1
0
mirror of https://github.com/containous/traefik.git synced 2024-12-22 13:34:03 +03:00

Remove everything templates related

This commit is contained in:
mpl 2019-03-14 17:32:11 +01:00 committed by Traefiker Bot
parent e2ec64947a
commit 03d5a95bde
60 changed files with 16 additions and 6796 deletions

View File

@ -59,8 +59,8 @@ test-integration: build ## run the integration tests
$(DOCKER_RUN_TRAEFIK) ./script/make.sh generate binary test-integration
TEST_HOST=1 ./script/make.sh test-integration
validate: build ## validate code, vendor and autogen
$(DOCKER_RUN_TRAEFIK) ./script/make.sh generate validate-lint validate-misspell validate-vendor validate-autogen
validate: build ## validate code, vendor
$(DOCKER_RUN_TRAEFIK) ./script/make.sh generate validate-lint validate-misspell validate-vendor
build: dist
docker build $(DOCKER_BUILD_ARGS) -t "$(TRAEFIK_DEV_IMAGE)" -f build.Dockerfile .

File diff suppressed because it is too large Load Diff

View File

@ -35,7 +35,6 @@ Successfully built 5c3c1a911277
Successfully tagged traefik-dev:4475--feature-documentation
docker run -e "TEST_CONTAINER=1" -v "/var/run/docker.sock:/var/run/docker.sock" -it -e OS_ARCH_ARG -e OS_PLATFORM_ARG -e TESTFLAGS -e VERBOSE -e VERSION -e CODENAME -e TESTDIRS -e CI -e CONTAINER=DOCKER -v "/home/ldez/sources/go/src/github.com/containous/traefik/"dist":/go/src/github.com/containous/traefik/"dist"" "traefik-dev:4475--feature-documentation" ./script/make.sh generate binary
---> Making bundle: generate (in .)
removed 'autogen/gentemplates/gen.go'
removed 'autogen/genstatic/gen.go'
---> Making bundle: binary (in .)

View File

@ -7,7 +7,6 @@ A Simple Use Case Using Docker
!!! tip
To save some time, you can clone [Traefik's repository](https://github.com/containous/traefik).
The quickstart files are located in the [examples/quickstart](https://github.com/containous/traefik/tree/master/examples/quickstart/) directory.
## Launch Traefik With the Docker Provider

View File

@ -1,2 +0,0 @@
exampleHandler
exampleHandler.exe

View File

@ -1,46 +0,0 @@
/*
Simple program to start a web server on a specified port
*/
package main
import (
"flag"
"fmt"
"net/http"
"os"
)
var (
name string
port int
help *bool
)
func init() {
flag.StringVar(&name, "n", "", "Name of handler for messages")
flag.IntVar(&port, "p", 0, "Port number to listen")
help = flag.Bool("h", false, "Displays help message")
}
func usage() {
fmt.Printf("Usage: example -n name -p port \n")
os.Exit(2)
}
func handler(w http.ResponseWriter, r *http.Request) {
fmt.Fprintf(w, "%s: Received query %s!\n", name, r.URL.Path[1:])
}
func main() {
flag.Parse()
if *help || len(name) == 0 || port <= 0 {
usage()
}
http.HandleFunc("/", handler)
fmt.Printf("%s: Listening on :%d...\n", name, port)
if er := http.ListenAndServe(fmt.Sprintf(":%d", port), nil); er != nil {
fmt.Printf("%s: Error from ListenAndServe: %s", name, er.Error())
os.Exit(1)
}
fmt.Printf("%s: How'd we get past listen and serve???\n", name)
}

View File

@ -1,122 +0,0 @@
#!/bin/bash
usage()
{
echo 'runAb.sh - Run Apache Benchmark to test access log'
echo ' Usage: runAb.sh [--conn nnn] [--log xxx] [--num nnn] [--time nnn] [--wait nn]'
echo ' -c|--conn - number of simultaneous connections (default 100)'
echo ' -l|--log - name of logfile (default benchmark.log)'
echo ' -n|--num - number of requests (default 50000); ignored when -t specified'
echo ' -t|--time - time in seconds for benchmark (default no limit)'
echo ' -w|--wait - number of seconds to wait for Traefik to initialize (default 15)'
echo ' '
exit
}
# Parse options
conn=100
num=50000
wait=15
time=0
logfile=""
while [[ $1 =~ ^- ]]
do
case $1 in
-c|--conn)
conn=$2
shift
;;
-h|--help)
usage
;;
-l|--log|--logfile)
logfile=$2
shift
;;
-n|--num)
num=$2
shift
;;
-t|--time)
time=$2
shift
;;
-w|--wait)
wait=$2
shift
;;
*)
echo Unknown option "$1"
usage
esac
shift
done
if [ -z "$logfile" ] ; then
logfile="benchmark.log"
fi
# Change to accessLog examples directory
[ -d examples/accessLog ] && cd examples/accessLog
if [ ! -r exampleHandler.go ] ; then
echo Please run this script either from the traefik repo root or from the examples/accessLog directory
exit
fi
# Kill traefik and any running example processes
sudo pkill -f traefik
pkill -f exampleHandler
[ ! -d log ] && mkdir log
# Start new example processes
go build exampleHandler.go
[ $? -ne 0 ] && exit $?
./exampleHandler -n Handler1 -p 8081 &
[ $? -ne 0 ] && exit $?
./exampleHandler -n Handler2 -p 8082 &
[ $? -ne 0 ] && exit $?
./exampleHandler -n Handler3 -p 8083 &
[ $? -ne 0 ] && exit $?
# Wait a couple of seconds for handlers to initialize and start Traefik
cd ../..
sleep 2s
echo Starting Traefik...
sudo ./traefik -c examples/accessLog/traefik.ab.toml &
[ $? -ne 0 ] && exit $?
# Wait for Traefik to initialize and run ab
echo Waiting $wait seconds before starting ab benchmark
sleep ${wait}s
echo
stime=`date '+%s'`
if [ $time -eq 0 ] ; then
echo Benchmark starting `date` with $conn connections until $num requests processed | tee $logfile
echo | tee -a $logfile
echo ab -k -c $conn -n $num http://127.0.0.1/test | tee -a $logfile
echo | tee -a $logfile
ab -k -c $conn -n $num http://127.0.0.1/test 2>&1 | tee -a $logfile
else
if [ $num -ne 50000 ] ; then
echo Request count ignored when --time specified
fi
echo Benchmark starting `date` with $conn connections for $time seconds | tee $logfile
echo | tee -a $logfile
echo ab -k -c $conn -t $time -n 100000000 http://127.0.0.1/test | tee -a $logfile
echo | tee -a $logfile
ab -k -c $conn -t $time -n 100000000 http://127.0.0.1/test 2>&1 | tee -a $logfile
fi
etime=`date '+%s'`
let "dt=$etime - $stime"
let "ds=$dt % 60"
let "dm=($dt / 60) % 60"
let "dh=$dt / 3600"
echo | tee -a $logfile
printf "Benchmark ended `date` after %d:%02d:%02d\n" $dh $dm $ds | tee -a $logfile
echo Results available in $logfile

View File

@ -1,40 +0,0 @@
#!/bin/bash
# Script to run a three-server example. This script runs the three servers and restarts Traefik
# Once it is running, use the command:
#
# curl http://127.0.0.1:80/test{1,2,2}
#
# to send requests to send test requests to the servers. You should see a response like:
#
# Handler1: received query test1!
# Handler2: received query test2!
# Handler3: received query test2!
#
# and can then inspect log/access.log to see frontend, backend, and timing
# Kill traefik and any running example processes
sudo pkill -f traefik
pkill -f exampleHandler
[ ! -d log ] && mkdir log
# Start new example processes
cd examples/accessLog
go build exampleHandler.go
[ $? -ne 0 ] && exit $?
./exampleHandler -n Handler1 -p 8081 &
[ $? -ne 0 ] && exit $?
./exampleHandler -n Handler2 -p 8082 &
[ $? -ne 0 ] && exit $?
./exampleHandler -n Handler3 -p 8083 &
[ $? -ne 0 ] && exit $?
# Wait a couple of seconds for handlers to initialize and start Traefik
cd ../..
sleep 2s
echo Starting Traefik...
sudo ./traefik -c examples/accessLog/traefik.example.toml &
[ $? -ne 0 ] && exit $?
echo Sample handlers and traefik started successfully!
echo 'Use command curl http://127.0.0.1:80/test{1,2,2} to drive test'
echo Then inspect log/access.log to verify it contains frontend, backend, and timing

View File

@ -1,44 +0,0 @@
################################################################
# Global configuration
################################################################
traefikLogsFile = "log/traefik.log"
accessLogsFile = "log/access.log"
logLevel = "DEBUG"
[entrypoints]
[entrypoints.api]
address = ":7888"
################################################################
# API configuration
################################################################
[api]
entryPoint = "api"
################################################################
# File configuration backend
################################################################
[file]
################################################################
# rules
################################################################
[backends]
[backends.backend]
[backends.backend.LoadBalancer]
method = "drr"
[backends.backend.servers.server1]
url = "http://127.0.0.1:8081"
weight = 1
[backends.backend.servers.server2]
url = "http://127.0.0.1:8082"
weight = 1
[backends.backend.servers.server3]
url = "http://127.0.0.1:8083"
weight = 1
[frontends]
[frontends.frontend]
backend = "backend"
passHostHeader = true
[frontends.frontend.routes.test]
rule = "Path: /test"

View File

@ -1,52 +0,0 @@
################################################################
# Global configuration
################################################################
traefikLogsFile = "log/traefik.log"
accessLogsFile = "log/access.log"
logLevel = "DEBUG"
[entrypoints]
[entrypoints.api]
address = ":7888"
################################################################
# API configuration
################################################################
[api]
entryPoint = "api"
################################################################
# File configuration backend
################################################################
[file]
################################################################
# rules
################################################################
[backends]
[backends.backend1]
[backends.backend1.servers.server1]
url = "http://127.0.0.1:8081"
weight = 1
[backends.backend2]
[backends.backend2.LoadBalancer]
method = "drr"
[backends.backend2.servers.server1]
url = "http://127.0.0.1:8082"
weight = 1
[backends.backend2.servers.server2]
url = "http://127.0.0.1:8083"
weight = 1
[frontends]
[frontends.frontend1]
backend = "backend1"
[frontends.frontend1.routes.test_1]
rule = "Path: /test1"
[frontends.frontend2]
backend = "backend2"
passHostHeader = true
[frontends.frontend2.routes.test_2]
rule = "Path: /test2"

View File

@ -1,31 +0,0 @@
# ACME Testing environment
## Objectives
In our integration ACME tests, we use a simulated Let's Encrypt container based stack named boulder.
The goal of this directory is to provide to developers a Traefik-boulder full stack environment.
This environment may be used in order to quickly test developments on ACME certificates management.
The provided Boulder stack is based on the environment used during integration tests.
## Directory content
* **docker-compose.yml** : Docker-Compose file which contains the description of Traefik and all the boulder stack containers to get,
* **acme.toml** : Traefik configuration file used by the Traefik container described above,
* **manage_acme_docker_environment.sh** Shell script which does all needed checks and manages the docker-compose environment.
## Shell script
### Description
To work fine, boulder needs a domain name, with a related IP and storage file. The shell script allows to check the environment before launching the Docker environment with the rights parameters and to managing this environment.
### Use
The script **manage_acme_docker_environment.sh** requires one argument. This argument can have 3 values :
* **--start** : Launch a new Docker environment Boulder + Traefik.
* **--stop** : Stop and delete the current Docker environment.
* **--restart--** : Concatenate **--stop** and **--start** actions.
* **--dev** : Launch a new Boulder Docker environment.

View File

@ -1,30 +0,0 @@
logLevel = "DEBUG"
[entrypoints]
[entrypoints.web]
address = ":80"
[entrypoints.web.redirect]
entryPoint = "https"
[entrypoints.web-secure]
address = ":443"
[entrypoints.web-secure.tls]
[acme]
email = "test@traefik.io"
storage = "/etc/traefik/conf/acme.json"
entryPoint = "https"
onDemand = false
onHostRule = true
caServer = "http://traefik.boulder.com:4001/directory"
[acme.httpChallenge]
entryPoint="http"
[api]
[docker]
endpoint = "unix:///var/run/docker.sock"
domain = "traefik.localhost.com"
watch = true
exposedByDefault = false

View File

@ -1,97 +0,0 @@
version: "2"
services :
boulder:
# To minimize fetching this should be the same version used below
image: containous/boulder:containous-acmev2
environment:
FAKE_DNS: 172.17.0.1
PKCS11_PROXY_SOCKET: tcp://boulder-hsm:5657
restart: unless-stopped
extra_hosts:
- le.wtf:127.0.0.1
- boulder:127.0.0.1
ports:
- 4000:4000 # ACME
- 4001:4001 # ACMEv2
- 4002:4002 # OCSP
- 4003:4003 # OCSP
- 4430:4430 # ACME via HTTPS
- 4431:4431 # ACMEv2 via HTTPS
- 4500:4500 # ct-test-srv
- 6000:6000 # gsb-test-srv
- 8000:8000 # debug ports
- 8001:8001
- 8002:8002
- 8003:8003
- 8004:8004
- 8005:8005
- 8006:8006
- 8008:8008
- 8009:8009
- 8010:8010
- 8055:8055 # dns-test-srv updates
- 9380:9380 # mail-test-srv
- 9381:9381 # mail-test-srv
depends_on:
- bhsm
- bmysql
networks:
- default
bhsm:
# To minimize fetching this should be the same version used above
image: letsencrypt/boulder-tools:2018-03-07
hostname: boulder-hsm
environment:
PKCS11_DAEMON_SOCKET: tcp://0.0.0.0:5657
command: /usr/local/bin/pkcs11-daemon /usr/lib/softhsm/libsofthsm2.so
expose:
- 5657
networks:
default:
aliases:
- boulder-hsm
bmysql:
image: mariadb:10.1
hostname: boulder-mysql
environment:
MYSQL_ALLOW_EMPTY_PASSWORD: "yes"
command: mysqld --bind-address=0.0.0.0
logging:
driver: none
networks:
default:
aliases:
- boulder-mysql
## TRAEFIK part ##
traefik:
build:
context: ../..
image: containous/traefik:latest
command: --configFile=/etc/traefik/conf/acme.toml
restart: unless-stopped
extra_hosts:
- traefik.boulder.com:172.17.0.1
volumes:
- "./acme.toml:/etc/traefik/conf/acme.toml:ro"
- "/var/run/docker.sock:/var/run/docker.sock:ro"
- "./acme.json:/etc/traefik/conf/acme.json:rw"
ports:
- "80:80"
- "443:443"
- "5001:443" # Needed for SNI challenge
- "5002:80" # Needed for HTTP challenge
expose:
- "8080"
labels:
- "traefik.port=8080"
- "traefik.backend=traefikception"
- "traefik.frontend.rule=Host:traefik.localhost.com"
- "traefik.enable=true"
depends_on:
- boulder

View File

@ -1,91 +0,0 @@
#! /usr/bin/env bash
# Initialize variables
readonly traefik_url="traefik.localhost.com"
readonly basedir=$(dirname $0)
readonly doc_file=$basedir"/docker-compose.yml"
# Stop and remove Docker environment
down_environment() {
echo "STOP Docker environment"
! docker-compose -f $doc_file down -v &>/dev/null && \
echo "[ERROR] Unable to stop the Docker environment" && exit 11
}
# Create and start Docker-compose environment or subpart of its services (if services are listed)
# $@ : List of services to start (optional)
up_environment() {
echo "START Docker environment"
! docker-compose -f $doc_file up -d $@ &>/dev/null && \
echo "[ERROR] Unable to start Docker environment" && exit 21
}
# Init the environment : get IP address and create needed files
init_environment() {
echo "CREATE empty acme.json file"
rm -f $basedir/acme.json && \
touch $basedir/acme.json && \
chmod 600 $basedir/acme.json # Needed for ACME
}
# Start all the environement
start_boulder() {
init_environment
echo "Start boulder environment"
up_environment bmysql bhsm boulder
waiting_counter=12
# Not start Traefik if boulder is not started
echo "WAIT for boulder..."
while [[ -z $(curl -s http://127.0.0.1:4000/directory) ]]; do
sleep 5
let waiting_counter-=1
if [[ $waiting_counter -eq 0 ]]; then
echo "[ERROR] Unable to start boulder container in the allowed time, the Docker environment will be stopped"
down_environment
exit 41
fi
done
}
# Script usage
show_usage() {
echo
echo "USAGE : manage_acme_docker_environment.sh [--dev|--start|--stop|--restart]"
echo
}
# Main method
# $@ All parameters given
main() {
[[ $# -ne 1 ]] && show_usage && exit 1
case $1 in
"--dev")
start_boulder
;;
"--start")
# Start boulder environment
start_boulder
echo "START Traefik container"
up_environment traefik
echo "ENVIRONMENT SUCCESSFULLY STARTED"
;;
"--stop")
! down_environment
echo "ENVIRONMENT SUCCESSFULLY STOPPED"
;;
"--restart")
down_environment
start_boulder
echo "START Traefik container"
up_environment traefik
echo "ENVIRONMENT SUCCESSFULLY RESTARTED"
;;
*)
show_usage && exit 2
;;
esac
}
main $@

View File

@ -1,205 +0,0 @@
version: '2'
services:
## KV part ##
# CONSUL
consul:
image: progrium/consul
command: -server -bootstrap -log-level debug -ui-dir /ui
ports:
- "8400:8400"
- "8500:8500"
- "8600:53/udp"
expose:
- "8300"
- "8301"
- "8301/udp"
- "8302"
- "8302/udp"
networks:
net:
ipv4_address: 10.0.1.2
# ETCD V3
etcd3:
image: quay.io/coreos/etcd:v3.2.9
command: /usr/local/bin/etcd --data-dir=/etcd-data --name node1 --initial-advertise-peer-urls http://10.0.1.12:2380 --listen-peer-urls http://10.0.1.12:2380 --advertise-client-urls http://10.0.1.12:2379,http://10.0.1.12:4001 --listen-client-urls http://10.0.1.12:2379,http://10.0.1.12:4001 --initial-cluster node1=http://10.0.1.12:2380 --debug
ports:
- "4001:4001"
- "2380:2380"
- "2379:2379"
networks:
net:
ipv4_address: 10.0.1.12
etcdctl-ping:
image: tenstartups/etcdctl
command: --endpoints=[10.0.1.12:2379] get "traefik/acme/storage"
environment:
ETCDCTL_DIAL_: "TIMEOUT 10s"
ETCDCTL_API : "3"
networks:
- net
## BOULDER part ##
boulder:
# To minimize fetching this should be the same version used below
image: containous/boulder:containous-acmev2
environment:
FAKE_DNS: 172.17.0.1
PKCS11_PROXY_SOCKET: tcp://boulder-hsm:5657
restart: unless-stopped
extra_hosts:
- le.wtf:127.0.0.1
- boulder:127.0.0.1
ports:
- 4000:4000 # ACME
- 4001:4001 # ACMEv2
- 4002:4002 # OCSP
- 4003:4003 # OCSP
- 4430:4430 # ACME via HTTPS
- 4431:4431 # ACMEv2 via HTTPS
- 4500:4500 # ct-test-srv
- 6000:6000 # gsb-test-srv
- 8000:8000 # debug ports
- 8001:8001
- 8002:8002
- 8003:8003
- 8004:8004
- 8005:8005
- 8006:8006
- 8008:8008
- 8009:8009
- 8010:8010
- 8055:8055 # dns-test-srv updates
- 9380:9380 # mail-test-srv
- 9381:9381 # mail-test-srv
depends_on:
- bhsm
- bmysql
networks:
net:
ipv4_address: 10.0.1.3
bhsm:
# To minimize fetching this should be the same version used above
image: letsencrypt/boulder-tools:2018-03-07
hostname: boulder-hsm
environment:
PKCS11_DAEMON_SOCKET: tcp://0.0.0.0:5657
command: /usr/local/bin/pkcs11-daemon /usr/lib/softhsm/libsofthsm2.so
expose:
- 5657
networks:
net:
ipv4_address: 10.0.1.4
aliases:
- boulder-hsm
bmysql:
image: mariadb:10.1
hostname: boulder-mysql
environment:
MYSQL_ALLOW_EMPTY_PASSWORD: "yes"
command: mysqld --bind-address=0.0.0.0
logging:
driver: none
networks:
net:
ipv4_address: 10.0.1.5
aliases:
- boulder-mysql
## TRAEFIK part ##
storeconfig:
build:
context: ../..
image: containous/traefik
volumes:
- "./traefik.toml:/traefik.toml:ro"
command: storeconfig --debug
networks:
- net
traefik01:
build:
context: ../..
image: containous/traefik
command: ${TRAEFIK_CMD}
extra_hosts:
- traefik.boulder.com:172.17.0.1
volumes:
- "/var/run/docker.sock:/var/run/docker.sock:ro"
expose:
- "443"
- "5001"
- "5002"
ports:
- "80:80"
- "8080:8080"
- "443:443"
- "5001:443" # Needed for SNI challenge
- "5002:80" # Needed for HTTP challenge
networks:
net:
ipv4_address: 10.0.1.8
traefik02:
build:
context: ../..
image: containous/traefik
command: ${TRAEFIK_CMD}
extra_hosts:
- traefik.boulder.com:172.17.0.1
volumes:
- "/var/run/docker.sock:/var/run/docker.sock:ro"
expose:
- "443"
- "5001"
- "5002"
ports:
- "88:80"
- "8888:8080"
- "8443:443"
depends_on:
- traefik01
networks:
net:
ipv4_address: 10.0.1.9
whoami01:
image: containous/whoami
expose:
- "80"
labels:
- "traefik.port=80"
- "traefik.backend=wam01"
- "traefik.frontend.rule=Host:who01.localhost.com"
- "traefik.enable=true"
networks:
net:
ipv4_address: 10.0.1.10
whoami02:
image: containous/whoami
expose:
- "80"
labels:
- "traefik.port=80"
- "traefik.backend=wam02"
- "traefik.frontend.rule=Host:who02.localhost.com"
- "traefik.enable=true"
networks:
- net
networks:
net:
driver: bridge
ipam:
config:
- subnet: 10.0.1.0/26

