homelab/traefik
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

YAML I love you

Browse source
This commit is contained in:
Michael 2019-09-23 17:00:06 +02:00 committed by Traefiker Bot
parent bfde17b4d7
commit 17480abe85
37 changed files with 636 additions and 429 deletions
Download patch file Download diff file Expand all files Collapse all files

16
docs/content/routing/entrypoints.md
View file

@ -110,13 +110,13 @@ You can define them using a toml file, CLI arguments, or a key-value store.
proxyProtocol:
insecure: true
trustedIPs:
- "127.0.0.1"
- "192.168.0.1"
- "127.0.0.1"
- "192.168.0.1"
forwardedHeaders:
insecure: true
trustedIPs:
- "127.0.0.1"
- "192.168.0.1"
- "127.0.0.1"
- "192.168.0.1"
```
```bash tab="CLI"
@ -158,8 +158,8 @@ You can configure Traefik to trust the forwarded headers information (`X-Forward
address: ":80"
forwardedHeaders:
trustedIPs:
- "127.0.0.1/32"
- "192.168.1.7"
- "127.0.0.1/32"
- "192.168.1.7"
```
```bash tab="CLI"
@ -421,8 +421,8 @@ If the Proxy Protocol header is passed, then the version is determined automatic
address: ":80"
proxyProtocol:
trustedIPs:
- "127.0.0.1/32"
- "192.168.1.7"
- "127.0.0.1/32"
- "192.168.1.7"
```
```bash tab="CLI"

3
docs/content/routing/providers/docker.md
View file

@ -446,7 +446,8 @@ You can declare TCP Routers and/or Services using labels.
```
??? info "`traefik.tcp.services.<service_name>.loadbalancer.terminationdelay`"
<!-- TODO doc terminationdelay in TCP services page -->
See [termination delay](../services/index.md#termination-delay) for more information.
```yaml
- "traefik.tcp.services.mytcpservice.loadbalancer.terminationdelay=100"

97
docs/content/routing/providers/marathon.md
View file

@ -276,8 +276,101 @@ You can declare TCP Routers and/or Services using labels.
!!! warning "TCP and HTTP"
If you declare a TCP Router/Service, it will prevent Traefik from automatically creating an HTTP Router/Service (as it would by default if no TCP Router/Service is defined).
Both a TCP Router/Service and an HTTP Router/Service can be created for the same application, but it has to be done explicitly in the config.
If you declare a TCP Router/Service, it will prevent Traefik from automatically creating an HTTP Router/Service (like it does by default if no TCP Router/Service is defined).
You can declare both a TCP Router/Service and an HTTP Router/Service for the same container (but you have to do so manually).
#### TCP Routers
??? info "`traefik.tcp.routers.<router_name>.entrypoints`"
See [entry points](../routers/index.md#entrypoints_1) for more information.
```json
"traefik.tcp.routers.mytcprouter.entrypoints": "ep1,ep2"
```
??? info "`traefik.tcp.routers.<router_name>.rule`"
See [rule](../routers/index.md#rule_1) for more information.
```json
"traefik.tcp.routers.mytcprouter.rule": "HostSNI(`myhost.com`)"
```
??? info "`traefik.tcp.routers.<router_name>.service`"
See [service](../routers/index.md#services) for more information.
```json
"traefik.tcp.routers.mytcprouter.service": "myservice"
```
??? info "`traefik.tcp.routers.<router_name>.tls`"
See [TLS](../routers/index.md#tls_1) for more information.
```json
"traefik.tcp.routers.mytcprouter.tls": "true
```
??? info "`traefik.tcp.routers.<router_name>.tls.certresolver`"
See [certResolver](../routers/index.md#certresolver_1) for more information.
```json
"traefik.tcp.routers.mytcprouter.tls.certresolver": "myresolver"
```
??? info "`traefik.tcp.routers.<router_name>.tls.domains[n].main`"
See [domains](../routers/index.md#domains_1) for more information.
```json
"traefik.tcp.routers.mytcprouter.tls.domains[0].main": "foobar.com"
```
??? info "`traefik.tcp.routers.<router_name>.tls.domains[n].sans`"
See [domains](../routers/index.md#domains_1) for more information.
```json
"traefik.tcp.routers.mytcprouter.tls.domains[0].sans": "test.foobar.com,dev.foobar.com"
```
??? info "`traefik.tcp.routers.<router_name>.tls.options`"
See [options](../routers/index.md#options_1) for more information.
```json
"traefik.tcp.routers.mytcprouter.tls.options": "mysoptions"
```
??? info "`traefik.tcp.routers.<router_name>.tls.passthrough`"
See [TLS](../routers/index.md#tls_1) for more information.
```json
"traefik.tcp.routers.mytcprouter.tls.passthrough": "true"
```
#### TCP Services
??? info "`traefik.tcp.services.<service_name>.loadbalancer.server.port`"
Registers a port of the application.
```json
"traefik.tcp.services.mytcpservice.loadbalancer.server.port": "423"
```
??? info "`traefik.tcp.services.<service_name>.loadbalancer.terminationdelay`"
See [termination delay](../services/index.md#termination-delay) for more information.
```json
"traefik.tcp.services.mytcpservice.loadbalancer.terminationdelay": "100"
```
### Specific Provider Options

