init

4 files changed, 104 insertions, 0 deletions

diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..7a9d8d0
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,3 @@
+*.log
+acme.json
+acmedns.json
diff --git a/dynamic.yml b/dynamic.yml
new file mode 100644
index 0000000..27aeec3
--- /dev/null
+++ b/dynamic.yml
@@ -0,0 +1,61 @@
+http:
+  routers:
+    dashboard:
+      rule: "Host(`traefik.armin.internal.simponic.xyz`)"
+      service: "noop@internal"
+      entryPoints:
+        - "http"
+      middlewares:
+        - "secured-redirect"
+    dashboard-secured:
+      entryPoints:
+        - "https"
+      rule: "Host(`traefik.armin.internal.simponic.xyz`)"
+      service: "api@internal"
+      tls:
+        certResolver: "local"
+        domains:
+          - main: "traefik.armin.internal.simponic.xyz"
+
+    karan:
+      rule: "Host(`dev.armin.internal.simponic.xyz`)"
+      service: "noop@internal"
+      entryPoints:
+        - "http"
+      middlewares:
+        - "secured-redirect"
+    karan-secured:
+      entryPoints:
+        - "https"
+      rule: "Host(`dev.armin.internal.simponic.xyz`)"
+      service: "example-service"
+      tls:
+        certResolver: "local"
+        options: acmeClient
+        domains:
+          - main: "dev.armin.internal.simponic.xyz"
+
+  middlewares:
+    secured-redirect:
+      redirectscheme:
+        scheme: https
+        permanent: true
+
+  services:
+    example-service:
+      loadBalancer:
+        passHostHeader: true
+        servers:
+          - url: "http://localhost:8080/"
+
+tls:
+  options:
+    acmeClient:
+      clientAuth:
+        caFiles:
+          - /Users/lizzy/armin/roots.pem
+        clientAuthType: RequireAndVerifyClientCert
+
+log:
+  filePath: log-file.log # relative to current location, will be created
+  level: DEBUG
diff --git a/roots.pem b/roots.pem
new file mode 100644
index 0000000..66cea19
--- /dev/null
+++ b/roots.pem
@@ -0,0 +1,12 @@
+-----BEGIN CERTIFICATE-----
+MIIB0DCCAXagAwIBAgIRAJILGnfk9SxqwU6whcoOw2kwCgYIKoZIzj0EAwIwRjEd
+MBsGA1UEChMUU2ltcG9uaWMgSW50ZXJuYWwgQ0ExJTAjBgNVBAMTHFNpbXBvbmlj
+IEludGVybmFsIENBIFJvb3QgQ0EwHhcNMjQwMTA1MTkyMzMwWhcNMzQwMTAyMTky
+MzMwWjBGMR0wGwYDVQQKExRTaW1wb25pYyBJbnRlcm5hbCBDQTElMCMGA1UEAxMc
+U2ltcG9uaWMgSW50ZXJuYWwgQ0EgUm9vdCBDQTBZMBMGByqGSM49AgEGCCqGSM49
+AwEHA0IABIwzVefhKFFat/YxfXyl7aAFN5Cf/4YFmwXRcLk2z1Dkg7NGy+a99whk
+cU1rXO77ur5v5ZxO9/SZuXCg4RHAqkmjRTBDMA4GA1UdDwEB/wQEAwIBBjASBgNV
+HRMBAf8ECDAGAQH/AgEBMB0GA1UdDgQWBBQgyFJ0jQPXUD/TfsoJMosGwhTZbzAK
+BggqhkjOPQQDAgNIADBFAiAdzKgxH4rvhaBeZXRfUCKf9hA9j0aVvs97QjpfOaL7
+7gIhAOIncypopVzTEko8f6lSrrwJgGd1EW1oCVAMGw9hje3f
+-----END CERTIFICATE-----
diff --git a/traefik.yml b/traefik.yml
new file mode 100644
index 0000000..2ee3550
--- /dev/null
+++ b/traefik.yml
@@ -0,0 +1,28 @@
+accessLog:
+  bufferingSize: 100
+  filePath: log-access.log
+api:
+  dashboard: true
+  debug: true
+entryPoints:
+  http:
+    address: ":80"
+    forwardedHeaders:
+      insecure: true
+  https:
+    address: ":443"
+log:
+  filePath: log-file.log
+  level: DEBUG
+providers:
+  file:
+    filename: /Users/lizzy/armin/dynamic.yml 
+serversTransport:
+  insecureSkipVerify: true
+certificatesResolvers:
+  local:
+    acme:
+      caserver: https://ca.internal.simponic.xyz/acme/ACME/directory
+      storage: /Users/lizzy/armin/acme.json
+      httpChallenge:
+        entryPoint: http