diff --git a/.idea/digitalboard.core.iml b/.idea/digitalboard.core.iml
deleted file mode 100644
index 0f200bc..0000000
--- a/.idea/digitalboard.core.iml
+++ /dev/null
@@ -1,9 +0,0 @@
-
-
-
-
-
-
-
-
-
\ No newline at end of file
diff --git a/.idea/inspectionProfiles/Project_Default.xml b/.idea/inspectionProfiles/Project_Default.xml
deleted file mode 100644
index 03d9549..0000000
--- a/.idea/inspectionProfiles/Project_Default.xml
+++ /dev/null
@@ -1,6 +0,0 @@
-
-
-
-
-
-
\ No newline at end of file
diff --git a/.idea/inspectionProfiles/profiles_settings.xml b/.idea/inspectionProfiles/profiles_settings.xml
deleted file mode 100644
index 105ce2d..0000000
--- a/.idea/inspectionProfiles/profiles_settings.xml
+++ /dev/null
@@ -1,6 +0,0 @@
-
-
-
-
-
-
\ No newline at end of file
diff --git a/.idea/material_theme_project_new.xml b/.idea/material_theme_project_new.xml
deleted file mode 100644
index e41ef6e..0000000
--- a/.idea/material_theme_project_new.xml
+++ /dev/null
@@ -1,12 +0,0 @@
-
-
-
-
-
-
\ No newline at end of file
diff --git a/.idea/misc.xml b/.idea/misc.xml
deleted file mode 100644
index 1d3ce46..0000000
--- a/.idea/misc.xml
+++ /dev/null
@@ -1,7 +0,0 @@
-
-
-
-
-
-
-
\ No newline at end of file
diff --git a/.idea/modules.xml b/.idea/modules.xml
deleted file mode 100644
index fd05160..0000000
--- a/.idea/modules.xml
+++ /dev/null
@@ -1,9 +0,0 @@
-
-
-
-
-
-
-
-
-
\ No newline at end of file
diff --git a/.idea/vcs.xml b/.idea/vcs.xml
deleted file mode 100644
index d5bdd28..0000000
--- a/.idea/vcs.xml
+++ /dev/null
@@ -1,8 +0,0 @@
-
-
-
-
-
-
-
-
\ No newline at end of file
diff --git a/notes-nextcloud b/notes-nextcloud
deleted file mode 100644
index 3d852a2..0000000
--- a/notes-nextcloud
+++ /dev/null
@@ -1,93 +0,0 @@
-version: "3.9"
-
-# ⛵ Nextcloud + Collabora (CODE) behind Traefik (TLS at Traefik)
-# Replace all occurrences of cloud.digitalboard.ch and office.example.com with your domains.
-
-services:
- db:
- image: postgres:16-alpine
- container_name: nextcloud-postgres
- restart: always
- environment:
- POSTGRES_DB: nextcloud
- POSTGRES_USER: nextcloud
- POSTGRES_PASSWORD: PVgvn5w06yvN7K8QwKacLrGNtvQformw
- volumes:
- - /srv/data/nextcloud/postgresql/data:/var/lib/postgresql/data
- networks:
- - internal
-
- redis:
- image: redis:7-alpine
- container_name: nextcloud-redis
- restart: always
- command: ["redis-server", "--appendonly", "yes"]
- volumes:
- - /srv/data/nextcloud/redis/data:/data
- networks:
- - internal
-
- nextcloud:
- image: nextcloud:apache
- container_name: nextcloud
- restart: always
- depends_on:
- - db
- - redis
- environment:
- POSTGRES_HOST: db
- POSTGRES_DB: nextcloud
- POSTGRES_USER: nextcloud
- POSTGRES_PASSWORD: PVgvn5w06yvN7K8QwKacLrGNtvQformw
- NEXTCLOUD_ADMIN_USER: tinfoil
- NEXTCLOUD_ADMIN_PASSWORD: Wkcox8ZD05po1rq60Y4h2cIenws7hF7F
- REDIS_HOST: redis
- # REDIS_HOST_PASSWORD: ""
- PHP_MEMORY_LIMIT: 1024M
- PHP_UPLOAD_LIMIT: 2048M
- OVERWRITEPROTOCOL: https