View File

@ -1,215 +0,0 @@
#! /usr/bin/env bash
# Initialize variables
readonly basedir=$(dirname $0)
readonly doc_file=$basedir"/docker-compose.yml"
export COMPOSE_PROJECT_NAME="cluster"
# Stop and remove Docker environment
down_environment() {
echo "DOWN Docker environment"
! docker-compose -f $doc_file down -v &>/dev/null && \
echo "[ERROR] Unable to stop the Docker environment" && exit 11
return 0
}
# Create and start Docker-compose environment or subpart of its services (if services are listed)
# $@ : List of services to start (optional)
up_environment() {
echo "START Docker environment "$@
! docker-compose -f $doc_file up -d $@ &>/dev/null && \
echo "[ERROR] Unable to start Docker environment ${@}" && exit 21
return 0
}
# Stop and remove Docker environment
delete_services() {
echo "DELETE services "$@
! docker-compose -f $doc_file stop $@ &>/dev/null && \
echo "[ERROR] Unable to stop services "$@ && exit 31
! docker-compose -f $doc_file rm -vf $@ &>/dev/null && \
echo "[ERROR] Unable to delete services "$@ && exit 31
return 0
}
start_consul() {
up_environment consul
waiting_counter=12
# Not start Traefik store config if consul is not started
echo "WAIT for consul..."
sleep 5
while [[ -z $(curl -s http://10.0.1.2:8500/v1/status/leader) ]]; do
sleep 5
let waiting_counter-=1
if [[ $waiting_counter -eq 0 ]]; then
echo "[ERROR] Unable to start consul container in the allowed time, the Docker environment will be stopped"
down_environment
exit 41
fi
done
}
start_etcd3() {
up_environment etcd3
waiting_counter=12
# Not start Traefik store config if consul is not started
echo "WAIT for ETCD3..."
while [[ -z $(curl -s --connect-timeout 2 http://10.0.1.12:2379/version) ]]; do
sleep 5
let waiting_counter-=1
if [[ $waiting_counter -eq 0 ]]; then
echo "[ERROR] Unable to start etcd3 container in the allowed time, the Docker environment will be stopped"
down_environment
exit 51
fi
done
}
start_storeconfig_consul() {
# Create traefik.toml with consul provider
cp $basedir/traefik.toml.tmpl $basedir/traefik.toml
echo '
[consul]
endpoint = "10.0.1.2:8500"
watch = true
prefix = "traefik"' >> $basedir/traefik.toml
up_environment storeconfig
rm -f $basedir/traefik.toml
waiting_counter=5
delete_services storeconfig
}
start_storeconfig_etcd3() {
# Create traefik.toml with consul provider
cp $basedir/traefik.toml.tmpl $basedir/traefik.toml
echo '
[etcd]
endpoint = "10.0.1.12:2379"
watch = true
prefix = "/traefik"' >> $basedir/traefik.toml
up_environment storeconfig
rm -f $basedir/traefik.toml
waiting_counter=5
# Don't start Traefik store config if ETCD3 is not started
echo "Delete storage file key..."
while [[ $(docker-compose -f $doc_file up --exit-code-from etcdctl-ping etcdctl-ping &>/dev/null) -ne 0 && $waiting_counter -gt 0 ]]; do
sleep 5
let waiting_counter-=1
done
delete_services storeconfig etcdctl-ping
}
start_traefik() {
up_environment traefik01
# Waiting for the first instance which is mapped to the host as leader before to start the second one
waiting_counter=5
echo "WAIT for traefik leader..."
sleep 10
while [[ -z $(curl -s --connect-timeout 3 http://10.0.1.8:8080/ping) ]]; do
sleep 2
let waiting_counter-=1
if [[ $waiting_counter -eq 0 ]]; then
echo "[ERROR] Unable to start Traefik leader container in the allowed time, the Docker environment will be stopped"
down_environment
exit 51
fi
done
up_environment whoami01
waiting_counter=5
echo "WAIT for whoami..."
sleep 10
while [[ -z $(curl -s --connect-timeout 3 http://10.0.1.10) ]]; do
sleep 2
let waiting_counter-=1
if [[ $waiting_counter -eq 0 ]]; then
echo "[ERROR] Unable to start whoami container in the allowed time, the Docker environment will be stopped"
down_environment
exit 52
fi
done
up_environment traefik02 whoami02
}
# Start boulder services
start_boulder() {
echo "Start boulder environment"
up_environment bmysql bhsm boulder
waiting_counter=12
# Not start Traefik if boulder is not started
echo "WAIT for boulder..."
while [[ -z $(curl -s http://10.0.1.3:4001/directory) ]]; do
sleep 5
let waiting_counter-=1
if [[ $waiting_counter -eq 0 ]]; then
echo "[ERROR] Unable to start boulder container in the allowed time, the Docker environment will be stopped"
down_environment
exit 61
fi
done
echo "Boulder started."
}
# Script usage
show_usage() {
echo
echo "USAGE : manage_cluster_docker_environment.sh [--start [--consul|--etcd3]|--stop|--restart [--consul|--etcd3]]"
echo
}
# Main method
# $@ All parameters given
main() {
[[ $# -lt 1 && $# -gt 2 ]] && show_usage && exit 1
case $1 in
"--start")
[[ $# -ne 2 ]] && show_usage && exit 2
# The domains who01.localhost.com and who02.localhost.com have to refer 127.0.0.1
# I, the /etc/hosts file
for whoami_idx in "01" "02"; do
[[ -z $(cat /etc/hosts | grep "127.0.0.1" | grep -vE "^#" | grep "who${whoami_idx}.localhost.com") ]] && \
echo "[ERROR] Domain who${whoami_idx}.localhost.com has to refer to 127.0.0.1 into /etc/hosts file." && \
exit 3
done
case $2 in
"--etcd3")
echo "USE ETCD V3 AS KV STORE"
export TRAEFIK_CMD="--etcd --etcd.endpoint=10.0.1.12:2379"
start_boulder && \
start_etcd3 && \
start_storeconfig_etcd3 && \
start_traefik
;;
"--consul")
echo "USE CONSUL AS KV STORE"
export TRAEFIK_CMD="--consul --consul.endpoint=10.0.1.2:8500"
start_boulder && \
start_consul && \
start_storeconfig_consul && \
start_traefik
;;
*)
show_usage && exit 4
;;
esac
echo "ENVIRONMENT SUCCESSFULLY STARTED"
;;
"--stop")
! down_environment
echo "ENVIRONMENT SUCCESSFULLY STOPPED"
;;
"--restart")
[[ $# -ne 2 ]] && show_usage && exit 5
down_environment
main --start $2
;;
*)
show_usage && exit 6
;;
esac
}
main $@

View File

@ -1,26 +0,0 @@
logLevel = "DEBUG"
[entrypoints]
[entrypoints.web]
address = ":80"
[entrypoints.web-secure]
address = ":443"
[entrypoints.web-secure.tls]
[acme]
email = "test@traefik.io"
storage = "traefik/acme/account"
entryPoint = "https"
onHostRule = true
caServer = "http://traefik.boulder.com:4001/directory"
[acme.httpChallenge]
entryPoint="http"
[api]
[docker]
endpoint = "unix:///var/run/docker.sock"
domain = "localhost.com"
watch = true
exposedByDefault = false

View File

@ -1,25 +0,0 @@
version: '2'
services:
consul:
image: progrium/consul
command: -server -bootstrap -advertise 12.0.0.254 -log-level debug -ui-dir /ui
ports:
- "8400:8400"
- "8500:8500"
- "8600:53/udp"
expose:
- "8300"
- "8301"
- "8301/udp"
- "8302"
- "8302/udp"
registrator:
depends_on:
- consul
image: gliderlabs/registrator:master
command: -internal consul://consul:8500
volumes:
- /var/run/docker.sock:/tmp/docker.sock
links:
- consul

View File

@ -1,4 +0,0 @@
etcd:
image: gcr.io/google_containers/etcd:2.2.1
net: host
command: ['/usr/local/bin/etcd', '--addr=127.0.0.1:2379', '--bind-addr=0.0.0.0:2379', '--data-dir=/var/etcd/data']

View File

@ -1,11 +0,0 @@
kubelet:
image: gcr.io/google_containers/hyperkube-amd64:v1.5.2
privileged: true
pid: host
net : host
volumes:
- /sys:/sys:rw
- /var/lib/docker/:/var/lib/docker:rw
- /var/lib/kubelet/:/var/lib/kubelet:rw,shared
- /var/run:/var/run:rw
command: ['/hyperkube', 'kubelet', '--hostname-override=127.0.0.1', '--api-servers=http://localhost:8080', '--config=/etc/kubernetes/manifests', '--allow-privileged=true', '--v=2', '--cluster-dns=10.0.0.10', '--cluster-domain=cluster.local']

View File

@ -1,59 +0,0 @@
version: '2'
services:
zookeeper:
image: netflixoss/exhibitor:1.5.2
hostname: zookeeper
ports:
- "2181:2181"
mesos-master:
image: mesosphere/marathon:v1.2.0-RC6
hostname: mesos-master
entrypoint: [ "mesos-master" ]
ports:
- "5050:5050"
links:
- zookeeper
environment:
- MESOS_CLUSTER=local
- MESOS_HOSTNAME=mesos-master.docker
- MESOS_LOG_DIR=/var/log
- MESOS_WORK_DIR=/var/lib/mesos
- MESOS_QUORUM=1
- MESOS_ZK=zk://zookeeper:2181/mesos
mesos-slave:
image: mesosphere/mesos-slave-dind:0.2.4_mesos-0.27.2_docker-1.8.2_ubuntu-14.04.4
entrypoint:
- mesos-slave
privileged: true
hostname: mesos-slave
ports:
- "5051:5051"
links:
- zookeeper
- mesos-master
environment:
- MESOS_CONTAINERIZERS=docker,mesos
- MESOS_ISOLATOR=cgroups/cpu,cgroups/mem
- MESOS_LOG_DIR=/var/log
- MESOS_MASTER=zk://zookeeper:2181/mesos
- MESOS_PORT=5051
- MESOS_WORK_DIR=/var/lib/mesos
- MESOS_EXECUTOR_REGISTRATION_TIMEOUT=5mins
- MESOS_EXECUTOR_SHUTDOWN_GRACE_PERIOD=90secs
- MESOS_DOCKER_STOP_TIMEOUT=60secs
- MESOS_RESOURCES=cpus:2;mem:2048;disk:20480;ports(*):[12000-12999]
volumes:
- "/var/run/docker.sock:/var/run/docker.sock"
marathon:
image: mesosphere/marathon:v1.2.0-RC6
ports:
- "8080:8080"
links:
- zookeeper
- mesos-master
extra_hosts:
- "mesos-slave:172.17.0.1"
environment:
- MARATHON_ZK=zk://zookeeper:2181/marathon
- MARATHON_MASTER=zk://zookeeper:2181/mesos

View File

@ -1,7 +0,0 @@
traefik:
image: traefik
command: --api --rancher --rancher.domain=rancher.localhost --rancher.endpoint=http://example.com --rancher.accesskey=XXXXXXX --rancher.secretkey=YYYYYY --logLevel=DEBUG
ports:
- "80:80"
- "443:443"
- "8080:8080"

View File

@ -1,20 +0,0 @@
traefik:
image: traefik
command: -c /dev/null --api --docker --docker.domain=docker.localhost --logLevel=DEBUG
ports:
- "80:80"
- "8080:8080"
volumes:
- /var/run/docker.sock:/var/run/docker.sock
whoami1:
image: containous/whoami
labels:
- "traefik.backend=whoami"
- "traefik.frontend.rule=Host:whoami.docker.localhost"
whoami2:
image: containous/whoami
labels:
- "traefik.backend=whoami"
- "traefik.frontend.rule=Host:whoami.docker.localhost"

View File

@ -1,36 +0,0 @@
#!/bin/sh
# backend 1
curl -i -H "Accept: application/json" -X PUT -d "NetworkErrorRatio() > 0.5" http://localhost:8500/v1/kv/traefik/backends/backend1/circuitbreaker/expression
curl -i -H "Accept: application/json" -X PUT -d "http://172.17.0.2:80" http://localhost:8500/v1/kv/traefik/backends/backend1/servers/server1/url
curl -i -H "Accept: application/json" -X PUT -d "10" http://localhost:8500/v1/kv/traefik/backends/backend1/servers/server1/weight
curl -i -H "Accept: application/json" -X PUT -d "http://172.17.0.3:80" http://localhost:8500/v1/kv/traefik/backends/backend1/servers/server2/url
curl -i -H "Accept: application/json" -X PUT -d "1" http://localhost:8500/v1/kv/traefik/backends/backend1/servers/server2/weight
# backend 2
curl -i -H "Accept: application/json" -X PUT -d "drr" http://localhost:8500/v1/kv/traefik/backends/backend2/loadbalancer/method
curl -i -H "Accept: application/json" -X PUT -d "http://172.17.0.4:80" http://localhost:8500/v1/kv/traefik/backends/backend2/servers/server1/url
curl -i -H "Accept: application/json" -X PUT -d "1" http://localhost:8500/v1/kv/traefik/backends/backend2/servers/server1/weight
curl -i -H "Accept: application/json" -X PUT -d "http://172.17.0.5:80" http://localhost:8500/v1/kv/traefik/backends/backend2/servers/server2/url
curl -i -H "Accept: application/json" -X PUT -d "2" http://localhost:8500/v1/kv/traefik/backends/backend2/servers/server2/weight
# frontend 1
curl -i -H "Accept: application/json" -X PUT -d "backend2" http://localhost:8500/v1/kv/traefik/frontends/frontend1/backend
curl -i -H "Accept: application/json" -X PUT -d "http" http://localhost:8500/v1/kv/traefik/frontends/frontend1/entrypoints
curl -i -H "Accept: application/json" -X PUT -d "Host:test.localhost" http://localhost:8500/v1/kv/traefik/frontends/frontend1/routes/test_1/rule
# frontend 2
curl -i -H "Accept: application/json" -X PUT -d "backend1" http://localhost:8500/v1/kv/traefik/frontends/frontend2/backend
curl -i -H "Accept: application/json" -X PUT -d "http" http://localhost:8500/v1/kv/traefik/frontends/frontend2/entrypoints
curl -i -H "Accept: application/json" -X PUT -d "Path:/test" http://localhost:8500/v1/kv/traefik/frontends/frontend2/routes/test_2/rule
# certificate 1
curl -i -H "Accept: application/json" -X PUT -d "https" http://localhost:8500/v1/kv/traefik/tls/pair1/entrypoints
curl -i -H "Accept: application/json" -X PUT -d "/tmp/test1.crt" http://localhost:8500/v1/kv/traefik/tls/pair1/certificate/certfile
curl -i -H "Accept: application/json" -X PUT -d "/tmp/test1.key" http://localhost:8500/v1/kv/traefik/tls/pair1/certificate/keyfile
# certificate 2
curl -i -H "Accept: application/json" -X PUT -d "http,https" http://localhost:8500/v1/kv/traefik/tls/pair2/entrypoints
curl -i -H "Accept: application/json" -X PUT -d "/tmp/test2.crt" http://localhost:8500/v1/kv/traefik/tls/pair2/certificate/certfile
curl -i -H "Accept: application/json" -X PUT -d "/tmp/test2.key" http://localhost:8500/v1/kv/traefik/tls/pair2/certificate/keyfile

