pkartch/traefik
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
4 Commits 1 Branch 0 Tags
main
Commit Graph

4 Commits

Author SHA1 Message Date
Paul R Kartchner
fb3d8376d5 first commit 2025-11-10 21:27:19 +00:00
Paul R Kartchner
8282e13b65 Add GeoIP blocking to allow only US traffic 
Configuration changes:
- Add GeoBlock plugin (PascalMinder v0.2.7)
- Configure whitelist mode for US-only access
- Apply GeoIP middleware to all public services
- Block all non-US countries automatically

Security enhancements:
- Mealie: US access only
- Gogs: US access only
- Automatic country detection via geojs.io API
- Caching for performance (25 entries)

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
 2025-10-20 22:52:10 +00:00
Paul R Kartchner
6a7b2ff7f0 Add Crowdsec integration to Traefik 
Configuration changes:
- Enable Traefik experimental plugins support
- Add Crowdsec bouncer plugin (maxlerebourg v1.3.3)
- Configure Crowdsec middleware in config.yml
- Connect Traefik to Crowdsec network
- Add IP whitelist middleware for internal network
- Update .gitignore to exclude crowdsec directory

Security enhancements:
- All routes now protected by Crowdsec threat intelligence
- Internal network IP whitelist for Traefik dashboard
- Crowdsec monitors all Traefik access logs
- Real-time blocking of malicious IPs

Protected services:
- Mealie (recipes.pkartchner.com)
- Gogs (git.pkartchner.com)
- Traefik Dashboard (internal network only)

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
 2025-10-20 22:39:20 +00:00
Paul R Kartchner
bd1dc1abed Initial Traefik reverse proxy configuration 
Configure Traefik v2.10 with:
- Automatic HTTPS using Let's Encrypt
- HTTP to HTTPS redirect
- Docker service discovery
- Security headers middleware
- Dashboard with basic auth

Configured services:
- Mealie (recipes.pkartchner.com)
- Gogs (git.pkartchner.com)
- Traefik Dashboard (traefik.pkartchner.com)

Features:
- Automatic SSL certificate management
- Force HTTPS on all services
- Security headers (HSTS, frame options, XSS protection)
- Docker network isolation

Next steps: Configure DNS records and port forwarding (see SETUP-INSTRUCTIONS.md)

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
 2025-10-20 19:07:55 +00:00