Set up homepaged, improved TLS and tried to get IPv6 functional

servers/traefik/config.toml

@@ -8,6 +8,31 @@ exposedbydefault = false
 address = ":80"
 [entrypoints.https]
 address = ":443"
+[entrypoints.https.http3]
+
+[entryPoints.http.proxyProtocol]
+insecure = false
+trustedIPs = [ ]
+
+[entryPoints.http.forwardedHeaders]
+insecure = false
+trustedIPs = [ ]
+
+[entryPoints.https.proxyProtocol]
+insecure = false
+trustedIPs = [ ]
+
+[entryPoints.https.forwardedHeaders]
+insecure = false
+trustedIPs = [ ]
+
+[entrypoints.http.http.redirections.entryPoint]
+to="https" 
+scheme = "https"
+
+# [entryPoints.traefik]
+# address = ":9000"
+
 
 [certificatesresolvers.letsencrypt.acme]
 email = 'jade@ellis.link'
@@ -16,10 +41,16 @@ storage = "/certificates/acme.json"
 # - "--certificatesresolvers.letsencrypt.acme.httpchallenge=true"
 # - "--certificatesresolvers.letsencrypt.acme.httpChallenge.entryPoint=http"
 tlschallenge = true
+[tls.options.modern]
+minVersion = "VersionTLS13"
 
-[entrypoints.http.http.redirections.entryPoint]
-to="https" 
-scheme = "https"
-
-[entryPoints.traefik]
-address = ":9000"
+[tls.options.intermediate]
+minVersion = "VersionTLS12"
+cipherSuites = [
+  "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256",
+  "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256",
+  "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384",
+  "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384",
+  "TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305",
+  "TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305"
+]