[log]
#  level = "DEBUG"
  format = "json"

[accessLog]
  format = "json"
#  [accessLog.filters]
#    statusCodes = ["200", "300-302"]
#  [accessLog.fields]
#    defaultMode = "keep"
  [accessLog.fields.names]
    "StartLocal" = "drop"
#    "ClientAddr" = "drop"
#    "ClientHost" = "drop"
#    "ClientPort" = "drop"
    "ClientUsername" = "drop"

[metrics]
  [metrics.prometheus]
    manualRouting = true
    addServicesLabels = true
    addEntryPointsLabels = true
    buckets = [0.1,0.3,1.2,5.0]
    entryPoint = "admin-service"

#[tracing]
#  serviceName = "{{ traefik_id }}"
#  [tracing.jaeger.collector]
#    endpoint = "http://{{ shared_service_kube_jaeger_collector_hostname | default('127.0.0.1') }}:80/api/traces"

[api]
  dashboard = true

[entryPoints]
  ### http -> https ###
  [entryPoints.web]
    address = ":{{ http_port }}"
    [entryPoints.web.http.redirections.entryPoint]
      to = "websecure"
      scheme = "https"

  ### production service port ###
  [entryPoints.websecure]
    address = ":{{ https_port }}"

  ### git/ssh as a service for the host ###
  [entryPoints.git ]
    address = ":{{ service_port_git }}"

  ### mysql admin service for the host ###
  [entryPoints.admin-mysql]
    address = ":{{ service_port_phpmyadmin }}"
    [entryPoints.admin-mysql.http.redirections.entryPoint]
      to = "admin-mysql"
      scheme = "https"

  ### traefik admin service for the host ###
  [entryPoints.admin-traefik]
    address = ":{{ admin_port_traefik }}"
    [entryPoints.admin-traefik.http.redirections.entryPoint]
      to = "admin-traefik"
      scheme = "https"

  ### system monitoring port - docker metrics ###
  [entryPoints.monitoring-docker]
    address = ":{{ monitor_port_docker }}"
    [entryPoints.monitoring-docker.http.redirections.entryPoint]
      to = "monitoring-docker"
      scheme = "https"

  ### system monitoring port - harbor metrics ###
  [entryPoints.monitoring-harbor]
    address = ":{{ monitor_port_harbor }}"
    [entryPoints.monitoring-harbor.http.redirections.entryPoint]
      to = "monitoring-harbor"
      scheme = "https"

  ### service monitoring port - metrics for all served services ###
  [entryPoints.admin-service]
    address = ":{{ admin_port_service }}"
    [entryPoints.admin-service.http.redirections.entryPoint]
      to = "admin-service"
      scheme = "https"

[certificatesResolvers.letsencrypt.acme]
  email = "{{ lets_encrypt_email }}"
  storage = "acme.json"
{% if letsencrypt_caserver_directory_url is defined %}
  caserver = "{{ letsencrypt_caserver_directory_url }}"
{% endif %}
  [certificatesResolvers.letsencrypt.acme.dnsChallenge]
    provider = "digitalocean"
    resolvers = ["8.8.8.8:53"]

[certificatesResolvers.letsencrypt-http.acme]
  email = "{{ lets_encrypt_email }}"
  storage = "acme.json"
{% if letsencrypt_caserver_directory_url is defined %}
  caserver = "{{ letsencrypt_caserver_directory_url }}"
{% endif %}
  [certificatesResolvers.letsencrypt-http.acme.httpChallenge]
    entrypoint = "web"

[providers.docker]
  watch = true
  network = "front-tier"
  exposedByDefault = false

[providers.file]
  filename = "traefik_dynamic.toml"