homelab/traefik
1
0
Fork 0
Code Activity

Adds middlewares examples for k8s.

Browse source
This commit is contained in:
Ludovic Fernandez 2019-04-03 14:32:04 +02:00 committed by Traefiker Bot
parent 336135c392
commit 07d0eb9ae6
16 changed files with 552 additions and 261 deletions
Download patch file Download diff file Expand all files Collapse all files

61
docs/content/middlewares/digestauth.md
View file

@ -11,14 +11,29 @@ The DigestAuth middleware is a quick way to restrict access to your services to
```yaml tab="Docker"
labels:
- "traefik.http.middlewares.declared-users-only.digestauth.usersFile=path-to-file.ext"
- "traefik.http.middlewares.test-auth.digestauth.users=test:traefik:a2688e031edb4be6a3797f3882655c05,test2:traefik:518845800f9e2bfb1f1f740ec24f074e"
```
```yaml tab="Kubernetes"
# Declaring the user list
apiVersion: traefik.containo.us/v1alpha1
kind: Middleware
metadata:
name: test-auth
spec:
digestAuth:
users:
- test:traefik:a2688e031edb4be6a3797f3882655c05
- test2:traefik:518845800f9e2bfb1f1f740ec24f074e
```
```toml tab="File"
[http.middlewares]
[http.middlewares.test-auth.digestauth]
users = ["test:traefik:a2688e031edb4be6a3797f3882655c05",
"test2:traefik:518845800f9e2bfb1f1f740ec24f074e"]
[http.middlewares.test-auth.digestAuth]
users = [
"test:traefik:a2688e031edb4be6a3797f3882655c05",
"test2:traefik:518845800f9e2bfb1f1f740ec24f074e",
]
```
!!! tip
@ -27,7 +42,7 @@ labels:
## Configuration Options
### Users
### `Users`
The `users` option is an array of authorized users. Each user will be declared using the `name:realm:encoded-password` format.
@ -35,7 +50,7 @@ The `users` option is an array of authorized users. Each user will be declared u
If both `users` and `usersFile` are provided, the two are merged. The content of `usersFile` has precedence over `users`.
### UsersFile
### `UsersFile`
The `usersFile` option is the path to an external file that contains the authorized users for the middleware.
@ -52,22 +67,38 @@ The file content is a list of `name:realm:encoded-password`.
If both `users` and `usersFile` are provided, the two are merged. The content of `usersFile` has precedence over `users`.
### Realm
### `Realm`
You can customize the realm for the authentication with the `realm` option. The default value is `traefik`.
### HeaderField
### `HeaderField`
You can customize the header field for the authenticated user using the `headerField`option.
??? example "File -- Passing Authenticated Users to Services Via Headers"
Example "File -- Passing Authenticated User to Services Via Headers"
```toml
[http.middlewares.my-auth.digestauth]
usersFile = "path-to-file.ext"
headerField = "X-WebAuth-User" # header for the authenticated user
```
```yaml tab="Docker"
labels:
- "traefik.http.middlewares.my-auth.digestauth.headerField=X-WebAuth-User"
```
### RemoveHeader
```yaml tab="Kubernetes"
apiVersion: traefik.containo.us/v1alpha1
kind: Middleware
metadata:
name: my-auth
spec:
digestAuth:
# ...
headerField: X-WebAuth-User
```
```toml tab="File"
[http.middlewares.my-auth.digestAuth]
# ...
headerField = "X-WebAuth-User"
```
### `RemoveHeader`
Set the `removeHeader` option to `true` to remove the authorization header before forwarding the request to your service. (Default value is `false`.)