View File

@ -1,115 +0,0 @@
#! /usr/bin/env bash
#
# Insert data in ETCD V3
function insert_etcd2_data() {
# backend 1
curl -i -H "Accept: application/json" -X PUT -d value="NetworkErrorRatio() > 0.5" http://localhost:2379/v2/keys/traefik/backends/backend1/circuitbreaker/expression
curl -i -H "Accept: application/json" -X PUT -d value="http://172.17.0.2:80" http://localhost:2379/v2/keys/traefik/backends/backend1/servers/server1/url
curl -i -H "Accept: application/json" -X PUT -d value="10" http://localhost:2379/v2/keys/traefik/backends/backend1/servers/server1/weight
curl -i -H "Accept: application/json" -X PUT -d value="http://172.17.0.3:80" http://localhost:2379/v2/keys/traefik/backends/backend1/servers/server2/url
curl -i -H "Accept: application/json" -X PUT -d value="1" http://localhost:2379/v2/keys/traefik/backends/backend1/servers/server2/weight
# backend 2
curl -i -H "Accept: application/json" -X PUT -d value="drr" http://localhost:2379/v2/keys/traefik/backends/backend2/loadbalancer/method
curl -i -H "Accept: application/json" -X PUT -d value="http://172.17.0.4:80" http://localhost:2379/v2/keys/traefik/backends/backend2/servers/server1/url
curl -i -H "Accept: application/json" -X PUT -d value="1" http://localhost:2379/v2/keys/traefik/backends/backend2/servers/server1/weight
curl -i -H "Accept: application/json" -X PUT -d value="http://172.17.0.5:80" http://localhost:2379/v2/keys/traefik/backends/backend2/servers/server2/url
curl -i -H "Accept: application/json" -X PUT -d value="2" http://localhost:2379/v2/keys/traefik/backends/backend2/servers/server2/weight
# frontend 1
curl -i -H "Accept: application/json" -X PUT -d value="backend2" http://localhost:2379/v2/keys/traefik/frontends/frontend1/backend
curl -i -H "Accept: application/json" -X PUT -d value="http" http://localhost:2379/v2/keys/traefik/frontends/frontend1/entrypoints
curl -i -H "Accept: application/json" -X PUT -d value="Host:test.localhost" http://localhost:2379/v2/keys/traefik/frontends/frontend1/routes/test_1/rule
# frontend 2
curl -i -H "Accept: application/json" -X PUT -d value="backend1" http://localhost:2379/v2/keys/traefik/frontends/frontend2/backend
curl -i -H "Accept: application/json" -X PUT -d value="http" http://localhost:2379/v2/keys/traefik/frontends/frontend2/entrypoints
curl -i -H "Accept: application/json" -X PUT -d value="Path:/test" http://localhost:2379/v2/keys/traefik/frontends/frontend2/routes/test_2/rule
# certificate 1
curl -i -H "Accept: application/json" -X PUT -d value="https" http://localhost:2379/v2/keys/traefik/tls/pair1/entrypoints
curl -i -H "Accept: application/json" -X PUT -d value="/tmp/test1.crt" http://localhost:2379/v2/keys/traefik/tls/pair1/certificate/certfile
curl -i -H "Accept: application/json" -X PUT -d value="/tmp/test1.key" http://localhost:2379/v2/keys/traefik/tls/pair1/certificate/keyfile
# certificate 2
curl -i -H "Accept: application/json" -X PUT -d value="http,https" http://localhost:2379/v2/keys/traefik/tls/pair2/entrypoints
curl -i -H "Accept: application/json" -X PUT -d value="/tmp/test2.crt" http://localhost:2379/v2/keys/traefik/tls/pair2/certificate/certfile
curl -i -H "Accept: application/json" -X PUT -d value="/tmp/test2.key" http://localhost:2379/v2/keys/traefik/tls/pair2/certificate/keyfile
}
#
# Insert data in ETCD V3
# $1 = ECTD IP address
# Note : This function allows adding data in a ETCD V3 which is directly installed on a host
# or in container which binds its port 2379 on a host in the way to allows etcd_client container to access it.
function insert_etcd3_data() {
readonly etcd_ip=$1
# backend 1
docker container run --rm -ti -e ETCDCTL_DIAL_="TIMEOUT 10s" -e ETCDCTL_API="3" tenstartups/etcdctl --endpoints=[$etcd_ip:2379] put "/traefik/backends/backend1/circuitbreaker/expression" "NetworkErrorRatio() > 0.5"
docker container run --rm -ti -e ETCDCTL_DIAL_="TIMEOUT 10s" -e ETCDCTL_API="3" tenstartups/etcdctl --endpoints=[$etcd_ip:2379] put "/traefik/backends/backend1/servers/server1/url" "http://172.17.0.2:80"
docker container run --rm -ti -e ETCDCTL_DIAL_="TIMEOUT 10s" -e ETCDCTL_API="3" tenstartups/etcdctl --endpoints=[$etcd_ip:2379] put "/traefik/backends/backend1/servers/server1/weight" "10"
docker container run --rm -ti -e ETCDCTL_DIAL_="TIMEOUT 10s" -e ETCDCTL_API="3" tenstartups/etcdctl --endpoints=[$etcd_ip:2379] put "/traefik/backends/backend1/servers/server2/url" "http://172.17.0.3:80"
docker container run --rm -ti -e ETCDCTL_DIAL_="TIMEOUT 10s" -e ETCDCTL_API="3" tenstartups/etcdctl --endpoints=[$etcd_ip:2379] put "/traefik/backends/backend1/servers/server2/weight" "1"
# backend 2
docker container run --rm -ti -e ETCDCTL_DIAL_="TIMEOUT 10s" -e ETCDCTL_API="3" tenstartups/etcdctl --endpoints=[$etcd_ip:2379] put "/traefik/backends/backend2/loadbalancer/method" "drr"
docker container run --rm -ti -e ETCDCTL_DIAL_="TIMEOUT 10s" -e ETCDCTL_API="3" tenstartups/etcdctl --endpoints=[$etcd_ip:2379] put "/traefik/backends/backend2/servers/server1/url" "http://172.17.0.4:80"
docker container run --rm -ti -e ETCDCTL_DIAL_="TIMEOUT 10s" -e ETCDCTL_API="3" tenstartups/etcdctl --endpoints=[$etcd_ip:2379] put "/traefik/backends/backend2/servers/server1/weight" "1"
docker container run --rm -ti -e ETCDCTL_DIAL_="TIMEOUT 10s" -e ETCDCTL_API="3" tenstartups/etcdctl --endpoints=[$etcd_ip:2379] put "/traefik/backends/backend2/servers/server2/url" "http://172.17.0.5:80"
docker container run --rm -ti -e ETCDCTL_DIAL_="TIMEOUT 10s" -e ETCDCTL_API="3" tenstartups/etcdctl --endpoints=[$etcd_ip:2379] put "/traefik/backends/backend2/servers/server2/weight" "2"
# frontend 1
docker container run --rm -ti -e ETCDCTL_DIAL_="TIMEOUT 10s" -e ETCDCTL_API="3" tenstartups/etcdctl --endpoints=[$etcd_ip:2379] put "/traefik/frontends/frontend1/backend" "backend2"
docker container run --rm -ti -e ETCDCTL_DIAL_="TIMEOUT 10s" -e ETCDCTL_API="3" tenstartups/etcdctl --endpoints=[$etcd_ip:2379] put "/traefik//frontends/frontend1/entrypoints" "http"
docker container run --rm -ti -e ETCDCTL_DIAL_="TIMEOUT 10s" -e ETCDCTL_API="3" tenstartups/etcdctl --endpoints=[$etcd_ip:2379] put "/traefik/frontends/frontend1/routes/test_1/rule" "Host:test.localhost"
# frontend 2
docker container run --rm -ti -e ETCDCTL_DIAL_="TIMEOUT 10s" -e ETCDCTL_API="3" tenstartups/etcdctl --endpoints=[$etcd_ip:2379] put "/traefik/frontends/frontend2/backend" "backend1"
docker container run --rm -ti -e ETCDCTL_DIAL_="TIMEOUT 10s" -e ETCDCTL_API="3" tenstartups/etcdctl --endpoints=[$etcd_ip:2379] put "/traefik/frontends/frontend2/entrypoints" "http"
docker container run --rm -ti -e ETCDCTL_DIAL_="TIMEOUT 10s" -e ETCDCTL_API="3" tenstartups/etcdctl --endpoints=[$etcd_ip:2379] put "/traefik/frontends/frontend2/routes/test_2/rule" "Path:/test"
# certificate 1
docker container run --rm -ti -e ETCDCTL_DIAL_="TIMEOUT 10s" -e ETCDCTL_API="3" tenstartups/etcdctl --endpoints=[$etcd_ip:2379] put "/traefik/tls/pair1/entrypoints" "https"
docker container run --rm -ti -e ETCDCTL_DIAL_="TIMEOUT 10s" -e ETCDCTL_API="3" tenstartups/etcdctl --endpoints=[$etcd_ip:2379] put "/traefik/tls/pair1/certificate/certfile" "/tmp/test1.crt"
docker container run --rm -ti -e ETCDCTL_DIAL_="TIMEOUT 10s" -e ETCDCTL_API="3" tenstartups/etcdctl --endpoints=[$etcd_ip:2379] put "/traefik/tls/pair1/certificate/keyfile" "/tmp/test1.key"
# certificate 2
docker container run --rm -ti -e ETCDCTL_DIAL_="TIMEOUT 10s" -e ETCDCTL_API="3" tenstartups/etcdctl --endpoints=[$etcd_ip:2379] put "/traefik/tls/pair2/entrypoints" "https"
docker container run --rm -ti -e ETCDCTL_DIAL_="TIMEOUT 10s" -e ETCDCTL_API="3" tenstartups/etcdctl --endpoints=[$etcd_ip:2379] put "/traefik/tls/pair2/certificate/certfile" "/tmp/test2.crt"
docker container run --rm -ti -e ETCDCTL_DIAL_="TIMEOUT 10s" -e ETCDCTL_API="3" tenstartups/etcdctl --endpoints=[$etcd_ip:2379] put "/traefik/tls/pair2/certificate/keyfile" "/tmp/test2.key"
}
function show_usage() {
echo "USAGE : etcd-config.sh ETCD_API_VERSION [ETCD_IP_ADDRESS]"
echo " ETCD_API_VERSION : Values V2 or V3 (V3 requires ETCD_IP_ADDRESS)"
echo " ETCD_IP_ADDRESS : Host ETCD IP address (not 127.0.0.1)"
}
function main() {
case $# in
1)
if [[ $1 == "V2" ]]; then
insert_etcd2_data
else
show_usage
exit 1
fi
;;
2)
if [[ $1 == "V3" && $2 != "127.0.0.1" && ! -z $(echo $2 | grep -oE "([0-9]+(\.)?){4}") ]]; then
insert_etcd3_data $2
else
show_usage
exit 1
fi
;;
*)
show_usage
exit 1
;;
esac
}
main $@

View File

@ -1,6 +0,0 @@
kind: Namespace
apiVersion: v1
metadata:
name: kube-system
labels:
name: kube-system

View File

@ -1,8 +0,0 @@
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: cheese-default
spec:
backend:
serviceName: stilton
servicePort: 80

View File

@ -1,99 +0,0 @@
---
kind: Deployment
apiVersion: extensions/v1beta1
metadata:
name: stilton
labels:
app: cheese
cheese: stilton
spec:
replicas: 2
selector:
matchLabels:
app: cheese
task: stilton
template:
metadata:
labels:
app: cheese
task: stilton
version: v0.0.1
spec:
containers:
- name: cheese
image: errm/cheese:stilton
resources:
requests:
cpu: 100m
memory: 50Mi
limits:
cpu: 100m
memory: 50Mi
ports:
- containerPort: 80
---
kind: Deployment
apiVersion: extensions/v1beta1
metadata:
name: cheddar
labels:
app: cheese
cheese: cheddar
spec:
replicas: 2
selector:
matchLabels:
app: cheese
task: cheddar
template:
metadata:
labels:
app: cheese
task: cheddar
version: v0.0.1
spec:
containers:
- name: cheese
image: errm/cheese:cheddar
resources:
requests:
cpu: 100m
memory: 50Mi
limits:
cpu: 100m
memory: 50Mi
ports:
- containerPort: 80
---
kind: Deployment
apiVersion: extensions/v1beta1
metadata:
name: wensleydale
labels:
app: cheese
cheese: wensleydale
spec:
replicas: 2
selector:
matchLabels:
app: cheese
task: wensleydale
template:
metadata:
labels:
app: cheese
task: wensleydale
version: v0.0.1
spec:
containers:
- name: cheese
image: errm/cheese:wensleydale
resources:
requests:
cpu: 100m
memory: 50Mi
limits:
cpu: 100m
memory: 50Mi
ports:
- containerPort: 80

View File

@ -1,27 +0,0 @@
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: cheese
spec:
rules:
- host: stilton.minikube
http:
paths:
- path: /
backend:
serviceName: stilton
servicePort: http
- host: cheddar.minikube
http:
paths:
- path: /
backend:
serviceName: cheddar
servicePort: http
- host: wensleydale.minikube
http:
paths:
- path: /
backend:
serviceName: wensleydale
servicePort: http

View File

@ -1,39 +0,0 @@
---
apiVersion: v1
kind: Service
metadata:
name: stilton
spec:
ports:
- name: http
targetPort: 80
port: 80
selector:
app: cheese
task: stilton
---
apiVersion: v1
kind: Service
metadata:
name: cheddar
spec:
ports:
- name: http
targetPort: 80
port: 80
selector:
app: cheese
task: cheddar
---
apiVersion: v1
kind: Service
metadata:
name: wensleydale
spec:
ports:
- name: http
targetPort: 80
port: 80
selector:
app: cheese
task: wensleydale

View File

@ -1,23 +0,0 @@
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: cheeses
annotations:
traefik.frontend.rule.type: PathPrefixStrip
spec:
rules:
- host: cheeses.minikube
http:
paths:
- path: /stilton
backend:
serviceName: stilton
servicePort: http
- path: /cheddar
backend:
serviceName: cheddar
servicePort: http
- path: /wensleydale
backend:
serviceName: wensleydale
servicePort: http

View File

@ -1,56 +0,0 @@
---
apiVersion: v1
kind: ServiceAccount
metadata:
name: traefik-ingress-controller
namespace: kube-system
---
kind: Deployment
apiVersion: extensions/v1beta1
metadata:
name: traefik-ingress-controller
namespace: kube-system
labels:
k8s-app: traefik-ingress-lb
spec:
replicas: 1
selector:
matchLabels:
k8s-app: traefik-ingress-lb
template:
metadata:
labels:
k8s-app: traefik-ingress-lb
name: traefik-ingress-lb
spec:
serviceAccountName: traefik-ingress-controller
terminationGracePeriodSeconds: 60
containers:
- image: traefik
name: traefik-ingress-lb
ports:
- name: http
containerPort: 80
- name: admin
containerPort: 8080
args:
- --api
- --kubernetes
- --logLevel=INFO
---
kind: Service
apiVersion: v1
metadata:
name: traefik-ingress-service
namespace: kube-system
spec:
selector:
k8s-app: traefik-ingress-lb
ports:
- protocol: TCP
port: 80
name: web
- protocol: TCP
port: 8080
name: admin
type: NodePort

View File

@ -1,59 +0,0 @@
---
apiVersion: v1
kind: ServiceAccount
metadata:
name: traefik-ingress-controller
namespace: kube-system
---
kind: DaemonSet
apiVersion: extensions/v1beta1
metadata:
name: traefik-ingress-controller
namespace: kube-system
labels:
k8s-app: traefik-ingress-lb
spec:
template:
metadata:
labels:
k8s-app: traefik-ingress-lb
name: traefik-ingress-lb
spec:
serviceAccountName: traefik-ingress-controller
terminationGracePeriodSeconds: 60
containers:
- image: traefik
name: traefik-ingress-lb
ports:
- name: http
containerPort: 80
hostPort: 80
- name: admin
containerPort: 8080
hostPort: 8080
securityContext:
capabilities:
drop:
- ALL
add:
- NET_BIND_SERVICE
args:
- --api
- --kubernetes
- --logLevel=INFO
---
kind: Service
apiVersion: v1
metadata:
name: traefik-ingress-service
namespace: kube-system
spec:
selector:
k8s-app: traefik-ingress-lb
ports:
- protocol: TCP
port: 80
name: web
- protocol: TCP
port: 8080
name: admin

View File

@ -1,43 +0,0 @@
---
kind: ClusterRole
apiVersion: rbac.authorization.k8s.io/v1beta1
metadata:
name: traefik-ingress-controller
rules:
- apiGroups:
- ""
resources:
- services
- endpoints
- secrets
verbs:
- get
- list
- watch
- apiGroups:
- extensions
resources:
- ingresses
verbs:
- get
- list
- watch
- apiGroups:
- extensions
resources:
- ingresses/status
verbs:
- update
---
kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1beta1
metadata:
name: traefik-ingress-controller
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: traefik-ingress-controller
subjects:
- kind: ServiceAccount
name: traefik-ingress-controller
namespace: kube-system

View File

@ -1,28 +0,0 @@
---
apiVersion: v1
kind: Service
metadata:
name: traefik-web-ui
namespace: kube-system
spec:
selector:
k8s-app: traefik-ingress-lb
ports:
- name: web
port: 80
targetPort: 8080
---
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: traefik-web-ui
namespace: kube-system
spec:
rules:
- host: traefik-ui.minikube
http:
paths:
- path: /
backend:
serviceName: traefik-web-ui
servicePort: web

View File

@ -1,107 +0,0 @@
## The Traefik Quickstart (Using Docker)
In this quickstart, we'll use [Docker compose](https://docs.docker.com/compose) to create our demo infrastructure.
To save some time, you can clone [Traefik's repository](https://github.com/containous/traefik) and use the quickstart files located in the [examples/quickstart](https://github.com/containous/traefik/tree/master/examples/quickstart/) directory.
### 1 — Launch Traefik — Tell It to Listen to Docker
Create a `docker-compose.yml` file where you will define a `reverse-proxy` service that uses the official Traefik image:
```yaml
version: '3'
services:
reverse-proxy:
image: traefik # The official Traefik docker image
command: --api --docker # Enables the web UI and tells Traefik to listen to docker
ports:
- "80:80" # The HTTP port
- "8080:8080" # The Web UI (enabled by --api)
volumes:
- /var/run/docker.sock:/var/run/docker.sock #So that Traefik can listen to the Docker events
```
**That's it. Now you can launch Traefik!**
Start your `reverse-proxy` with the following command:
```shell
docker-compose up -d reverse-proxy
```
You can open a browser and go to [http://localhost:8080](http://localhost:8080) to see Traefik's dashboard (we'll go back there once we have launched a service in step 2).
### 2 — Launch a Service — Traefik Detects It and Creates a Route for You
Now that we have a Traefik instance up and running, we will deploy new services.
Edit your `docker-compose.yml` file and add the following at the end of your file.
```yaml
# ...
whoami:
image: containous/whoami # A container that exposes an API to show its IP address
labels:
- "traefik.http.routers.whoami.rule=Host:whoami.docker.localhost"
```
The above defines `whoami`: a simple web service that outputs information about the machine it is deployed on (its IP address, host, and so on).
Start the `whoami` service with the following command:
```shell
docker-compose up -d whoami
```
Go back to your browser ([http://localhost:8080](http://localhost:8080)) and see that Traefik has automatically detected the new container and updated its own configuration.
When Traefik detects new services, it creates the corresponding routes so you can call them ... _let's see!_ (Here, we're using curl)
```shell
curl -H Host:whoami.docker.localhost http://127.0.0.1
```
_Shows the following output:_
```yaml
Hostname: 8656c8ddca6c
IP: 172.27.0.3
#...
```
### 3 — Launch More Instances — Traefik Load Balances Them
Run more instances of your `whoami` service with the following command:
```shell
docker-compose up -d --scale whoami=2
```
Go back to your browser ([http://localhost:8080](http://localhost:8080)) and see that Traefik has automatically detected the new instance of the container.
Finally, see that Traefik load-balances between the two instances of your services by running twice the following command:
```shell
curl -H Host:whoami.docker.localhost http://127.0.0.1
```
The output will show alternatively one of the followings:
```yaml
Hostname: 8656c8ddca6c
IP: 172.27.0.3
#...
```
```yaml
Hostname: 8458f154e1f1
IP: 172.27.0.4
# ...
```
### 4 — Enjoy Traefik's Magic
Now that you have a basic understanding of how Traefik can automatically create the routes to your services and load balance them, it might be time to dive into [the documentation](https://docs.traefik.io/) and let Traefik work for you!
Whatever your infrastructure is, there is probably [an available Traefik backend](https://docs.traefik.io/#supported-backends) that will do the job.
Our recommendation would be to see for yourself how simple it is to enable HTTPS with [Traefik's let's encrypt integration](https://docs.traefik.io/user-guide/examples/#lets-encrypt-support) using the dedicated [user guide](https://docs.traefik.io/user-guide/docker-and-lets-encrypt/).

