/api`)
middlewares:
- secure-headers
technitium-web:
entryPoints:
- web-secure
tls:
certResolver: default
service: technitium
rule: (Host(`d.fails.me`) || Host(`technitium.fails.me`) || Host(`d.3ddbrewery.com`)
|| Host(`technitium.3ddbrewery.com`)) && !PathPrefix(`/api`)
middlewares:
- secure-headers
- authentik
technitium-api:
entryPoints:
- web-secure
tls:
certResolver: default
service: technitium
rule: (Host(`d.fails.me`) || Host(`technitium.fails.me`) || Host(`d.3ddbrewery.com`)
|| Host(`technitium.3ddbrewery.com`)) && PathPrefix(`/api`)
middlewares:
- secure-headers
termix-web:
entryPoints:
- web-secure
tls:
certResolver: default
service: termix
rule: (Host(`term.fails.me`) || Host(`termix.fails.me`) || Host(`term.3ddbrewery.com`)
|| Host(`termix.3ddbrewery.com`)) && !PathPrefix(`/api`)
middlewares:
- secure-headers
- authentik
termix-api:
entryPoints:
- web-secure
tls:
certResolver: default
service: termix
rule: (Host(`term.fails.me`) || Host(`termix.fails.me`) || Host(`term.3ddbrewery.com`)
|| Host(`termix.3ddbrewery.com`)) && PathPrefix(`/api`)
middlewares:
- secure-headers
soulseek-web:
entryPoints:
- web-secure
tls:
certResolver: default
service: soulseek
rule: (Host(`slskd.fails.me`) || Host(`soul.fails.me`) || Host(`slskd.3ddbrewery.com`)
|| Host(`soul.3ddbrewery.com`)) && !PathPrefix(`/api`)
middlewares:
- secure-headers
- authentik
soulseek-api:
entryPoints:
- web-secure
tls:
certResolver: default
service: soulseek
rule: (Host(`slskd.fails.me`) || Host(`soul.fails.me`) || Host(`slskd.3ddbrewery.com`)
|| Host(`soul.3ddbrewery.com`)) && PathPrefix(`/api`)
middlewares:
- secure-headers
tunarr-web:
entryPoints:
- web-secure
tls:
certResolver: default
service: tunarr
rule: (Host(`tunarr.fails.me`) || Host(`tuner.fails.me`) || Host(`tunarr.3ddbrewery.com`)
|| Host(`tuner.3ddbrewery.com`)) && !PathPrefix(`/api`)
middlewares:
- secure-headers
- authentik
tunarr-api:
entryPoints:
- web-secure
tls:
certResolver: default
service: tunarr
rule: (Host(`tunarr.fails.me`) || Host(`tuner.fails.me`) || Host(`tunarr.3ddbrewery.com`)
|| Host(`tuner.3ddbrewery.com`)) && PathPrefix(`/api`)
middlewares:
- secure-headers
vert-web:
entryPoints:
- web-secure
tls:
certResolver: default
service: vert
rule: (Host(`vert.fails.me`) || Host(`convert.fails.me`) || Host(`vert.3ddbrewery.com`)
|| Host(`convert.3ddbrewery.com`)) && !PathPrefix(`/api`)
middlewares:
- secure-headers
- authentik
vert-api:
entryPoints:
- web-secure
tls:
certResolver: default
service: vert
rule: (Host(`vert.fails.me`) || Host(`convert.fails.me`) || Host(`vert.3ddbrewery.com`)
|| Host(`convert.3ddbrewery.com`)) && PathPrefix(`/api`)
middlewares:
- secure-headers
glowing-bear-web:
entryPoints:
- web-secure
tls:
certResolver: default
service: glowing-bear
rule: (Host(`glow.fails.me`) || Host(`chat.fails.me`) || Host(`glow.3ddbrewery.com`)
|| Host(`chat.3ddbrewery.com`)) && !PathPrefix(`/api`)
middlewares:
- authentik
glowing-bear-api:
entryPoints:
- web-secure
tls:
certResolver: default
service: glowing-bear
rule: (Host(`glow.fails.me`) || Host(`chat.fails.me`) || Host(`glow.3ddbrewery.com`)
