diff --git a/roles/traefik/defaults/main.yml b/roles/traefik/defaults/main.yml index 2ee63bf816..227401a1ce 100644 --- a/roles/traefik/defaults/main.yml +++ b/roles/traefik/defaults/main.yml @@ -52,10 +52,12 @@ traefik_entrypoint_web_port: "80" traefik_entrypoint_web_readtimeout: "600" traefik_entrypoint_web_writetimeout: "0" traefik_entrypoint_web_idletimeout: "180" +traefik_entrypoint_web_request_maxheaderbytes: "1048576" traefik_entrypoint_websecure_port: "443" traefik_entrypoint_websecure_readtimeout: "600" traefik_entrypoint_websecure_writetimeout: "0" traefik_entrypoint_websecure_idletimeout: "180" +traefik_entrypoint_websecure_request_maxheaderbytes: "1048576" traefik_entrypoint_custom: {} # Format is as follows (address can be empty string "" to bind on every interface): # Type options are tcp, udp or both. @@ -275,12 +277,14 @@ traefik_docker_commands_default: - "--entrypoints.web.transport.respondingTimeouts.readTimeout={{ traefik_entrypoint_web_readtimeout }}" - "--entrypoints.web.transport.respondingTimeouts.writeTimeout={{ traefik_entrypoint_web_writetimeout }}" - "--entrypoints.web.transport.respondingTimeouts.idleTimeout={{ traefik_entrypoint_web_idletimeout }}" + - "--entrypoints.web.http.maxheaderbytes={{ traefik_entrypoint_web_request_maxheaderbytes }}" - "--entrypoints.websecure.address=:{{ traefik_entrypoint_websecure_port }}" - "{{ '--entrypoints.websecure.forwardedheaders.trustedIPs=' + (traefik_cloudflare_ips | join(',')) + (',' + traefik_trusted_ips if (traefik_trusted_ips | length > 0) else '') }}" - "{{ '--entrypoints.websecure.proxyprotocol.trustedIPs=' + (traefik_cloudflare_ips | join(',')) + (',' + traefik_trusted_ips if (traefik_trusted_ips | length > 0) else '') }}" - "--entrypoints.websecure.transport.respondingTimeouts.readTimeout={{ traefik_entrypoint_websecure_readtimeout }}" - "--entrypoints.websecure.transport.respondingTimeouts.writeTimeout={{ traefik_entrypoint_websecure_writetimeout }}" - "--entrypoints.websecure.transport.respondingTimeouts.idleTimeout={{ traefik_entrypoint_websecure_idletimeout }}" + - "--entrypoints.websecure.http.maxheaderbytes={{ traefik_entrypoint_websecure_request_maxheaderbytes }}" - "--entrypoints.websecure.http.tls.certResolver={{ traefik_default_certresolver }}" - "--api.dashboard=true" - "--api=true"