Merge current v2.11 into v3.0
This commit is contained in:
mmatur
commit
05be441027
156 changed files with 5826 additions and 8436 deletions
|
|
@ -6,7 +6,8 @@ Below is a non-exhaustive list of versions and their maintenance status:
|
|||
|
||||
| Version | Release Date | Active Support | Security Support |
|
||||
|---------|--------------|--------------------|------------------|
|
||||
| 2.10 | Apr 24, 2023 | Yes | Yes |
|
||||
| 2.11 | Feb 12, 2024 | Yes | Yes |
|
||||
| 2.10 | Apr 24, 2023 | Ended Feb 12, 2024 | No |
|
||||
| 2.9 | Oct 03, 2022 | Ended Apr 24, 2023 | No |
|
||||
| 2.8 | Jun 29, 2022 | Ended Oct 03, 2022 | No |
|
||||
| 2.7 | May 24, 2022 | Ended Jun 29, 2022 | No |
|
||||
|
|
|
|||
|
|
@ -294,6 +294,12 @@ Use the `DNS-01` challenge to generate and renew ACME certificates by provisioni
|
|||
LEGO_DISABLE_CNAME_SUPPORT=true
|
||||
```
|
||||
|
||||
!!! warning "Multiple DNS Challenge provider"
|
||||
|
||||
Multiple DNS challenge provider are not supported with Traefik, but you can use `CNAME` to handle that.
|
||||
For example, if you have `example.org` (account foo) and `example.com` (account bar) you can create a CNAME on `example.org` called `_acme-challenge.example.org` pointing to `challenge.example.com`.
|
||||
This way, you can obtain certificates for `example.com` with the `foo` account.
|
||||
|
||||
!!! important
|
||||
A `provider` is mandatory.
|
||||
|
||||
|
|
@ -331,6 +337,7 @@ For complete details, refer to your provider's _Additional configuration_ link.
|
|||
| [CloudXNS](https://www.cloudxns.net) | `cloudxns` | `CLOUDXNS_API_KEY`, `CLOUDXNS_SECRET_KEY` | [Additional configuration](https://go-acme.github.io/lego/dns/cloudxns) |
|
||||
| [ConoHa](https://www.conoha.jp) | `conoha` | `CONOHA_TENANT_ID`, `CONOHA_API_USERNAME`, `CONOHA_API_PASSWORD` | [Additional configuration](https://go-acme.github.io/lego/dns/conoha) |
|
||||
| [Constellix](https://constellix.com) | `constellix` | `CONSTELLIX_API_KEY`, `CONSTELLIX_SECRET_KEY` | [Additional configuration](https://go-acme.github.io/lego/dns/constellix) |
|
||||
| [CPanel and WHM](https://cpanel.net/) | `cpanel` | `CPANEL_MODE`, `CPANEL_USERNAME`, `CPANEL_TOKEN`, `CPANEL_BASE_URL` | [Additional configuration](https://go-acme.github.io/lego/dns/cpanel) |
|
||||
| [Derak Cloud](https://derak.cloud/) | `derak` | `DERAK_API_KEY` | [Additional configuration](https://go-acme.github.io/lego/dns/derak) |
|
||||
| [deSEC](https://desec.io) | `desec` | `DESEC_TOKEN` | [Additional configuration](https://go-acme.github.io/lego/dns/desec) |
|
||||
| [DigitalOcean](https://www.digitalocean.com) | `digitalocean` | `DO_AUTH_TOKEN` | [Additional configuration](https://go-acme.github.io/lego/dns/digitalocean) |
|
||||
|
|
@ -352,7 +359,7 @@ For complete details, refer to your provider's _Additional configuration_ link.
