fix: traefik limit middlewares

.github/ISSUE_TEMPLATE/compose-request.md

@@ -49,17 +49,11 @@ services:
     #  - proxy
     #labels:
     #  - traefik.enable=true
+    #  - traefik.docker.network=proxy    
     #  - traefik.http.routers.CHANGEME.rule=Host(`service.example.com`)
     #  - traefik.http.services.CHANGEME.loadbalancer.server.port=8080
-    #  - traefik.http.services.CHANGEME.loadbalancer.server.scheme=https # optional, but sometines necessary when proxying to https services
-    #  - traefik.http.services.CHANGEME.loadbalancer.serverstransport=insecureTransport@file # optional, but sometines necessary when proxying to https services
-    #  - traefik.http.middlewares.limit.buffering.maxRequestBodyBytes=50000000 # optional, only necessary for enabled file uploads
-    #  - traefik.http.middlewares.limit.buffering.maxResponseBodyBytes=50000000 # optional, only necessary for enabled file uploads
-    #  - traefik.http.middlewares.limit.buffering.memRequestBodyBytes=50000000 # optional, only necessary for enabled file uploads
-    #  - traefik.http.middlewares.limit.buffering.memResponseBodyBytes=50000000 # optional, only necessary for enabled file uploads    
-    #  - traefik.docker.network=proxy
     #  # Part for optional traefik middlewares
-    #  - traefik.http.routers.CHANGEME.middlewares=local-ipwhitelist@file,basic-auth@file
+    #  - traefik.http.routers.CHANGEME.middlewares=local-ipwhitelist@file
 
 #networks:
 #  proxy:

examples/atlassian-jira-confluence/docker-compose.yml

@@ -41,12 +41,12 @@ services:
     #  - traefik.http.routers.confluence.rule=Host(`confluence.example.com`)
     #  - traefik.http.services.confluence.loadbalancer.server.port=8090
     #  # Optional part for file upload max sizes
-    #  - traefik.http.middlewares.limit.buffering.maxRequestBodyBytes=50000000
-    #  - traefik.http.middlewares.limit.buffering.maxResponseBodyBytes=50000000
-    #  - traefik.http.middlewares.limit.buffering.memRequestBodyBytes=50000000
-    #  - traefik.http.middlewares.limit.buffering.memResponseBodyBytes=50000000
+    #  - traefik.http.middlewares.limit-confluence.buffering.maxRequestBodyBytes=50000000
+    #  - traefik.http.middlewares.limit-confluence.buffering.maxResponseBodyBytes=50000000
+    #  - traefik.http.middlewares.limit-confluence.buffering.memRequestBodyBytes=50000000
+    #  - traefik.http.middlewares.limit-confluence.buffering.memResponseBodyBytes=50000000
     #  # Optional part for traefik middlewares
-    #  - traefik.http.routers.confluence.middlewares=local-ipwhitelist@file      
+    #  - traefik.http.routers.confluence.middlewares=limit-confluence
 
   jira:
     image: atlassian/jira-core:9.9.2
@@ -91,12 +91,12 @@ services:
     #  - traefik.http.routers.jira.rule=Host(`jira.example.com`)
     #  - traefik.http.services.jira.loadbalancer.server.port=8080
     #  # Optional part for file upload max sizes
-    #  - traefik.http.middlewares.limit.buffering.maxRequestBodyBytes=50000000
-    #  - traefik.http.middlewares.limit.buffering.maxResponseBodyBytes=50000000
-    #  - traefik.http.middlewares.limit.buffering.memRequestBodyBytes=50000000
-    #  - traefik.http.middlewares.limit.buffering.memResponseBodyBytes=50000000
+    #  - traefik.http.middlewares.limit-jira.buffering.maxRequestBodyBytes=50000000
+    #  - traefik.http.middlewares.limit-jira.buffering.maxResponseBodyBytes=50000000
+    #  - traefik.http.middlewares.limit-jira.buffering.memRequestBodyBytes=50000000
+    #  - traefik.http.middlewares.limit-jira.buffering.memResponseBodyBytes=50000000
     #  # Optional part for traefik middlewares
-    #  - traefik.http.routers.jira.middlewares=local-ipwhitelist@file      
+    #  - traefik.http.routers.jira.middlewares=limit-jira
 