113
docs/content/routing/providers/rancher.md
View file

@ -262,6 +262,119 @@ More information about available middlewares in the dedicated [middlewares secti
If you declare multiple middleware with the same name but with different parameters, the middleware fails to be declared.
### TCP
You can declare TCP Routers and/or Services using labels.
??? example "Declaring TCP Routers and Services"
```yaml
services:
my-container:
# ...
labels:
- "traefik.tcp.routers.my-router.rule=HostSNI(`my-host.com`)"
- "traefik.tcp.routers.my-router.tls=true"
- "traefik.tcp.services.my-service.loadbalancer.server.port=4123"
```
!!! warning "TCP and HTTP"
If you declare a TCP Router/Service, it will prevent Traefik from automatically creating an HTTP Router/Service (like it does by default if no TCP Router/Service is defined).
You can declare both a TCP Router/Service and an HTTP Router/Service for the same container (but you have to do so manually).
#### TCP Routers
??? info "`traefik.tcp.routers.<router_name>.entrypoints`"
See [entry points](../routers/index.md#entrypoints_1) for more information.
```yaml
- "traefik.tcp.routers.mytcprouter.entrypoints=ep1,ep2"
```
??? info "`traefik.tcp.routers.<router_name>.rule`"
See [rule](../routers/index.md#rule_1) for more information.
```yaml
- "traefik.tcp.routers.mytcprouter.rule=HostSNI(`myhost.com`)"
```
??? info "`traefik.tcp.routers.<router_name>.service`"
See [service](../routers/index.md#services) for more information.
```yaml
- "traefik.tcp.routers.mytcprouter.service=myservice"
```
??? info "`traefik.tcp.routers.<router_name>.tls`"
See [TLS](../routers/index.md#tls_1) for more information.
```yaml
- "traefik.tcp.routers.mytcprouter.tls=true"
```
??? info "`traefik.tcp.routers.<router_name>.tls.certresolver`"
See [certResolver](../routers/index.md#certresolver_1) for more information.
```yaml
- "traefik.tcp.routers.mytcprouter.tls.certresolver=myresolver"
```
??? info "`traefik.tcp.routers.<router_name>.tls.domains[n].main`"
See [domains](../routers/index.md#domains_1) for more information.
```yaml
- "traefik.tcp.routers.mytcprouter.tls.domains[0].main=foobar.com"
```
??? info "`traefik.tcp.routers.<router_name>.tls.domains[n].sans`"
See [domains](../routers/index.md#domains_1) for more information.
```yaml
- "traefik.tcp.routers.mytcprouter.tls.domains[0].sans=test.foobar.com,dev.foobar.com"
```
??? info "`traefik.tcp.routers.<router_name>.tls.options`"
See [options](../routers/index.md#options_1) for more information.
```yaml
- "traefik.tcp.routers.mytcprouter.tls.options=mysoptions"
```
??? info "`traefik.tcp.routers.<router_name>.tls.passthrough`"
See [TLS](../routers/index.md#tls_1) for more information.
```yaml
- "traefik.tcp.routers.mytcprouter.tls.passthrough=true"
```
#### TCP Services
??? info "`traefik.tcp.services.<service_name>.loadbalancer.server.port`"
Registers a port of the application.
```yaml
- "traefik.tcp.services.mytcpservice.loadbalancer.server.port=423"
```
??? info "`traefik.tcp.services.<service_name>.loadbalancer.terminationdelay`"
See [termination delay](../services/index.md#termination-delay) for more information.
```yaml
- "traefik.tcp.services.mytcpservice.loadbalancer.terminationdelay=100"
```
### Specific Provider Options
#### `traefik.enable`

26
docs/content/routing/routers/index.md
View file

@ -50,7 +50,7 @@ In the process, routers may use pieces of [middleware](../../middlewares/overvie
routers:
to-database:
entryPoints:
- "mysql"
- "mysql"
# Catch every request (only available rule for non-tls routers. See below.)
rule: "HostSNI(`*`)"
service: database
@ -164,8 +164,8 @@ If you want to limit the router scope to a set of entry points, set the `entryPo
Router-1:
# won't listen to entry point web
entryPoints:
- "websecure"
- "other"
- "websecure"
- "other"
rule: "Host(`traefik.io`)"
service: "service-1"
```
@ -415,8 +415,8 @@ It refers to a [TLS Options](../../https/tls.md#tls-options) and will be applied
foo:
minVersion: VersionTLS12
cipherSuites:
- TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
- TLS_RSA_WITH_AES_256_GCM_SHA384
- TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
- TLS_RSA_WITH_AES_256_GCM_SHA384
```
!!! important "Conflicting TLS Options"
@ -510,8 +510,8 @@ http:
tls:
certResolver: "bar"
domains:
- main: "snitest.com"
sans: "*.snitest.com"
- main: "snitest.com"
sans: "*.snitest.com"
```
[ACME v2](https://community.letsencrypt.org/t/acme-v2-and-wildcard-certificate-support-is-live/55579) supports wildcard certificates.
@ -627,8 +627,8 @@ If you want to limit the router scope to a set of entry points, set the entry po
Router-1:
# won't listen to entry point web
entryPoints:
- "websecure"
- "other"
- "websecure"
- "other"
rule: "HostSNI(`traefik.io`)"
service: "service-1"
# will route TLS requests (and ignore non tls requests)
@ -787,8 +787,8 @@ It refers to a [TLS Options](../../https/tls.md#tls-options) and will be applied
foo:
minVersion: VersionTLS12
cipherSuites:
- "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256"
- "TLS_RSA_WITH_AES_256_GCM_SHA384"
- "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256"
- "TLS_RSA_WITH_AES_256_GCM_SHA384"
```
#### `certResolver`
@ -839,6 +839,6 @@ tcp:
tls:
certResolver: "bar"
domains:
- main: "snitest.com"
sans: "*.snitest.com"
- main: "snitest.com"
sans: "*.snitest.com"
```