entryPoints:
  web:
    address: ":80"
    http:
      redirections:
        entryPoint:
          to: "websecure"
          scheme: "https"
  websecure:
    address: ":443"

providers:
  docker:
    endpoint: "unix:///var/run/docker.sock"
    exposedByDefault: false

certificatesResolvers:
  le:
    acme:
      email: "your-email@example.com"
      storage: "/data/acme.json"
      tlsChallenge: {}

api:
  dashboard: true

ping:
  entryPoint: "websecure"

http:
  routers:
    api:
      rule: "PathPrefix(`/api`)"
      service: "api"
      entryPoints: ["websecure"]
    app:
      rule: "Host(`${HOST}`)"
      entryPoints: ["websecure"]
      service: "app"
      tls:
        certResolver: "le"
      middlewares:
        - "websocket"

  services:
    api:
      loadBalancer:
        servers:
          - url: "http://app:${PORT}"
    app:
      loadBalancer:
        sticky: true
        servers:
          - url: "http://app:${PORT}"

  middlewares:
    websocket:
      headers:
        accessControlAllowHeaders:
          - "Origin"
          - "Content-Type"
          - "Accept"
          - "Authorization"
        accessControlAllowMethods:
          - "GET"
          - "POST"
          - "PUT"
          - "DELETE"
          - "PATCH"
          - "OPTIONS"
        accessControlAllowOrigin: ["*"]
        accessControlExposeHeaders:
          - "Content-Length"
          - "Content-Range"