Add upstream proxy_protocol
instructions to traefik (#3150)
* Add upstream `proxy_protocol` instructions to traefik * Fix YAML indentation to use spaces --------- Co-authored-by: Slavi Pantaleev <slavi@devture.com>
This commit is contained in:
parent
0d92e40a7b
commit
6e2bcc7932
@ -137,3 +137,25 @@ Changing the `url` to one with an `http://` prefix would allow to connect to the
|
||||
With these changes, all TCP traffic will be reverse-proxied to the target system.
|
||||
|
||||
**WARNING**: This configuration might lead to problems or need additional steps when a [certbot](https://certbot.eff.org/) behind Traefik also tries to manage [Let's Encrypt](https://letsencrypt.org/) certificates, as Traefik captures all traffic to ```PathPrefix(`/.well-known/acme-challenge/`)```.
|
||||
|
||||
|
||||
## Traefik behind a `proxy_protocol` reverse-proxy
|
||||
|
||||
If you run a reverse-proxy which speaks `proxy_protocol`, add the following to your configuration file:
|
||||
|
||||
```yaml
|
||||
devture_traefik_configuration_extension_yaml: |
|
||||
entryPoints:
|
||||
web-secure:
|
||||
proxyProtocol:
|
||||
trustedIPs:
|
||||
- "127.0.0.1/32"
|
||||
- "<proxy internal IPv4>/32"
|
||||
- "<proxy IPv6>/128"
|
||||
matrix-federation:
|
||||
proxyProtocol:
|
||||
trustedIPs:
|
||||
- "127.0.0.1/32"
|
||||
- "<proxy internal IPv4>/32"
|
||||
- "<proxy IPv6>/128"
|
||||
```
|
||||
|
Loading…
Reference in New Issue
Block a user