   postgresql:
     image: docker.io/library/postgres:16-alpine

examples/bookstack/docker-compose.yml

@@ -29,12 +29,12 @@ services:
     #  - traefik.http.routers.bookstack.rule=Host(`bookstack.example.com`)
     #  - traefik.http.services.bookstack.loadbalancer.server.port=80
     #  # Optional part for file upload max sizes
-    #  - traefik.http.middlewares.limit.buffering.maxRequestBodyBytes=50000000
-    #  - traefik.http.middlewares.limit.buffering.maxResponseBodyBytes=50000000
-    #  - traefik.http.middlewares.limit.buffering.memRequestBodyBytes=50000000
-    #  - traefik.http.middlewares.limit.buffering.memResponseBodyBytes=50000000
+    #  - traefik.http.middlewares.limit-bookstack.buffering.maxRequestBodyBytes=50000000
+    #  - traefik.http.middlewares.limit-bookstack.buffering.maxResponseBodyBytes=50000000
+    #  - traefik.http.middlewares.limit-bookstack.buffering.memRequestBodyBytes=50000000
+    #  - traefik.http.middlewares.limit-bookstack.buffering.memResponseBodyBytes=50000000
     #  # Optional part for traefik middlewares
-    #  - traefik.http.routers.bookstack.middlewares=local-ipwhitelist@file,authelia@docker    
+    #  - traefik.http.routers.bookstack.middlewares=limit-bookstack
 
   bookstack_db:
     image: linuxserver/mariadb

examples/code-server/docker-compose.yml

@@ -27,12 +27,12 @@ services:
     #  - traefik.http.routers.codeserver.rule=Host(`code.example.com`)
     #  - traefik.http.services.codeserver.loadbalancer.server.port=8443
     #  # Optional part for file upload max sizes
-    #  - traefik.http.middlewares.limit.buffering.maxRequestBodyBytes=50000000
-    #  - traefik.http.middlewares.limit.buffering.maxResponseBodyBytes=50000000
-    #  - traefik.http.middlewares.limit.buffering.memRequestBodyBytes=50000000
-    #  - traefik.http.middlewares.limit.buffering.memResponseBodyBytes=50000000
+    #  - traefik.http.middlewares.limit-codeserver.buffering.maxRequestBodyBytes=50000000
+    #  - traefik.http.middlewares.limit-codeserver.buffering.maxResponseBodyBytes=50000000
+    #  - traefik.http.middlewares.limit-codeserver.buffering.memRequestBodyBytes=50000000
+    #  - traefik.http.middlewares.limit-codeserver.buffering.memResponseBodyBytes=50000000
     #  # Optional part for traefik middlewares
-    #  - traefik.http.routers.codeserver.middlewares=local-ipwhitelist@file,authelia@docker
+    #  - traefik.http.routers.codeserver.middlewares=limit-codeserver
 
 #networks:
 #  proxy:

examples/headscale/docker-compose.yml

@@ -17,11 +17,12 @@ services:
       - traefik.enable=true
       - traefik.http.routers.headscale-rtr.rule=Host(`headscale.example.com`) && PathPrefix(`/`)
       - traefik.http.services.headscale-svc.loadbalancer.server.port=8080
+      - traefik.http.routers.headscale-rtr.middlewares=limit-headscale
       # Optional part for file upload max sizes
-      - traefik.http.middlewares.limit.buffering.maxRequestBodyBytes=50000000 # optional, only necessary for enabled file uploads
-      - traefik.http.middlewares.limit.buffering.maxResponseBodyBytes=50000000 # optional, only necessary for enabled file uploads
-      - traefik.http.middlewares.limit.buffering.memRequestBodyBytes=50000000 # optional, only necessary for enabled file uploads
-      - traefik.http.middlewares.limit.buffering.memResponseBodyBytes=50000000 # optional, only necessary for enabled file uploads
+      - traefik.http.middlewares.limit-headscale.buffering.maxRequestBodyBytes=50000000 # optional, only necessary for enabled file uploads
+      - traefik.http.middlewares.limit-headscale.buffering.maxResponseBodyBytes=50000000 # optional, only necessary for enabled file uploads
+      - traefik.http.middlewares.limit-headscale.buffering.memRequestBodyBytes=50000000 # optional, only necessary for enabled file uploads
+      - traefik.http.middlewares.limit-headscale.buffering.memResponseBodyBytes=50000000 # optional, only necessary for enabled file uploads
 