- OVERWRITEHOST: cloud.digitalboard.ch
- TRUSTED_PROXIES: "172.18.0.0/16"
- volumes:
- - /srv/data/nextcloud/nextcloud/:/var/www/html
- - ./servername.conf:/etc/apache2/conf-enabled/servername.conf
- networks:
- - internal
- - proxy
- labels:
- - traefik.enable=true
- - traefik.docker.network=proxy
- - traefik.http.routers.nextcloud.rule=Host(`cloud.digitalboard.ch`)
- - traefik.http.routers.nextcloud.entrypoints=web
- - traefik.http.services.nextcloud.loadbalancer.server.port=80
- # Ensure Nextcloud always sees HTTPS from the double proxy:
- - traefik.http.middlewares.nc-https.headers.customrequestheaders.X-Forwarded-Proto=https
- - traefik.http.routers.nextcloud.middlewares=nc-wellknown,nc-https
- # Well-known DAV:
- - traefik.http.middlewares.nc-wellknown.redirectregex.permanent=true
- - traefik.http.middlewares.nc-wellknown.redirectregex.regex=^https?://([^/]+)/.well-known/(card|cal)dav
- - traefik.http.middlewares.nc-wellknown.redirectregex.replacement=https://$${1}/remote.php/dav/
-
- collabora:
- image: collabora/code:latest
- container_name: collabora
- restart: always
- environment:
- domain: ^cloud\.example\.com$
- extra_params: --o:ssl.enable=false --o:ssl.termination=true
- username: admin
- password: change_me
- cap_add:
- - MKNOD
- networks:
- - proxy
- labels:
- - traefik.enable=true
- - traefik.http.routers.collabora.rule=Host(`office-intern.example.com`)
- - traefik.http.routers.collabora.entrypoints=web
- - traefik.http.services.collabora.loadbalancer.server.port=9980
-
-networks:
- internal:
- proxy:
- external: true
\ No newline at end of file
diff --git a/roles/reverseproxy/templates/middlewares.yml.j2 b/roles/reverseproxy/templates/middlewares.yml.j2
index 4273796..ba022a4 100644
--- a/roles/reverseproxy/templates/middlewares.yml.j2
+++ b/roles/reverseproxy/templates/middlewares.yml.j2
@@ -1,11 +1,47 @@
-http:
- middlewares:
- secure-headers:
- headers:
- frameDeny: true
- contentTypeNosniff: true
- browserXssFilter: true
- forceSTSHeader: true
- stsSeconds: 31536000
- stsIncludeSubdomains: true
- stsPreload: true
\ No newline at end of file
+{% if enable_dashboard %}
+api:
+ dashboard: true
+ insecure: true
+{% endif %}
+
+{% if enable_access_logs %}
+accessLog:
+ format: {{ access_log_format }}
+{% endif %}
+
+entryPoints:
+ web:
+ address: ":80"
+{% if use_ssl %}
+ http:
+ redirections:
+ entryPoint:
+ to: websecure
+ scheme: https
+{% endif %}
+ websecure:
+ address: ":443"
+
+providers:
+{% if use_static_services | default(false) %}
+ file:
+ filename: /etc/traefik/services.yml
+ watch: true
+{% endif %}
+{% if use_docker_provider | default(true) %}
+ docker:
+ endpoint: "unix:///var/run/docker.sock"
+ exposedByDefault: false
+{% endif %}
+
+certificatesResolvers:
+ letsencrypt:
+ acme:
+ email: admin@digitalboard.ch
+ storage: /letsencrypt/acme.json
+ httpChallenge:
+ entryPoint: web
+
+global:
+ checkNewVersion: false
+ sendAnonymousUsage: false
\ No newline at end of file