added security enhancements

This commit is contained in:
Corey Blais
2026-04-20 10:02:50 -04:00
parent d1657ef7ed
commit 9392bf9735
4 changed files with 47 additions and 0 deletions
+6
View File
@@ -70,6 +70,7 @@ services:
- traefik.http.routers.flockpal-api.entrypoints=websecure
- traefik.http.routers.flockpal-api.tls.certresolver=${TRAEFIK_CERTRESOLVER:-letsencrypt}
- traefik.http.routers.flockpal-api.priority=100
- traefik.http.routers.flockpal-api.middlewares=flockpal-hsts@docker
- traefik.http.services.flockpal-api.loadbalancer.server.port=5000
networks:
- default
@@ -92,6 +93,11 @@ services:
- traefik.http.routers.flockpal-web.entrypoints=websecure
- traefik.http.routers.flockpal-web.tls.certresolver=${TRAEFIK_CERTRESOLVER:-letsencrypt}
- traefik.http.routers.flockpal-web.priority=10
- traefik.http.routers.flockpal-web.middlewares=flockpal-hsts@docker
- traefik.http.middlewares.flockpal-hsts.headers.stsSeconds=31536000
- traefik.http.middlewares.flockpal-hsts.headers.stsIncludeSubdomains=true
- traefik.http.middlewares.flockpal-hsts.headers.stsPreload=false
- traefik.http.middlewares.flockpal-hsts.headers.forceSTSHeader=true
- traefik.http.services.flockpal-web.loadbalancer.server.port=80
networks:
- traefik