|| Host(`chat.3ddbrewery.com`)) && PathPrefix(`/api`)
technitium2:
entryPoints:
- web-secure
service: technitium2
rule: Host(`d2.3ddbrewery.com`)
tls:
certResolver: default
services:
bookmarks:
loadBalancer:
servers:
- url: http://192.168.1.252:3054
passHostHeader: false
sonarr:
loadBalancer:
servers:
- url: http://192.168.1.80:8989
passHostHeader: false
finance:
loadBalancer:
servers:
- url: http://192.168.12.3:6182
passHostHeader: false
radarr:
loadBalancer:
servers:
- url: http://192.168.1.80:7878
passHostHeader: false
uptime:
loadBalancer:
servers:
- url: http://192.168.1.123:3444
passHostHeader: false
phpmyadmin:
loadBalancer:
servers:
- url: http://192.168.1.252:2500
passHostHeader: false
znc:
loadBalancer:
servers:
- url: https://192.168.1.251:6501
passHostHeader: true
serversTransport: mytransport
portainer:
loadBalancer:
servers:
- url: https://192.168.1.80:9443
passHostHeader: true
serversTransport: mytransport
hass:
loadBalancer:
servers:
- url: https://192.168.1.244:8123
passHostHeader: true
serversTransport: mytransport
nms:
loadBalancer:
servers:
- url: http://192.168.1.251:5080
passHostHeader: false
audiobookshelf:
loadBalancer:
servers:
- url: http://192.168.1.80:13378
passHostHeader: false
bazarr:
loadBalancer:
servers:
- url: http://192.168.1.80:6767
passHostHeader: false
books:
loadBalancer:
servers:
- url: http://192.168.1.252:3000
passHostHeader: false
books-api:
loadBalancer:
servers:
- url: http://192.168.1.252:48000
passHostHeader: false
channels-dvr:
loadBalancer:
servers:
- url: http://192.168.1.252:8089
passHostHeader: true
responseForwarding:
flushInterval: -1
channeltube:
loadBalancer:
servers:
- url: http://192.168.1.80:5444
passHostHeader: false
cyberchef:
loadBalancer:
servers:
- url: http://192.168.1.80:7318
passHostHeader: false
emby:
loadBalancer:
servers:
- url: http://192.168.1.80:8096
responseForwarding:
flushInterval: -1
requests:
loadBalancer:
servers:
- url: http://192.168.1.80:5055
passHostHeader: false
lidarr:
loadBalancer:
servers:
- url: http://192.168.1.80:8686
passHostHeader: false
node-red:
loadBalancer:
servers:
- url: http://192.168.1.252:1880
passHostHeader: false
node-red-hass:
loadBalancer:
servers:
- url: https://192.168.1.244:1880
passHostHeader: false
serversTransport: mytransport
NTFY:
loadBalancer:
servers:
- url: http://192.168.1.121:6741
passHostHeader: false
nzb:
loadBalancer:
servers:
- url: http://192.168.1.122:6789
passHostHeader: false
prowlarr:
loadBalancer:
servers:
- url: http://192.168.1.80:9696
passHostHeader: false
readarr:
loadBalancer:
servers:
- url: http://192.168.1.80:8787
passHostHeader: false
rutorrent:
loadBalancer:
servers:
- url: https://192.168.1.122:38443
passHostHeader: false
serversTransport: mytransport
run:
loadBalancer:
servers:
- url: http://192.168.1.252:5173
passHostHeader: false
run-api:
loadBalancer:
servers:
- url: http://192.168.1.252:6883
passHostHeader: false
stores:
loadBalancer:
servers:
- url: http://192.168.1.252:45580
passHostHeader: false
subgen:
loadBalancer:
servers:
- url: http://192.168.1.252:3900
