Clean Documentation

2025-08-25 14:35:04 +02:00 · 2025-08-25 14:35:04 +02:00 · 1997bc7432
commit 1997bc7432
parent 8ac8473554
77 changed files with 2561 additions and 1247 deletions
--- a/docs/content/assets/img/middleware/addprefix.png
+++ b/docs/content/assets/img/middleware/addprefix.png
--- a/docs/content/assets/img/middleware/authforward.png
+++ b/docs/content/assets/img/middleware/authforward.png
--- a/docs/content/assets/img/middleware/basicauth.png
+++ b/docs/content/assets/img/middleware/basicauth.png
--- a/docs/content/assets/img/middleware/buffering.png
+++ b/docs/content/assets/img/middleware/buffering.png
--- a/docs/content/assets/img/middleware/chain.png
+++ b/docs/content/assets/img/middleware/chain.png
--- a/docs/content/assets/img/middleware/circuitbreaker.png
+++ b/docs/content/assets/img/middleware/circuitbreaker.png
--- a/docs/content/assets/img/middleware/compress.png
+++ b/docs/content/assets/img/middleware/compress.png
--- a/docs/content/assets/img/middleware/digestauth.png
+++ b/docs/content/assets/img/middleware/digestauth.png
--- a/docs/content/assets/img/middleware/errorpages.png
+++ b/docs/content/assets/img/middleware/errorpages.png
--- a/docs/content/assets/img/middleware/headers.png
+++ b/docs/content/assets/img/middleware/headers.png
--- a/docs/content/assets/img/middleware/inflightreq.png
+++ b/docs/content/assets/img/middleware/inflightreq.png
--- a/docs/content/assets/img/middleware/ipwhitelist.png
+++ b/docs/content/assets/img/middleware/ipwhitelist.png
--- a/docs/content/assets/img/middleware/overview.png
+++ b/docs/content/assets/img/middleware/overview.png
--- a/docs/content/getting-started/configuration-overview.md
+++ b/docs/content/getting-started/configuration-overview.md
@ -12,10 +12,10 @@ How the Magic Happens
 Configuration in Traefik can refer to two different things:
- The fully dynamic routing configuration (referred to as the _dynamic configuration_)
+- The fully dynamic routing configuration (referred to as the _routing configuration_, formerly known as the _dynamic configuration_)
- The startup configuration (referred to as the _static configuration_)
+- The startup configuration (referred to as the _install configuration_, formerly known as the _static configuration_)
-Elements in the _static configuration_ set up connections to [providers](../providers/overview.md) and define the [entrypoints](../routing/entrypoints.md) Traefik will listen to (these elements don't change often).
+Elements in the install configuration_ set up connections to [providers](../providers/overview.md) and define the [entrypoints](../routing/entrypoints.md) Traefik will listen to (these elements don't change often).
 The _dynamic configuration_ contains everything that defines how the requests are handled by your system.
 This configuration can change and is seamlessly hot-reloaded, without any request interruption or connection loss.
@ -32,9 +32,9 @@ Since this configuration is specific to your infrastructure choices, we invite y
 !!! info ""
-    In the [Quick Start example](../getting-started/quick-start.md), the dynamic configuration comes from docker in the form of labels attached to your containers.
+    In the [Quick Start example](../getting-started/quick-start.md), the routing configuration comes from docker in the form of labels attached to your containers.
-!!! info "HTTPS Certificates also belong to the dynamic configuration."
+!!! info "HTTPS Certificates also belong to the routing configuration."
    You can add / update / remove them without restarting your Traefik instance.
@ -82,11 +82,11 @@ docker run traefik[:version] --help
 # ex: docker run traefik:v3.5 --help
 ```
-Check the [CLI reference](../reference/static-configuration/cli.md "Link to CLI reference overview") for an overview about all available arguments.
+Check the [CLI reference](../reference/install-configuration/configuration-options.md "Link to CLI reference overview") for an overview about all available arguments.
 ### Environment Variables
-All available environment variables can be found in the [static configuration environment overview](../reference/static-configuration/env.md).
+All available environment variables can be found in the [static configuration environment overview](../reference/install-configuration/configuration-options.md).
 ## Available Configuration Options
--- a/docs/content/middlewares/http/addprefix.md
+++ b/docs/content/middlewares/http/addprefix.md
@ -8,8 +8,6 @@ description: "Learn how to implement the HTTP AddPrefix middleware in Traefik Pr
 Prefixing the Path
 {: .subtitle }
 ![AddPrefix](../../assets/img/middleware/addprefix.png)
 The AddPrefix middleware updates the path of a request before forwarding it.