View File

@ -1,18 +0,0 @@
version: '3'
services:
# The reverse proxy service (Traefik)
reverse-proxy:
image: traefik # The official Traefik docker image
command: --api --docker # Enables the web UI and tells Traefik to listen to docker
ports:
- "80:80" # The HTTP port
- "8080:8080" # The Web UI (enabled by --api)
volumes:
- /var/run/docker.sock:/var/run/docker.sock # So that Traefik can listen to the Docker events
# A container that exposes a simple API
whoami:
image: containous/whoami # A container that exposes an API to show its IP address
labels:
- "traefik.http.routers.whoami.rule=Host:whoami.docker.localhost"

View File

@ -1,19 +0,0 @@
-----BEGIN CERTIFICATE-----
MIIDHDCCAgQCCQDODsC1A72mSDANBgkqhkiG9w0BAQsFADBQMQswCQYDVQQGEwJG
UjELMAkGA1UECAwCTVAxDTALBgNVBAcMBFRsc2UxEzARBgNVBAoMCkNvbnRhaW5v
dXMxEDAOBgNVBAsMB1RyYWVmaWswHhcNMTcwODI1MTQxMzU3WhcNMjcwODIzMTQx
MzU3WjBQMQswCQYDVQQGEwJGUjELMAkGA1UECAwCTVAxDTALBgNVBAcMBFRsc2Ux
EzARBgNVBAoMCkNvbnRhaW5vdXMxEDAOBgNVBAsMB1RyYWVmaWswggEiMA0GCSqG
SIb3DQEBAQUAA4IBDwAwggEKAoIBAQCacKEL5+AlaArZWyfysY1qbtOWdGj0xwq1
tZ6GZ0fb+0uVeKzJxPBulpwhmXiofUncvFOpr1paaQQRRgE71A6PSIzc64a3NGmm
dbju3eOdFVm9za37asFTA2Y87v9HSYJyNSeQgdVCbykhHBrHPrP6kfPx8T7uiPRT
cYWhL9Ko1IuW2rTjMt2UUmk1IPk2WFMWKM1mopqzrxu/NB+O5wOs7MRO1Z8BtAak
bclxCQaaE0TgjChlxVPP0us77rCq3///i9kf1x0PGt/LyseaxzAoKfZ6kM6Uq0yk
psWGSxu7sPXmERsN4tZLj7d/J5A2nvnO7h/bhl2FtBAauzsi3LIbAgMBAAEwDQYJ
KoZIhvcNAQELBQADggEBACQbp2gcCFbbQE47SwdI7rWDIITylHj0uCXHJfUggkUl
F/WHIBUdpVaWVOLSysmG8n6fmWTDZOCVNA1+XMjRZUPwVvr//XHjcFpOKfHW47r2
VeMHQYQpZH7QmsjyvxXZOrz/Ft3uA9Dna1N5nHRYflpfasdRmXbNK81IykR93Dfn
jV9ecDAQl0ru/YcMmabYx3uoWyTvO57EnbXfiPcwIdKGpykXKTv64vAMtkrJicgX
jhh+p7ayKklfxinEL7/GCjfSBip7J4DszvLVoyIzmS7HjVdJkpu9agZLYsSl4tCJ
qnh7nkp/Fd0XdTV17FwL/veMlpq9AkillIKjHl6vFL0=
-----END CERTIFICATE-----

View File

@ -1,27 +0,0 @@
-----BEGIN RSA PRIVATE KEY-----
MIIEpAIBAAKCAQEAmnChC+fgJWgK2Vsn8rGNam7TlnRo9McKtbWehmdH2/tLlXis
ycTwbpacIZl4qH1J3LxTqa9aWmkEEUYBO9QOj0iM3OuGtzRppnW47t3jnRVZvc2t
+2rBUwNmPO7/R0mCcjUnkIHVQm8pIRwaxz6z+pHz8fE+7oj0U3GFoS/SqNSLltq0
4zLdlFJpNSD5NlhTFijNZqKas68bvzQfjucDrOzETtWfAbQGpG3JcQkGmhNE4Iwo
ZcVTz9LrO+6wqt///4vZH9cdDxrfy8rHmscwKCn2epDOlKtMpKbFhksbu7D15hEb
DeLWS4+3fyeQNp75zu4f24ZdhbQQGrs7ItyyGwIDAQABAoIBAQCYFpBSJC/1Rmdg
s0c81iMYjDlsMgll/FmMpmWNoEoA1ZESintGW94WWdU5tWRAMNm7Oe797ISDAmYS
CKmQXH1WFzE5IexRoJjmZ4oOGY9cEzmEE/fg3rmxYWieWxIkBr0icTwcL+9u8/9B
7uZkDli5SmA8g8HgsBhD0Eizel/vB5DyUtm8VoVYvDkkljYO/PGT/ectclr6JK9g
biP4jkA2a3CTb8KeyBTrYbULWCtwZ7H5fmySXIX4QpJmEcx5Af7nYITU0OEK63uV
NKCQLDpHyOrDIj+mwjxASBQdUDU7NApCR2MrzmGDRPPCGiEWYao5bCrsNRAoDFuy
Ux2H+jnRAoGBAM2nOcjJ7nKmOEUTyB0J9ElJRBoChBJAF3ak/aj4xDYAz/hadQL0
OuulOgmYwHjv7Y5Tx6P5ZQgyComa6rKfNZ/mzgm1wMPsKOi5q5T2Zj/0Pt6xih3x
+PxonLiIS7221U5xlBZUyW1LLIM4gT7NS9n2pxBuNESotmSwFnPru4OzAoGBAMA/
vyXAnOTRi1on8TDItdPDgq13s0I+q+Fj4+KVCEifRiT9P9NRKQNfvRZI39QGmJ+x
kGx6VY96SZo5ysm4ElkcKLJ7EcZ38XehG9rar6ZLEAgY4KnA4wDZWmJ1dUm4ZJZI
Sj2EFmb30V1FP/qo9TFro5Je6P0m9TjFeLKwF4P5AoGAKIu0x9KQMYh2BaB9zsPc
pupMA/jFAzghqCGlZUAOpzsHxcZH1ZpDV5xO0f+Myws6wdngvYJ5GeGL1E93wFnF
X85Ihv+PjtEry553prnhtPA5yPwl5/uCBHm3lGZC0JeQfJPGB5UV1XeBwilMyg39
y25mx8WChprgwv84ngg3AyMCgYEAlb2RPvCFw9xK9FAEFwFeTrELyd1gLIrwCcBq
MYPvTdFxK0JuQkQG8+/QMdlVLaptmoUNftDSb8zKI2w8PV44PFwofsxJDhNCavF7
5r1K7vWsaQIni1EH/xNMyT+/uUn8XumzmbKWWGFSG5niuXR8dp/mag2u3+9GNY/p
8RQjXNECgYAnA7rQ7UVayRQUL8NKB0jhP/J0UomrJRXYx+J5UP7QIoObXlTbDVSi
VTAiSrhPQIFa1s8ghUgCghwq6KJsZoQzrp1fLLlV/HIN+4XXhYVAmOI/k41rCj/0
eYTkXlXyFpcaW3h9vVjT1wN9FwbU1kNpFo/PvDLM/SQB7GhFRznDDw==
-----END RSA PRIVATE KEY-----

View File

@ -1,40 +0,0 @@
{
"id": "/foo",
"groups": [
{
"id": "/foo/bar",
"apps": [
{
"id": "whoami",
"cpus": 0.1,
"mem": 64.0,
"instances": 3,
"container": {
"type": "DOCKER",
"docker": {
"image": "containous/whoami",
"network": "BRIDGE",
"portMappings": [
{
"containerPort": 80,
"hostPort": 0,
"protocol": "tcp"
}
]
}
},
"healthChecks": [
{
"protocol": "HTTP",
"portIndex": 0,
"path": "/",
"gracePeriodSeconds": 5,
"intervalSeconds": 20,
"maxConsecutiveFailures": 3
}
]
}
]
}
]
}

View File

@ -1,32 +0,0 @@
{
"id": "whoami",
"cpus": 0.1,
"mem": 64.0,
"instances": 3,
"container": {
"type": "DOCKER",
"docker": {
"image": "containous/whoami",
"network": "BRIDGE",
"portMappings": [
{ "containerPort": 80, "hostPort": 0, "protocol": "tcp" }
]
}
},
"healthChecks": [
{
"protocol": "HTTP",
"portIndex": 0,
"path": "/",
"gracePeriodSeconds": 5,
"intervalSeconds": 20,
"maxConsecutiveFailures": 3
}
],
"labels": {
"traefik.weight": "1",
"traefik.protocol": "http",
"traefik.frontend.rule" : "Host:test.marathon.localhost",
"traefik.frontend.priority" : "10"
}
}

View File

@ -1,8 +1,5 @@
//go:generate rm -vf autogen/gentemplates/gen.go
//go:generate rm -vf autogen/genstatic/gen.go
//go:generate mkdir -p static
//go:generate go-bindata -pkg gentemplates -nometadata -nocompress -o autogen/gentemplates/gen.go ./templates/...
//go:generate gofmt -s -w autogen/gentemplates/gen.go
//go:generate go-bindata -pkg genstatic -nocompress -o autogen/genstatic/gen.go ./static/...
package main

View File

@ -1,3 +1,5 @@
// +build ignore
package consulcatalog
import (

View File

@ -1,3 +1,5 @@
// +build ignore
package ecs
import (

View File

@ -1,3 +1,5 @@
// +build ignore
package ecs
import (

View File

@ -1,3 +1,5 @@
// +build ignore
package mesos
import (

View File

@ -1,3 +1,5 @@
// +build ignore
package mesos
import (

View File

@ -2,14 +2,12 @@ package provider
import (
"bytes"
"io/ioutil"
"strings"
"text/template"
"unicode"
"github.com/BurntSushi/toml"
"github.com/Masterminds/sprig"
"github.com/containous/traefik/autogen/gentemplates"
"github.com/containous/traefik/old/log"
"github.com/containous/traefik/old/types"
"github.com/containous/traefik/safe"
@ -107,24 +105,9 @@ func (p *BaseProvider) DecodeConfiguration(content string) (*types.Configuration
return configuration, nil
}
// genTemplate does not do anything anymore because we removed the templates
func (p *BaseProvider) getTemplateContent(defaultTemplateFile string) (string, error) {
if len(p.Filename) > 0 {
buf, err := ioutil.ReadFile(p.Filename)
if err != nil {
return "", err
}
return string(buf), nil
}
if strings.HasSuffix(defaultTemplateFile, ".tmpl") {
buf, err := gentemplates.Asset(defaultTemplateFile)
if err != nil {
return "", err
}
return string(buf), nil
}
return defaultTemplateFile, nil
return "", nil
}
func split(sep, s string) []string {

View File

@ -1,3 +1,5 @@
// +build ignore
package rancher
import (

View File

@ -1,31 +0,0 @@
#!/usr/bin/env bash
set -o errexit
set -o pipefail
set -o nounset
SCRIPTDIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"; export SCRIPTDIR
source "${SCRIPTDIR}/.validate"
# Iterate over all directories containing templates folders.
IFS=$'\n' files=( $(validate_diff --diff-filter=ACMR --name-only -- templates || true) )
if [[ ${#files[@]} -gt 0 ]]; then
echo "checking autogen is up-to-date with templates..."
go generate >/dev/null
# Let see if the working directory is clean
diffs="$(git status --porcelain -- autogen 2>/dev/null)"
if [[ "$diffs" ]]; then
{
echo "The result of 'go generate' differs"
echo
echo "$diffs"
echo
echo 'Please do "go generate" to update the `autogen` package.'
echo
} >&2
exit 2
fi
fi
echo 'Congratulations! All autogen changes are done the right way.'

View File

@ -1,276 +0,0 @@
[backends]
{{range $service := .Services}}
{{ $backendName := getServiceBackendName $service }}
{{ $circuitBreaker := getCircuitBreaker $service.TraefikLabels }}
{{if $circuitBreaker }}
[backends."backend-{{ $backendName }}".circuitBreaker]
expression = "{{ $circuitBreaker.Expression }}"
{{end}}
{{ $responseForwarding := getResponseForwarding $service.TraefikLabels }}
{{if $responseForwarding }}
[backends."backend-{{ $backendName }}".responseForwarding]
flushInterval = "{{ $responseForwarding.FlushInterval }}"
{{end}}
{{ $loadBalancer := getLoadBalancer $service.TraefikLabels }}
{{if $loadBalancer }}
[backends."backend-{{ $backendName }}".loadBalancer]
method = "{{ $loadBalancer.Method }}"
{{if $loadBalancer.Stickiness }}
[backends."backend-{{ $backendName }}".loadBalancer.stickiness]
cookieName = "{{ $loadBalancer.Stickiness.CookieName }}"
{{end}}
{{end}}
{{ $maxConn := getMaxConn $service.TraefikLabels }}
{{if $maxConn }}
[backends."backend-{{ $backendName }}".maxConn]
extractorFunc = "{{ $maxConn.ExtractorFunc }}"
amount = {{ $maxConn.Amount }}
{{end}}
{{ $healthCheck := getHealthCheck $service.TraefikLabels }}
{{if $healthCheck }}
[backends."backend-{{ $backendName }}".healthCheck]
scheme = "{{ $healthCheck.Scheme }}"
path = "{{ $healthCheck.Path }}"
port = {{ $healthCheck.Port }}
interval = "{{ $healthCheck.Interval }}"
timeout = "{{ $healthCheck.Timeout }}"
hostname = "{{ $healthCheck.Hostname }}"
{{if $healthCheck.Headers }}
[backends."backend-{{ $backendName }}".healthCheck.headers]
{{range $k, $v := $healthCheck.Headers }}
{{$k}} = "{{$v}}"
{{end}}
{{end}}
{{end}}
{{ $buffering := getBuffering $service.TraefikLabels }}
{{if $buffering }}
[backends."backend-{{ $backendName }}".buffering]
maxRequestBodyBytes = {{ $buffering.MaxRequestBodyBytes }}
memRequestBodyBytes = {{ $buffering.MemRequestBodyBytes }}
maxResponseBodyBytes = {{ $buffering.MaxResponseBodyBytes }}
memResponseBodyBytes = {{ $buffering.MemResponseBodyBytes }}
retryExpression = "{{ $buffering.RetryExpression }}"
{{end}}
{{end}}
{{range $index, $node := .Nodes}}
{{ $server := getServer $node }}
[backends."backend-{{ getNodeBackendName $node }}".servers."{{ getServerName $node $index }}"]
url = "{{ $server.URL }}"
weight = {{ $server.Weight }}
{{end}}
[frontends]
{{range $service := .Services}}
[frontends."frontend-{{ $service.ServiceName }}"]
backend = "backend-{{ getServiceBackendName $service }}"
priority = {{ getPriority $service.TraefikLabels }}
passHostHeader = {{ getPassHostHeader $service.TraefikLabels }}
passTLSCert = {{ getPassTLSCert $service.TraefikLabels }}
entryPoints = [{{range getFrontEndEntryPoints $service.TraefikLabels }}
"{{.}}",
{{end}}]
{{ $tlsClientCert := getPassTLSClientCert $service.TraefikLabels }}
{{if $tlsClientCert }}
[frontends."frontend-{{ $service.ServiceName }}".passTLSClientCert]
pem = {{ $tlsClientCert.PEM }}
{{ $infos := $tlsClientCert.Infos }}
{{if $infos }}
[frontends."frontend-{{ $service.ServiceName }}".passTLSClientCert.infos]
notAfter = {{ $infos.NotAfter }}
notBefore = {{ $infos.NotBefore }}
sans = {{ $infos.Sans }}
{{ $subject := $infos.Subject }}
{{if $subject }}
[frontends."frontend-{{ $service.ServiceName }}".passTLSClientCert.infos.subject]
country = {{ $subject.Country }}
province = {{ $subject.Province }}
locality = {{ $subject.Locality }}
organization = {{ $subject.Organization }}
commonName = {{ $subject.CommonName }}
serialNumber = {{ $subject.SerialNumber }}
domainComponent = {{ $subject.DomainComponent }}
{{end}}
{{ $issuer := $infos.Subject }}
{{if $issuer }}
[frontends."frontend-{{ $service.ServiceName }}".passTLSClientCert.infos.issuer]
country = {{ $issuer.Country }}
province = {{ $issuer.Province }}
locality = {{ $issuer.Locality }}
organization = {{ $issuer.Organization }}
commonName = {{ $issuer.CommonName }}
serialNumber = {{ $issuer.SerialNumber }}
domainComponent = {{ $issuer.DomainComponent }}
{{end}}
{{end}}
{{end}}
{{ $auth := getAuth $service.TraefikLabels }}
{{if $auth }}
[frontends."frontend-{{ $service.ServiceName }}".auth]
headerField = "{{ $auth.HeaderField }}"
{{if $auth.Forward }}
[frontends."frontend-{{ $service.ServiceName }}".auth.forward]
address = "{{ $auth.Forward.Address }}"
trustForwardHeader = {{ $auth.Forward.TrustForwardHeader }}
{{if $auth.Forward.AuthResponseHeaders }}
authResponseHeaders = [{{range $auth.Forward.AuthResponseHeaders }}
"{{.}}",
{{end}}]
{{end}}
{{if $auth.Forward.TLS }}
[frontends."frontend-{{ $service.ServiceName }}".auth.forward.tls]
ca = "{{ $auth.Forward.TLS.CA }}"
caOptional = {{ $auth.Forward.TLS.CAOptional }}
cert = """{{ $auth.Forward.TLS.Cert }}"""
key = """{{ $auth.Forward.TLS.Key }}"""
insecureSkipVerify = {{ $auth.Forward.TLS.InsecureSkipVerify }}
{{end}}
{{end}}
{{if $auth.Basic }}
[frontends."frontend-{{ $service.ServiceName }}".auth.basic]
removeHeader = {{ $auth.Basic.RemoveHeader }}
{{if $auth.Basic.Users }}
users = [{{range $auth.Basic.Users }}
"{{.}}",
{{end}}]
{{end}}
usersFile = "{{ $auth.Basic.UsersFile }}"
{{end}}
{{if $auth.Digest }}
[frontends."frontend-{{ $service.ServiceName }}".auth.digest]
removeHeader = {{ $auth.Digest.RemoveHeader }}
{{if $auth.Digest.Users }}
users = [{{range $auth.Digest.Users }}
"{{.}}",
{{end}}]
{{end}}
usersFile = "{{ $auth.Digest.UsersFile }}"
{{end}}
{{end}}
{{ $whitelist := getWhiteList $service.TraefikLabels }}
{{if $whitelist }}
[frontends."frontend-{{ $service.ServiceName }}".whiteList]
sourceRange = [{{range $whitelist.SourceRange }}
"{{.}}",
{{end}}]
{{if $whitelist.IPStrategy }}
[frontends."frontend-{{ $service.ServiceName }}".whiteList.IPStrategy]
depth = {{ $whitelist.IPStrategy.Depth }}
excludedIPs = [{{range $whitelist.IPStrategy.ExcludedIPs }}
"{{.}}",
{{end}}]
{{end}}
{{end}}
{{ $redirect := getRedirect $service.TraefikLabels }}
{{if $redirect }}
[frontends."frontend-{{ $service.ServiceName }}".redirect]
entryPoint = "{{ $redirect.EntryPoint }}"
regex = "{{ $redirect.Regex }}"
replacement = "{{ $redirect.Replacement }}"
permanent = {{ $redirect.Permanent }}
{{end}}
{{ $errorPages := getErrorPages $service.TraefikLabels }}
{{if $errorPages }}
[frontends."frontend-{{ $service.ServiceName }}".errors]
{{range $pageName, $page := $errorPages }}
[frontends."frontend-{{ $service.ServiceName }}".errors."{{ $pageName }}"]
status = [{{range $page.Status }}
"{{.}}",
{{end}}]
backend = "backend-{{ $page.Backend }}"
query = "{{ $page.Query }}"
{{end}}
{{end}}
{{ $rateLimit := getRateLimit $service.TraefikLabels }}
{{if $rateLimit }}
[frontends."frontend-{{ $service.ServiceName }}".rateLimit]
extractorFunc = "{{ $rateLimit.ExtractorFunc }}"
[frontends."frontend-{{ $service.ServiceName }}".rateLimit.rateSet]
{{ range $limitName, $limit := $rateLimit.RateSet }}
[frontends."frontend-{{ $service.ServiceName }}".rateLimit.rateSet."{{ $limitName }}"]
period = "{{ $limit.Period }}"
average = {{ $limit.Average }}
burst = {{ $limit.Burst }}
{{end}}
{{end}}
{{ $headers := getHeaders $service.TraefikLabels }}
{{if $headers }}
[frontends."frontend-{{ $service.ServiceName }}".headers]
SSLRedirect = {{ $headers.SSLRedirect }}
SSLTemporaryRedirect = {{ $headers.SSLTemporaryRedirect }}
SSLHost = "{{ $headers.SSLHost }}"
SSLForceHost = {{ $headers.SSLForceHost }}
STSSeconds = {{ $headers.STSSeconds }}
STSIncludeSubdomains = {{ $headers.STSIncludeSubdomains }}
STSPreload = {{ $headers.STSPreload }}
ForceSTSHeader = {{ $headers.ForceSTSHeader }}
FrameDeny = {{ $headers.FrameDeny }}
CustomFrameOptionsValue = "{{ $headers.CustomFrameOptionsValue }}"
ContentTypeNosniff = {{ $headers.ContentTypeNosniff }}
BrowserXSSFilter = {{ $headers.BrowserXSSFilter }}
CustomBrowserXSSValue = "{{ $headers.CustomBrowserXSSValue }}"
ContentSecurityPolicy = "{{ $headers.ContentSecurityPolicy }}"
PublicKey = "{{ $headers.PublicKey }}"
ReferrerPolicy = "{{ $headers.ReferrerPolicy }}"
IsDevelopment = {{ $headers.IsDevelopment }}
{{if $headers.AllowedHosts }}
AllowedHosts = [{{range $headers.AllowedHosts }}
"{{.}}",
{{end}}]
{{end}}
{{if $headers.HostsProxyHeaders }}
HostsProxyHeaders = [{{range $headers.HostsProxyHeaders }}
"{{.}}",
{{end}}]
{{end}}
{{if $headers.CustomRequestHeaders }}
[frontends."frontend-{{ $service.ServiceName }}".headers.customRequestHeaders]
{{range $k, $v := $headers.CustomRequestHeaders }}
{{$k}} = "{{$v}}"
{{end}}
{{end}}
{{if $headers.CustomResponseHeaders }}
[frontends."frontend-{{ $service.ServiceName }}".headers.customResponseHeaders]
{{range $k, $v := $headers.CustomResponseHeaders }}
{{$k}} = "{{$v}}"
{{end}}
{{end}}
{{if $headers.SSLProxyHeaders }}
[frontends."frontend-{{ $service.ServiceName }}".headers.SSLProxyHeaders]
{{range $k, $v := $headers.SSLProxyHeaders}}
{{$k}} = "{{$v}}"
{{end}}
{{end}}
{{end}}
[frontends."frontend-{{ $service.ServiceName }}".routes."route-host-{{ $service.ServiceName }}"]
rule = "{{ getFrontendRule $service }}"
{{end}}

