API: remove configuration of Entrypoint and Middlewares

Co-authored-by: Julien Salleyron <julien.salleyron@gmail.com>
2019-07-19 12:28:07 +02:00 · 2019-07-19 12:28:07 +02:00 · 092aa8fa6d
commit 092aa8fa6d
parent f75f73f3d2
17 changed files with 48 additions and 269 deletions
--- a/docs/content/operations/api.md
+++ b/docs/content/operations/api.md
@ -1,5 +1,8 @@
 # API

+!!! important
+    In the beta version, you can't configure middlewares (basic authentication or white listing) anymore, but as security is important, this will change before the RC version.
+
 Traefik exposes a number of information through an API handler, such as the configuration of all routers, services, middlewares, etc.

 As with all features of Traefik, this handler can be enabled with the [static configuration](../getting-started/configuration-overview.md#the-static-configuration).
@ -14,14 +17,14 @@ In production, it should be at least secured by authentication and authorization
 A good sane default (non exhaustive) set of recommendations
 would be to apply the following protection mechanisms:

-* At the application level:  
-  securing with middlewares such as [basic authentication](../middlewares/basicauth.md) or [white listing](../middlewares/ipwhitelist.md).
-
 * At the transport level:  
  NOT publicly exposing the API's port,
  keeping it restricted to internal networks
  (as in the [principle of least privilege](https://en.wikipedia.org/wiki/Principle_of_least_privilege), applied to networks).

+!!! important
+    In the beta version, you can't configure middlewares (basic authentication or white listing) anymore, but as security is important, this will change before the RC version.
+
 ## Configuration

 To enable the API handler:
@ -49,37 +52,6 @@ Enable the dashboard. More about the dashboard features [here](./dashboard.md).
 --api.dashboard
 ```

-### `entrypoint`
-
-_Optional, Default="traefik"_
-
-The entry point that the API handler will be bound to.
-The default ("traefik") is an internal entry point (which is always defined).
-
-```toml tab="File"
-[api]
-  entrypoint = "web"
-```
-
-```bash tab="CLI"
--api.entrypoint="web"
-```
-
-### `middlewares`
-
-_Optional, Default=empty_
-
-The list of [middlewares](../middlewares/overview.md) applied to the API handler.
-
-```toml tab="File"
-[api]
-  middlewares = ["api-auth", "api-prefix"]
-```
-
-```bash tab="CLI"
--api.middlewares="api-auth,api-prefix"
-```
-
 ### `debug`

 _Optional, Default=false_
@ -120,51 +92,3 @@ All the following endpoints must be accessed with a `GET` HTTP request.
 | `/debug/pprof/profile`         | See the [pprof Profile](https://golang.org/pkg/net/http/pprof/#Profile) Go documentation. |
 | `/debug/pprof/symbol`          | See the [pprof Symbol](https://golang.org/pkg/net/http/pprof/#Symbol) Go documentation.   |
 | `/debug/pprof/trace`           | See the [pprof Trace](https://golang.org/pkg/net/http/pprof/#Trace) Go documentation.     |
-
-## Common Configuration Use Cases
-
-### Address / Port
-
-You can define a custom address/port like this:
-
-```toml
-[entryPoints]
-  [entryPoints.web]
-    address = ":80"
-
-  [entryPoints.foo]
-    address = ":8082"
-
-  [entryPoints.bar]
-    address = ":8083"
-
-[ping]
-  entryPoint = "foo"
-
-[api]
-  entryPoint = "bar"
-```
-
-In the above example, you would access a service at /foo, an api endpoint, or the health-check as follows:
-
-* Service: `http://hostname:80/foo`
-* API: `http://hostname:8083/api/http/routers`
-* Ping URL: `http://hostname:8082/ping`
-
-### Authentication
-
-To restrict access to the API handler, one can add authentication with the [basic auth middleware](../middlewares/basicauth.md).
-
-```toml
-[api]
-  middlewares=["api-auth"]
-```
-
-```toml
-[http.middlewares]
-  [http.middlewares.api-auth.basicAuth]
-    users = [
-      "test:$apr1$H6uskkkW$IgXLP6ewTrSuBkTrqE8wj/",
-      "test2:$apr1$d9hr9HBB$4HxwgUir3HP4EsggP/QNo0",
-    ]
-```