 ## Configuration Examples
--- a/docs/content/middlewares/http/basicauth.md
+++ b/docs/content/middlewares/http/basicauth.md
@ -8,8 +8,6 @@ description: "The HTTP basic authentication (BasicAuth) middleware in Traefik Pr
 Adding Basic Authentication
 {: .subtitle }
 ![BasicAuth](../../assets/img/middleware/basicauth.png)
 The BasicAuth middleware grants access to services to authorized users only.
 ## Configuration Examples
--- a/docs/content/middlewares/http/buffering.md
+++ b/docs/content/middlewares/http/buffering.md
@ -8,8 +8,6 @@ description: "The HTTP buffering middleware in Traefik Proxy limits the size of
 How to Read the Request before Forwarding It
 {: .subtitle }
 ![Buffering](../../assets/img/middleware/buffering.png)
 The Buffering middleware limits the size of requests that can be forwarded to services.
 With Buffering, Traefik reads the entire request into memory (possibly buffering large requests into disk), and rejects requests that are over a specified size limit.
--- a/docs/content/middlewares/http/chain.md
+++ b/docs/content/middlewares/http/chain.md
@ -8,8 +8,6 @@ description: "The HTTP chain middleware lets you define reusable combinations of
 When One Isn't Enough
 {: .subtitle }
 ![Chain](../../assets/img/middleware/chain.png)
 The Chain middleware enables you to define reusable combinations of other pieces of middleware.
 It makes reusing the same groups easier.
--- a/docs/content/middlewares/http/circuitbreaker.md
+++ b/docs/content/middlewares/http/circuitbreaker.md
@ -8,8 +8,6 @@ description: "The HTTP circuit breaker in Traefik Proxy prevents stacking reques
 Don't Waste Time Calling Unhealthy Services
 {: .subtitle }
 ![CircuitBreaker](../../assets/img/middleware/circuitbreaker.png)
 The circuit breaker protects your system from stacking requests to unhealthy services, resulting in cascading failures.
 When your system is healthy, the circuit is closed (normal operations).
--- a/docs/content/middlewares/http/compress.md
+++ b/docs/content/middlewares/http/compress.md
@ -8,8 +8,6 @@ description: "Traefik Proxy's HTTP middleware lets you compress responses before
 Compress Allows Compressing Responses before Sending them to the Client
 {: .subtitle }
 ![Compress](../../assets/img/middleware/compress.png)
 The Compress middleware supports Gzip, Brotli and Zstandard compression.
 The activation of compression, and the compression method choice rely (among other things) on the request's `Accept-Encoding` header.
--- a/docs/content/middlewares/http/digestauth.md
+++ b/docs/content/middlewares/http/digestauth.md
@ -8,8 +8,6 @@ description: "Traefik Proxy's HTTP DigestAuth middleware restricts access to you
 Adding Digest Authentication
 {: .subtitle }
 ![BasicAuth](../../assets/img/middleware/digestauth.png)
 The DigestAuth middleware grants access to services to authorized users only.
 ## Configuration Examples
--- a/docs/content/middlewares/http/errorpages.md
+++ b/docs/content/middlewares/http/errorpages.md
@ -8,8 +8,6 @@ description: "In Traefik Proxy, the Errors middleware returns custom pages accor
 It Has Never Been Easier to Say That Something Went Wrong
 {: .subtitle }
 ![Errors](../../assets/img/middleware/errorpages.png)
 The Errors middleware returns a custom page in lieu of the default, according to configured ranges of HTTP Status codes.
 !!! important
--- a/docs/content/middlewares/http/forwardauth.md
+++ b/docs/content/middlewares/http/forwardauth.md
@ -8,8 +8,6 @@ description: "In Traefik Proxy, the HTTP ForwardAuth middleware delegates authen
 Using an External Service to Forward Authentication
 {: .subtitle }
 ![AuthForward](../../assets/img/middleware/authforward.png)
 The ForwardAuth middleware delegates authentication to an external service.
 If the service answers with a 2XX code, access is granted, and the original request is performed.
 Otherwise, the response from the authentication server is returned.
--- a/docs/content/middlewares/http/headers.md
+++ b/docs/content/middlewares/http/headers.md
@ -8,8 +8,6 @@ description: "In Traefik Proxy, the HTTP headers middleware manages the headers
 Managing Request/Response headers
 {: .subtitle }
 ![Headers](../../assets/img/middleware/headers.png)
 The Headers middleware manages the headers of requests and responses.
 A set of forwarded headers are automatically added by default. See the [FAQ](../../getting-started/faq.md#what-are-the-forwarded-headers-when-proxying-http-requests) for more information.