View File

@ -1,277 +0,0 @@
{{$backendServers := .Servers}}
[backends]
{{range $backendName, $servers := .Servers}}
{{ $backend := index $servers 0 }}
{{ $circuitBreaker := getCircuitBreaker $backend.SegmentLabels }}
{{if $circuitBreaker }}
[backends."backend-{{ $backendName }}".circuitBreaker]
expression = "{{ $circuitBreaker.Expression }}"
{{end}}
{{ $responseForwarding := getResponseForwarding $backend.SegmentLabels }}
{{if $responseForwarding }}
[backends."backend-{{ $backendName }}".responseForwarding]
flushInterval = "{{ $responseForwarding.FlushInterval }}"
{{end}}
{{ $loadBalancer := getLoadBalancer $backend.SegmentLabels }}
{{if $loadBalancer }}
[backends."backend-{{ $backendName }}".loadBalancer]
method = "{{ $loadBalancer.Method }}"
{{if $loadBalancer.Stickiness }}
[backends."backend-{{ $backendName }}".loadBalancer.stickiness]
cookieName = "{{ $loadBalancer.Stickiness.CookieName }}"
{{end}}
{{end}}
{{ $maxConn := getMaxConn $backend.SegmentLabels }}
{{if $maxConn }}
[backends."backend-{{ $backendName }}".maxConn]
extractorFunc = "{{ $maxConn.ExtractorFunc }}"
amount = {{ $maxConn.Amount }}
{{end}}
{{ $healthCheck := getHealthCheck $backend.SegmentLabels }}
{{if $healthCheck }}
[backends."backend-{{ $backendName }}".healthCheck]
scheme = "{{ $healthCheck.Scheme }}"
path = "{{ $healthCheck.Path }}"
port = {{ $healthCheck.Port }}
interval = "{{ $healthCheck.Interval }}"
timeout = "{{ $healthCheck.Timeout }}"
hostname = "{{ $healthCheck.Hostname }}"
{{if $healthCheck.Headers }}
[backends."backend-{{ $backendName }}".healthCheck.headers]
{{range $k, $v := $healthCheck.Headers }}
{{$k}} = "{{$v}}"
{{end}}
{{end}}
{{end}}
{{ $buffering := getBuffering $backend.SegmentLabels }}
{{if $buffering }}
[backends."backend-{{ $backendName }}".buffering]
maxRequestBodyBytes = {{ $buffering.MaxRequestBodyBytes }}
memRequestBodyBytes = {{ $buffering.MemRequestBodyBytes }}
maxResponseBodyBytes = {{ $buffering.MaxResponseBodyBytes }}
memResponseBodyBytes = {{ $buffering.MemResponseBodyBytes }}
retryExpression = "{{ $buffering.RetryExpression }}"
{{end}}
{{range $serverName, $server := getServers $servers }}
[backends."backend-{{ $backendName }}".servers."{{ $serverName }}"]
url = "{{ $server.URL }}"
weight = {{ $server.Weight }}
{{end}}
{{end}}
[frontends]
{{range $frontendName, $containers := .Frontends }}
{{ $container := index $containers 0 }}
[frontends."frontend-{{ $frontendName }}"]
backend = "backend-{{ getBackendName $container }}"
priority = {{ getPriority $container.SegmentLabels }}
passHostHeader = {{ getPassHostHeader $container.SegmentLabels }}
passTLSCert = {{ getPassTLSCert $container.SegmentLabels }}
entryPoints = [{{range getEntryPoints $container.SegmentLabels }}
"{{.}}",
{{end}}]
{{ $tlsClientCert := getPassTLSClientCert $container.SegmentLabels }}
{{if $tlsClientCert }}
[frontends."frontend-{{ $frontendName }}".passTLSClientCert]
pem = {{ $tlsClientCert.PEM }}
{{ $infos := $tlsClientCert.Infos }}
{{if $infos }}
[frontends."frontend-{{ $frontendName }}".passTLSClientCert.infos]
notAfter = {{ $infos.NotAfter }}
notBefore = {{ $infos.NotBefore }}
sans = {{ $infos.Sans }}
{{ $subject := $infos.Subject }}
{{if $subject }}
[frontends."frontend-{{ $frontendName }}".passTLSClientCert.infos.subject]
country = {{ $subject.Country }}
province = {{ $subject.Province }}
locality = {{ $subject.Locality }}
organization = {{ $subject.Organization }}
commonName = {{ $subject.CommonName }}
serialNumber = {{ $subject.SerialNumber }}
domainComponent = {{ $subject.DomainComponent }}
{{end}}
{{ $issuer := $infos.Issuer }}
{{if $issuer }}
[frontends."frontend-{{ $frontendName }}".passTLSClientCert.infos.issuer]
country = {{ $issuer.Country }}
province = {{ $issuer.Province }}
locality = {{ $issuer.Locality }}
organization = {{ $issuer.Organization }}
commonName = {{ $issuer.CommonName }}
serialNumber = {{ $issuer.SerialNumber }}
domainComponent = {{ $issuer.DomainComponent }}
{{end}}
{{end}}
{{end}}
{{ $auth := getAuth $container.SegmentLabels }}
{{if $auth }}
[frontends."frontend-{{ $frontendName }}".auth]
headerField = "{{ $auth.HeaderField }}"
{{if $auth.Forward }}
[frontends."frontend-{{ $frontendName }}".auth.forward]
address = "{{ $auth.Forward.Address }}"
trustForwardHeader = {{ $auth.Forward.TrustForwardHeader }}
{{if $auth.Forward.AuthResponseHeaders }}
authResponseHeaders = [{{range $auth.Forward.AuthResponseHeaders }}
"{{.}}",
{{end}}]
{{end}}
{{if $auth.Forward.TLS }}
[frontends."frontend-{{ $frontendName }}".auth.forward.tls]
ca = "{{ $auth.Forward.TLS.CA }}"
caOptional = {{ $auth.Forward.TLS.CAOptional }}
cert = """{{ $auth.Forward.TLS.Cert }}"""
key = """{{ $auth.Forward.TLS.Key }}"""
insecureSkipVerify = {{ $auth.Forward.TLS.InsecureSkipVerify }}
{{end}}
{{end}}
{{if $auth.Basic }}
[frontends."frontend-{{ $frontendName }}".auth.basic]
realm = "{{ $auth.Basic.Realm }}"
removeHeader = {{ $auth.Basic.RemoveHeader }}
{{if $auth.Basic.Users }}
users = [{{range $auth.Basic.Users }}
"{{.}}",
{{end}}]
{{end}}
usersFile = "{{ $auth.Basic.UsersFile }}"
{{end}}
{{if $auth.Digest }}
[frontends."frontend-{{ $frontendName }}".auth.digest]
removeHeader = {{ $auth.Digest.RemoveHeader }}
{{if $auth.Digest.Users }}
users = [{{range $auth.Digest.Users }}
"{{.}}",
{{end}}]
{{end}}
usersFile = "{{ $auth.Digest.UsersFile }}"
{{end}}
{{end}}
{{ $whitelist := getWhiteList $container.SegmentLabels }}
{{if $whitelist }}
[frontends."frontend-{{ $frontendName }}".whiteList]
sourceRange = [{{range $whitelist.SourceRange }}
"{{.}}",
{{end}}]
{{if $whitelist.IPStrategy }}
[frontends."frontend-{{ $frontendName }}".whiteList.IPStrategy]
depth = {{ $whitelist.IPStrategy.Depth }}
excludedIPs = [{{range $whitelist.IPStrategy.ExcludedIPs }}
"{{.}}",
{{end}}]
{{end}}
{{end}}
{{ $redirect := getRedirect $container.SegmentLabels }}
{{if $redirect }}
[frontends."frontend-{{ $frontendName }}".redirect]
entryPoint = "{{ $redirect.EntryPoint }}"
regex = "{{ $redirect.Regex }}"
replacement = "{{ $redirect.Replacement }}"
permanent = {{ $redirect.Permanent }}
{{end}}
{{ $errorPages := getErrorPages $container.SegmentLabels }}
{{if $errorPages }}
[frontends."frontend-{{ $frontendName }}".errors]
{{range $pageName, $page := $errorPages }}
[frontends."frontend-{{ $frontendName }}".errors."{{ $pageName }}"]
status = [{{range $page.Status }}
"{{.}}",
{{end}}]
backend = "backend-{{ $page.Backend }}"
query = "{{ $page.Query }}"
{{end}}
{{end}}
{{ $rateLimit := getRateLimit $container.SegmentLabels }}
{{if $rateLimit }}
[frontends."frontend-{{ $frontendName }}".rateLimit]
extractorFunc = "{{ $rateLimit.ExtractorFunc }}"
[frontends."frontend-{{ $frontendName }}".rateLimit.rateSet]
{{ range $limitName, $limit := $rateLimit.RateSet }}
[frontends."frontend-{{ $frontendName }}".rateLimit.rateSet."{{ $limitName }}"]
period = "{{ $limit.Period }}"
average = {{ $limit.Average }}
burst = {{ $limit.Burst }}
{{end}}
{{end}}
{{ $headers := getHeaders $container.SegmentLabels }}
{{if $headers }}
[frontends."frontend-{{ $frontendName }}".headers]
SSLRedirect = {{ $headers.SSLRedirect }}
SSLTemporaryRedirect = {{ $headers.SSLTemporaryRedirect }}
SSLHost = "{{ $headers.SSLHost }}"
SSLForceHost = {{ $headers.SSLForceHost }}
STSSeconds = {{ $headers.STSSeconds }}
STSIncludeSubdomains = {{ $headers.STSIncludeSubdomains }}
STSPreload = {{ $headers.STSPreload }}
ForceSTSHeader = {{ $headers.ForceSTSHeader }}
FrameDeny = {{ $headers.FrameDeny }}
CustomFrameOptionsValue = "{{ $headers.CustomFrameOptionsValue }}"
ContentTypeNosniff = {{ $headers.ContentTypeNosniff }}
BrowserXSSFilter = {{ $headers.BrowserXSSFilter }}
ContentSecurityPolicy = "{{ $headers.ContentSecurityPolicy }}"
CustomBrowserXSSValue = "{{ $headers.CustomBrowserXSSValue }}"
PublicKey = "{{ $headers.PublicKey }}"
ReferrerPolicy = "{{ $headers.ReferrerPolicy }}"
IsDevelopment = {{ $headers.IsDevelopment }}
{{if $headers.AllowedHosts }}
AllowedHosts = [{{range $headers.AllowedHosts }}
"{{.}}",
{{end}}]
{{end}}
{{if $headers.HostsProxyHeaders }}
HostsProxyHeaders = [{{range $headers.HostsProxyHeaders }}
"{{.}}",
{{end}}]
{{end}}
{{if $headers.CustomRequestHeaders }}
[frontends."frontend-{{ $frontendName }}".headers.customRequestHeaders]
{{range $k, $v := $headers.CustomRequestHeaders }}
{{$k}} = "{{$v}}"
{{end}}
{{end}}
{{if $headers.CustomResponseHeaders }}
[frontends."frontend-{{ $frontendName }}".headers.customResponseHeaders]
{{range $k, $v := $headers.CustomResponseHeaders }}
{{$k}} = "{{$v}}"
{{end}}
{{end}}
{{if $headers.SSLProxyHeaders }}
[frontends."frontend-{{ $frontendName }}".headers.SSLProxyHeaders]
{{range $k, $v := $headers.SSLProxyHeaders }}
{{$k}} = "{{$v}}"
{{end}}
{{end}}
{{end}}
[frontends."frontend-{{ $frontendName }}".routes."route-frontend-{{ $frontendName }}"]
rule = "{{ getFrontendRule $container $container.SegmentLabels }}"
{{end}}

View File

@ -1,277 +0,0 @@
[backends]
{{range $serviceName, $instances := .Services }}
{{ $firstInstance := index $instances 0 }}
{{ $circuitBreaker := getCircuitBreaker $firstInstance.SegmentLabels }}
{{if $circuitBreaker }}
[backends."backend-{{ $serviceName }}".circuitBreaker]
expression = "{{ $circuitBreaker.Expression }}"
{{end}}
{{ $responseForwarding := getResponseForwarding $firstInstance.SegmentLabels }}
{{if $responseForwarding }}
[backends."backend-{{ $serviceName }}".responseForwarding]
flushInterval = "{{ $responseForwarding.FlushInterval }}"
{{end}}
{{ $loadBalancer := getLoadBalancer $firstInstance.SegmentLabels }}
{{if $loadBalancer }}
[backends."backend-{{ $serviceName }}".loadBalancer]
method = "{{ $loadBalancer.Method }}"
{{if $loadBalancer.Stickiness }}
[backends."backend-{{ $serviceName }}".loadBalancer.stickiness]
cookieName = "{{ $loadBalancer.Stickiness.CookieName }}"
{{end}}
{{end}}
{{ $maxConn := getMaxConn $firstInstance.SegmentLabels }}
{{if $maxConn }}
[backends."backend-{{ $serviceName }}".maxConn]
extractorFunc = "{{ $maxConn.ExtractorFunc }}"
amount = {{ $maxConn.Amount }}
{{end}}
{{ $healthCheck := getHealthCheck $firstInstance.SegmentLabels }}
{{if $healthCheck }}
[backends."backend-{{ $serviceName }}".healthCheck]
scheme = "{{ $healthCheck.Scheme }}"
path = "{{ $healthCheck.Path }}"
port = {{ $healthCheck.Port }}
interval = "{{ $healthCheck.Interval }}"
timeout = "{{ $healthCheck.Timeout }}"
hostname = "{{ $healthCheck.Hostname }}"
{{if $healthCheck.Headers }}
[backends."backend-{{ $serviceName }}".healthCheck.headers]
{{range $k, $v := $healthCheck.Headers }}
{{$k}} = "{{$v}}"
{{end}}
{{end}}
{{end}}
{{ $buffering := getBuffering $firstInstance.SegmentLabels }}
{{if $buffering }}
[backends."backend-{{ $serviceName }}".buffering]
maxRequestBodyBytes = {{ $buffering.MaxRequestBodyBytes }}
memRequestBodyBytes = {{ $buffering.MemRequestBodyBytes }}
maxResponseBodyBytes = {{ $buffering.MaxResponseBodyBytes }}
memResponseBodyBytes = {{ $buffering.MemResponseBodyBytes }}
retryExpression = "{{ $buffering.RetryExpression }}"
{{end}}
{{range $serverName, $server := getServers $instances }}
[backends."backend-{{ $serviceName }}".servers."{{ $serverName }}"]
url = "{{ $server.URL }}"
weight = {{ $server.Weight }}
{{end}}
{{end}}
[frontends]
{{range $serviceName, $instances := .Services }}
{{range $instance := filterFrontends $instances }}
{{ $frontendName := getFrontendName $instance }}
[frontends."frontend-{{ $frontendName }}"]
backend = "backend-{{ $serviceName }}"
priority = {{ getPriority $instance.SegmentLabels }}
passHostHeader = {{ getPassHostHeader $instance.SegmentLabels }}
passTLSCert = {{ getPassTLSCert $instance.SegmentLabels }}
entryPoints = [{{range getEntryPoints $instance.SegmentLabels }}
"{{.}}",
{{end}}]
{{ $tlsClientCert := getPassTLSClientCert $instance.SegmentLabels }}
{{if $tlsClientCert }}
[frontends."frontend-{{ $frontendName }}".passTLSClientCert]
pem = {{ $tlsClientCert.PEM }}
{{ $infos := $tlsClientCert.Infos }}
{{if $infos }}
[frontends."frontend-{{ $frontendName }}".passTLSClientCert.infos]
notAfter = {{ $infos.NotAfter }}
notBefore = {{ $infos.NotBefore }}
sans = {{ $infos.Sans }}
{{ $subject := $infos.Subject }}
{{if $subject }}
[frontends."frontend-{{ $frontendName }}".passTLSClientCert.infos.subject]
country = {{ $subject.Country }}
province = {{ $subject.Province }}
locality = {{ $subject.Locality }}
organization = {{ $subject.Organization }}
commonName = {{ $subject.CommonName }}
serialNumber = {{ $subject.SerialNumber }}
domainComponent = {{ $subject.DomainComponent }}
{{end}}
{{ $issuer := $infos.Issuer }}
{{if $issuer }}
[frontends."frontend-{{ $frontendName }}".passTLSClientCert.infos.issuer]
country = {{ $issuer.Country }}
province = {{ $issuer.Province }}
locality = {{ $issuer.Locality }}
organization = {{ $issuer.Organization }}
commonName = {{ $issuer.CommonName }}
serialNumber = {{ $issuer.SerialNumber }}
domainComponent = {{ $issuer.DomainComponent }}
{{end}}
{{end}}
{{end}}
{{ $auth := getAuth $instance.SegmentLabels }}
{{if $auth }}
[frontends."frontend-{{ $frontendName }}".auth]
headerField = "{{ $auth.HeaderField }}"
{{if $auth.Forward }}
[frontends."frontend-{{ $frontendName }}".auth.forward]
address = "{{ $auth.Forward.Address }}"
trustForwardHeader = {{ $auth.Forward.TrustForwardHeader }}
{{if $auth.Forward.AuthResponseHeaders }}
authResponseHeaders = [{{range $auth.Forward.AuthResponseHeaders }}
"{{.}}",
{{end}}]
{{end}}
{{if $auth.Forward.TLS }}
[frontends."frontend-{{ $frontendName }}".auth.forward.tls]
ca = "{{ $auth.Forward.TLS.CA }}"
caOptional = {{ $auth.Forward.TLS.CAOptional }}
cert = """{{ $auth.Forward.TLS.Cert }}"""
key = """{{ $auth.Forward.TLS.Key }}"""
insecureSkipVerify = {{ $auth.Forward.TLS.InsecureSkipVerify }}
{{end}}
{{end}}
{{if $auth.Basic }}
[frontends."frontend-{{ $frontendName }}".auth.basic]
removeHeader = {{ $auth.Basic.RemoveHeader }}
{{if $auth.Basic.Users }}
users = [{{range $auth.Basic.Users }}
"{{.}}",
{{end}}]
{{end}}
usersFile = "{{ $auth.Basic.UsersFile }}"
{{end}}
{{if $auth.Digest }}
[frontends."frontend-{{ $frontendName }}".auth.digest]
removeHeader = {{ $auth.Digest.RemoveHeader }}
{{if $auth.Digest.Users }}
users = [{{range $auth.Digest.Users }}
"{{.}}",
{{end}}]
{{end}}
usersFile = "{{ $auth.Digest.UsersFile }}"
{{end}}
{{end}}
{{ $whitelist := getWhiteList $instance.SegmentLabels }}
{{if $whitelist }}
[frontends."frontend-{{ $frontendName }}".whiteList]
sourceRange = [{{range $whitelist.SourceRange }}
"{{.}}",
{{end}}]
{{if $whitelist.IPStrategy }}
[frontends."frontend-{{ $frontendName }}".whiteList.IPStrategy]
depth = {{ $whitelist.IPStrategy.Depth }}
excludedIPs = [{{range $whitelist.IPStrategy.ExcludedIPs }}
"{{.}}",
{{end}}]
{{end}}
{{end}}
{{ $redirect := getRedirect $instance.SegmentLabels }}
{{if $redirect }}
[frontends."frontend-{{ $frontendName }}".redirect]
entryPoint = "{{ $redirect.EntryPoint }}"
regex = "{{ $redirect.Regex }}"
replacement = "{{ $redirect.Replacement }}"
permanent = {{ $redirect.Permanent }}
{{end}}
{{ $errorPages := getErrorPages $instance.SegmentLabels }}
{{if $errorPages }}
[frontends."frontend-{{ $frontendName }}".errors]
{{range $pageName, $page := $errorPages }}
[frontends."frontend-{{ $frontendName }}".errors."{{ $pageName }}"]
status = [{{range $page.Status }}
"{{.}}",
{{end}}]
backend = "backend-{{ $page.Backend }}"
query = "{{ $page.Query }}"
{{end}}
{{end}}
{{ $rateLimit := getRateLimit $instance.SegmentLabels }}
{{if $rateLimit }}
[frontends."frontend-{{ $frontendName }}".rateLimit]
extractorFunc = "{{ $rateLimit.ExtractorFunc }}"
[frontends."frontend-{{ $frontendName }}".rateLimit.rateSet]
{{ range $limitName, $limit := $rateLimit.RateSet }}
[frontends."frontend-{{ $frontendName }}".rateLimit.rateSet."{{ $limitName }}"]
period = "{{ $limit.Period }}"
average = {{ $limit.Average }}
burst = {{ $limit.Burst }}
{{end}}
{{end}}
{{ $headers := getHeaders $instance.SegmentLabels }}
{{if $headers }}
[frontends."frontend-{{ $frontendName }}".headers]
SSLRedirect = {{ $headers.SSLRedirect }}
SSLTemporaryRedirect = {{ $headers.SSLTemporaryRedirect }}
SSLHost = "{{ $headers.SSLHost }}"
SSLForceHost = {{ $headers.SSLForceHost }}
STSSeconds = {{ $headers.STSSeconds }}
STSIncludeSubdomains = {{ $headers.STSIncludeSubdomains }}
STSPreload = {{ $headers.STSPreload }}
ForceSTSHeader = {{ $headers.ForceSTSHeader }}
FrameDeny = {{ $headers.FrameDeny }}
CustomFrameOptionsValue = "{{ $headers.CustomFrameOptionsValue }}"
ContentTypeNosniff = {{ $headers.ContentTypeNosniff }}
BrowserXSSFilter = {{ $headers.BrowserXSSFilter }}
CustomBrowserXSSValue = "{{ $headers.CustomBrowserXSSValue }}"
ContentSecurityPolicy = "{{ $headers.ContentSecurityPolicy }}"
PublicKey = "{{ $headers.PublicKey }}"
ReferrerPolicy = "{{ $headers.ReferrerPolicy }}"
IsDevelopment = {{ $headers.IsDevelopment }}
{{if $headers.AllowedHosts }}
AllowedHosts = [{{range $headers.AllowedHosts }}
"{{.}}",
{{end}}]
{{end}}
{{if $headers.HostsProxyHeaders }}
HostsProxyHeaders = [{{range $headers.HostsProxyHeaders }}
"{{.}}",
{{end}}]
{{end}}
{{if $headers.CustomRequestHeaders }}
[frontends."frontend-{{ $frontendName }}".headers.customRequestHeaders]
{{range $k, $v := $headers.CustomRequestHeaders }}
{{$k}} = "{{$v}}"
{{end}}
{{end}}
{{if $headers.CustomResponseHeaders }}
[frontends."frontend-{{ $frontendName }}".headers.customResponseHeaders]
{{range $k, $v := $headers.CustomResponseHeaders }}
{{$k}} = "{{$v}}"
{{end}}
{{end}}
{{if $headers.SSLProxyHeaders }}
[frontends."frontend-{{ $frontendName }}".headers.SSLProxyHeaders]
{{range $k, $v := $headers.SSLProxyHeaders }}
{{$k}} = "{{$v}}"
{{end}}
{{end}}
{{end}}
[frontends."frontend-{{ $frontendName }}".routes."route-frontend-{{ $frontendName }}"]
rule = "{{ getFrontendRule $instance }}"
{{end}}
{{end}}