|
|||
| [Fast DNS](https://www.akamai.com/) | `fastdns` | `AKAMAI_CLIENT_TOKEN`, `AKAMAI_CLIENT_SECRET`, `AKAMAI_ACCESS_TOKEN` | [Additional configuration](https://go-acme.github.io/lego/dns/edgedns) |
|
||||
| [Freemyip.com](https://freemyip.com) | `freemyip` | `FREEMYIP_TOKEN` | [Additional configuration](https://go-acme.github.io/lego/dns/freemyip) |
|
||||
| [G-Core](https://gcore.com/dns/) | `gcore` | `GCORE_PERMANENT_API_TOKEN` | [Additional configuration](https://go-acme.github.io/lego/dns/gcore) |
|
||||
| [Gandi v5](https://doc.livedns.gandi.net) | `gandiv5` | `GANDIV5_API_KEY` | [Additional configuration](https://go-acme.github.io/lego/dns/gandiv5) |
|
||||
| [Gandi v5](https://doc.livedns.gandi.net) | `gandiv5` | `GANDIV5_PERSONAL_ACCESS_TOKEN` | [Additional configuration](https://go-acme.github.io/lego/dns/gandiv5) |
|
||||
| [Gandi](https://www.gandi.net) | `gandi` | `GANDI_API_KEY` | [Additional configuration](https://go-acme.github.io/lego/dns/gandi) |
|
||||
| [Glesys](https://glesys.com/) | `glesys` | `GLESYS_API_USER`, `GLESYS_API_KEY`, `GLESYS_DOMAIN` | [Additional configuration](https://go-acme.github.io/lego/dns/glesys) |
|
||||
| [GoDaddy](https://www.godaddy.com) | `godaddy` | `GODADDY_API_KEY`, `GODADDY_API_SECRET` | [Additional configuration](https://go-acme.github.io/lego/dns/godaddy) |
|
||||
|
|
@ -381,6 +388,7 @@ For complete details, refer to your provider's _Additional configuration_ link.
|
|||
| [Liquid Web](https://www.liquidweb.com/) | `liquidweb` | `LIQUID_WEB_PASSWORD`, `LIQUID_WEB_USERNAME`, `LIQUID_WEB_ZONE` | [Additional configuration](https://go-acme.github.io/lego/dns/liquidweb) |
|
||||
| [Loopia](https://loopia.com/) | `loopia` | `LOOPIA_API_PASSWORD`, `LOOPIA_API_USER` | [Additional configuration](https://go-acme.github.io/lego/dns/loopia) |
|
||||
| [LuaDNS](https://luadns.com) | `luadns` | `LUADNS_API_USERNAME`, `LUADNS_API_TOKEN` | [Additional configuration](https://go-acme.github.io/lego/dns/luadns) |
|
||||
| [Mail-in-a-Box](https://mailinabox.email) | `mailinabox` | `MAILINABOX_EMAIL`, `MAILINABOX_PASSWORD`, `MAILINABOX_BASE_URL` | [Additional configuration](https://go-acme.github.io/lego/dns/mailinabox) |
|
||||
| [Metaname](https://metaname.net) | `metaname` | `METANAME_ACCOUNT_REFERENCE`, `METANAME_API_KEY` | [Additional configuration](https://go-acme.github.io/lego/dns/metaname) |
|
||||
| [MyDNS.jp](https://www.mydns.jp/) | `mydnsjp` | `MYDNSJP_MASTER_ID`, `MYDNSJP_PASSWORD` | [Additional configuration](https://go-acme.github.io/lego/dns/mydnsjp) |
|
||||
| [Mythic Beasts](https://www.mythic-beasts.com) | `mythicbeasts` | `MYTHICBEASTS_USER_NAME`, `MYTHICBEASTS_PASSWORD` | [Additional configuration](https://go-acme.github.io/lego/dns/mythicbeasts) |
|
||||
|
|
@ -412,6 +420,7 @@ For complete details, refer to your provider's _Additional configuration_ link.
|
|||
| [Scaleway](https://www.scaleway.com) | `scaleway` | `SCALEWAY_API_TOKEN` | [Additional configuration](https://go-acme.github.io/lego/dns/scaleway) |
|
||||
| [Selectel](https://selectel.ru/en/) | `selectel` | `SELECTEL_API_TOKEN` | [Additional configuration](https://go-acme.github.io/lego/dns/selectel) |
|
||||
| [Servercow](https://servercow.de) | `servercow` | `SERVERCOW_USERNAME`, `SERVERCOW_PASSWORD` | [Additional configuration](https://go-acme.github.io/lego/dns/servercow) |
|
||||
| [Shellrent](https://www.shellrent.com) | `shellrent` | `SHELLRENT_USERNAME`, `SHELLRENT_TOKEN` | [Additional configuration](https://go-acme.github.io/lego/dns/shellrent) |
|
||||
| [Simply.com](https://www.simply.com/en/domains/) | `simply` | `SIMPLY_ACCOUNT_NAME`, `SIMPLY_API_KEY` | [Additional configuration](https://go-acme.github.io/lego/dns/simply) |
|
||||
| [Sonic](https://www.sonic.com/) | `sonic` | `SONIC_USER_ID`, `SONIC_API_KEY` | [Additional configuration](https://go-acme.github.io/lego/dns/sonic) |
|
||||
| [Stackpath](https://www.stackpath.com/) | `stackpath` | `STACKPATH_CLIENT_ID`, `STACKPATH_CLIENT_SECRET`, `STACKPATH_STACK_ID` | [Additional configuration](https://go-acme.github.io/lego/dns/stackpath) |
|
||||
|
|
|
|||
|
|
@ -235,4 +235,4 @@ traefik_entrypoint_requests_total{code="200",entrypoint="web",method="GET",proto
|
|||
// For incoming requests, the Host header is promoted to the
|
||||
// Request.Host field and removed from the Header map.
