diff --git a/docs/configuration/backends/file.md b/docs/configuration/backends/file.md index 785155d17..58e950651 100644 --- a/docs/configuration/backends/file.md +++ b/docs/configuration/backends/file.md @@ -140,19 +140,20 @@ Træfik can be configured with a file. # ... ``` -## Configuration mode +## Configuration Mode -You have three choices: +You have two choices: -- [Simple](/configuration/backends/file/#simple) -- [Rules in a Separate File](/configuration/backends/file/#rules-in-a-separate-file) -- [Multiple `.toml` Files](/configuration/backends/file/#multiple-toml-files) +- [Rules in Træfik configuration file](/configuration/backends/file/#rules-in-trfik-configuration-file) +- [Rules in dedicated files](/configuration/backends/file/#rules-in-dedicated-files) To enable the file backend, you must either pass the `--file` option to the Træfik binary or put the `[file]` section (with or without inner settings) in the configuration file. The configuration file allows managing both backends/frontends and HTTPS certificates (which are not [Let's Encrypt](https://letsencrypt.org) certificates generated through Træfik). -### Simple +TOML templating can be used if rules are not defined in the Træfik configuration file. + +### Rules in Træfik Configuration File Add your configuration at the end of the global configuration file `traefik.toml`: @@ -197,9 +198,16 @@ defaultEntryPoints = ["http", "https"] Adding certificates directly to the entryPoint is still maintained but certificates declared in this way cannot be managed dynamically. It's recommended to use the file provider to declare certificates. -### Rules in a Separate File +!!! warning + TOML templating cannot be used if rules are defined in the Træfik configuration file. -Put your rules in a separate file, for example `rules.toml`: +### Rules in Dedicated Files + +Træfik allows defining rules in one or more separate files. + +#### One Separate File + +You have to specify the file path in the `file.filename` option. ```toml # traefik.toml @@ -213,8 +221,31 @@ defaultEntryPoints = ["http", "https"] [file] filename = "rules.toml" + watch = true ``` +The option `file.watch` allows Træfik to watch file changes automatically. + +#### Multiple Separated Files + +You could have multiple `.toml` files in a directory (and recursively in its sub-directories): + +```toml +[file] + directory = "/path/to/config/" + watch = true +``` + +The option `file.watch` allows Træfik to watch file changes automatically. + +#### Separate Files Content + +If you are defining rules in one or more separate files, you can use two formats. + +##### Simple Format + +Backends, Frontends and TLS certificates are defined one at time, as described in the file `rules.toml`: + ```toml # rules.toml [backends] @@ -239,18 +270,34 @@ defaultEntryPoints = ["http", "https"] # ... ``` -### Multiple `.toml` Files +##### TOML Templating -You could have multiple `.toml` files in a directory (and recursively in its sub-directories): +!!! warning + TOML templating can only be used **if rules are defined in one or more separate files**. + Templating will not work in the Træfik configuration file. + +Træfik allows using TOML templating. + +Thus, it's possible to define easily lot of Backends, Frontends and TLS certificates as described in the file `template-rules.toml` : ```toml -[file] - directory = "/path/to/config/" -``` +# template-rules.toml +[backends] +{{ range $i, $e := until 100 }} + [backends.backend{{ $e }}] + #... +{{ end }} -If you want Træfik to watch file changes automatically, just add: +[frontends] +{{ range $i, $e := until 100 }} + [frontends.frontend{{ $e }}] + #... +{{ end }} -```toml -[file] - watch = true + +# HTTPS certificate +{{ range $i, $e := until 100 }} +[[tls]] + #... +{{ end }} ``` diff --git a/docs/configuration/backends/kubernetes.md b/docs/configuration/backends/kubernetes.md index caa5d3f57..e15865f81 100644 --- a/docs/configuration/backends/kubernetes.md +++ b/docs/configuration/backends/kubernetes.md @@ -239,7 +239,7 @@ The following security annotations are applicable on the Ingress object: ### Authentication -Is possible to add additional authentication annotations to the Ingress object. +Additional authentication annotations can be added to the Ingress object. The source of the authentication is a Secret object that contains the credentials. | Annotation | Description | @@ -253,3 +253,12 @@ The following limitations hold: - The realm is not configurable; the only supported (and default) value is `traefik`. - The Secret must contain a single file only. + +### TLS certificates management + +TLS certificates can be managed in Secrets objects. +More information are available in the [User Guide](/user-guide/kubernetes/#add-a-tls-certificate-to-the-ingress). + +!!! note + Only TLS certificates provided by users can be stored in Kubernetes Secrets. + [Let's Encrypt](https://letsencrypt.org) certificates cannot be managed in Kubernets Secrets yet. \ No newline at end of file