http: serversTransports: authentik-insecure: insecureSkipVerify: true middlewares: consul-stripprefix: stripPrefix: prefixes: - "/consul" services: consul-cluster: loadBalancer: servers: - url: "http://ch4.tailnet-68f9.ts.net:8500" # 韩国,Leader - url: "http://warden.tailnet-68f9.ts.net:8500" # 北京,Follower - url: "http://ash3c.tailnet-68f9.ts.net:8500" # 美国,Follower healthCheck: path: "/v1/status/leader" interval: "30s" timeout: "15s" nomad-cluster: loadBalancer: servers: - url: "http://ch2.tailnet-68f9.ts.net:4646" # 韩国,Leader - url: "http://warden.tailnet-68f9.ts.net:4646" # 北京,Follower - url: "http://ash3c.tailnet-68f9.ts.net:4646" # 美国,Follower healthCheck: path: "/v1/status/leader" interval: "30s" timeout: "15s" vault-cluster: loadBalancer: servers: - url: "http://warden.tailnet-68f9.ts.net:8200" # 北京,单节点 healthCheck: path: "/ui/" interval: "30s" timeout: "15s" authentik-cluster: loadBalancer: servers: - url: "https://authentik.tailnet-68f9.ts.net:9443" # Authentik容器HTTPS端口 serversTransport: authentik-insecure healthCheck: path: "/flows/-/default/authentication/" interval: "30s" timeout: "15s" routers: consul-api: rule: "Host(`consul.git4ta.tech`)" service: consul-cluster entryPoints: - websecure tls: certResolver: cloudflare middlewares: - consul-stripprefix consul-ui: rule: "Host(`consul.git-4ta.live`) && PathPrefix(`/ui`)" service: consul-cluster entryPoints: - websecure tls: certResolver: cloudflare nomad-api: rule: "Host(`nomad.git-4ta.live`)" service: nomad-cluster entryPoints: - websecure tls: certResolver: cloudflare nomad-ui: rule: "Host(`nomad.git-4ta.live`) && PathPrefix(`/ui`)" service: nomad-cluster entryPoints: - websecure tls: certResolver: cloudflare vault-ui: rule: "Host(`vault.git-4ta.live`)" service: vault-cluster entryPoints: - websecure tls: certResolver: cloudflare authentik-ui: rule: "Host(`authentik1.git-4ta.live`)" service: authentik-cluster entryPoints: - websecure tls: certResolver: cloudflare