[http.middlewares.https-redirect.redirectScheme]
scheme = "https"

[http.middlewares.default-headers.headers]
#frameDeny = false
#customBrowserXSSValue = 1
browserXssFilter = true
contentTypeNosniff = false
forceSTSHeader = true
stsIncludeSubdomains = true
stsPreload = true
stsSeconds = 31536000
referrerPolicy = "same-origin"
#customFrameOptionsValue = "SAMEORIGIN"
#contentSecurityPolicy = "default-src 'self' wss: ws:; frame-ancestors 'self'; form-action 'self' https: *; base-uri 'self'; img-src 'self' data: https: blob: ws: wss:; connect-src https: ws: wss:; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' https: blob: *; style-src 'self' https: blob: ws: wss: 'unsafe-inline'; font-src 'self' data: https: blob: ws: wss:; manifest-src 'self' data: 'unsafe-inline' https:; frame-src 'self' data: 'unsafe-inline' https: *;"

[http.middlewares.default-headers.headers.customResponseHeaders]
Permissions-Policy = "accelerometer=(self), autoplay=(self), camera=(self), cross-origin-isolated=(self), display-capture=(self), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(self), keyboard-map=(self), magnetometer=(self), microphone=(self), midi=(self), payment=(self), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(self), sync-xhr=(self), usb=(self), xr-spatial-tracking=(self)"
X-Permitted-Cross-Domain-Policies = "none"

[http.middlewares.auth-middleware.basicauth]
usersfile = "/etc/traefik/users_credentials"

[http.middlewares.localnet.ipwhitelist]
sourcerange = [
"87.140.122.86/32",
"2003:a:121a:5600::/56",
"217.92.225.133/32",
"2003:000a:0241:4400::/56",
"80.147.150.93/32",
"2003:a:b16:4700::/56",
"159.69.238.80/28",
"2a01:4f8:fff0:22::/64",
"87.140.122.88/32",
"2003:a:121a:5800::/56",
"127.0.0.1/32",
"192.168.0.0/16",
"10.0.0.0/16",
"fd42:167:84::1/64",
"172.20.0.0/24",
"fd00::/8"
]