--- a/docs/content/middlewares/http/inflightreq.md
+++ b/docs/content/middlewares/http/inflightreq.md
@ -8,8 +8,6 @@ description: "Traefik Proxy's HTTP middleware lets you limit the number of simul
 Limiting the Number of Simultaneous In-Flight Requests
 {: .subtitle }
 ![InFlightReq](../../assets/img/middleware/inflightreq.png)
 To proactively prevent services from being overwhelmed with high load, the number of allowed simultaneous in-flight requests can be limited.
 ## Configuration Examples
--- a/docs/content/middlewares/http/ipwhitelist.md
+++ b/docs/content/middlewares/http/ipwhitelist.md
@ -8,8 +8,6 @@ description: "Learn how to use IPWhiteList in HTTP middleware for limiting clien
 Limiting Clients to Specific IPs
 {: .subtitle }
 ![IPWhiteList](../../assets/img/middleware/ipwhitelist.png)
 IPWhiteList limits allowed requests based on the client IP.
 !!! warning
--- a/docs/content/middlewares/http/overview.md
+++ b/docs/content/middlewares/http/overview.md
@ -8,8 +8,6 @@ description: "Read the official Traefik Proxy documentation for an overview of t
 Controlling connections
 {: .subtitle }
 ![Overview](../../assets/img/middleware/overview.png)
 ## Configuration Example
 ```yaml tab="Docker & Swarm"
--- a/docs/content/middlewares/overview.md
+++ b/docs/content/middlewares/overview.md
@ -8,8 +8,6 @@ description: "There are several available middleware in Traefik Proxy used to mo
 Tweaking the Request
 {: .subtitle }
 ![Overview](../assets/img/middleware/overview.png)
 Attached to the routers, pieces of middleware are a means of tweaking the requests before they are sent to your [service](../routing/services/index.md) (or before the answer from the services are sent to the clients).
 There are several available middleware in Traefik, some can modify the request, the headers, some are in charge of redirections, some add authentication, and so on.
--- a/docs/content/middlewares/tcp/overview.md
+++ b/docs/content/middlewares/tcp/overview.md
@ -8,8 +8,6 @@ description: "Read the official Traefik Proxy documentation for an overview of t
 Controlling connections
 {: .subtitle }
 ![Overview](../../assets/img/middleware/overview.png)
 ## Configuration Example
 ```yaml tab="Docker & Swarm"
--- a/docs/content/migration/v3.md
+++ b/docs/content/migration/v3.md
@ -351,7 +351,7 @@ Possible values are:
 - `minimal`: produces a single server span and one client span for each request processed by a router.
 - `detailed`: enables the creation of additional spans for each middleware executed for each request processed by a router.
-See the updated documentation for [entrypoints](../reference/install-configuration/entrypoints.md) and [dynamic routers](../reference/dynamic-configuration/file.md#observability-options).
+See the updated documentation for [entrypoints](../reference/install-configuration/entrypoints.md) and [dynamic routers](../reference/routing-configuration/http/router/observability.md).
 #### K8s Resource Attributes
--- a/docs/content/operations/cli.md
+++ b/docs/content/operations/cli.md
@ -31,7 +31,7 @@ traefik [--flag=flag_argument] [-f [flag_argument]]
 traefik [--flag[=true|false| ]] [-f [true|false| ]]
 ```
-All flags are documented in the [(static configuration) CLI reference](../reference/static-configuration/cli.md).
+All flags are documented in the [(static configuration) CLI reference](../reference/install-configuration/configuration-options.md).
 !!! info "Flags are case-insensitive."
--- a/docs/content/providers/file.md
+++ b/docs/content/providers/file.md
@ -103,7 +103,7 @@ It supports providing configuration through a [single configuration file](#filen
 ## Provider Configuration
-For an overview of all the options that can be set with the file provider, see the [dynamic configuration](../reference/dynamic-configuration/file.md) and [static configuration](../reference/static-configuration/overview.md) references.
+For an overview of all the options that can be set with the file provider, see the [routing configuration](../reference/routing-configuration/other-providers/file.md) and [install configuration](../reference/install-configuration/configuration-options.md) references.
 !!! warning "Limitations"
--- a/docs/content/reference/dynamic-configuration/consul-catalog.md
+++ b/docs/content/reference/dynamic-configuration/consul-catalog.md
@ -1,16 +0,0 @@
 ---
 title: "Traefik Consul Configuration Documentation"
 description: "View the reference for performing dynamic configurations with Traefik Proxy and Consul Catalog. Read the technical documentation."
 ---
 # Consul Catalog Configuration Reference
 Dynamic configuration with Consul Catalog
 {: .subtitle }
 The labels are case-insensitive.
