From cf224afe1e21820d6f8b914a5726717bd5a5436b Mon Sep 17 00:00:00 2001
From: Marko Korhonen <marko@korhonen.cc>
Date: Sat, 15 Jan 2022 12:31:34 +0200
Subject: [PATCH] Traefik: move to toml configuration and common middlewares

Also fixed nextcloud DAV resolution
---
 docker/authentik/docker-compose.yaml         | 3 +--
 docker/freshrss/docker-compose.yaml          | 6 ++----
 docker/gitea/docker-compose.yaml             | 3 +--
 docker/homeautomation/docker-compose.yaml    | 9 +++------
 docker/index.korhonen.cc/docker-compose.yaml | 3 +--
 docker/jellyfin/docker-compose.yaml          | 3 +--
 docker/nextcloud/docker-compose.yaml         | 6 +++---
 docker/pihole/docker-compose.yaml            | 3 +--
 docker/remotely/docker-compose.yaml          | 3 +--
 docker/traefik/docker-compose.yaml           | 7 ++++---
 docker/tvheadend/docker-compose.yaml         | 3 +--
 dotdrop                                      | 2 +-
 12 files changed, 20 insertions(+), 31 deletions(-)

diff --git a/docker/authentik/docker-compose.yaml b/docker/authentik/docker-compose.yaml
index a5ee58d..ec2161c 100644
--- a/docker/authentik/docker-compose.yaml
+++ b/docker/authentik/docker-compose.yaml
@@ -29,8 +29,7 @@ services:
 
       - "traefik.http.routers.authentik-redirect.entrypoints=http"
       - "traefik.http.routers.authentik-redirect.rule=Host(`sso.korhonen.cc`)"
-      - "traefik.http.middlewares.http2https.redirectscheme.scheme=https"
-      - "traefik.http.routers.authentik-redirect.middlewares=http2https"
+      - "traefik.http.routers.authentik-redirect.middlewares=http2https@file"
 
       - "traefik.http.routers.authentik.entrypoints=https"
       - "traefik.http.routers.authentik.rule=Host(`sso.korhonen.cc`)"
diff --git a/docker/freshrss/docker-compose.yaml b/docker/freshrss/docker-compose.yaml
index d04da17..b1bb806 100644
--- a/docker/freshrss/docker-compose.yaml
+++ b/docker/freshrss/docker-compose.yaml
@@ -21,8 +21,7 @@ services:
 
       - "traefik.http.routers.freshrss-redirect.entrypoints=http"
       - "traefik.http.routers.freshrss-redirect.rule=Host(`rss.korhonen.cc`)"
-      - "traefik.http.middlewares.http2https.redirectscheme.scheme=https"
-      - "traefik.http.routers.freshrss-redirect.middlewares=http2https"
+      - "traefik.http.routers.freshrss-redirect.middlewares=http2https@file"
 
       - "traefik.http.routers.freshrss.entrypoints=https"
       - "traefik.http.routers.freshrss.rule=Host(`rss.korhonen.cc`)"
@@ -45,8 +44,7 @@ services:
 
       - "traefik.http.routers.bibliogram-redirect.entrypoints=http"
       - "traefik.http.routers.bibliogram-redirect.rule=Host(`bibliogram.korhonen.cc`)"
-      - "traefik.http.middlewares.http2https.redirectscheme.scheme=https"
-      - "traefik.http.routers.bibliogram-redirect.middlewares=http2https"
+      - "traefik.http.routers.bibliogram-redirect.middlewares=http2https@file"
 
       - "traefik.http.routers.bibliogram.entrypoints=https"
       - "traefik.http.routers.bibliogram.rule=Host(`bibliogram.korhonen.cc`)"
diff --git a/docker/gitea/docker-compose.yaml b/docker/gitea/docker-compose.yaml
index 0a3a3b5..1f1318a 100644
--- a/docker/gitea/docker-compose.yaml
+++ b/docker/gitea/docker-compose.yaml
@@ -21,8 +21,7 @@ services:
 
       - "traefik.http.routers.gitea-redirect.entrypoints=http"
       - "traefik.http.routers.gitea-redirect.rule=Host(`git.korhonen.cc`)"
-      - "traefik.http.middlewares.http2https.redirectscheme.scheme=https"
-      - "traefik.http.routers.gitea-redirect.middlewares=http2https"
+      - "traefik.http.routers.gitea-redirect.middlewares=http2https@file"
 
       - "traefik.http.routers.gitea.entrypoints=https"
       - "traefik.http.routers.gitea.rule=Host(`git.korhonen.cc`)"
diff --git a/docker/homeautomation/docker-compose.yaml b/docker/homeautomation/docker-compose.yaml
index 937924d..82b2ac8 100644
--- a/docker/homeautomation/docker-compose.yaml
+++ b/docker/homeautomation/docker-compose.yaml
@@ -24,8 +24,7 @@ services:
 