   headscale-ui:
     image: ghcr.io/gurucomputing/headscale-ui:latest
@@ -40,11 +41,6 @@ services:
       - traefik.http.services.headscale-ui-svc.loadbalancer.server.port=80
       # Optional part for traefik middlewares; protect the headscale ui interface; access from local lan only
       - traefik.http.routers.headscale-ui-rtr.middlewares=local-ipwhitelist@file
-      # Optional part for file upload max sizes
-      - traefik.http.middlewares.limit.buffering.maxRequestBodyBytes=50000000 # optional, only necessary for enabled file uploads
-      - traefik.http.middlewares.limit.buffering.maxResponseBodyBytes=50000000 # optional, only necessary for enabled file uploads
-      - traefik.http.middlewares.limit.buffering.memRequestBodyBytes=50000000 # optional, only necessary for enabled file uploads
-      - traefik.http.middlewares.limit.buffering.memResponseBodyBytes=50000000 # optional, only necessary for enabled file uploads
 
 networks:
    proxy:

examples/immich/docker-compose.yml

@@ -27,12 +27,12 @@ services:
     #  - traefik.http.services.immich.loadbalancer.server.port=2283
     #  - traefik.docker.network=proxy
     #  # Optional part for file upload max sizes
-    #  - traefik.http.middlewares.limit.buffering.maxRequestBodyBytes=5000000000 # optional, only necessary for file uploads; allow 5000MB
-    #  - traefik.http.middlewares.limit.buffering.maxResponseBodyBytes=5000000000 # optional, only necessary for file uploads; allow 5000MB
-    #  - traefik.http.middlewares.limit.buffering.memRequestBodyBytes=5000000000 # optional, only necessary for file uploads; allow 5000MB
-    #  - traefik.http.middlewares.limit.buffering.memResponseBodyBytes=5000000000 # optional, only necessary for file uploads; allow 5000MB
+    #  - traefik.http.middlewares.limit-immich.buffering.maxRequestBodyBytes=5000000000 # optional, only necessary for file uploads; allow 5000MB
+    #  - traefik.http.middlewares.limit-immich.buffering.maxResponseBodyBytes=5000000000 # optional, only necessary for file uploads; allow 5000MB
+    #  - traefik.http.middlewares.limit-immich.buffering.memRequestBodyBytes=5000000000 # optional, only necessary for file uploads; allow 5000MB
+    #  - traefik.http.middlewares.limit-immich.buffering.memResponseBodyBytes=5000000000 # optional, only necessary for file uploads; allow 5000MB
     #  # Part for local lan services only
-    #  - traefik.http.routers.immich.middlewares=local-ipwhitelist@file
+    #  - traefik.http.routers.immich.middlewares=limit-immich
 
   immich-machine-learning:
     image: altran1502/immich-machine-learning:${IMMICH_VERSION:-release}
@@ -46,7 +46,7 @@ services:
       - NODE_ENV=production
     restart: unless-stopped
     networks:
-      - proxy
+      - proxy # machine learning requires internet connecting for model download
       - immich-internal
 
   immich-redis:

examples/koillection/docker-compose.yml

@@ -53,11 +53,6 @@ services:
     #  - traefik.docker.network=proxy
     #  - traefik.http.routers.koillection.rule=Host(`collection.example.com`)
     #  - traefik.http.services.koillection.loadbalancer.server.port=80
-    #  # Optional part for file upload max sizes
-    #  - traefik.http.middlewares.limit.buffering.maxRequestBodyBytes=50000000
-    #  - traefik.http.middlewares.limit.buffering.maxResponseBodyBytes=50000000
-    #  - traefik.http.middlewares.limit.buffering.memRequestBodyBytes=50000000
-    #  - traefik.http.middlewares.limit.buffering.memResponseBodyBytes=50000000
     #  # Optional part for traefik middlewares
     #  - traefik.http.routers.koillection.middlewares=local-ipwhitelist@file,authelia@docker
 

examples/leantime/docker-compose.yml

@@ -37,12 +37,12 @@ services:
     #  - traefik.http.routers.leantime.rule=Host(`leantime.example.com`)
     #  - traefik.http.services.leantime.loadbalancer.server.port=80
     #  # Optional part for file upload max sizes
-    #  - traefik.http.middlewares.limit.buffering.maxRequestBodyBytes=50000000 # optional, only necessary for enabled file uploads
-    #  - traefik.http.middlewares.limit.buffering.maxResponseBodyBytes=50000000 # optional, only necessary for enabled file uploads
-    #  - traefik.http.middlewares.limit.buffering.memRequestBodyBytes=50000000 # optional, only necessary for enabled file uploads
-    #  - traefik.http.middlewares.limit.buffering.memResponseBodyBytes=50000000 # optional, only necessary for enabled file uploads    
+    #  - traefik.http.middlewares.limit-leantime.buffering.maxRequestBodyBytes=50000000 # optional, only necessary for enabled file uploads
+    #  - traefik.http.middlewares.limit-leantime.buffering.maxResponseBodyBytes=50000000 # optional, only necessary for enabled file uploads
+    #  - traefik.http.middlewares.limit-leantime.buffering.memRequestBodyBytes=50000000 # optional, only necessary for enabled file uploads
+    #  - traefik.http.middlewares.limit-leantime.buffering.memResponseBodyBytes=50000000 # optional, only necessary for enabled file uploads    
     #  # Part for optional traefik middlewares
-    #  - traefik.http.routers.leantime.middlewares=local-ipwhitelist@file,authelia@file,basic-auth@file
+    #  - traefik.http.routers.leantime.middlewares=limit-leantime
 