 ```yaml
 --8<-- "content/reference/dynamic-configuration/consul-catalog.yml"
 --8<-- "content/reference/dynamic-configuration/docker-labels.yml"
 ```
--- a/docs/content/reference/dynamic-configuration/consul-catalog.yml
+++ b/docs/content/reference/dynamic-configuration/consul-catalog.yml
@ -1,2 +0,0 @@
 - "traefik.enable=true"
 - "traefik.consulcatalog.connect=true"
--- a/docs/content/reference/dynamic-configuration/docker.md
+++ b/docs/content/reference/dynamic-configuration/docker.md
@ -1,17 +0,0 @@
 ---
 title: "Traefik Docker Configuration Documentation"
 description: "Reference dynamic configuration with Docker labels in Traefik Proxy. Read the technical documentation."
 ---
 # Docker Configuration Reference
 Dynamic configuration with Docker Labels
 {: .subtitle }
 The labels are case-insensitive.
 ```yaml
 labels:
  --8<-- "content/reference/dynamic-configuration/docker.yml"
  --8<-- "content/reference/dynamic-configuration/docker-labels.yml"
 ```
--- a/docs/content/reference/dynamic-configuration/docker.yml
+++ b/docs/content/reference/dynamic-configuration/docker.yml
@ -1,2 +0,0 @@
 - "traefik.enable=true"
 - "traefik.docker.network=foobar"
--- a/docs/content/reference/dynamic-configuration/ecs.md
+++ b/docs/content/reference/dynamic-configuration/ecs.md
@ -1,16 +0,0 @@
 ---
 title: "Traefik AWS ECS Configuration Documentation"
 description: "Learn how to do dynamic configuration in Traefik Proxy with AWS ECS. Read the technical documentation."
 ---
 # ECS Configuration Reference
 Dynamic configuration with ECS provider
 {: .subtitle }
 The labels are case-insensitive.
 ```yaml
 --8<-- "content/reference/dynamic-configuration/ecs.yml"
 --8<-- "content/reference/dynamic-configuration/docker-labels.yml"
 ```
--- a/docs/content/reference/dynamic-configuration/ecs.yml
+++ b/docs/content/reference/dynamic-configuration/ecs.yml
@ -1 +0,0 @@
 - "traefik.enable=true"
--- a/docs/content/reference/dynamic-configuration/file.md
+++ b/docs/content/reference/dynamic-configuration/file.md
@ -1,17 +0,0 @@
 ---
 title: "Traefik File Dynamic Configuration"
 description: "This guide will provide you with the YAML and TOML files for dynamic configuration in Traefik Proxy. Read the technical documentation."
 ---
 # File Configuration Reference
 Dynamic configuration with files
 {: .subtitle }
 ```yml  tab="YAML"
 --8<-- "content/reference/dynamic-configuration/file.yaml"
 ```
 ```toml  tab="TOML"
 --8<-- "content/reference/dynamic-configuration/file.toml"
 ```
--- a/docs/content/reference/dynamic-configuration/kv.md
+++ b/docs/content/reference/dynamic-configuration/kv.md
@ -1,11 +0,0 @@
 ---
 title: "Traefik Dynamic Configuration with KV stores"
 description: "Read the technical documentation to learn the Traefik Dynamic Configuration with KV stores."
 ---
 # KV Configuration Reference
 Dynamic configuration with KV stores.
 {: .subtitle }
 --8<-- "content/reference/dynamic-configuration/kv-ref.md"
--- a/docs/content/reference/dynamic-configuration/nomad.md
+++ b/docs/content/reference/dynamic-configuration/nomad.md
@ -1,16 +0,0 @@
 ---
 title: "Traefik Nomad Service Discovery Configuration Documentation"
 description: "View the reference for performing dynamic configurations with Traefik Proxy and Nomad Service Discovery. Read the technical documentation."
 ---
 # Nomad Service Discovery Configuration Reference
 Dynamic configuration with Nomad Service Discovery
 {: .subtitle }
 The labels are case-insensitive.
 ```yaml
 --8<-- "content/reference/dynamic-configuration/nomad.yml"
 --8<-- "content/reference/dynamic-configuration/docker-labels.yml"
 ```
--- a/docs/content/reference/dynamic-configuration/nomad.yml
+++ b/docs/content/reference/dynamic-configuration/nomad.yml
@ -1 +0,0 @@
 - "traefik.enable=true"
--- a/docs/content/reference/dynamic-configuration/rancher.md
+++ b/docs/content/reference/dynamic-configuration/rancher.md
--- a/docs/content/reference/dynamic-configuration/swarm.md
+++ b/docs/content/reference/dynamic-configuration/swarm.md
@ -1,17 +0,0 @@
 ---
 title: "Traefik Docker Swarm Configuration Documentation"
 description: "Reference dynamic configuration with Docker Swarm labels in Traefik Proxy. Read the technical documentation."