View File

@ -1,24 +0,0 @@
[backends]
{{range $app := .Applications }}
[backends.backend-{{ $app.Name }}]
{{range $instance := .Instances }}
[backends."backend-{{ $app.Name }}".servers."server-{{ getInstanceID $instance }}"]
url = "{{ getProtocol $instance }}://{{ .IpAddr }}:{{ getPort $instance }}"
weight = {{ getWeight $instance }}
{{end}}
{{end}}
[frontends]
{{range $app := .Applications }}
[frontends."frontend-{{ $app.Name }}"]
backend = "backend-{{ $app.Name }}"
entryPoints = ["http"]
[frontends."frontend-{{ $app.Name }}".routes."route-host{{ $app.Name }}"]
rule = "Host:{{ $app.Name | tolower }}"
{{end}}

View File

@ -1,240 +0,0 @@
[backends]
{{range $backendName, $backend := .Backends }}
[backends."{{ $backendName }}"]
{{if $backend.CircuitBreaker }}
[backends."{{ $backendName }}".circuitBreaker]
expression = "{{ $backend.CircuitBreaker.Expression }}"
{{end}}
{{if $backend.ResponseForwarding }}
[backends."{{ $backendName }}".responseForwarding]
flushInterval = "{{ $backend.responseForwarding.FlushInterval }}"
{{end}}
[backends."{{ $backendName }}".loadBalancer]
method = "{{ $backend.LoadBalancer.Method }}"
{{if $backend.LoadBalancer.Stickiness }}
[backends."{{ $backendName }}".loadBalancer.stickiness]
cookieName = "{{ $backend.LoadBalancer.Stickiness.CookieName }}"
{{end}}
{{if $backend.MaxConn }}
[backends."{{ $backendName }}".maxConn]
amount = {{ $backend.MaxConn.Amount }}
extractorFunc = "{{ $backend.MaxConn.ExtractorFunc }}"
{{end}}
{{if $backend.Buffering }}
[backends."{{ $backendName }}".buffering]
maxRequestBodyBytes = {{ $backend.Buffering.MaxRequestBodyBytes }}
memRequestBodyBytes = {{ $backend.Buffering.MemRequestBodyBytes }}
maxResponseBodyBytes = {{ $backend.Buffering.MaxResponseBodyBytes }}
memResponseBodyBytes = {{ $backend.Buffering.MemResponseBodyBytes }}
retryExpression = "{{ $backend.Buffering.RetryExpression }}"
{{end}}
{{range $serverName, $server := $backend.Servers }}
[backends."{{ $backendName }}".servers."{{ $serverName }}"]
url = "{{ $server.URL }}"
weight = {{ $server.Weight }}
{{end}}
{{end}}
[frontends]
{{range $frontendName, $frontend := .Frontends }}
[frontends."{{ $frontendName }}"]
backend = "{{ $frontend.Backend }}"
priority = {{ $frontend.Priority }}
passHostHeader = {{ $frontend.PassHostHeader }}
passTLSCert = {{ $frontend.PassTLSCert }}
entryPoints = [{{range $frontend.EntryPoints }}
"{{.}}",
{{end}}]
{{if $frontend.Auth }}
[frontends."{{ $frontendName }}".auth]
headerField = "X-WebAuth-User"
{{if $frontend.Auth.Basic }}
[frontends."{{ $frontendName }}".auth.basic]
removeHeader = {{$frontend.Auth.Basic.RemoveHeader}}
users = [{{range $frontend.Auth.Basic.Users }}
"{{.}}",
{{end}}]
{{end}}
{{if $frontend.Auth.Digest }}
[frontends."{{ $frontendName }}".auth.digest]
removeHeader = {{$frontend.Auth.Digest.RemoveHeader}}
users = [{{range $frontend.Auth.Digest.Users }}
"{{.}}",
{{end}}]
{{end}}
{{if $frontend.Auth.Forward }}
[frontends."{{ $frontendName }}".auth.forward]
address = "{{ $frontend.Auth.Forward.Address }}"
authResponseHeaders = [{{range $frontend.Auth.Forward.AuthResponseHeaders }}
"{{.}}",
{{end}}]
trustForwardHeader = {{ $frontend.Auth.Forward.TrustForwardHeader }}
{{if $frontend.Auth.Forward.TLS }}
[frontends."{{ $frontendName }}".auth.forward.tls]
cert = """{{ $frontend.Auth.Forward.TLS.Cert }}"""
key = """{{ $frontend.Auth.Forward.TLS.Key }}"""
insecureSkipVerify = {{ $frontend.Auth.Forward.TLS.InsecureSkipVerify }}
{{end}}
{{end}}
{{end}}
{{if $frontend.WhiteList }}
[frontends."{{ $frontendName }}".whiteList]
sourceRange = [{{range $frontend.Whitelist.SourceRange }}
"{{.}}",
{{end}}]
{{if $frontend.Whitelist.IPStrategy }}
[frontends."{{ $frontendName }}".whiteList.IPStrategy]
depth = {{ $frontend.Whitelist.IPStrategy.Depth }}
excludedIPs = [{{range $frontend.Whitelist.IPStrategy.ExcludedIPs }}
"{{.}}",
{{end}}]
{{end}}
{{end}}
{{if $frontend.Redirect }}
[frontends."{{ $frontendName }}".redirect]
entryPoint = "{{ $frontend.Redirect.EntryPoint }}"
regex = "{{ $frontend.Redirect.Regex }}"
replacement = "{{ $frontend.Redirect.Replacement }}"
permanent = {{ $frontend.Redirect.Permanent }}
{{end}}
{{if $frontend.Errors }}
[frontends."{{ $frontendName }}".errors]
{{range $pageName, $page := $frontend.Errors }}
[frontends."{{ $frontendName }}".errors."{{ $pageName }}"]
status = [{{range $page.Status }}
"{{.}}",
{{end}}]
backend = "{{ $page.Backend }}"
query = "{{ $page.Query }}"
{{end}}
{{end}}
{{if $frontend.RateLimit }}
[frontends."{{ $frontendName }}".rateLimit]
extractorFunc = "{{ $frontend.RateLimit.ExtractorFunc }}"
[frontends."{{ $frontendName }}".rateLimit.rateSet]
{{range $limitName, $limit := $frontend.RateLimit.RateSet }}
[frontends."{{ $frontendName }}".rateLimit.rateSet."{{ $limitName }}"]
period = "{{ $limit.Period }}"
average = {{ $limit.Average }}
burst = {{ $limit.Burst }}
{{end}}
{{end}}
{{if $frontend.PassTLSClientCert }}
[frontends."{{ $frontendName }}".passTLSClientCert]
pem = {{ $frontend.PassTLSClientCert.PEM }}
{{ $infos := $frontend.PassTLSClientCert.Infos }}
{{if $infos }}
[frontends."{{ $frontendName }}".passTLSClientCert.infos]
notAfter = {{ $infos.NotAfter }}
notBefore = {{ $infos.NotBefore }}
sans = {{ $infos.Sans }}
{{ $subject := $infos.Subject }}
{{if $subject }}
[frontends."{{ $frontendName }}".passTLSClientCert.infos.subject]
country = {{ $subject.Country }}
province = {{ $subject.Province }}
locality = {{ $subject.Locality }}
organization = {{ $subject.Organization }}
commonName = {{ $subject.CommonName }}
serialNumber = {{ $subject.SerialNumber }}
domainComponent = {{ $subject.DomainComponent }}
{{end}}
{{ $issuer := $infos.Subject }}
{{if $issuer }}
[frontends."{{ $frontendName }}".passTLSClientCert.infos.issuer]
country = {{ $issuer.Country }}
province = {{ $issuer.Province }}
locality = {{ $issuer.Locality }}
organization = {{ $issuer.Organization }}
commonName = {{ $issuer.CommonName }}
serialNumber = {{ $issuer.SerialNumber }}
domainComponent = {{ $issuer.DomainComponent }}
{{end}}
{{end}}
{{end}}
{{if $frontend.Headers }}
[frontends."{{ $frontendName }}".headers]
SSLRedirect = {{ $frontend.Headers.SSLRedirect }}
SSLTemporaryRedirect = {{ $frontend.Headers.SSLTemporaryRedirect }}
SSLHost = "{{ $frontend.Headers.SSLHost }}"
SSLForceHost = {{ $frontend.Headers.SSLForceHost }}
STSSeconds = {{ $frontend.Headers.STSSeconds }}
STSIncludeSubdomains = {{ $frontend.Headers.STSIncludeSubdomains }}
STSPreload = {{ $frontend.Headers.STSPreload }}
ForceSTSHeader = {{ $frontend.Headers.ForceSTSHeader }}
FrameDeny = {{ $frontend.Headers.FrameDeny }}
CustomFrameOptionsValue = "{{ $frontend.Headers.CustomFrameOptionsValue }}"
ContentTypeNosniff = {{ $frontend.Headers.ContentTypeNosniff }}
BrowserXSSFilter = {{ $frontend.Headers.BrowserXSSFilter }}
CustomBrowserXSSValue = "{{ $frontend.Headers.CustomBrowserXSSValue }}"
ContentSecurityPolicy = "{{ $frontend.Headers.ContentSecurityPolicy }}"
PublicKey = "{{ $frontend.Headers.PublicKey }}"
ReferrerPolicy = "{{ $frontend.Headers.ReferrerPolicy }}"
IsDevelopment = {{ $frontend.Headers.IsDevelopment }}
{{if $frontend.Headers.AllowedHosts }}
AllowedHosts = [{{range $frontend.Headers.AllowedHosts }}
"{{.}}",
{{end}}]
{{end}}
{{if $frontend.Headers.HostsProxyHeaders }}
HostsProxyHeaders = [{{range $frontend.Headers.HostsProxyHeaders }}
"{{.}}",
{{end}}]
{{end}}
{{if $frontend.Headers.CustomRequestHeaders }}
[frontends."{{ $frontendName }}".headers.customRequestHeaders]
{{range $k, $v := $frontend.Headers.CustomRequestHeaders }}
{{ $k }} = "{{ $v }}"
{{end}}
{{end}}
{{if $frontend.Headers.CustomResponseHeaders }}
[frontends."{{ $frontendName }}".headers.customResponseHeaders]
{{range $k, $v := $frontend.Headers.CustomResponseHeaders }}
{{ $k }} = "{{ $v }}"
{{end}}
{{end}}
{{if $frontend.Headers.SSLProxyHeaders }}
[frontends."{{ $frontendName }}".headers.SSLProxyHeaders]
{{range $k, $v := $frontend.Headers.SSLProxyHeaders }}
{{ $k }} = "{{ $v }}"
{{end}}
{{end}}
{{end}}
{{range $routeName, $route := $frontend.Routes }}
[frontends."{{ $frontendName }}".routes."{{ $routeName }}"]
rule = "{{ $route.Rule }}"
{{end}}
{{end}}
{{range $tls := .TLS }}
[[tls]]
entryPoints = [{{range $tls.EntryPoints }}
"{{.}}",
{{end}}]
[tls.certificate]
certFile = """{{ $tls.Certificate.CertFile }}"""
keyFile = """{{ $tls.Certificate.KeyFile }}"""
{{end}}

