91 lines
1.9 KiB
YAML
91 lines
1.9 KiB
YAML
apiVersion: traefik.io/v1alpha1
|
|
kind: IngressRoute
|
|
metadata:
|
|
name: nextcloud-http
|
|
namespace: nextcloud
|
|
spec:
|
|
entryPoints:
|
|
- web
|
|
routes:
|
|
- match: Host(`nextcloud-riscv.allarddcs.nl`)
|
|
kind: Rule
|
|
services:
|
|
- name: nginx
|
|
port: 80
|
|
middlewares:
|
|
- name: redirect-to-https
|
|
namespace: nextcloud
|
|
---
|
|
apiVersion: traefik.io/v1alpha1
|
|
kind: IngressRoute
|
|
metadata:
|
|
name: nextcloud-tls
|
|
namespace: nextcloud
|
|
spec:
|
|
entryPoints:
|
|
- websecure
|
|
routes:
|
|
- match: Host(`nextcloud-riscv.allarddcs.nl`)
|
|
kind: Rule
|
|
middlewares:
|
|
- name: nextcloud-well-known
|
|
- name: nextcloud-headers
|
|
services:
|
|
- name: nginx
|
|
port: 80
|
|
- match: Host(`nextcloud-riscv.allarddcs.nl`) && PathPrefix(`/ocs/`)
|
|
kind: Rule
|
|
middlewares:
|
|
- name: nextcloud-well-known
|
|
- name: nextcloud-headers
|
|
services:
|
|
- name: nginx
|
|
port: 80
|
|
- match: Host(`nextcloud-riscv.allarddcs.nl`) && PathPrefix(`/ocs-provider/`)
|
|
kind: Rule
|
|
middlewares:
|
|
- name: nextcloud-headers
|
|
services:
|
|
- name: nginx
|
|
port: 80
|
|
tls:
|
|
certResolver: letsencrypt
|
|
---
|
|
apiVersion: traefik.io/v1alpha1
|
|
kind: Middleware
|
|
metadata:
|
|
name: redirect-to-https
|
|
namespace: nextcloud
|
|
spec:
|
|
redirectScheme:
|
|
scheme: https
|
|
permanent: true
|
|
---
|
|
apiVersion: traefik.io/v1alpha1
|
|
kind: Middleware
|
|
metadata:
|
|
name: nextcloud-headers
|
|
namespace: nextcloud
|
|
spec:
|
|
headers:
|
|
stsSeconds: 15552000
|
|
browserXssFilter: true
|
|
contentTypeNosniff: true
|
|
forceSTSHeader: true
|
|
frameDeny: true
|
|
sslRedirect: true
|
|
stsIncludeSubdomains: true
|
|
stsPreload: true
|
|
---
|
|
apiVersion: traefik.io/v1alpha1
|
|
kind: Middleware
|
|
metadata:
|
|
name: nextcloud-well-known
|
|
namespace: nextcloud
|
|
spec:
|
|
redirectRegex:
|
|
regex: "^/.well-known/(carddav|caldav|webdav)"
|
|
replacement: "/remote.php/dav"
|
|
permanent: true
|
|
|