Initial commit: Infraestructura OgnirNAS estabilizada

traefik/dynamic/dashboard.yml

@@ -0,0 +1,11 @@
+http:
+  routers:
+    api:
+      rule: "Host(`traefik.ognir-server.synology.me`) || Host(`ognir-server.synology.me`)"
+      service: api@internal
+      middlewares:
+        - auth-dashboard@file
+      entryPoints:
+        - websecure
+      tls:
+        certResolver: letsencrypt

traefik/dynamic/external_services.yml

@@ -0,0 +1,15 @@
+http:
+  routers:
+    router-fritz:
+      rule: "Host(`fritz.ognir-server.synology.me`)"
+      entryPoints:
+        - "websecure"
+      service: "fritz-service"
+      tls:
+        certResolver: "letsencrypt"
+
+  services:
+    fritz-service:
+      loadBalancer:
+        servers:
+          - url: "http://192.168.178.1"

traefik/dynamic/middlewares.yml

@@ -0,0 +1,17 @@
+# ==============================================================================
+# MIDDLEWARES DE SEGURIDAD (CONFIGURACIÓN DINÁMICA)
+# ==============================================================================
+
+http:
+  middlewares:
+    seguridad-general:
+      headers:
+        # Cabeceras de seguridad recomendadas (HSTS, XSS, etc.)
+        forceSTSHeader: true
+        stsSeconds: 31536000
+        stsIncludeSubdomains: true
+        stsPreload: true
+        contentTypeNosniff: true
+        browserXssFilter: true
+        frameDeny: true # Evita que tu sitio sea cargado en un iframe (protección clickjacking)
+        referrerPolicy: "same-origin"