 ---
 # Docker Swarm Configuration Reference
 Dynamic configuration with Docker Labels
 {: .subtitle }
 The labels are case-insensitive.
 ```yaml
 labels:
  --8<-- "content/reference/dynamic-configuration/swarm.yml"
  --8<-- "content/reference/dynamic-configuration/docker-labels.yml"
 ```
--- a/docs/content/reference/dynamic-configuration/swarm.yml
+++ b/docs/content/reference/dynamic-configuration/swarm.yml
@ -1,3 +0,0 @@
 - "traefik.enable=true"
 - "traefik.swarm.network=foobar"
 - "traefik.swarm.lbswarm=true"
--- a/docs/content/reference/install-configuration/boot-environment.md
+++ b/docs/content/reference/install-configuration/boot-environment.md
@ -7,14 +7,14 @@ description: "Read the official Traefik documentation to get started with config
 Traefik Proxy’s configuration is divided into two main categories:
- **Static Configuration**: Defines parameters that require Traefik to restart when changed. This includes entry points, providers, API/dashboard settings, and logging levels.
+- **Install Configuration**: (formerly known as the static configuration) Defines parameters that require Traefik to restart when changed. This includes entry points, providers, API/dashboard settings, and logging levels.
- **Dynamic Configuration**: Involves elements that can be updated without restarting Traefik, such as routers, services, and middlewares.
+- **Routing Configuration**: (formerly known as the dynamic configuration) Involves elements that can be updated without restarting Traefik, such as routers, services, and middlewares.
-This section focuses on setting up the static configuration, which is essential for Traefik’s initial boot.
+This section focuses on setting up the install configuration, which is essential for Traefik’s initial boot.
 ## Configuration Methods
-Traefik offers multiple methods to define static configuration. 
+Traefik offers multiple methods to define install configuration. 
 !!! warning "Note"
    It’s crucial to choose one method and stick to it, as mixing different configuration options is not supported and can lead to unexpected behavior.
@ -28,7 +28,7 @@ Here are the methods available for configuring the Traefik proxy:
 ## File
-You can define the static configuration in a file using formats like YAML or TOML.
+You can define the install configuration in a file using formats like YAML or TOML.
 ### Configuration Example
@ -69,7 +69,7 @@ log:
 ### Configuration File
-At startup, Traefik searches for static configuration in a file named `traefik.yml` (or `traefik.yaml` or `traefik.toml`) in the following directories:
+At startup, Traefik searches for install configuration in a file named `traefik.yml` (or `traefik.yaml` or `traefik.toml`) in the following directories:
 - `/etc/traefik/`
 - `$XDG_CONFIG_HOME/`
@ -84,7 +84,7 @@ traefik --configFile=foo/bar/myconfigfile.yml
 ## CLI
-Using the CLI, you can pass static configuration directly as command-line arguments when starting Traefik. 
+Using the CLI, you can pass install configuration directly as command-line arguments when starting Traefik. 
 ### Configuration Example
@ -99,7 +99,7 @@ traefik \
 ## Environment Variables
-You can also set the static configuration using environment variables. Each option corresponds to an environment variable prefixed with `TRAEFIK_`.
+You can also set the install configuration using environment variables. Each option corresponds to an environment variable prefixed with `TRAEFIK_`.
 ### Configuration Example
@ -109,7 +109,7 @@ TRAEFIK_ENTRYPOINTS_WEB_ADDRESS=":80" TRAEFIK_ENTRYPOINTS_WEBSECURE_ADDRESS=":44
 ## Helm
-When deploying Traefik Proxy using Helm in a Kubernetes cluster, the static configuration is defined in a `values.yaml` file. 
+When deploying Traefik Proxy using Helm in a Kubernetes cluster, the install configuration is defined in a `values.yaml` file. 