|
||||
|
||||
As a workaround, to obtain the Host of a request as a label, one should use instead the `X-Forwarded-For` header.
|
||||
As a workaround, to obtain the Host of a request as a label, one should use instead the `X-Forwarded-Host` header.
|
||||
|
|
|
|||
|
|
@ -69,7 +69,7 @@ metrics:
|
|||
|
||||
_Optional, Default=false_
|
||||
|
||||
Enable metrics on entry points.
|
||||
Enable metrics on routers.
|
||||
|
||||
```yaml tab="File (YAML)"
|
||||
metrics:
|
||||
|
|
|
|||
|
|
@ -192,9 +192,9 @@ See the [Docker API Access](#docker-api-access) section for more information.
|
|||
|
||||
??? example "Using SSH"
|
||||
|
||||
Using Docker 18.09+ you can connect Traefik to daemon using SSH
|
||||
Using Docker 18.09+ you can connect Traefik to daemon using SSH.
|
||||
We specify the SSH host and user in Traefik's configuration file.
|
||||
Note that is server requires public keys for authentication you must have those accessible for user who runs Traefik.
|
||||
Note that if the server requires public keys for authentication, you must have them accessible for the user running Traefik.
|
||||
|
||||
```yaml tab="File (YAML)"
|
||||
providers:
|
||||
|
|
|
|||
|
|
@ -225,6 +225,12 @@
|
|||
- "traefik.tcp.services.tcpservice01.loadbalancer.terminationdelay=42"
|
||||
- "traefik.tcp.services.tcpservice01.loadbalancer.server.port=foobar"
|
||||
- "traefik.tcp.services.tcpservice01.loadbalancer.server.tls=true"
|
||||
- "traefik.tls.stores.store0.defaultgeneratedcert.domain.main=foobar"
|
||||
- "traefik.tls.stores.store0.defaultgeneratedcert.domain.sans=foobar, foobar"
|
||||
- "traefik.tls.stores.store0.defaultgeneratedcert.resolver=foobar"
|
||||
- "traefik.tls.stores.store1.defaultgeneratedcert.domain.main=foobar"
|
||||
- "traefik.tls.stores.store1.defaultgeneratedcert.domain.sans=foobar, foobar"
|
||||
- "traefik.tls.stores.store1.defaultgeneratedcert.resolver=foobar"
|
||||
- "traefik.udp.routers.udprouter0.entrypoints=foobar, foobar"
|
||||
- "traefik.udp.routers.udprouter0.service=foobar"
|
||||
- "traefik.udp.routers.udprouter1.entrypoints=foobar, foobar"
|
||||
|
|
|
|||
|
|
@ -139,7 +139,7 @@ Default middlewares for the routers linked to the entry point.
|
|||
Applies a permanent redirection. (Default: ```true```)
|
||||
|
||||
`--entrypoints.<name>.http.redirections.entrypoint.priority`:
|
||||
Priority of the generated router. (Default: ```2147483646```)
|
||||
Priority of the generated router. (Default: ```9223372036854775806```)
|
||||
|
||||
`--entrypoints.<name>.http.redirections.entrypoint.scheme`:
|
||||
Scheme used for the redirection. (Default: ```https```)
|
||||
|
|
|
|||
|
|
@ -148,7 +148,7 @@ Default middlewares for the routers linked to the entry point.
|
|||
Applies a permanent redirection. (Default: ```true```)
|
||||
|
||||
`TRAEFIK_ENTRYPOINTS_<NAME>_HTTP_REDIRECTIONS_ENTRYPOINT_PRIORITY`:
|
||||
Priority of the generated router. (Default: ```2147483646```)
|
||||
Priority of the generated router. (Default: ```9223372036854775806```)
|
||||
|
||||
`TRAEFIK_ENTRYPOINTS_<NAME>_HTTP_REDIRECTIONS_ENTRYPOINT_SCHEME`:
|
||||
Scheme used for the redirection. (Default: ```https```)
|
||||
|
|
|
|||
|
|
@ -702,29 +702,29 @@ _Optional, Default=0_
|
|||
|
||||
The maximum number of requests Traefik can handle before sending a `Connection: Close` header to the client (for HTTP2, Traefik sends a GOAWAY). Zero means no limit.