 #networks:
 #  proxy:

examples/mattermost/docker-compose.yml

@@ -67,12 +67,12 @@ services:
     #  - traefik.docker.network=proxy
     #  - traefik.http.routers.mattermost.rule=Host(`mattermost.example.com`)
     #  - traefik.http.services.mattermost.loadbalancer.server.port=8065
-    #  - traefik.http.middlewares.limit.buffering.maxRequestBodyBytes=50000000 # optional, only necessary for file uploads; allow 50MB
-    #  - traefik.http.middlewares.limit.buffering.maxResponseBodyBytes=50000000 # optional, only necessary for file uploads; allow 50MB
-    #  - traefik.http.middlewares.limit.buffering.memRequestBodyBytes=50000000 # optional, only necessary for file uploads; allow 50MB
-    #  - traefik.http.middlewares.limit.buffering.memResponseBodyBytes=50000000 # optional, only necessary for file uploads; allow 50MB
+    #  - traefik.http.middlewares.limit-mattermost.buffering.maxRequestBodyBytes=50000000 # optional, only necessary for file uploads; allow 50MB
+    #  - traefik.http.middlewares.limit-mattermost.buffering.maxResponseBodyBytes=50000000 # optional, only necessary for file uploads; allow 50MB
+    #  - traefik.http.middlewares.limit-mattermost.buffering.memRequestBodyBytes=50000000 # optional, only necessary for file uploads; allow 50MB
+    #  - traefik.http.middlewares.limit-mattermost.buffering.memResponseBodyBytes=50000000 # optional, only necessary for file uploads; allow 50MB
     #  # Part for optional traefik middlewares
-    #  - traefik.http.routers.mattermost.middlewares=local-ipwhitelist@file
+    #  - traefik.http.routers.mattermost.middlewares=limit-mattermost
 
 #networks:
 #  proxy:

examples/minio/docker-compose.yml

@@ -20,13 +20,13 @@ services:
     #  - traefik.enable=true
     #  - traefik.http.routers.minio.rule=Host(`s3.example.com`)
     #  - traefik.http.services.minio.loadbalancer.server.port=9001
-    #  - traefik.http.middlewares.limit.buffering.maxRequestBodyBytes=50000000 # optional, only necessary for enabled file uploads
-    #  - traefik.http.middlewares.limit.buffering.maxResponseBodyBytes=50000000 # optional, only necessary for enabled file uploads
-    #  - traefik.http.middlewares.limit.buffering.memRequestBodyBytes=50000000 # optional, only necessary for enabled file uploads
-    #  - traefik.http.middlewares.limit.buffering.memResponseBodyBytes=50000000 # optional, only necessary for enabled file uploads    
+    #  - traefik.http.middlewares.limit-minio.buffering.maxRequestBodyBytes=50000000 # optional, only necessary for enabled file uploads
+    #  - traefik.http.middlewares.limit-minio.buffering.maxResponseBodyBytes=50000000 # optional, only necessary for enabled file uploads
+    #  - traefik.http.middlewares.limit-minio.buffering.memRequestBodyBytes=50000000 # optional, only necessary for enabled file uploads
+    #  - traefik.http.middlewares.limit-minio.buffering.memResponseBodyBytes=50000000 # optional, only necessary for enabled file uploads    
     #  - traefik.docker.network=proxy
     #  # Part for optional traefik middlewares
-    #  - traefik.http.routers.minio.middlewares=local-ipwhitelist@file,basic-auth@file
+    #  - traefik.http.routers.minio.middlewares=limit-minio
 
