LBP
/
ChristianLempa_Boilerplates
зеркало из https://github.com/ChristianLempa/boilerplates.git


			
				
					
						
						
							12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879808182838485
							
---
kind: "compose"
metadata:
  name: "Traefik"
  description: "Modern reverse proxy and load balancer for microservices"
  version: "0.2.0"
  author: "Christian Lempa"
  date: "2025-10-02"
  tags:
    - traefik
    - reverse-proxy
    - load-balancer
    - edge-router
spec:
  general:
    name: "General"
    required: true
    vars:
      accesslog_enabled:
        type: "bool"
        description: "Enable Traefik access log"
        default: false
  traefik:
    title: "Traefik Settings"
    description: "Configure Traefik as a reverse proxy with TLS/ACME support"
    vars:
      traefik_tls_acme_email:
        type: "str"
        description: "Email address for ACME (Let's Encrypt) registration"
        default: "admin@example.com"
        extra: "Required when traefik_tls_enabled is true"
      traefik_tls_redirect:
        type: "bool"
        description: "Redirect all HTTP traffic to HTTPS"
        default: true
      traefik_tls_acme_provider:
        type: "enum"
        description: "ACME DNS challenge provider"
        default: "cloudflare"
        options:
          - "cloudflare"
        extra: "DNS provider for domain validation"
      traefik_tls_acme_token:
        type: "str"
        description: "DNS provider API token"
        default: "your-api-token-here"
        sensitive: true
        extra: "For Cloudflare, create an API token with Zone:DNS:Edit permissions"
  ports:
    name: "Ports"
    prompt: "Expose ports via 'ports' mapping?"
    toggle: "ports_enabled"
    vars:
      ports_enabled:
        type: "bool"
        description: "Expose ports via 'ports' mapping"
        default: true
      traefik_dashboard_enabled:
        type: "bool"
        description: "Enable Traefik dashboard (don't use in production)"
        default: false
        extra: "Exposes dashboard on port 8080 in insecure mode"
  network:
    vars:
      network_enabled:
        default: true
      network_name:
        default: "proxy"
  authentik:
    title: "Authentik Middleware"
    description: >
      Configure Authentik forward auth middleware for Traefik.
      This creates a middleware that can be referenced in your service labels
      as 'authentik@file' (or with your custom middleware name).
    vars:
      authentik_outpost_url:
        type: "url"
        description: "Authentik outpost URL (e.g., http://authentik-outpost:9000)"
        default: "http://authentik-outpost:9000"
      traefik_authentik_middleware_name:
        type: "str"
        description: "Name of the Authentik middleware"
        default: "authentik"
        extra: "Reference this in router labels as '{name}@file'"