Every backup-scope app now carries CFG_<APP>_BACKUP_STRATEGY=auto, so the Backup Strategy dropdown appears in each app's Advanced tab — not just the DB apps. To keep it honest, the 'live' option is hidden where it isn't safe: - apps.json generator emits backup_live_capable per app (from compose backup labels: a dumpable DB, or a live-safe marker). - apps-manager filters the live option out of the strategy select when the current app isn't live-capable, so apps like gitea/focalboard (a DB we don't yet dump) never offer it. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com> Signed-off-by: librelad <librelad@digitalangels.vip>
90 lines
4.6 KiB
Plaintext
Executable File
90 lines
4.6 KiB
Plaintext
Executable File
#
|
|
# =============================================================================
|
|
# GENERAL CONFIGURATION
|
|
# =============================================================================
|
|
# APP_NAME = name of application for use in scripts
|
|
# COMPOSE_FILE = default for no app_name in docker-compose file name, app if there is
|
|
# BACKUP = if true, include this application in backup operations
|
|
# HEALTHCHECK = if true, default docker health checks for that container will be enabled
|
|
# AUTHELIA = if true, use Authelia authentication, if false turned off.
|
|
# HEADSCALE = options : false, local, remote (see general config). e.g false or local,remote
|
|
# MONITORING = if true, export this app's metrics to Prometheus + Grafana (needs both apps installed)
|
|
#
|
|
CFG_TRAEFIK_APP_NAME=traefik
|
|
CFG_TRAEFIK_BACKUP=true
|
|
CFG_TRAEFIK_BACKUP_STRATEGY=auto
|
|
CFG_TRAEFIK_COMPOSE_FILE=default
|
|
CFG_TRAEFIK_HEALTHCHECK=true
|
|
CFG_TRAEFIK_AUTHELIA=false
|
|
CFG_TRAEFIK_HEADSCALE=false
|
|
CFG_TRAEFIK_MONITORING=false
|
|
#
|
|
# =============================================================================
|
|
# APPLICATION CONFIGURATION
|
|
# =============================================================================
|
|
# LOGGING = log level (ERROR, WARN, INFO, DEBUG)
|
|
# 404_SITE = custom 404 page URL
|
|
# EMAIL = administrator email used by LetsEncrypt for ACME registration & cert-expiry warnings
|
|
# DASHBOARD_ACCESS = how the Traefik dashboard is reachable
|
|
# local-only : dashboard available unauthenticated on http://127.0.0.1:8080 (host only)
|
|
# AND auth-protected via https://traefik.<domain> (recommended default)
|
|
# domain-only : dashboard ONLY via https://traefik.<domain>, fully auth-protected,
|
|
# :8080 not exposed (most secure; requires a working domain)
|
|
# public : dashboard on :8080 reachable from any interface unauthenticated
|
|
# AND auth-protected via https://traefik.<domain> (legacy behavior)
|
|
#
|
|
CFG_TRAEFIK_LOGGING=ERROR
|
|
CFG_TRAEFIK_404_SITE=https://example.org/404
|
|
CFG_TRAEFIK_EMAIL=changeme
|
|
CFG_TRAEFIK_DASHBOARD_ACCESS=local-only
|
|
#
|
|
# =============================================================================
|
|
# METADATA
|
|
# =============================================================================
|
|
# CATEGORY = application category for grouping
|
|
# TITLE = display name for the application
|
|
# DESCRIPTION = short description of the application
|
|
# LONG_DESCRIPTION = detailed description of the application
|
|
# URL = source repository or documentation URL
|
|
# ACTIONS = available actions for this application
|
|
#
|
|
CFG_TRAEFIK_CATEGORY="networking,recommended"
|
|
CFG_TRAEFIK_TITLE="Traefik"
|
|
CFG_TRAEFIK_DESCRIPTION="Reverse Proxy"
|
|
CFG_TRAEFIK_LONG_DESCRIPTION="Traefik is a modern HTTP reverse proxy and load balancer that makes deploying microservices easy and efficient"
|
|
CFG_TRAEFIK_URL="https://github.com/traefik/traefik"
|
|
CFG_TRAEFIK_ACTIONS="configure|install|restart|shutdown|uninstall"
|
|
#
|
|
# =============================================================================
|
|
# NETWORK CONFIGURATION
|
|
# =============================================================================
|
|
# DOMAIN = number of domain from the general config, useful when using multiple domains
|
|
# WHITELIST = if true only allow whitelisted ips on traefik, if false allow all
|
|
#
|
|
CFG_TRAEFIK_DOMAIN=1
|
|
CFG_TRAEFIK_WHITELIST=false
|
|
CFG_TRAEFIK_NETWORK=default
|
|
#
|
|
# =============================================================================
|
|
# PORT CONFIGURATION
|
|
# =============================================================================
|
|
# PORT_ = port configuration: app|name|external:internal|access|protocol|login|traefik|webui|description
|
|
# - app: application name
|
|
# - name: service identifier (webui, api, ssh, etc.)
|
|
# - external:internal: port mapping (external can be 'random' for auto-allocation)
|
|
# - access: 'public' (internet accessible), 'private' (local network only), 'disabled' (not running)
|
|
# - protocol: 'tcp' or 'udp'
|
|
# - login: if true, this port requires basic-auth via Traefik (only meaningful when traefik=true)
|
|
# - traefik: if true, Traefik handles this port (reverse proxy)
|
|
# - webui: if true, this port serves the main web interface
|
|
# - description: human-readable description of the service
|
|
#
|
|
CFG_TRAEFIK_PORT_1="traefik-service|dashboard|random:8080|public|tcp|true|true|true|Admin Dashboard||traefik"
|
|
CFG_TRAEFIK_PORT_2="traefik-service|https|443:443|public|tcp|false|false|false|HTTPS Traffic|"
|
|
CFG_TRAEFIK_PORT_3="traefik-service|http|80:80|disabled|tcp|false|false|false|HTTP Traffic|"
|
|
|
|
# AUTH_PROFILE = capability tier for the WebUI auth tools (single_password | user_password | multi_user)
|
|
CFG_TRAEFIK_AUTH_PROFILE=single_password
|
|
CFG_TRAEFIK_ADMIN_USER=
|
|
CFG_TRAEFIK_ADMIN_PASSWORD=RANDOMIZEDPASSWORD1
|