mirror of
https://github.com/spantaleev/matrix-docker-ansible-deploy.git
synced 2025-01-24 17:04:53 +01:00
65 lines
3.5 KiB
Django/Jinja
65 lines
3.5 KiB
Django/Jinja
{% if matrix_element_call_container_labels_traefik_enabled %}
|
|
traefik.enable=true
|
|
|
|
{% if matrix_element_call_container_labels_traefik_docker_network %}
|
|
traefik.docker.network={{ matrix_element_call_container_labels_traefik_docker_network }}
|
|
{% endif %}
|
|
|
|
# Element Call Labels
|
|
traefik.http.routers.element-call-router.rule={{ matrix_element_call_container_labels_traefik_rule }}
|
|
traefik.http.routers.element-call-router.entrypoints={{ matrix_element_call_container_labels_traefik_entrypoints }}
|
|
traefik.http.routers.element-call-router.tls.certresolver={{ matrix_element_call_container_labels_traefik_tls_certResolver }}
|
|
traefik.http.services.element-call-service.loadbalancer.server.port=8080
|
|
|
|
{% set middlewares = [] %}
|
|
|
|
# Path prefix handling for Element Call
|
|
{% if matrix_element_call_container_labels_traefik_path_prefix != '/' %}
|
|
traefik.http.middlewares.element-call-slashless-redirect.redirectregex.regex=({{ matrix_element_call_container_labels_traefik_path_prefix | quote }})$
|
|
traefik.http.middlewares.element-call-slashless-redirect.redirectregex.replacement=${1}/
|
|
{% set middlewares = middlewares + ['element-call-slashless-redirect'] %}
|
|
|
|
traefik.http.middlewares.element-call-strip-prefix.stripprefix.prefixes={{ matrix_element_call_container_labels_traefik_path_prefix }}
|
|
{% set middlewares = middlewares + ['element-call-strip-prefix'] %}
|
|
{% endif %}
|
|
|
|
# Additional response headers for Element Call
|
|
{% if matrix_element_call_container_labels_traefik_additional_response_headers.keys() | length > 0 %}
|
|
{% for name, value in matrix_element_call_container_labels_traefik_additional_response_headers.items() %}
|
|
traefik.http.middlewares.element-call-add-headers.headers.customresponseheaders.{{ name }}={{ value }}
|
|
{% endfor %}
|
|
{% set middlewares = middlewares + ['element-call-add-headers'] %}
|
|
{% endif %}
|
|
|
|
# Add middlewares to the Element Call router
|
|
{% if middlewares | length > 0 %}
|
|
traefik.http.routers.element-call-router.middlewares={{ middlewares | join(',') }}
|
|
{% endif %}
|
|
|
|
# LiveKit Labels
|
|
traefik.http.routers.sfu-router.rule=Host(`{{ matrix_element_call_livekit_service_url | regex_replace('^https?://', '') }}`)
|
|
traefik.http.routers.sfu-router.entrypoints=websecure
|
|
traefik.http.routers.sfu-router.tls.certresolver=default
|
|
traefik.http.services.sfu-service.loadbalancer.server.port=7880
|
|
traefik.http.middlewares.sfu-headers.headers.customFrameOptionsValue=SAMEORIGIN
|
|
traefik.http.middlewares.sfu-headers.headers.customResponseHeaders.X-Content-Type-Options=nosniff
|
|
traefik.http.middlewares.sfu-headers.headers.customResponseHeaders.Strict-Transport-Security=max-age=31536000; includeSubDomains; preload
|
|
traefik.http.routers.sfu-router.middlewares=sfu-headers
|
|
|
|
# JWT Labels
|
|
traefik.http.routers.jwt-router.rule=Host(`{{ matrix_element_call_jwt_service_url | regex_replace('^https?://', '') }}`)
|
|
traefik.http.routers.jwt-router.entrypoints=websecure
|
|
traefik.http.routers.jwt-router.tls.certresolver=default
|
|
traefik.http.services.jwt-service.loadbalancer.server.port=8881
|
|
traefik.http.middlewares.jwt-headers.headers.customFrameOptionsValue=SAMEORIGIN
|
|
traefik.http.middlewares.jwt-headers.headers.customResponseHeaders.X-Content-Type-Options=nosniff
|
|
traefik.http.middlewares.jwt-headers.headers.customResponseHeaders.Strict-Transport-Security=max-age=31536000; includeSubDomains; preload
|
|
traefik.http.routers.jwt-router.middlewares=jwt-headers
|
|
|
|
{% endif %}
|
|
|
|
# Additional labels (if any) specified by the user
|
|
{% for key, value in matrix_element_call_container_extra_arguments.items() %}
|
|
{{ key }}={{ value }}
|
|
{% endfor %}
|