log:
  level: {{ log_level }}

{% if enable_dashboard %}
api:
  dashboard: true
  insecure: true
{% endif %}

{% if enable_access_logs %}
accessLog:
  format: {{ access_log_format }}
{% endif %}

entryPoints:
  web:
    address: ":80"
{% if use_ssl %}
    http:
      redirections:
        entryPoint:
          to: websecure
          scheme: https
{% endif %}
  websecure:
    address: ":443"

providers:
{% if reverseproxy_mode == 'dmz' %}
  file:
    directory: /config
    watch: true
{% endif %}
{% if reverseproxy_mode == 'backend' %}
  docker:
    endpoint: "unix:///var/run/docker.sock"
    network: {{ traefik_network }}
    exposedByDefault: false
{% endif %}

{% if use_ssl and cert_mode == 'acme' %}
certificatesResolvers:
  {{ ssl_cert_resolver }}:
    acme:
      email: {{ ssl_email }}
      storage: /letsencrypt/acme.json
      dnsChallenge:
        provider: rfc2136
        resolvers:
          - "{{ acme_dns_nameserver }}"
{% endif %}

{% if use_ssl %}
tls:
  options:
    default:
      minVersion: VersionTLS12
{% endif %}

global:
  checkNewVersion: false
  sendAnonymousUsage: false