 You can find the official Traefik Helm chart on [GitHub](https://github.com/traefik/traefik-helm-chart/blob/master/traefik/VALUES.md)
--- a/docs/content/reference/install-configuration/configuration-options.md
+++ b/docs/content/reference/install-configuration/configuration-options.md
@ -0,0 +1,481 @@
 <!--
 CODE GENERATED AUTOMATICALLY
 THIS FILE MUST NOT BE EDITED BY HAND
 -->
 # Install Configuration Options
 ## Configuration Options
 | Field | Description | Default | 
 |:-------|:------------|:-------|
 | accesslog | Access log settings. | false |
 | accesslog.addinternals | Enables access log for internal services (ping, dashboard, etc...). | false |
 | accesslog.bufferingsize | Number of access log lines to process in a buffered way. | 0 |
 | accesslog.fields.defaultmode | Default mode for fields: keep | drop | keep |
 | accesslog.fields.headers.defaultmode | Default mode for fields: keep | drop | redact | drop |
 | accesslog.fields.headers.names._name_ | Override mode for headers | |
 | accesslog.fields.names._name_ | Override mode for fields | |
 | accesslog.filepath | Access log file path. Stdout is used when omitted or empty. | |
 | accesslog.filters.minduration | Keep access logs when request took longer than the specified duration. | 0 |
 | accesslog.filters.retryattempts | Keep access logs when at least one retry happened. | false |
 | accesslog.filters.statuscodes | Keep access logs with status codes in the specified range. | |
 | accesslog.format | Access log format: json | common | common |
 | accesslog.otlp | Settings for OpenTelemetry. | false |
 | accesslog.otlp.grpc | gRPC configuration for the OpenTelemetry collector. | false |
 | accesslog.otlp.grpc.endpoint | Sets the gRPC endpoint (host:port) of the collector. | localhost:4317 |
 | accesslog.otlp.grpc.headers._name_ | Headers sent with payload. | |
 | accesslog.otlp.grpc.insecure | Disables client transport security for the exporter. | false |
 | accesslog.otlp.grpc.tls.ca | TLS CA | |
 | accesslog.otlp.grpc.tls.cert | TLS cert | |
 | accesslog.otlp.grpc.tls.insecureskipverify | TLS insecure skip verify | false |
 | accesslog.otlp.grpc.tls.key | TLS key | |
 | accesslog.otlp.http | HTTP configuration for the OpenTelemetry collector. | false |
 | accesslog.otlp.http.endpoint | Sets the HTTP endpoint (scheme://host:port/path) of the collector. | https://localhost:4318 |
 | accesslog.otlp.http.headers._name_ | Headers sent with payload. | |
 | accesslog.otlp.http.tls.ca | TLS CA | |
 | accesslog.otlp.http.tls.cert | TLS cert | |
 | accesslog.otlp.http.tls.insecureskipverify | TLS insecure skip verify | false |
 | accesslog.otlp.http.tls.key | TLS key | |
 | accesslog.otlp.resourceattributes._name_ | Defines additional resource attributes (key:value). | |
 | accesslog.otlp.servicename | Defines the service name resource attribute. | traefik |
 | api | Enable api/dashboard. | false |
 | api.basepath | Defines the base path where the API and Dashboard will be exposed. | / |
 | api.dashboard | Activate dashboard. | true |
 | api.debug | Enable additional endpoints for debugging and profiling. | false |
 | api.disabledashboardad | Disable ad in the dashboard. | false |
 | api.insecure | Activate API directly on the entryPoint named traefik. | false |
 | certificatesresolvers._name_ | Certificates resolvers configuration. | false |
 | certificatesresolvers._name_.acme.cacertificates | Specify the paths to PEM encoded CA Certificates that can be used to authenticate an ACME server with an HTTPS certificate not issued by a CA in the system-wide trusted root list. | |
 | certificatesresolvers._name_.acme.caserver | CA server to use. | https://acme-v02.api.letsencrypt.org/directory |
 | certificatesresolvers._name_.acme.caservername | Specify the CA server name that can be used to authenticate an ACME server with an HTTPS certificate not issued by a CA in the system-wide trusted root list. | |
 | certificatesresolvers._name_.acme.casystemcertpool | Define if the certificates pool must use a copy of the system cert pool. | false |
 | certificatesresolvers._name_.acme.certificatesduration | Certificates' duration in hours. | 2160 |
 | certificatesresolvers._name_.acme.clientresponseheadertimeout | Timeout for receiving the response headers when communicating with the ACME server. | 30 |
 | certificatesresolvers._name_.acme.clienttimeout | Timeout for a complete HTTP transaction with the ACME server. | 120 |
 | certificatesresolvers._name_.acme.dnschallenge | Activate DNS-01 Challenge. | false |
 | certificatesresolvers._name_.acme.dnschallenge.delaybeforecheck | (Deprecated) Assume DNS propagates after a delay in seconds rather than finding and querying nameservers. | 0 |
