http: middlewares: metrics-ipwhitelist: ipWhiteList: sourceRange: - "127.0.0.1/32" - "192.168.0.0/16" - "172.16.0.0/16" - "10.254.1.0/16" vpn-ipwhitelist: ipWhiteList: sourceRange: - "10.1.0.0/24" # vpn - "10.2.0.0/24" # vpn - "127.0.0.1/32" # or local nets used by deployments - "192.168.0.0/16" - "172.16.0.0/16" - "10.254.1.0/16" auth-headers: headers: sslRedirect: true stsSeconds: 315360000 browserXssFilter: true contentTypeNosniff: true forceSTSHeader: true sslHost: tobiasmanske.de stsIncludeSubdomains: true stsPreload: true frameDeny: true oauth-auth: forwardAuth: address: https://traefik-fa.tobiasmanske.de/oauth2/auth trustForwardHeader: true oauth-errors: errors: status: - "401-403" service: oauth@docker query: "/oauth2/sign_in" oauth: chain: middlewares: - oauth-errors - oauth-auth deny-metrics: replacePathRegex: regex: "^/metrics$" replacement: "/" hsts: headers: contentTypeNosniff: true browserXssFilter: true forceSTSHeader: true sslRedirect: true stsPreload: true stsSeconds: 315360000 stsIncludeSubdomains: true