View File

@ -1,289 +0,0 @@
[backends]
{{range $backend := List .Prefix "/backends/" }}
{{ $backendName := Last $backend }}
{{ $circuitBreaker := getCircuitBreaker $backend }}
{{if $circuitBreaker }}
[backends."{{ $backendName }}".circuitBreaker]
expression = "{{ $circuitBreaker.Expression }}"
{{end}}
{{ $responseForwarding := getResponseForwarding $backend }}
{{if $responseForwarding }}
[backends."{{ $backendName }}".responseForwarding]
flushInterval = "{{ $responseForwarding.flushInterval }}"
{{end}}
{{ $loadBalancer := getLoadBalancer $backend }}
{{if $loadBalancer }}
[backends."{{ $backendName }}".loadBalancer]
method = "{{ $loadBalancer.Method }}"
{{if $loadBalancer.Stickiness }}
[backends."{{ $backendName }}".loadBalancer.stickiness]
cookieName = "{{ $loadBalancer.Stickiness.CookieName }}"
{{end}}
{{end}}
{{ $maxConn := getMaxConn $backend }}
{{if $maxConn }}
[backends."{{ $backendName }}".maxConn]
extractorFunc = "{{ $maxConn.ExtractorFunc }}"
amount = {{ $maxConn.Amount }}
{{end}}
{{ $healthCheck := getHealthCheck $backend }}
{{if $healthCheck }}
[backends."{{ $backendName }}".healthCheck]
scheme = "{{ $healthCheck.Scheme }}"
path = "{{ $healthCheck.Path }}"
port = {{ $healthCheck.Port }}
interval = "{{ $healthCheck.Interval }}"
timeout = "{{ $healthCheck.Timeout }}"
hostname = "{{ $healthCheck.Hostname }}"
{{if $healthCheck.Headers }}
[backends."{{ $backendName }}".healthCheck.headers]
{{range $k, $v := $healthCheck.Headers }}
{{$k}} = "{{$v}}"
{{end}}
{{end}}
{{end}}
{{ $buffering := getBuffering $backend }}
{{if $buffering }}
[backends."{{ $backendName }}".buffering]
maxRequestBodyBytes = {{ $buffering.MaxRequestBodyBytes }}
memRequestBodyBytes = {{ $buffering.MemRequestBodyBytes }}
maxResponseBodyBytes = {{ $buffering.MaxResponseBodyBytes }}
memResponseBodyBytes = {{ $buffering.MemResponseBodyBytes }}
retryExpression = "{{ $buffering.RetryExpression }}"
{{end}}
{{range $serverName, $server := getServers $backend}}
[backends."{{ $backendName }}".servers."{{ $serverName }}"]
url = "{{ $server.URL }}"
weight = {{ $server.Weight }}
{{end}}
{{end}}
[frontends]
{{range $frontend := List .Prefix "/frontends/" }}
{{ $frontendName := Last $frontend }}
[frontends."{{ $frontendName }}"]
backend = "{{ getBackendName $frontend }}"
priority = {{ getPriority $frontend }}
passHostHeader = {{ getPassHostHeader $frontend }}
passTLSCert = {{ getPassTLSCert $frontend }}
entryPoints = [{{range getEntryPoints $frontend }}
"{{.}}",
{{end}}]
{{ $tlsClientCert := getPassTLSClientCert $frontend }}
{{if $tlsClientCert }}
[frontends."{{ $frontendName }}".passTLSClientCert]
pem = {{ $tlsClientCert.PEM }}
{{ $infos := $tlsClientCert.Infos }}
{{if $infos }}
[frontends."{{ $frontendName }}".passTLSClientCert.infos]
notAfter = {{ $infos.NotAfter }}
notBefore = {{ $infos.NotBefore }}
sans = {{ $infos.Sans }}
{{ $subject := $infos.Subject }}
{{if $subject }}
[frontends."{{ $frontendName }}".passTLSClientCert.infos.subject]
country = {{ $subject.Country }}
province = {{ $subject.Province }}
locality = {{ $subject.Locality }}
organization = {{ $subject.Organization }}
commonName = {{ $subject.CommonName }}
serialNumber = {{ $subject.SerialNumber }}
domainComponent = {{ $subject.DomainComponent }}
{{end}}
{{ $issuer := $infos.Subject }}
{{if $issuer }}
[frontends."{{ $frontendName }}".passTLSClientCert.infos.issuer]
country = {{ $issuer.Country }}
province = {{ $issuer.Province }}
locality = {{ $issuer.Locality }}
organization = {{ $issuer.Organization }}
commonName = {{ $issuer.CommonName }}
serialNumber = {{ $issuer.SerialNumber }}
domainComponent = {{ $issuer.DomainComponent }}
{{end}}
{{end}}
{{end}}
{{ $auth := getAuth $frontend }}
{{if $auth }}
[frontends."{{ $frontendName }}".auth]
headerField = "{{ $auth.HeaderField }}"
{{if $auth.Forward }}
[frontends."{{ $frontendName }}".auth.forward]
address = "{{ $auth.Forward.Address }}"
trustForwardHeader = {{ $auth.Forward.TrustForwardHeader }}
{{if $auth.Forward.AuthResponseHeaders }}
authResponseHeaders = [{{range $auth.Forward.AuthResponseHeaders }}
"{{.}}",
{{end}}]
{{end}}
{{if $auth.Forward.TLS }}
[frontends."{{ $frontendName }}".auth.forward.tls]
ca = "{{ $auth.Forward.TLS.CA }}"
caOptional = {{ $auth.Forward.TLS.CAOptional }}
cert = """{{ $auth.Forward.TLS.Cert }}"""
key = """{{ $auth.Forward.TLS.Key }}"""
insecureSkipVerify = {{ $auth.Forward.TLS.InsecureSkipVerify }}
{{end}}
{{end}}
{{if $auth.Basic }}
[frontends."{{ $frontendName }}".auth.basic]
removeHeader = {{ $auth.Basic.RemoveHeader }}
{{if $auth.Basic.Users }}
users = [{{range $auth.Basic.Users }}
"{{.}}",
{{end}}]
{{end}}
usersFile = "{{ $auth.Basic.UsersFile }}"
{{end}}
{{if $auth.Digest }}
[frontends."{{ $frontendName }}".auth.digest]
removeHeader = {{ $auth.Digest.RemoveHeader }}
{{if $auth.Digest.Users }}
users = [{{range $auth.Digest.Users }}
"{{.}}",
{{end}}]
{{end}}
usersFile = "{{ $auth.Digest.UsersFile }}"
{{end}}
{{end}}
{{ $whitelist := getWhiteList $frontend }}
{{if $whitelist }}
[frontends."{{ $frontendName }}".whiteList]
sourceRange = [{{range $whitelist.SourceRange }}
"{{.}}",
{{end}}]
{{if $whitelist.IPStrategy }}
[frontends."{{ $frontendName }}".whiteList.IPStrategy]
depth = {{ $whitelist.IPStrategy.Depth }}
excludedIPs = [{{range $whitelist.IPStrategy.ExcludedIPs }}
"{{.}}",
{{end}}]
{{end}}
{{end}}
{{ $redirect := getRedirect $frontend }}
{{if $redirect }}
[frontends."{{ $frontendName }}".redirect]
entryPoint = "{{ $redirect.EntryPoint }}"
regex = "{{ $redirect.Regex }}"
replacement = "{{ $redirect.Replacement }}"
permanent = {{ $redirect.Permanent }}
{{end}}
{{ $errorPages := getErrorPages $frontend }}
{{if $errorPages }}
[frontends."{{ $frontendName }}".errors]
{{range $pageName, $page := $errorPages }}
[frontends."{{$frontendName}}".errors."{{ $pageName }}"]
status = [{{range $page.Status }}
"{{.}}",
{{end}}]
backend = "{{$page.Backend}}"
query = "{{$page.Query}}"
{{end}}
{{end}}
{{ $rateLimit := getRateLimit $frontend }}
{{if $rateLimit }}
[frontends."{{ $frontendName }}".rateLimit]
extractorFunc = "{{ $rateLimit.ExtractorFunc }}"
[frontends."{{ $frontendName }}".rateLimit.rateSet]
{{range $limitName, $rateLimit := $rateLimit.RateSet }}
[frontends."{{ $frontendName }}".rateLimit.rateSet."{{ $limitName }}"]
period = "{{ $rateLimit.Period }}"
average = {{ $rateLimit.Average }}
burst = {{ $rateLimit.Burst }}
{{end}}
{{end}}
{{ $headers := getHeaders $frontend }}
{{if $headers }}
[frontends."{{ $frontendName }}".headers]
SSLRedirect = {{ $headers.SSLRedirect }}
SSLTemporaryRedirect = {{ $headers.SSLTemporaryRedirect }}
SSLHost = "{{ $headers.SSLHost }}"
SSLForceHost = {{ $headers.SSLForceHost }}
STSSeconds = {{ $headers.STSSeconds }}
STSIncludeSubdomains = {{ $headers.STSIncludeSubdomains }}
STSPreload = {{ $headers.STSPreload }}
ForceSTSHeader = {{ $headers.ForceSTSHeader }}
FrameDeny = {{ $headers.FrameDeny }}
CustomFrameOptionsValue = "{{ $headers.CustomFrameOptionsValue }}"
ContentTypeNosniff = {{ $headers.ContentTypeNosniff }}
BrowserXSSFilter = {{ $headers.BrowserXSSFilter }}
CustomBrowserXSSValue = "{{ $headers.CustomBrowserXSSValue }}"
ContentSecurityPolicy = "{{ $headers.ContentSecurityPolicy }}"
PublicKey = "{{ $headers.PublicKey }}"
ReferrerPolicy = "{{ $headers.ReferrerPolicy }}"
IsDevelopment = {{ $headers.IsDevelopment }}
{{if $headers.AllowedHosts }}
AllowedHosts = [{{range $headers.AllowedHosts }}
"{{.}}",
{{end}}]
{{end}}
{{if $headers.HostsProxyHeaders }}
HostsProxyHeaders = [{{range $headers.HostsProxyHeaders }}
"{{.}}",
{{end}}]
{{end}}
{{if $headers.CustomRequestHeaders }}
[frontends."{{ $frontendName }}".headers.customRequestHeaders]
{{range $k, $v := $headers.CustomRequestHeaders }}
{{$k}} = "{{$v}}"
{{end}}
{{end}}
{{if $headers.CustomResponseHeaders }}
[frontends."{{ $frontendName }}".headers.customResponseHeaders]
{{range $k, $v := $headers.CustomResponseHeaders }}
{{$k}} = "{{$v}}"
{{end}}
{{end}}
{{if $headers.SSLProxyHeaders }}
[frontends."{{ $frontendName }}".headers.SSLProxyHeaders]
{{range $k, $v := $headers.SSLProxyHeaders}}
{{$k}} = "{{$v}}"
{{end}}
{{end}}
{{end}}
{{range $routeName, $route := getRoutes $frontend }}
[frontends."{{ $frontendName }}".routes."{{ $routeName }}"]
rule = "{{ $route.Rule }}"
{{end}}
{{end}}
{{range $tls := getTLSSection .Prefix }}
[[tls]]
entryPoints = [{{range $tls.EntryPoints }}
"{{.}}",
{{end}}]
[tls.certificate]
certFile = """{{ $tls.Certificate.CertFile }}"""
keyFile = """{{ $tls.Certificate.KeyFile }}"""
{{end}}

View File

@ -1,277 +0,0 @@
{{ $apps := .Applications }}
[backends]
{{range $backendName, $app := $apps }}
[backends."{{ $backendName }}"]
{{ $circuitBreaker := getCircuitBreaker $app.SegmentLabels }}
{{if $circuitBreaker }}
[backends."{{ $backendName }}".circuitBreaker]
expression = "{{ $circuitBreaker.Expression }}"
{{end}}
{{ $responseForwarding := getResponseForwarding $app.SegmentLabels }}
{{if $responseForwarding }}
[backends."{{ $backendName }}".responseForwarding]
flushInterval = "{{ $responseForwarding.FlushInterval }}"
{{end}}
{{ $loadBalancer := getLoadBalancer $app.SegmentLabels }}
{{if $loadBalancer }}
[backends."{{ $backendName }}".loadBalancer]
method = "{{ $loadBalancer.Method }}"
{{if $loadBalancer.Stickiness }}
[backends."{{ $backendName }}".loadBalancer.stickiness]
cookieName = "{{ $loadBalancer.Stickiness.CookieName }}"
{{end}}
{{end}}
{{ $maxConn := getMaxConn $app.SegmentLabels }}
{{if $maxConn }}
[backends."{{ $backendName }}".maxConn]
extractorFunc = "{{ $maxConn.ExtractorFunc }}"
amount = {{ $maxConn.Amount }}
{{end}}
{{ $healthCheck := getHealthCheck $app.SegmentLabels }}
{{if $healthCheck }}
[backends."{{ $backendName }}".healthCheck]
scheme = "{{ $healthCheck.Scheme }}"
path = "{{ $healthCheck.Path }}"
port = {{ $healthCheck.Port }}
interval = "{{ $healthCheck.Interval }}"
timeout = "{{ $healthCheck.Timeout }}"
hostname = "{{ $healthCheck.Hostname }}"
{{if $healthCheck.Headers }}
[backends.{{ $backendName }}.healthCheck.headers]
{{range $k, $v := $healthCheck.Headers }}
{{$k}} = "{{$v}}"
{{end}}
{{end}}
{{end}}
{{ $buffering := getBuffering $app.SegmentLabels }}
{{if $buffering }}
[backends."{{ $backendName }}".buffering]
maxRequestBodyBytes = {{ $buffering.MaxRequestBodyBytes }}
memRequestBodyBytes = {{ $buffering.MemRequestBodyBytes }}
maxResponseBodyBytes = {{ $buffering.MaxResponseBodyBytes }}
memResponseBodyBytes = {{ $buffering.MemResponseBodyBytes }}
retryExpression = "{{ $buffering.RetryExpression }}"
{{end}}
{{range $serverName, $server := getServers $app }}
[backends."{{ $backendName }}".servers."{{ $serverName }}"]
url = "{{ $server.URL }}"
weight = {{ $server.Weight }}
{{end}}
{{end}}
[frontends]
{{range $backendName, $app := $apps }}
{{ $frontendName := getFrontendName $app }}
[frontends."{{ $frontendName }}"]
backend = "{{ $backendName }}"
priority = {{ getPriority $app.SegmentLabels }}
passHostHeader = {{ getPassHostHeader $app.SegmentLabels }}
passTLSCert = {{ getPassTLSCert $app.SegmentLabels }}
entryPoints = [{{range getEntryPoints $app.SegmentLabels }}
"{{.}}",
{{end}}]
{{ $tlsClientCert := getPassTLSClientCert $app.SegmentLabels }}
{{if $tlsClientCert }}
[frontends."{{ $frontendName }}".passTLSClientCert]
pem = {{ $tlsClientCert.PEM }}
{{ $infos := $tlsClientCert.Infos }}
{{if $infos }}
[frontends."{{ $frontendName }}".passTLSClientCert.infos]
notAfter = {{ $infos.NotAfter }}
notBefore = {{ $infos.NotBefore }}
sans = {{ $infos.Sans }}
{{ $subject := $infos.Subject }}
{{if $subject }}
[frontends."{{ $frontendName }}".passTLSClientCert.infos.subject]
country = {{ $subject.Country }}
province = {{ $subject.Province }}
locality = {{ $subject.Locality }}
organization = {{ $subject.Organization }}
commonName = {{ $subject.CommonName }}
serialNumber = {{ $subject.SerialNumber }}
domainComponent = {{ $subject.DomainComponent }}
{{end}}
{{ $issuer := $infos.Subject }}
{{if $issuer }}
[frontends."{{ $frontendName }}".passTLSClientCert.infos.issuer]
country = {{ $issuer.Country }}
province = {{ $issuer.Province }}
locality = {{ $issuer.Locality }}
organization = {{ $issuer.Organization }}
commonName = {{ $issuer.CommonName }}
serialNumber = {{ $issuer.SerialNumber }}
domainComponent = {{ $issuer.DomainComponent }}
{{end}}
{{end}}
{{end}}
{{ $auth := getAuth $app.SegmentLabels }}
{{if $auth }}
[frontends."{{ $frontendName }}".auth]
headerField = "{{ $auth.HeaderField }}"
{{if $auth.Forward }}
[frontends."{{ $frontendName }}".auth.forward]
address = "{{ $auth.Forward.Address }}"
trustForwardHeader = {{ $auth.Forward.TrustForwardHeader }}
{{if $auth.Forward.AuthResponseHeaders }}
authResponseHeaders = [{{range $auth.Forward.AuthResponseHeaders }}
"{{.}}",
{{end}}]
{{end}}
{{if $auth.Forward.TLS }}
[frontends."{{ $frontendName }}".auth.forward.tls]
ca = "{{ $auth.Forward.TLS.CA }}"
caOptional = {{ $auth.Forward.TLS.CAOptional }}
cert = """{{ $auth.Forward.TLS.Cert }}"""
key = """{{ $auth.Forward.TLS.Key }}"""
insecureSkipVerify = {{ $auth.Forward.TLS.InsecureSkipVerify }}
{{end}}
{{end}}
{{if $auth.Basic }}
[frontends."{{ $frontendName }}".auth.basic]
removeHeader = {{ $auth.Basic.RemoveHeader }}
{{if $auth.Basic.Users }}
users = [{{range $auth.Basic.Users }}
"{{.}}",
{{end}}]
{{end}}
usersFile = "{{ $auth.Basic.UsersFile }}"
{{end}}
{{if $auth.Digest }}
[frontends."{{ $frontendName }}".auth.digest]
removeHeader = {{ $auth.Digest.RemoveHeader }}
{{if $auth.Digest.Users }}
users = [{{range $auth.Digest.Users }}
"{{.}}",
{{end}}]
{{end}}
usersFile = "{{ $auth.Digest.UsersFile }}"
{{end}}
{{end}}
{{ $whitelist := getWhiteList $app.SegmentLabels }}
{{if $whitelist }}
[frontends."{{ $frontendName }}".whiteList]
sourceRange = [{{range $whitelist.SourceRange }}
"{{.}}",
{{end}}]
{{if $whitelist.IPStrategy }}
[frontends."{{ $frontendName }}".whiteList.IPStrategy]
depth = {{ $whitelist.IPStrategy.Depth }}
excludedIPs = [{{range $whitelist.IPStrategy.ExcludedIPs }}
"{{.}}",
{{end}}]
{{end}}
{{end}}
{{ $redirect := getRedirect $app.SegmentLabels }}
{{if $redirect }}
[frontends."{{ $frontendName }}".redirect]
entryPoint = "{{ $redirect.EntryPoint }}"
regex = "{{ $redirect.Regex }}"
replacement = "{{ $redirect.Replacement }}"
permanent = {{ $redirect.Permanent }}
{{end}}
{{ $errorPages := getErrorPages $app.SegmentLabels }}
{{if $errorPages }}
[frontends."{{ $frontendName }}".errors]
{{range $pageName, $page := $errorPages }}
[frontends."{{ $frontendName }}".errors."{{ $pageName }}"]
status = [{{range $page.Status }}
"{{.}}",
{{end}}]
backend = "backend{{ $page.Backend }}"
query = "{{ $page.Query }}"
{{end}}
{{end}}
{{ $rateLimit := getRateLimit $app.SegmentLabels }}
{{if $rateLimit }}
[frontends."{{ $frontendName }}".rateLimit]
extractorFunc = "{{ $rateLimit.ExtractorFunc }}"
[frontends."{{ $frontendName }}".rateLimit.rateSet]
{{ range $limitName, $limit := $rateLimit.RateSet }}
[frontends."{{ $frontendName }}".rateLimit.rateSet."{{ $limitName }}"]
period = "{{ $limit.Period }}"
average = {{ $limit.Average }}
burst = {{ $limit.Burst }}
{{end}}
{{end}}
{{ $headers := getHeaders $app.SegmentLabels }}
{{if $headers }}
[frontends."{{ $frontendName }}".headers]
SSLRedirect = {{ $headers.SSLRedirect }}
SSLTemporaryRedirect = {{ $headers.SSLTemporaryRedirect }}
SSLHost = "{{ $headers.SSLHost }}"
SSLForceHost = {{ $headers.SSLForceHost }}
STSSeconds = {{ $headers.STSSeconds }}
STSIncludeSubdomains = {{ $headers.STSIncludeSubdomains }}
STSPreload = {{ $headers.STSPreload }}
ForceSTSHeader = {{ $headers.ForceSTSHeader }}
FrameDeny = {{ $headers.FrameDeny }}
CustomFrameOptionsValue = "{{ $headers.CustomFrameOptionsValue }}"
ContentTypeNosniff = {{ $headers.ContentTypeNosniff }}
BrowserXSSFilter = {{ $headers.BrowserXSSFilter }}
CustomBrowserXSSValue = "{{ $headers.CustomBrowserXSSValue }}"
ContentSecurityPolicy = "{{ $headers.ContentSecurityPolicy }}"
PublicKey = "{{ $headers.PublicKey }}"
ReferrerPolicy = "{{ $headers.ReferrerPolicy }}"
IsDevelopment = {{ $headers.IsDevelopment }}
{{if $headers.AllowedHosts }}
AllowedHosts = [{{range $headers.AllowedHosts }}
"{{.}}",
{{end}}]
{{end}}
{{if $headers.HostsProxyHeaders }}
HostsProxyHeaders = [{{range $headers.HostsProxyHeaders }}
"{{.}}",
{{end}}]
{{end}}
{{if $headers.CustomRequestHeaders }}
[frontends."{{ $frontendName }}".headers.customRequestHeaders]
{{range $k, $v := $headers.CustomRequestHeaders }}
{{$k}} = "{{$v}}"
{{end}}
{{end}}
{{if $headers.CustomResponseHeaders }}
[frontends."{{ $frontendName }}".headers.customResponseHeaders]
{{range $k, $v := $headers.CustomResponseHeaders }}
{{$k}} = "{{$v}}"
{{end}}
{{end}}
{{if $headers.SSLProxyHeaders }}
[frontends."{{ $frontendName }}".headers.SSLProxyHeaders]
{{range $k, $v := $headers.SSLProxyHeaders }}
{{$k}} = "{{$v}}"
{{end}}
{{end}}
{{end}}
[frontends."{{ $frontendName }}".routes."route-host{{ $app.ID | replace "/" "-" }}{{ getSegmentNameSuffix $app.SegmentName }}"]
rule = "{{ getFrontendRule $app }}"
{{end}}