passHostHeader: false
unifi:
loadBalancer:
servers:
- url: https://192.168.1.121:8443
passHostHeader: false
serversTransport: mytransport
webcheck:
loadBalancer:
servers:
- url: http://192.168.1.80:6160
passHostHeader: false
dsm:
loadBalancer:
servers:
- url: https://192.168.1.251:5001
passHostHeader: false
serversTransport: mytransport
autoscan:
loadBalancer:
servers:
- url: http://192.168.1.80:3030
passHostHeader: false
watchstate:
loadBalancer:
servers:
- url: http://192.168.1.80:8585
passHostHeader: false
node-red-het:
loadBalancer:
servers:
- url: http://192.168.12.3:1880
passHostHeader: false
finance-dev:
loadBalancer:
servers:
- url: http://192.168.1.251:6182
passHostHeader: false
n8n:
loadBalancer:
servers:
- url: http://192.168.1.252:5678
passHostHeader: false
nerco:
loadBalancer:
servers:
- url: http://192.168.1.252:3333
passHostHeader: false
homepage:
loadBalancer:
servers:
- url: http://192.168.1.80:3305
passHostHeader: false
phppgadmin:
loadBalancer:
servers:
- url: http://192.168.1.252:5183
passHostHeader: false
profilarr:
loadBalancer:
servers:
- url: http://192.168.1.80:6868
passHostHeader: false
food:
loadBalancer:
servers:
- url: http://192.168.1.81:9925
passHostHeader: true
maps:
loadBalancer:
servers:
- url: http://192.168.1.252:3666
passHostHeader: false
calibre:
loadBalancer:
servers:
- url: http://192.168.1.80:28080
passHostHeader: false
calibre-web:
loadBalancer:
servers:
- url: http://192.168.1.80:28083
passHostHeader: false
immich:
loadBalancer:
servers:
- url: http://192.168.1.82:2283
passHostHeader: false
navidrome:
loadBalancer:
servers:
- url: http://192.168.1.80:4533
passHostHeader: false
beszel:
loadBalancer:
servers:
- url: http://192.168.1.252:31090
passHostHeader: false
dispatcharr:
loadBalancer:
servers:
- url: http://192.168.1.80:9191
technitium:
loadBalancer:
servers:
- url: http://192.168.1.251:5380
passHostHeader: false
termix:
loadBalancer:
servers:
- url: http://192.168.1.252:5674
soulseek:
loadBalancer:
servers:
- url: http://192.168.1.80:5030
tunarr:
loadBalancer:
servers:
- url: http://192.168.1.252:48323
vert:
loadBalancer:
servers:
- url: http://192.168.1.252:3884
glowing-bear:
loadBalancer:
servers:
- url: http://192.168.1.252:28280
passHostHeader: true
weechat-relay:
loadBalancer:
servers:
- url: http://192.168.1.252:29001
passHostHeader: false
archiveforge:
loadBalancer:
servers:
- url: http://192.168.1.252:8766
passHostHeader: false
silverbullet:
loadBalancer:
servers:
- url: http://192.168.1.81:53510
passHostHeader: true
stores-api:
loadBalancer:
servers:
- url: http://192.168.1.252:45581
passHostHeader: false
pve:
loadBalancer:
servers:
- url: https://192.168.1.5:8006
passHostHeader: true
serversTransport: mytransport
technitium2:
loadBalancer:
servers:
- url: http://192.168.1.125:5380/
passHostHeader: false
pve2:
loadBalancer:
servers:
- url: https://192.168.1.3:8006
passHostHeader: true
serversTransport: mytransport
forgejo:
loadBalancer:
servers:
- url: http://192.168.1.81:3000
passHostHeader: false
Reference in a new issue View git blame Copy permalink