[Unit] Description=traefik web server Wants=network-online.target After=network-online.target After=kanidm.service [Container] ContainerName=traefik PodmanArgs=--privileged NoNewPrivileges=true Image=docker.io/library/traefik:3.0 # Static IPs assigned for proxy-protocol trust IP=10.89.0.21 IP6=fd76:6f6d:f45e:ea1a::15 # HTTP(S) PublishPort=0.0.0.0:80:80/tcp PublishPort=0.0.0.0:80:80/udp PublishPort=0.0.0.0:443:443/tcp PublishPort=0.0.0.0:443:443/udp PublishPort=[::]:80:80/tcp PublishPort=[::]:80:80/udp PublishPort=[::]:443:443/tcp PublishPort=[::]:443:443/udp # Matrix PublishPort=0.0.0.0:8448:8448/tcp PublishPort=0.0.0.0:8448:8448/udp PublishPort=[::]:8448:8448/tcp PublishPort=[::]:8448:8448/udp # SMTP PublishPort=0.0.0.0:25:25/tcp # PublishPort=0.0.0.0:25:25/udp PublishPort=[::]:25:25/tcp # PublishPort=[::]:25:25/udp # POP PublishPort=0.0.0.0:110:110/tcp # PublishPort=0.0.0.0:110:110/udp PublishPort=[::]:110:110/tcp # PublishPort=[::]:110:110/udp # ManageSieve PublishPort=0.0.0.0:4190:4190/tcp # PublishPort=0.0.0.0:4190:4190/udp PublishPort=[::]:4190:4190/tcp # PublishPort=[::]:4190:4190/udp # SMTP submission over STARTTLS PublishPort=0.0.0.0:587:587/tcp # PublishPort=0.0.0.0:587:587/udp PublishPort=[::]:587:587/tcp # PublishPort=[::]:587:587/udp # SMTPS PublishPort=0.0.0.0:465:465/tcp # PublishPort=0.0.0.0:465:465/udp PublishPort=[::]:465:465/tcp # PublishPort=[::]:465:465/udp # IMAPS PublishPort=0.0.0.0:993:993/tcp # PublishPort=0.0.0.0:993:993/udp PublishPort=[::]:993:993/tcp # PublishPort=[::]:993:993/udp # POPS PublishPort=0.0.0.0:995:995/tcp # PublishPort=0.0.0.0:995:995/udp PublishPort=[::]:995:995/tcp # PublishPort=[::]:995:995/udp ReadOnly=true Volume=/run/podman/podman.sock:/var/run/docker.sock:z Volume=/etc/localtime:/etc/localtime:ro Volume=/var/srv/traefik:/certificates:z Volume=/etc/traefik:/etc/traefik:ro,z Volume=kanidm-certs.volume:/kanidm_certs:ro,z # Volume=/var/srv/matrix/caddy/config:/config:z # Volume=/var/srv/matrix/caddy/data:/data:z # Volume=/var/srv/matrix/caddy/Caddyfile:/etc/caddy/Caddyfile:ro,z AutoUpdate=registry Network=web.network # IP=176.126.240.240 # IP6=fe80::9724:38eb:9b0f:df7c Exec=traefik --configFile=/etc/traefik/config.yml Environment="CF_DNS_API_TOKEN=OzdeI-Km-mI3_WlSOO83Zu0id7rmdd0k2QhOoGNE" Label="traefik.http.middlewares.compress.compress=true" Label="traefik.http.middlewares.hsts.headers.stsincludesubdomains=false" Label="traefik.http.middlewares.hsts.headers.stspreload=true" Label="traefik.http.middlewares.hsts.headers.stsseconds=31536000" Label="traefik.http.middlewares.hsts.headers.isdevelopment=false" # Label="traefik.http.routers.dashboard.rule=Host(`traefik.ellis.link`) && (PathPrefix(`/api`) || PathPrefix(`/dashboard`))" # Label="traefik.http.routers.dashboard.service=api@internal" Label="homepage.group=Services" Label="homepage.name=Traefik" [Service] Restart=on-failure TimeoutStartSec=900 [Install] WantedBy=default.target