 | certificatesresolvers._name_.acme.dnschallenge.disablepropagationcheck | (Deprecated) Disable the DNS propagation checks before notifying ACME that the DNS challenge is ready. [not recommended] | false |
 | certificatesresolvers._name_.acme.dnschallenge.propagation | DNS propagation checks configuration | false |
 | certificatesresolvers._name_.acme.dnschallenge.propagation.delaybeforechecks | Defines the delay before checking the challenge TXT record propagation. | 0 |
 | certificatesresolvers._name_.acme.dnschallenge.propagation.disableanschecks | Disables the challenge TXT record propagation checks against authoritative nameservers. | false |
 | certificatesresolvers._name_.acme.dnschallenge.propagation.disablechecks | Disables the challenge TXT record propagation checks (not recommended). | false |
 | certificatesresolvers._name_.acme.dnschallenge.propagation.requireallrns | Requires the challenge TXT record to be propagated to all recursive nameservers. | false |
 | certificatesresolvers._name_.acme.dnschallenge.provider | Use a DNS-01 based challenge provider rather than HTTPS. | |
 | certificatesresolvers._name_.acme.dnschallenge.resolvers | Use following DNS servers to resolve the FQDN authority. | |
 | certificatesresolvers._name_.acme.eab.hmacencoded | Base64 encoded HMAC key from External CA. | |
 | certificatesresolvers._name_.acme.eab.kid | Key identifier from External CA. | |
 | certificatesresolvers._name_.acme.email | Email address used for registration. | |
 | certificatesresolvers._name_.acme.emailaddresses | CSR email addresses to use. | |
 | certificatesresolvers._name_.acme.httpchallenge | Activate HTTP-01 Challenge. | false |
 | certificatesresolvers._name_.acme.httpchallenge.delay | Delay between the creation of the challenge and the validation. | 0 |
 | certificatesresolvers._name_.acme.httpchallenge.entrypoint | HTTP challenge EntryPoint | |
 | certificatesresolvers._name_.acme.keytype | KeyType used for generating certificate private key. Allow value 'EC256', 'EC384', 'RSA2048', 'RSA4096', 'RSA8192'. | RSA4096 |
 | certificatesresolvers._name_.acme.preferredchain | Preferred chain to use. | |
 | certificatesresolvers._name_.acme.profile | Certificate profile to use. | |
 | certificatesresolvers._name_.acme.storage | Storage to use. | acme.json |
 | certificatesresolvers._name_.acme.tlschallenge | Activate TLS-ALPN-01 Challenge. | true |
 | certificatesresolvers._name_.tailscale | Enables Tailscale certificate resolution. | true |
 | core.defaultrulesyntax | Defines the rule parser default syntax (v2 or v3) | v3 |
 | entrypoints._name_ | Entry points definition. | false |
 | entrypoints._name_.address | Entry point address. | |
 | entrypoints._name_.allowacmebypass | Enables handling of ACME TLS and HTTP challenges with custom routers. | false |
 | entrypoints._name_.asdefault | Adds this EntryPoint to the list of default EntryPoints to be used on routers that don't have any Entrypoint defined. | false |
 | entrypoints._name_.forwardedheaders.connection | List of Connection headers that are allowed to pass through the middleware chain before being removed. | |
 | entrypoints._name_.forwardedheaders.insecure | Trust all forwarded headers. | false |
 | entrypoints._name_.forwardedheaders.trustedips | Trust only forwarded headers from selected IPs. | |
 | entrypoints._name_.http | HTTP configuration. | |
 | entrypoints._name_.http.encodequerysemicolons | Defines whether request query semicolons should be URLEncoded. | false |
 | entrypoints._name_.http.maxheaderbytes | Maximum size of request headers in bytes. | 1048576 |
 | entrypoints._name_.http.middlewares | Default middlewares for the routers linked to the entry point. | |
 | entrypoints._name_.http.redirections.entrypoint.permanent | Applies a permanent redirection. | true |
 | entrypoints._name_.http.redirections.entrypoint.priority | Priority of the generated router. | 9223372036854775806 |
 | entrypoints._name_.http.redirections.entrypoint.scheme | Scheme used for the redirection. | https |
 | entrypoints._name_.http.redirections.entrypoint.to | Targeted entry point of the redirection. | |
 | entrypoints._name_.http.sanitizepath | Defines whether to enable request path sanitization (removal of /./, /../ and multiple slash sequences). | true |
 | entrypoints._name_.http.tls | Default TLS configuration for the routers linked to the entry point. | false |
 | entrypoints._name_.http.tls.certresolver | Default certificate resolver for the routers linked to the entry point. | |
 | entrypoints._name_.http.tls.domains | Default TLS domains for the routers linked to the entry point. | |
 | entrypoints._name_.http.tls.domains[0].main | Default subject name. | |