|
||||
|
||||
```yaml tab="File (YAML)"
|
||||
## Static configuration
|
||||
entryPoints:
|
||||
name:
|
||||
address: ":8888"
|
||||
transport:
|
||||
keepAliveMaxRequests: 42
|
||||
```
|
||||
```yaml tab="File (YAML)"
|
||||
## Static configuration
|
||||
entryPoints:
|
||||
name:
|
||||
address: ":8888"
|
||||
transport:
|
||||
keepAliveMaxRequests: 42
|
||||
```
|
||||
|
||||
```toml tab="File (TOML)"
|
||||
## Static configuration
|
||||
[entryPoints]
|
||||
[entryPoints.name]
|
||||
address = ":8888"
|
||||
[entryPoints.name.transport]
|
||||
keepAliveMaxRequests = 42
|
||||
```
|
||||
```toml tab="File (TOML)"
|
||||
## Static configuration
|
||||
[entryPoints]
|
||||
[entryPoints.name]
|
||||
address = ":8888"
|
||||
[entryPoints.name.transport]
|
||||
keepAliveMaxRequests = 42
|
||||
```
|
||||
|
||||
```bash tab="CLI"
|
||||
## Static configuration
|
||||
--entryPoints.name.address=:8888
|
||||
--entryPoints.name.transport.keepAliveMaxRequests=42
|
||||
```
|
||||
```bash tab="CLI"
|
||||
## Static configuration
|
||||
--entryPoints.name.address=:8888
|
||||
--entryPoints.name.transport.keepAliveMaxRequests=42
|
||||
```
|
||||
|
||||
#### `keepAliveMaxTime`
|
||||
|
||||
|
|
@ -732,29 +732,29 @@ _Optional, Default=0s_
|
|||
|
||||
The maximum duration Traefik can handle requests before sending a `Connection: Close` header to the client (for HTTP2, Traefik sends a GOAWAY). Zero means no limit.
|
||||
|
||||
```yaml tab="File (YAML)"
|
||||
## Static configuration
|
||||
entryPoints:
|
||||
name:
|
||||
address: ":8888"
|
||||
transport:
|
||||
keepAliveMaxTime: 42s
|
||||
```
|
||||
```yaml tab="File (YAML)"
|
||||
## Static configuration
|
||||
entryPoints:
|
||||
name:
|
||||
address: ":8888"
|
||||
transport:
|
||||
keepAliveMaxTime: 42s
|
||||
```
|
||||
|
||||
```toml tab="File (TOML)"
|
||||
## Static configuration
|
||||
[entryPoints]
|
||||
[entryPoints.name]
|
||||
address = ":8888"
|
||||
[entryPoints.name.transport]
|
||||
keepAliveMaxTime = 42s
|
||||
```
|
||||
```toml tab="File (TOML)"
|
||||
## Static configuration
|
||||
[entryPoints]
|
||||
[entryPoints.name]
|
||||
address = ":8888"
|
||||
[entryPoints.name.transport]
|
||||
keepAliveMaxTime = 42s
|
||||
```
|
||||
|
||||
```bash tab="CLI"
|
||||
## Static configuration
|
||||
--entryPoints.name.address=:8888
|
||||
--entryPoints.name.transport.keepAliveMaxTime=42s
|
||||
```
|
||||
```bash tab="CLI"
|
||||
## Static configuration
|
||||
--entryPoints.name.address=:8888
|
||||
--entryPoints.name.transport.keepAliveMaxTime=42s
|
||||
```
|
||||
|
||||
### ProxyProtocol
|
||||
|
||||
|
|
@ -972,7 +972,7 @@ This section is a convenience to enable (permanent) redirecting of all incoming
|
|||
|
||||
??? info "`entryPoint.priority`"
|
||||
|
||||
_Optional, Default=MaxInt32-1 (2147483646)_
|
||||
_Optional, Default=MaxInt-1_
|
||||
|
||||
Priority of the generated router.
|
||||
|
||||
|
|
|
|||
|
|
@ -784,7 +784,7 @@ spec:
|
|||
|
||||
#### `peerCertURI`
|
||||
|
||||
_Optional, Default=false_
|
||||
_Optional, Default=""_
|
||||
|
||||
`peerCertURI` defines the URI used to match against SAN URIs during the server's certificate verification.
|
||||
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue