global:
  checkNewVersion: false
  sendAnonymousUsage: false

api:
  dashboard: true
  debug: true

log:
  level: INFO

# Tracing
tracing:
  # The serviceName is used to identify the service in the traces, which can be useful for filtering and analyzing the traces in Tempo and Grafana's Explore feature.
  serviceName: "traefik-proxy"
  otlp:
    grpc:
      endpoint: "otel-collector:4317"
      insecure: true

entryPoints:
  # The web entry point is used for HTTP traffic and will redirect to HTTPS.
  web:
    address: ":80"
    http:
      redirections:
        entryPoint:
          to: websecure
          scheme: https
  
  websecure:
    # The websecure entry point is used for HTTPS traffic and will use TLS with the specified certificates. The address is set to ":443" to listen on all interfaces on port 443, which is the standard port for HTTPS traffic.
    address: ":443"
    http:
      tls:
        domains:
          - main: "${DOMAIN}"
            sans:
              - "*.${DOMAIN}"

  # internal API-poort with pprof
  traefik-internal:
    address: ":8083"

  otlp:
    # The otlp entry point is used for receiving traces from the OpenTelemetry Collector. The address is set to ":4317" to listen on all interfaces on port 4317, which is the standard port for OTLP gRPC traffic.
    address: ":4317"

  metrics:
    # The metrics entry point is used for exposing Traefik's metrics in a format that Prometheus can scrape.
    address: ":8082"

providers:
  docker:
    # The Docker provider allows Traefik to automatically discover and configure services based on Docker containers. By setting exposedByDefault to false, we ensure that only containers that are explicitly labeled will be exposed by Traefik, which is a good security practice to prevent unintended exposure of services.
    endpoint: "unix:///var/run/docker.sock"
    exposedByDefault: false
  # Here we tell Traefik to look in this directory for dynamic configs (like TLS!)
  file:
    directory: /etc/traefik/dynamic
    watch: true

metrics:
  # The Prometheus entry point is used for exposing Traefik's metrics in a format that Prometheus can scrape.
  prometheus:
    entryPoint: "metrics"
    addEntryPointsLabels: true
    addRoutersLabels: true
    addServicesLabels: true

ping:
  # The ping entry point is used for health checks, allowing us to monitor the health of Traefik itself. By setting the entryPoint to "metrics", we can use the same port for both metrics and health checks, which simplifies the configuration and reduces the number of open ports.
  entryPoint: "metrics"