rckrdmrd/workspace-v1
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
967ab360bb
workspace-v1/control-plane/devtools/docker/traefik/dynamic/middlewares.yml
Adrian Flores Cortes 967ab360bb Initial commit: Workspace v1 with 3-layer architecture 
Structure:
- control-plane/: Registries, SIMCO directives, CI/CD templates
- projects/: Gamilit, ERP-Suite, Trading-Platform, Betting-Analytics
- shared/: Libs catalog, knowledge-base

Key features:
- Centralized port, domain, database, and service registries
- 23 SIMCO directives + 6 fundamental principles
- NEXUS agent profiles with delegation rules
- Validation scripts for workspace integrity
- Dockerfiles for all services
- Path aliases for quick reference

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2025-12-23 00:35:19 -06:00

151 lines
4.5 KiB
YAML
Raw Blame History

# ==============================================================================
# TRAEFIK MIDDLEWARES
# ==============================================================================
# Middlewares reutilizables para todos los servicios
# ==============================================================================
http:
middlewares:
# ==========================================================================
# RATE LIMITING
# ==========================================================================
rate-limit:
rateLimit:
average: 100
burst: 50
period: 1s
rate-limit-strict:
rateLimit:
average: 10
burst: 20
period: 1s
# ==========================================================================
# CORS
# ==========================================================================
cors-all:
headers:
accessControlAllowMethods:
- GET
- POST
- PUT
- PATCH
- DELETE
- OPTIONS
accessControlAllowOriginList:
- "*"
accessControlAllowHeaders:
- "*"
accessControlMaxAge: 100
addVaryHeader: true
cors-restricted:
headers:
accessControlAllowMethods:
- GET
- POST
- PUT
- DELETE
- OPTIONS
accessControlAllowOriginListRegex:
- "^https?://.*\\.localhost$"
- "^https?://.*\\.example\\.com$"
accessControlAllowHeaders:
- Authorization
- Content-Type
- X-Requested-With
accessControlAllowCredentials: true
# ==========================================================================
# SECURITY HEADERS
# ==========================================================================
security-headers:
headers:
frameDeny: true
browserXssFilter: true
contentTypeNosniff: true
referrerPolicy: "strict-origin-when-cross-origin"
customResponseHeaders:
X-Robots-Tag: "noindex,nofollow"
security-headers-strict:
headers:
frameDeny: true
browserXssFilter: true
contentTypeNosniff: true
stsSeconds: 31536000
stsIncludeSubdomains: true
stsPreload: true
referrerPolicy: "strict-origin-when-cross-origin"
# ==========================================================================
# COMPRESSION
# ==========================================================================
compress:
compress: {}
# ==========================================================================
# RETRY
# ==========================================================================
retry:
retry:
attempts: 3
initialInterval: 100ms
# ==========================================================================
# CIRCUIT BREAKER
# ==========================================================================
circuit-breaker:
circuitBreaker:
expression: "NetworkErrorRatio() > 0.5"
# ==========================================================================
# STRIP PREFIX (para APIs)
# ==========================================================================
strip-api-prefix:
stripPrefix:
prefixes:
- "/api"
# ==========================================================================
# ADD PREFIX
# ==========================================================================
add-api-prefix:
addPrefix:
prefix: "/api"
# ==========================================================================
# BASIC AUTH (para dashboards)
# ==========================================================================
# Generar password: htpasswd -nb admin password
# basic-auth:
# basicAuth:
# users:
# - "admin:$apr1$..."
# ==========================================================================
# CHAINS (combinaciones comunes)
# ==========================================================================
api-chain:
chain:
middlewares:
- rate-limit
- cors-all
- security-headers
- compress
web-chain:
chain:
middlewares:
- security-headers
- compress
secure-chain:
chain:
middlewares:
- rate-limit-strict
- cors-restricted
- security-headers-strict
- compress
Reference in New Issue View Git Blame Copy Permalink