       - "traefik.http.routers.home-assistant-redirect.entrypoints=http"
       - "traefik.http.routers.home-assistant-redirect.rule=Host(`home.korhonen.cc`)"
-      - "traefik.http.middlewares.http2https.redirectscheme.scheme=https"
-      - "traefik.http.routers.home-assistant-redirect.middlewares=http2https"
+      - "traefik.http.routers.home-assistant-redirect.middlewares=http2https@file"
 
       - "traefik.http.routers.home-assistant.entrypoints=https"
       - "traefik.http.routers.home-assistant.rule=Host(`home.korhonen.cc`)"
@@ -87,8 +86,7 @@ services:
 
       - "traefik.http.routers.node-red-redirect.entrypoints=http"
       - "traefik.http.routers.node-red-redirect.rule=Host(`node.korhonen.cc`)"
-      - "traefik.http.middlewares.http2https.redirectscheme.scheme=https"
-      - "traefik.http.routers.node-red-redirect.middlewares=http2https"
+      - "traefik.http.routers.node-red-redirect.middlewares=http2https@file"
 
       - "traefik.http.routers.node-red.entrypoints=https"
       - "traefik.http.routers.node-red.rule=Host(`node.korhonen.cc`)"
@@ -113,8 +111,7 @@ services:
 
       - "traefik.http.routers.gotify-redirect.entrypoints=http"
       - "traefik.http.routers.gotify-redirect.rule=Host(`gotify.korhonen.cc`)"
-      - "traefik.http.middlewares.http2https.redirectscheme.scheme=https"
-      - "traefik.http.routers.gotify-redirect.middlewares=http2https"
+      - "traefik.http.routers.gotify-redirect.middlewares=http2https@file"
 
       - "traefik.http.routers.gotify.entrypoints=https"
       - "traefik.http.routers.gotify.rule=Host(`gotify.korhonen.cc`)"
diff --git a/docker/index.korhonen.cc/docker-compose.yaml b/docker/index.korhonen.cc/docker-compose.yaml
index 78fba3e..a14b852 100644
--- a/docker/index.korhonen.cc/docker-compose.yaml
+++ b/docker/index.korhonen.cc/docker-compose.yaml
@@ -15,8 +15,7 @@ services:
 
       - "traefik.http.routers.index-redirect.entrypoints=http"
       - "traefik.http.routers.index-redirect.rule=Host(`index.korhonen.cc`)"
-      - "traefik.http.middlewares.http2https.redirectscheme.scheme=https"
-      - "traefik.http.routers.index-redirect.middlewares=http2https"
+      - "traefik.http.routers.index-redirect.middlewares=http2https@file"
 
       - "traefik.http.routers.index.entrypoints=https"
       - "traefik.http.routers.index.rule=Host(`index.korhonen.cc`)"
diff --git a/docker/jellyfin/docker-compose.yaml b/docker/jellyfin/docker-compose.yaml
index a4eb3ee..497c7ab 100644
--- a/docker/jellyfin/docker-compose.yaml
+++ b/docker/jellyfin/docker-compose.yaml
@@ -22,8 +22,7 @@ services:
 
       - "traefik.http.routers.jellyfin-redirect.entrypoints=http"
       - "traefik.http.routers.jellyfin-redirect.rule=Host(`jellyfin.korhonen.cc`)"
-      - "traefik.http.middlewares.http2https.redirectscheme.scheme=https"
-      - "traefik.http.routers.jellyfin-redirect.middlewares=http2https"
+      - "traefik.http.routers.jellyfin-redirect.middlewares=http2https@file"
 
       - "traefik.http.routers.jellyfin.entrypoints=https"
       - "traefik.http.routers.jellyfin.rule=Host(`jellyfin.korhonen.cc`)"
diff --git a/docker/nextcloud/docker-compose.yaml b/docker/nextcloud/docker-compose.yaml
index ef28ba6..94b3e7a 100644
--- a/docker/nextcloud/docker-compose.yaml
+++ b/docker/nextcloud/docker-compose.yaml
@@ -26,12 +26,12 @@ services:
 
       - "traefik.http.routers.nextcloud-redirect.entrypoints=http"
       - "traefik.http.routers.nextcloud-redirect.rule=Host(`cloud.korhonen.cc`)"
-      - "traefik.http.middlewares.http2https.redirectscheme.scheme=https"
-      - "traefik.http.routers.nextcloud-redirect.middlewares=http2https"
+      - "traefik.http.routers.nextcloud-redirect.middlewares=http2https@file"
 
       - "traefik.http.routers.nextcloud.entrypoints=https"
       - "traefik.http.routers.nextcloud.rule=Host(`cloud.korhonen.cc`)"
       - "traefik.http.routers.nextcloud.service=nextcloud"
+      - "traefik.http.routers.nextcloud.middlewares=secHeaders@file,nextcloud-dav@file"
       - "traefik.docker.network=proxy"
       - "traefik.http.services.nextcloud.loadbalancer.server.port=80"
 