 #networks:
 #  proxy:

examples/nextcloud/docker-compose-mariadb-redis.yml

@@ -70,14 +70,14 @@ services:
     #  - traefik.enable=true
     #  - traefik.http.routers.nextcloud.rule=(Host(`cloud.example.com`)) # pls change
     #  - traefik.http.services.nextcloud.loadbalancer.server.port=80
-    #  - traefik.http.routers.nextcloud.middlewares=local-ipwhitelist@file,authelia@docker
-    #  - traefik.docker.network=proxy
+    #  - traefik.http.routers.nextcloud.middlewares=limit-nextcloud,nextcloud-dav
     #  - traefik.http.middlewares.nextcloud-dav.replacepathregex.regex=^/.well-known/ca(l|rd)dav
     #  - traefik.http.middlewares.nextcloud-dav.replacepathregex.replacement=/remote.php/dav/
-    #  - traefik.http.middlewares.limit.buffering.maxRequestBodyBytes=50000000 # only necessary for enabled file uploads
-    #  - traefik.http.middlewares.limit.buffering.maxResponseBodyBytes=50000000 # only necessary for enabled file uploads
-    #  - traefik.http.middlewares.limit.buffering.memRequestBodyBytes=50000000 # only necessary for enabled file uploads
-    #  - traefik.http.middlewares.limit.buffering.memResponseBodyBytes=50000000 # only necessary for enabled file uploads
+    #  - traefik.http.middlewares.limit-nextcloud.buffering.maxRequestBodyBytes=50000000 # only necessary for enabled file uploads
+    #  - traefik.http.middlewares.limit-nextcloud.buffering.maxResponseBodyBytes=50000000 # only necessary for enabled file uploads
+    #  - traefik.http.middlewares.limit-nextcloud.buffering.memRequestBodyBytes=50000000 # only necessary for enabled file uploads
+    #  - traefik.http.middlewares.limit-nextcloud.buffering.memResponseBodyBytes=50000000 # only necessary for enabled file uploads
+    #  - traefik.docker.network=proxy
 
 #networks:
 #  proxy:

examples/nextcloud/docker-compose-sqlite.yml

@@ -23,14 +23,14 @@ services:
     #  - traefik.http.services.nextcloud.loadbalancer.server.port=443
     #  - traefik.http.services.nextcloud.loadbalancer.server.scheme=https
     #  - traefik.http.services.nextcloud.loadbalancer.serverstransport=insecureTransport@file
-    #  - traefik.http.routers.nextcloud.middlewares=local-ipwhitelist@file,authelia@docker
-    #  - traefik.docker.network=proxy
+    #  - traefik.http.routers.nextcloud.middlewares=limit-nextcloud,nextcloud-dav
     #  - traefik.http.middlewares.nextcloud-dav.replacepathregex.regex=^/.well-known/ca(l|rd)dav
     #  - traefik.http.middlewares.nextcloud-dav.replacepathregex.replacement=/remote.php/dav/
-    #  - traefik.http.middlewares.limit.buffering.maxRequestBodyBytes=50000000 # only necessary for enabled file uploads
-    #  - traefik.http.middlewares.limit.buffering.maxResponseBodyBytes=50000000 # only necessary for enabled file uploads
-    #  - traefik.http.middlewares.limit.buffering.memRequestBodyBytes=50000000 # only necessary for enabled file uploads
-    #  - traefik.http.middlewares.limit.buffering.memResponseBodyBytes=50000000 # only necessary for enabled file uploads
+    #  - traefik.http.middlewares.limit-nextcloud.buffering.maxRequestBodyBytes=50000000 # only necessary for enabled file uploads
+    #  - traefik.http.middlewares.limit-nextcloud.buffering.maxResponseBodyBytes=50000000 # only necessary for enabled file uploads
+    #  - traefik.http.middlewares.limit-nextcloud.buffering.memRequestBodyBytes=50000000 # only necessary for enabled file uploads
+    #  - traefik.http.middlewares.limit-nextcloud.buffering.memResponseBodyBytes=50000000 # only necessary for enabled file uploads
+    #  - traefik.docker.network=proxy    
 
 #networks:
 #  proxy:

examples/openspeedtest/docker-compose.yml

@@ -12,10 +12,10 @@ services:
     restart: always
     #labels:
     #  - traefik.enable=true
-    #  - traefik.http.routers.openspeedtest.middlewares=local-ipwhitelist@file, limit
     #  - traefik.http.routers.openspeedtest.rule=Host(`speedtest.example.com`)
     #  - traefik.http.services.openspeedtest.loadbalancer.server.port=3000
+    #  - traefik.http.routers.openspeedtest.middlewares=local-ipwhitelist@file,limit-openspeedtest,test-compress
     #  - traefik.docker.network=proxy
     #  # Part for local lan services only
-    #  - traefik.http.middlewares.limit.buffering.maxRequestBodyBytes=10000000000
+    #  - traefik.http.middlewares.limit-openspeedtest.buffering.maxRequestBodyBytes=10000000000
     #  - traefik.http.middlewares.test-compress.compress=true