Add compression support

This defines a `compression@file` middleware globally.

People can easily apply it to a whole entrypoint like `web-secure`
(vie the `traefik_config_entrypoint_web_secure_http_middlewares_*`
variables), although it's better to apply it at the router-level for more control
over which routes get compressed and which will skip compression.

defaults/main.yml

@@ -140,6 +140,10 @@ traefik_config_entrypoint_web_secure_name: web-secure
 traefik_config_entrypoint_web_secure_port: 443
 traefik_config_entrypoint_web_secure_port_in_container: 8443
 traefik_config_entrypoint_web_secure_address: ":{{ traefik_config_entrypoint_web_secure_port_in_container }}"
+traefik_config_entrypoint_web_secure_http_middlewares: "{{ traefik_config_entrypoint_web_secure_http_middlewares_default + traefik_config_entrypoint_web_secure_http_middlewares_auto + traefik_config_entrypoint_web_secure_http_middlewares_custom }}"
+traefik_config_entrypoint_web_secure_http_middlewares_default: []
+traefik_config_entrypoint_web_secure_http_middlewares_auto: []
+traefik_config_entrypoint_web_secure_http_middlewares_custom: []
 # Controls `forwardedHeaders.trustedIPs`, specifying from which IPs to trust `X-Forwarded-*` headers.
 # By default, we expect that there's no other reverse-proxy in front of us, so we don't trust anything.
 # Also see: `traefik_config_entrypoint_web_secure_forwardedHeaders_insecure`
@@ -180,6 +184,69 @@ traefik_config_providers_docker_endpoint: unix:///var/run/docker.sock
 # See: traefik_dashboard_enabled
 traefik_config_api_dashboard: "{{ traefik_dashboard_enabled }}"
 
+# traefik_config_http_middlewares the http.middlewares configuration (see `templates/provider.yml.j2`)
+traefik_config_http_middlewares: "{{ traefik_config_http_middlewares_default | combine (traefik_config_http_middlewares_auto, recursive=True) | combine(traefik_config_http_middlewares_custom, recursive=True) }}"
+traefik_config_http_middlewares_default: |
+  {{
+    {}
+
+    | combine(
+      (
+        {
+          'traefik-dashboard-auth': {
+            'basicauth': {
+              'users': traefik_dashboard_basicauth_file_contents,
+            }
+          }
+        } if traefik_dashboard_basicauth_enabled else {}
+      )
+    )
+
+    | combine(
+      (
+        {
+          traefik_config_http_middlewares_compression_middleware_name: {'compress': traefik_config_http_middlewares_compression_middleware_options}
+        } if traefik_config_http_middlewares_compression_enabled else {}
+      )
+    )
+  }}
+traefik_config_http_middlewares_auto: {}
+traefik_config_http_middlewares_custom: {}
+
+traefik_config_http_middlewares_compression_enabled: true
+traefik_config_http_middlewares_compression_middleware_name: compression
+
+# Specifies the minimum amount of bytes a response body must have to be compressed.
+# See https://doc.traefik.io/traefik/middlewares/http/compress/#minresponsebodybytes
+traefik_config_http_middlewares_compression_middleware_config_minResponseBodyBytes: 1024
+
+# Specifies the list of supported compression encodings.
+# The order of the list also sets the priority, the top entry has the highest priority.
+traefik_config_http_middlewares_compression_middleware_config_encodings: |-
+  {{
+    (
+      (['zstd'] if traefik_config_http_middlewares_compression_middleware_config_encodings_zstd_enabled else [])
+      +
+      (['br'] if traefik_config_http_middlewares_compression_middleware_config_encodings_br_enabled else [])
+      +
+      (['gzip'] if traefik_config_http_middlewares_compression_middleware_config_encodings_gzip_enabled else [])
+    )
+  }}
+traefik_config_http_middlewares_compression_middleware_config_encodings_zstd_enabled: true
+traefik_config_http_middlewares_compression_middleware_config_encodings_br_enabled: true
+traefik_config_http_middlewares_compression_middleware_config_encodings_gzip_enabled: true
+
+traefik_config_http_middlewares_compression_middleware_options: "{{ traefik_config_http_middlewares_compression_middleware_options_default | combine(traefik_config_http_middlewares_compression_middleware_options_auto, recursive=True) | combine(traefik_config_http_middlewares_compression_middleware_options_custom, recursive=True) }}"
+traefik_config_http_middlewares_compression_middleware_options_default: |-
+  {{
+    {
+      'minResponseBodyBytes': traefik_config_http_middlewares_compression_middleware_config_minResponseBodyBytes | int,
+      'encodings': traefik_config_http_middlewares_compression_middleware_config_encodings | join(','),
+    }
+  }}
+traefik_config_http_middlewares_compression_middleware_options_auto: {}
+traefik_config_http_middlewares_compression_middleware_options_custom: {}
+
 # traefik_dashboard_enabled controls whether the Dashboard is enabled.
 # See: https://doc.traefik.io/traefik/operations/dashboard/
 traefik_dashboard_enabled: false

templates/provider.yml.j2

@@ -1,12 +1,7 @@
 #jinja2: lstrip_blocks: "True"
 
 http:
-  middlewares:
-    {% if traefik_dashboard_basicauth_enabled %}
-    traefik-dashboard-auth:
-      basicauth:
-        users: {{ traefik_dashboard_basicauth_file_contents | to_json }}
-    {% endif %}
+  middlewares: {{ traefik_config_http_middlewares | to_json }}
 
   routers:
     {% for domain in traefik_additional_domains_to_obtain_certificates_for %}

templates/traefik.yml.j2

@@ -47,6 +47,9 @@ entryPoints:
   {{ traefik_config_entrypoint_web_secure_name }}:
     address: {{ traefik_config_entrypoint_web_secure_address | to_json }}
 
+    http:
+      middlewares: {{ traefik_config_entrypoint_web_secure_http_middlewares | to_json }}
+
     {% if traefik_config_entrypoint_web_secure_http3_enabled %}
     http3: {{ traefik_config_entrypoint_web_secure_http3_config | to_json }}
     {% endif %}