@@ -45,7 +45,7 @@ services:
 
   cron:
     image: nextcloud:apache
-    container_name: cron
+    container_name: nextcloud-cron
     restart: always
     volumes:
       - /docker/nextcloud:/var/www/html
diff --git a/docker/pihole/docker-compose.yaml b/docker/pihole/docker-compose.yaml
index 489ee62..0a0f9c2 100644
--- a/docker/pihole/docker-compose.yaml
+++ b/docker/pihole/docker-compose.yaml
@@ -28,8 +28,7 @@ services:
 
       - "traefik.http.routers.pihole-redirect.entrypoints=http"
       - "traefik.http.routers.pihole-redirect.rule=Host(`pihole.korhonen.cc`)"
-      - "traefik.http.middlewares.http2https.redirectscheme.scheme=https"
-      - "traefik.http.routers.pihole-redirect.middlewares=http2https"
+      - "traefik.http.routers.pihole-redirect.middlewares=http2https@file"
 
       - "traefik.http.routers.pihole.entrypoints=https"
       - "traefik.http.routers.pihole.rule=Host(`pihole.korhonen.cc`)"
diff --git a/docker/remotely/docker-compose.yaml b/docker/remotely/docker-compose.yaml
index fc3127a..a7b4168 100644
--- a/docker/remotely/docker-compose.yaml
+++ b/docker/remotely/docker-compose.yaml
@@ -11,8 +11,7 @@ services:
 
       - "traefik.http.routers.remotely-redirect.entrypoints=http"
       - "traefik.http.routers.remotely-redirect.rule=Host(`remotely.korhonen.cc`)"
-      - "traefik.http.middlewares.http2https.redirectscheme.scheme=https"
-      - "traefik.http.routers.remotely-redirect.middlewares=http2https"
+      - "traefik.http.routers.remotely-redirect.middlewares=http2https@file"
 
       - "traefik.http.routers.remotely.entrypoints=https"
       - "traefik.http.routers.remotely.rule=Host(`remotely.korhonen.cc`)"
diff --git a/docker/traefik/docker-compose.yaml b/docker/traefik/docker-compose.yaml
index db64915..3eed22d 100644
--- a/docker/traefik/docker-compose.yaml
+++ b/docker/traefik/docker-compose.yaml
@@ -16,7 +16,8 @@ services:
     volumes:
       - /etc/localtime:/etc/localtime:ro
       - /var/run/docker.sock:/var/run/docker.sock:ro
-      - /docker/traefik/traefik/traefik.yml:/traefik.yml:ro
+      - /docker/traefik/traefik/traefik.toml:/traefik.toml:ro
+      - /docker/traefik/traefik/dynamic.toml:/dynamic.toml:ro
       - /docker/traefik/traefik/dashboard-users:/dashboard-users:ro
       - /docker/traefik/traefik/acme.json:/acme.json
       - /docker/traefik/traefik/log:/var/log
@@ -25,14 +26,14 @@ services:
       - 'traefik.enable=true'
       - 'traefik.http.routers.redirect.entrypoints=http'
       - 'traefik.http.routers.redirect.rule=Host(`traefik.korhonen.cc`)'
-      - 'traefik.http.middlewares.http2https.redirectscheme.scheme=https'
-      - 'traefik.http.routers.redirect.middlewares=http2https'
+      - 'traefik.http.routers.redirect.middlewares=http2https@file'
 
       - 'traefik.http.routers.dashboard.entrypoints=https'
       - 'traefik.http.routers.dashboard.rule=Host(`traefik.korhonen.cc`)'
       - 'traefik.http.middlewares.dashboard-auth.basicauth.usersfile=/dashboard-users'
       - 'traefik.http.routers.dashboard.middlewares=dashboard-auth'
       - 'traefik.http.routers.dashboard.service=api@internal'
+      - 'traefik.docker.network=proxy'
 
   fail2ban:
     image: crazymax/fail2ban:latest
diff --git a/docker/tvheadend/docker-compose.yaml b/docker/tvheadend/docker-compose.yaml
index 1e9a93d..6c6dabc 100644
--- a/docker/tvheadend/docker-compose.yaml
+++ b/docker/tvheadend/docker-compose.yaml
@@ -24,8 +24,7 @@ services:
 
       - "traefik.http.routers.tvheadend-redirect.entrypoints=http"
       - "traefik.http.routers.tvheadend-redirect.rule=Host(`tvheadend.korhonen.cc`)"
-      - "traefik.http.middlewares.http2https.redirectscheme.scheme=https"
-      - "traefik.http.routers.tvheadend-redirect.middlewares=http2https"
+      - "traefik.http.routers.tvheadend-redirect.middlewares=http2https@file"
 
       - "traefik.http.routers.tvheadend.entrypoints=https"
       - "traefik.http.routers.tvheadend.rule=Host(`tvheadend.korhonen.cc`)"
diff --git a/dotdrop b/dotdrop
index 296c179..8c97593 160000
--- a/dotdrop
+++ b/dotdrop
@@ -1 +1 @@
-Subproject commit 296c179f626397e6e53da9ae51d5108e0f11cf59
+Subproject commit 8c97593c45fc86ad7791707a3c8fab137180d4fa