From 3b23823e07a6a3e52e22f129853979383ccc96ca Mon Sep 17 00:00:00 2001 From: Leopere Date: Fri, 4 Apr 2025 14:06:06 -0400 Subject: [PATCH] fixup! feat: add n8n service configuration with docker and stack files --- stack.production.yml | 40 ++++++++++++++++------------------------ 1 file changed, 16 insertions(+), 24 deletions(-) diff --git a/stack.production.yml b/stack.production.yml index 3f34fee..6eadca5 100644 --- a/stack.production.yml +++ b/stack.production.yml @@ -38,31 +38,23 @@ services: placement: constraints: - node.hostname == macmini1 - - # update_config: - # delay: 0s - # parallelism: 2 - # order: start-first labels: - traefik.enable: "true" - traefik.http.routers.production_midtownplaydio.rule: "Host(`midtownplaydio.nixc.us`)" - traefik.http.routers.production_midtownplaydio.entrypoints: "websecure" - traefik.http.routers.production_midtownplaydio.tls: "true" - traefik.http.routers.production_midtownplaydio.tls.certresolver: "letsencryptresolver" - traefik.http.routers.production_midtownplaydio.middlewares: "secure-headers" - traefik.http.services.production_midtownplaydio.loadbalancer.server.port: "3000" - traefik.docker.network: "traefik" - # traefik.http.services.production_midtownplaydio.loadbalancer.healthcheck.path: "/health" - # traefik.http.services.production_midtownplaydio.loadbalancer.healthcheck.interval: "30s" - # traefik.http.services.production_midtownplaydio.loadbalancer.healthcheck.timeout: "5s" + traefik.enable: true + traefik.http.routers.production_midtownplaydio.rule: Host(midtownplaydio.nixc.us) + traefik.http.routers.production_midtownplaydio.entrypoints: websecure + traefik.http.routers.production_midtownplaydio.tls: true + traefik.http.routers.production_midtownplaydio.tls.certresolver: letsencryptresolver + traefik.http.routers.production_midtownplaydio.middlewares: secure-headers + traefik.http.services.production_midtownplaydio.loadbalancer.server.port: 3000 + traefik.docker.network: traefik # Security headers middleware traefik.http.middlewares.secure-headers.headers.stsSeconds: 63072000 - traefik.http.middlewares.secure-headers.headers.stsIncludeSubdomains: "true" - traefik.http.middlewares.secure-headers.headers.stsPreload: "true" - traefik.http.middlewares.secure-headers.headers.forceSTSHeader: "true" - traefik.http.middlewares.secure-headers.headers.frameDeny: "true" - traefik.http.middlewares.secure-headers.headers.contentTypeNosniff: "true" - traefik.http.middlewares.secure-headers.headers.browserXssFilter: "true" - traefik.http.middlewares.secure-headers.headers.referrerPolicy: "no-referrer" - traefik.http.middlewares.secure-headers.headers.featurePolicy: "camera 'none'; geolocation 'none'; microphone 'none'; payment 'none'; usb 'none'; vr 'none'" + traefik.http.middlewares.secure-headers.headers.stsIncludeSubdomains: true + traefik.http.middlewares.secure-headers.headers.stsPreload: true + traefik.http.middlewares.secure-headers.headers.forceSTSHeader: true + traefik.http.middlewares.secure-headers.headers.frameDeny: true + traefik.http.middlewares.secure-headers.headers.contentTypeNosniff: true + traefik.http.middlewares.secure-headers.headers.browserXssFilter: true + traefik.http.middlewares.secure-headers.headers.referrerPolicy: no-referrer + traefik.http.middlewares.secure-headers.headers.featurePolicy: camera none; geolocation none; microphone none; payment none; usb none; vr none