Creation

traefik/traefik_dynamic.toml

@@ -0,0 +1,41 @@
+[tls]
+  [tls.options]
+    [tls.options.default]
+      minVersion = "VersionTLS12"
+      sniStrict = true
+      cipherSuites = [
+        "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256",
+        "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384",
+        "TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305",
+        "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256",
+        "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384",
+        "TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305",
+        "TLS_AES_128_GCM_SHA256",
+        "TLS_AES_256_GCM_SHA384",
+        "TLS_CHACHA20_POLY1305_SHA256"
+      ]
+      curvePreferences = ["CurveP521","CurveP384"]
+
+[http]
+  [http.middlewares.compression.compress]
+    excludedContentTypes = ["text/event-stream"]
+
+  [http.middlewares.https-redirect.redirectScheme]
+    scheme = "https"
+    permanent = true
+
+  [http.middlewares.security.headers]
+    accessControlAllowMethods = ["GET", "OPTIONS", "PUT"]
+    accessControlAllowOrigin = "origin-list-or-null"
+    accessControlMaxAge = 100
+    addVaryHeader = true
+    browserXssFilter = true
+    contentTypeNosniff = true
+    forceSTSHeader = true
+    frameDeny = true
+    stsIncludeSubdomains = true
+    stsPreload = true
+    customFrameOptionsValue = "SAMEORIGIN"
+    referrerPolicy = "same-origin"
+    featurePolicy = "vibrate 'self'"
+    stsSeconds = 315360000