View File

@ -1,277 +0,0 @@
[backends]
{{range $applicationName, $tasks := .ApplicationsTasks }}
{{ $app := index $tasks 0 }}
{{ $backendName := getBackendName $app }}
[backends."backend-{{ $backendName }}"]
{{ $circuitBreaker := getCircuitBreaker $app.TraefikLabels }}
{{if $circuitBreaker }}
[backends."backend-{{ $backendName }}".circuitBreaker]
expression = "{{ $circuitBreaker.Expression }}"
{{end}}
{{ $responseForwarding := getResponseForwarding $app.TraefikLabels }}
{{if $responseForwarding }}
[backends."backend-{{ $backendName }}".responseForwarding]
flushInterval = "{{ $responseForwarding.FlushInterval }}"
{{end}}
{{ $loadBalancer := getLoadBalancer $app.TraefikLabels }}
{{if $loadBalancer }}
[backends."backend-{{ $backendName }}".loadBalancer]
method = "{{ $loadBalancer.Method }}"
{{if $loadBalancer.Stickiness }}
[backends."backend-{{ $backendName }}".loadBalancer.stickiness]
cookieName = "{{ $loadBalancer.Stickiness.CookieName }}"
{{end}}
{{end}}
{{ $maxConn := getMaxConn $app.TraefikLabels }}
{{if $maxConn }}
[backends."backend-{{ $backendName }}".maxConn]
extractorFunc = "{{ $maxConn.ExtractorFunc }}"
amount = {{ $maxConn.Amount }}
{{end}}
{{ $healthCheck := getHealthCheck $app.TraefikLabels }}
{{if $healthCheck }}
[backends."backend-{{ $backendName }}".healthCheck]
scheme = "{{ $healthCheck.Scheme }}"
path = "{{ $healthCheck.Path }}"
port = {{ $healthCheck.Port }}
interval = "{{ $healthCheck.Interval }}"
timeout = "{{ $healthCheck.Timeout }}"
hostname = "{{ $healthCheck.Hostname }}"
{{if $healthCheck.Headers }}
[backends."backend-{{ $backendName }}".healthCheck.headers]
{{range $k, $v := $healthCheck.Headers }}
{{$k}} = "{{$v}}"
{{end}}
{{end}}
{{end}}
{{ $buffering := getBuffering $app.TraefikLabels }}
{{if $buffering }}
[backends."backend-{{ $backendName }}".buffering]
maxRequestBodyBytes = {{ $buffering.MaxRequestBodyBytes }}
memRequestBodyBytes = {{ $buffering.MemRequestBodyBytes }}
maxResponseBodyBytes = {{ $buffering.MaxResponseBodyBytes }}
memResponseBodyBytes = {{ $buffering.MemResponseBodyBytes }}
retryExpression = "{{ $buffering.RetryExpression }}"
{{end}}
{{range $serverName, $server := getServers $tasks }}
[backends."backend-{{ $backendName }}".servers."{{ $serverName }}"]
url = "{{ $server.URL }}"
weight = {{ $server.Weight }}
{{end}}
{{end}}
[frontends]
{{range $applicationName, $tasks := .ApplicationsTasks }}
{{ $app := index $tasks 0 }}
{{ $frontendName := getFrontEndName $app }}
[frontends."frontend-{{ $frontendName }}"]
backend = "backend-{{ getBackendName $app }}"
priority = {{ getPriority $app.TraefikLabels }}
passHostHeader = {{ getPassHostHeader $app.TraefikLabels }}
passTLSCert = {{ getPassTLSCert $app.TraefikLabels }}
entryPoints = [{{range getEntryPoints $app.TraefikLabels }}
"{{.}}",
{{end}}]
{{ $tlsClientCert := getPassTLSClientCert $app.TraefikLabels }}
{{if $tlsClientCert }}
[frontends."frontend-{{ $frontendName }}".passTLSClientCert]
pem = {{ $tlsClientCert.PEM }}
{{ $infos := $tlsClientCert.Infos }}
{{if $infos }}
[frontends."frontend-{{ $frontendName }}".passTLSClientCert.infos]
notAfter = {{ $infos.NotAfter }}
notBefore = {{ $infos.NotBefore }}
sans = {{ $infos.Sans }}
{{ $subject := $infos.Subject }}
{{if $subject }}
[frontends."frontend-{{ $frontendName }}".passTLSClientCert.infos.subject]
country = {{ $subject.Country }}
province = {{ $subject.Province }}
locality = {{ $subject.Locality }}
organization = {{ $subject.Organization }}
commonName = {{ $subject.CommonName }}
serialNumber = {{ $subject.SerialNumber }}
domainComponent = {{ $subject.DomainComponent }}
{{end}}
{{ $issuer := $infos.Subject }}
{{if $issuer }}
[frontends."frontend-{{ $frontendName }}".passTLSClientCert.infos.issuer]
country = {{ $issuer.Country }}
province = {{ $issuer.Province }}
locality = {{ $issuer.Locality }}
organization = {{ $issuer.Organization }}
commonName = {{ $issuer.CommonName }}
serialNumber = {{ $issuer.SerialNumber }}
domainComponent = {{ $issuer.DomainComponent }}
{{end}}
{{end}}
{{end}}
{{ $auth := getAuth $app.TraefikLabels }}
{{if $auth }}
[frontends."frontend-{{ $frontendName }}".auth]
headerField = "{{ $auth.HeaderField }}"
{{if $auth.Forward }}
[frontends."frontend-{{ $frontendName }}".auth.forward]
address = "{{ $auth.Forward.Address }}"
trustForwardHeader = {{ $auth.Forward.TrustForwardHeader }}
{{if $auth.Forward.AuthResponseHeaders }}
authResponseHeaders = [{{range $auth.Forward.AuthResponseHeaders }}
"{{.}}",
{{end}}]
{{end}}
{{if $auth.Forward.TLS }}
[frontends."frontend-{{ $frontendName }}".auth.forward.tls]
ca = "{{ $auth.Forward.TLS.CA }}"
caOptional = {{ $auth.Forward.TLS.CAOptional }}
cert = """{{ $auth.Forward.TLS.Cert }}"""
key = """{{ $auth.Forward.TLS.Key }}"""
insecureSkipVerify = {{ $auth.Forward.TLS.InsecureSkipVerify }}
{{end}}
{{end}}
{{if $auth.Basic }}
[frontends."frontend-{{ $frontendName }}".auth.basic]
removeHeader = {{ $auth.Basic.RemoveHeader}}
{{if $auth.Basic.Users }}
users = [{{range $auth.Basic.Users }}
"{{.}}",
{{end}}]
{{end}}
usersFile = "{{ $auth.Basic.UsersFile }}"
{{end}}
{{if $auth.Digest }}
[frontends."frontend-{{ $frontendName }}".auth.digest]
removeHeader = {{ $auth.Digest.RemoveHeader}}
{{if $auth.Digest.Users }}
users = [{{range $auth.Digest.Users }}
"{{.}}",
{{end}}]
{{end}}
usersFile = "{{ $auth.Digest.UsersFile }}"
{{end}}
{{end}}
{{ $whitelist := getWhiteList $app.TraefikLabels }}
{{if $whitelist }}
[frontends."frontend-{{ $frontendName }}".whiteList]
sourceRange = [{{range $whitelist.SourceRange }}
"{{.}}",
{{end}}]
{{if $whitelist.IPStrategy }}
[frontends."frontend-{{ $frontendName }}".whiteList.IPStrategy]
depth = {{ $whitelist.IPStrategy.Depth }}
excludedIPs = [{{range $whitelist.IPStrategy.ExcludedIPs }}
"{{.}}",
{{end}}]
{{end}}
{{end}}
{{ $redirect := getRedirect $app.TraefikLabels }}
{{if $redirect }}
[frontends."frontend-{{ $frontendName }}".redirect]
entryPoint = "{{ $redirect.EntryPoint }}"
regex = "{{ $redirect.Regex }}"
replacement = "{{ $redirect.Replacement }}"
permanent = {{ $redirect.Permanent }}
{{end}}
{{ $errorPages := getErrorPages $app.TraefikLabels }}
{{if $errorPages }}
[frontends."frontend-{{ $frontendName }}".errors]
{{range $pageName, $page := $errorPages }}
[frontends."frontend-{{ $frontendName }}".errors."{{ $pageName }}"]
status = [{{range $page.Status }}
"{{.}}",
{{end}}]
backend = "backend-{{ $page.Backend }}"
query = "{{ $page.Query }}"
{{end}}
{{end}}
{{ $rateLimit := getRateLimit $app.TraefikLabels }}
{{if $rateLimit }}
[frontends."frontend-{{ $frontendName }}".rateLimit]
extractorFunc = "{{ $rateLimit.ExtractorFunc }}"
[frontends."frontend-{{ $frontendName }}".rateLimit.rateSet]
{{ range $limitName, $limit := $rateLimit.RateSet }}
[frontends."frontend-{{ $frontendName }}".rateLimit.rateSet."{{ $limitName }}"]
period = "{{ $limit.Period }}"
average = {{ $limit.Average }}
burst = {{ $limit.Burst }}
{{end}}
{{end}}
{{ $headers := getHeaders $app.TraefikLabels }}
{{if $headers }}
[frontends."frontend-{{ $frontendName }}".headers]
SSLRedirect = {{ $headers.SSLRedirect }}
SSLTemporaryRedirect = {{ $headers.SSLTemporaryRedirect }}
SSLHost = "{{ $headers.SSLHost }}"
SSLForceHost = {{ $headers.SSLForceHost }}
STSSeconds = {{ $headers.STSSeconds }}
STSIncludeSubdomains = {{ $headers.STSIncludeSubdomains }}
STSPreload = {{ $headers.STSPreload }}
ForceSTSHeader = {{ $headers.ForceSTSHeader }}
FrameDeny = {{ $headers.FrameDeny }}
CustomFrameOptionsValue = "{{ $headers.CustomFrameOptionsValue }}"
ContentTypeNosniff = {{ $headers.ContentTypeNosniff }}
BrowserXSSFilter = {{ $headers.BrowserXSSFilter }}
CustomBrowserXSSValue = "{{ $headers.CustomBrowserXSSValue }}"
ContentSecurityPolicy = "{{ $headers.ContentSecurityPolicy }}"
PublicKey = "{{ $headers.PublicKey }}"
ReferrerPolicy = "{{ $headers.ReferrerPolicy }}"
IsDevelopment = {{ $headers.IsDevelopment }}
{{if $headers.AllowedHosts }}
AllowedHosts = [{{range $headers.AllowedHosts }}
"{{.}}",
{{end}}]
{{end}}
{{if $headers.HostsProxyHeaders }}
HostsProxyHeaders = [{{range $headers.HostsProxyHeaders }}
"{{.}}",
{{end}}]
{{end}}
{{if $headers.CustomRequestHeaders }}
[frontends."frontend-{{ $frontendName }}".headers.customRequestHeaders]
{{range $k, $v := $headers.CustomRequestHeaders }}
{{$k}} = "{{$v}}"
{{end}}
{{end}}
{{if $headers.CustomResponseHeaders }}
[frontends."frontend-{{ $frontendName }}".headers.customResponseHeaders]
{{range $k, $v := $headers.CustomResponseHeaders }}
{{$k}} = "{{$v}}"
{{end}}
{{end}}
{{if $headers.SSLProxyHeaders }}
[frontends."frontend-{{ $frontendName }}".headers.SSLProxyHeaders]
{{range $k, $v := $headers.SSLProxyHeaders }}
{{$k}} = "{{$v}}"
{{end}}
{{end}}
{{end}}
[frontends."frontend-{{ $frontendName }}".routes."route-host-{{ $frontendName }}"]
rule = "{{ getFrontendRule $app }}"
{{end}}

View File

@ -1,9 +0,0 @@
<!DOCTYPE html>
<html>
<head>
<title>Traefik</title>
</head>
<body>
Ohhhh man, this is bad...
</body>
</html>

View File

@ -1,275 +0,0 @@
{{ $backendServers := .Backends }}
[backends]
{{range $backendName, $backend := .Backends }}
[backends."backend-{{ $backendName }}"]
{{ $circuitBreaker := getCircuitBreaker $backend.SegmentLabels }}
{{if $circuitBreaker }}
[backends."backend-{{ $backendName }}".circuitBreaker]
expression = "{{ $circuitBreaker.Expression }}"
{{end}}
{{ $responseForwarding := getResponseForwarding $backend.SegmentLabels }}
{{if $responseForwarding }}
[backends."backend-{{ $backendName }}".responseForwarding]
flushInterval = "{{ $responseForwarding.FlushInterval }}"
{{end}}
{{ $loadBalancer := getLoadBalancer $backend.SegmentLabels }}
{{if $loadBalancer }}
[backends."backend-{{ $backendName }}".loadBalancer]
method = "{{ $loadBalancer.Method }}"
{{if $loadBalancer.Stickiness }}
[backends."backend-{{ $backendName }}".loadBalancer.stickiness]
cookieName = "{{ $loadBalancer.Stickiness.CookieName }}"
{{end}}
{{end}}
{{ $maxConn := getMaxConn $backend.SegmentLabels }}
{{if $maxConn }}
[backends."backend-{{ $backendName }}".maxConn]
extractorFunc = "{{ $maxConn.ExtractorFunc }}"
amount = {{ $maxConn.Amount }}
{{end}}
{{ $healthCheck := getHealthCheck $backend.SegmentLabels }}
{{if $healthCheck }}
[backends."backend-{{ $backendName }}".healthCheck]
scheme = "{{ $healthCheck.Scheme }}"
path = "{{ $healthCheck.Path }}"
port = {{ $healthCheck.Port }}
interval = "{{ $healthCheck.Interval }}"
timeout = "{{ $healthCheck.Timeout }}"
hostname = "{{ $healthCheck.Hostname }}"
{{if $healthCheck.Headers }}
[backends."backend-{{ $backendName }}".healthCheck.headers]
{{range $k, $v := $healthCheck.Headers }}
{{$k}} = "{{$v}}"
{{end}}
{{end}}
{{end}}
{{ $buffering := getBuffering $backend.SegmentLabels }}
{{if $buffering }}
[backends."backend-{{ $backendName }}".buffering]
maxRequestBodyBytes = {{ $buffering.MaxRequestBodyBytes }}
memRequestBodyBytes = {{ $buffering.MemRequestBodyBytes }}
maxResponseBodyBytes = {{ $buffering.MaxResponseBodyBytes }}
memResponseBodyBytes = {{ $buffering.MemResponseBodyBytes }}
retryExpression = "{{ $buffering.RetryExpression }}"
{{end}}
{{range $serverName, $server := getServers $backend}}
[backends."backend-{{ $backendName }}".servers."{{ $serverName }}"]
url = "{{ $server.URL }}"
weight = {{ $server.Weight }}
{{end}}
{{end}}
[frontends]
{{range $frontendName, $service := .Frontends }}
[frontends."frontend-{{ $frontendName }}"]
backend = "backend-{{ getBackendName $service }}"
priority = {{ getPriority $service.SegmentLabels }}
passHostHeader = {{ getPassHostHeader $service.SegmentLabels }}
passTLSCert = {{ getPassTLSCert $service.SegmentLabels }}
entryPoints = [{{range getEntryPoints $service.SegmentLabels }}
"{{.}}",
{{end}}]
{{ $tlsClientCert := getPassTLSClientCert $service.SegmentLabels }}
{{if $tlsClientCert }}
[frontends."frontend-{{ $frontendName }}".passTLSClientCert]
pem = {{ $tlsClientCert.PEM }}
{{ $infos := $tlsClientCert.Infos }}
{{if $infos }}
[frontends."frontend-{{ $frontendName }}".passTLSClientCert.infos]
notAfter = {{ $infos.NotAfter }}
notBefore = {{ $infos.NotBefore }}
sans = {{ $infos.Sans }}
{{ $subject := $infos.Subject }}
{{if $subject }}
[frontends."frontend-{{ $frontendName }}".passTLSClientCert.infos.subject]
country = {{ $subject.Country }}
province = {{ $subject.Province }}
locality = {{ $subject.Locality }}
organization = {{ $subject.Organization }}
commonName = {{ $subject.CommonName }}
serialNumber = {{ $subject.SerialNumber }}
domainComponent = {{ $subject.DomainComponent }}
{{end}}
{{ $issuer := $infos.Subject }}
{{if $issuer }}
[frontends."frontend-{{ $frontendName }}".passTLSClientCert.infos.issuer]
country = {{ $issuer.Country }}
province = {{ $issuer.Province }}
locality = {{ $issuer.Locality }}
organization = {{ $issuer.Organization }}
commonName = {{ $issuer.CommonName }}
serialNumber = {{ $issuer.SerialNumber }}
domainComponent = {{ $issuer.DomainComponent }}
{{end}}
{{end}}
{{end}}
{{ $auth := getAuth $service.SegmentLabels }}
{{if $auth }}
[frontends."frontend-{{ $frontendName }}".auth]
headerField = "{{ $auth.HeaderField }}"
{{if $auth.Forward }}
[frontends."frontend-{{ $frontendName }}".auth.forward]
address = "{{ $auth.Forward.Address }}"
trustForwardHeader = {{ $auth.Forward.TrustForwardHeader }}
{{if $auth.Forward.AuthResponseHeaders }}
authResponseHeaders = [{{range $auth.Forward.AuthResponseHeaders }}
"{{.}}",
{{end}}]
{{end}}
{{if $auth.Forward.TLS }}
[frontends."frontend-{{ $frontendName }}".auth.forward.tls]
ca = "{{ $auth.Forward.TLS.CA }}"
caOptional = {{ $auth.Forward.TLS.CAOptional }}
cert = """{{ $auth.Forward.TLS.Cert }}"""
key = """{{ $auth.Forward.TLS.Key }}"""
insecureSkipVerify = {{ $auth.Forward.TLS.InsecureSkipVerify }}
{{end}}
{{end}}
{{if $auth.Basic }}
[frontends."frontend-{{ $frontendName }}".auth.basic]
removeHeader = {{ $auth.Basic.RemoveHeader }}
{{if $auth.Basic.Users }}
users = [{{range $auth.Basic.Users }}
"{{.}}",
{{end}}]
{{end}}
usersFile = "{{ $auth.Basic.UsersFile }}"
{{end}}
{{if $auth.Digest }}
[frontends."frontend-{{ $frontendName }}".auth.digest]
removeHeader = {{ $auth.Digest.RemoveHeader }}
{{if $auth.Digest.Users }}
users = [{{range $auth.Digest.Users }}
"{{.}}",
{{end}}]
{{end}}
usersFile = "{{ $auth.Digest.UsersFile }}"
{{end}}
{{end}}
{{ $whitelist := getWhiteList $service.SegmentLabels }}
{{if $whitelist }}
[frontends."frontend-{{ $frontendName }}".whiteList]
sourceRange = [{{range $whitelist.SourceRange }}
"{{.}}",
{{end}}]
{{if $whitelist.IPStrategy }}
[frontends."frontend-{{ $frontendName }}".whiteList.IPStrategy]
depth = {{ $whitelist.IPStrategy.Depth }}
excludedIPs = [{{range $whitelist.IPStrategy.ExcludedIPs }}
"{{.}}",
{{end}}]
{{end}}
{{end}}
{{ $redirect := getRedirect $service.SegmentLabels }}
{{if $redirect }}
[frontends."frontend-{{ $frontendName }}".redirect]
entryPoint = "{{ $redirect.EntryPoint }}"
regex = "{{ $redirect.Regex }}"
replacement = "{{ $redirect.Replacement }}"
permanent = {{ $redirect.Permanent }}
{{end}}
{{ $errorPages := getErrorPages $service.SegmentLabels }}
{{if $errorPages }}
[frontends."frontend-{{ $frontendName }}".errors]
{{range $pageName, $page := $errorPages }}
[frontends."frontend-{{ $frontendName }}".errors."{{ $pageName }}"]
status = [{{range $page.Status }}
"{{.}}",
{{end}}]
backend = "backend-{{ $page.Backend }}"
query = "{{ $page.Query }}"
{{end}}
{{end}}
{{ $rateLimit := getRateLimit $service.SegmentLabels }}
{{if $rateLimit }}
[frontends."frontend-{{ $frontendName }}".rateLimit]
extractorFunc = "{{ $rateLimit.ExtractorFunc }}"
[frontends."frontend-{{ $frontendName }}".rateLimit.rateSet]
{{ range $limitName, $limit := $rateLimit.RateSet }}
[frontends."frontend-{{ $frontendName }}".rateLimit.rateSet."{{ $limitName }}"]
period = "{{ $limit.Period }}"
average = {{ $limit.Average }}
burst = {{ $limit.Burst }}
{{end}}
{{end}}
{{ $headers := getHeaders $service.SegmentLabels }}
{{if $headers }}
[frontends."frontend-{{ $frontendName }}".headers]
SSLRedirect = {{ $headers.SSLRedirect }}
SSLTemporaryRedirect = {{ $headers.SSLTemporaryRedirect }}
SSLHost = "{{ $headers.SSLHost }}"
SSLForceHost = {{ $headers.SSLForceHost }}
STSSeconds = {{ $headers.STSSeconds }}
STSIncludeSubdomains = {{ $headers.STSIncludeSubdomains }}
STSPreload = {{ $headers.STSPreload }}
ForceSTSHeader = {{ $headers.ForceSTSHeader }}
FrameDeny = {{ $headers.FrameDeny }}
CustomFrameOptionsValue = "{{ $headers.CustomFrameOptionsValue }}"
ContentTypeNosniff = {{ $headers.ContentTypeNosniff }}
BrowserXSSFilter = {{ $headers.BrowserXSSFilter }}
CustomBrowserXSSValue = "{{ $headers.CustomBrowserXSSValue }}"
ContentSecurityPolicy = "{{ $headers.ContentSecurityPolicy }}"
PublicKey = "{{ $headers.PublicKey }}"
ReferrerPolicy = "{{ $headers.ReferrerPolicy }}"
IsDevelopment = {{ $headers.IsDevelopment }}
{{if $headers.AllowedHosts }}
AllowedHosts = [{{range $headers.AllowedHosts }}
"{{.}}",
{{end}}]
{{end}}
{{if $headers.HostsProxyHeaders }}
HostsProxyHeaders = [{{range $headers.HostsProxyHeaders }}
"{{.}}",
{{end}}]
{{end}}
{{if $headers.CustomRequestHeaders }}
[frontends."frontend-{{ $frontendName }}".headers.customRequestHeaders]
{{range $k, $v := $headers.CustomRequestHeaders }}
{{$k}} = "{{$v}}"
{{end}}
{{end}}
{{if $headers.CustomResponseHeaders }}
[frontends."frontend-{{ $frontendName }}".headers.customResponseHeaders]
{{range $k, $v := $headers.CustomResponseHeaders }}
{{$k}} = "{{$v}}"
{{end}}
{{end}}
{{if $headers.SSLProxyHeaders }}
[frontends."frontend-{{ $frontendName }}".headers.SSLProxyHeaders]
{{range $k, $v := $headers.SSLProxyHeaders }}
{{$k}} = "{{$v}}"
{{end}}
{{end}}
{{end}}
[frontends."frontend-{{ $frontendName }}".routes."route-frontend-{{ $frontendName }}"]
rule = "{{ getFrontendRule $service.Name $service.SegmentLabels }}"
{{end}}