 | entrypoints._name_.http.tls.domains[0].sans | Subject alternative names. | |
 | entrypoints._name_.http.tls.options | Default TLS options for the routers linked to the entry point. | |
 | entrypoints._name_.http2.maxconcurrentstreams | Specifies the number of concurrent streams per connection that each client is allowed to initiate. | 250 |
 | entrypoints._name_.http3 | HTTP/3 configuration. | false |
 | entrypoints._name_.http3.advertisedport | UDP port to advertise, on which HTTP/3 is available. | 0 |
 | entrypoints._name_.observability.accesslogs | Enables access-logs for this entryPoint. | true |
 | entrypoints._name_.observability.metrics | Enables metrics for this entryPoint. | true |
 | entrypoints._name_.observability.traceverbosity | Defines the tracing verbosity level for this entryPoint. | minimal |
 | entrypoints._name_.observability.tracing | Enables tracing for this entryPoint. | true |
 | entrypoints._name_.proxyprotocol | Proxy-Protocol configuration. | false |
 | entrypoints._name_.proxyprotocol.insecure | Trust all. | false |
 | entrypoints._name_.proxyprotocol.trustedips | Trust only selected IPs. | |
 | entrypoints._name_.reuseport | Enables EntryPoints from the same or different processes listening on the same TCP/UDP port. | false |
 | entrypoints._name_.transport.keepalivemaxrequests | Maximum number of requests before closing a keep-alive connection. | 0 |
 | entrypoints._name_.transport.keepalivemaxtime | Maximum duration before closing a keep-alive connection. | 0 |
 | entrypoints._name_.transport.lifecycle.gracetimeout | Duration to give active requests a chance to finish before Traefik stops. | 10 |
 | entrypoints._name_.transport.lifecycle.requestacceptgracetimeout | Duration to keep accepting requests before Traefik initiates the graceful shutdown procedure. | 0 |
 | entrypoints._name_.transport.respondingtimeouts.idletimeout | IdleTimeout is the maximum amount duration an idle (keep-alive) connection will remain idle before closing itself. If zero, no timeout is set. | 180 |
 | entrypoints._name_.transport.respondingtimeouts.readtimeout | ReadTimeout is the maximum duration for reading the entire request, including the body. If zero, no timeout is set. | 60 |
 | entrypoints._name_.transport.respondingtimeouts.writetimeout | WriteTimeout is the maximum duration before timing out writes of the response. If zero, no timeout is set. | 0 |
 | entrypoints._name_.udp.timeout | Timeout defines how long to wait on an idle session before releasing the related resources. | 3 |
 | experimental.abortonpluginfailure | Defines whether all plugins must be loaded successfully for Traefik to start. | false |
 | experimental.fastproxy | Enables the FastProxy implementation. | false |
 | experimental.fastproxy.debug | Enable debug mode for the FastProxy implementation. | false |
 | experimental.kubernetesgateway | (Deprecated) Allow the Kubernetes gateway api provider usage. | false |
 | experimental.kubernetesingressnginx | Allow the Kubernetes Ingress NGINX provider usage. | false |
 | experimental.localplugins._name_ | Local plugins configuration. | false |
 | experimental.localplugins._name_.modulename | Plugin's module name. | |
 | experimental.localplugins._name_.settings | Plugin's settings (works only for wasm plugins). | |
 | experimental.localplugins._name_.settings.envs | Environment variables to forward to the wasm guest. | |
 | experimental.localplugins._name_.settings.mounts | Directory to mount to the wasm guest. | |
 | experimental.localplugins._name_.settings.useunsafe | Allow the plugin to use unsafe package. | false |
 | experimental.otlplogs | Enables the OpenTelemetry logs integration. | false |
 | experimental.plugins._name_.modulename | plugin's module name. | |
 | experimental.plugins._name_.settings | Plugin's settings (works only for wasm plugins). | |
 | experimental.plugins._name_.settings.envs | Environment variables to forward to the wasm guest. | |
 | experimental.plugins._name_.settings.mounts | Directory to mount to the wasm guest. | |
 | experimental.plugins._name_.settings.useunsafe | Allow the plugin to use unsafe package. | false |
 | experimental.plugins._name_.version | plugin's version. | |
 | global.checknewversion | Periodically check if a new version has been released. | true |
 | global.sendanonymoususage | Periodically send anonymous usage statistics. If the option is not specified, it will be disabled by default. | false |
 | hostresolver | Enable CNAME Flattening. | false |
 | hostresolver.cnameflattening | A flag to enable/disable CNAME flattening | false |
 | hostresolver.resolvconfig | resolv.conf used for DNS resolving | /etc/resolv.conf |
 | hostresolver.resolvdepth | The maximal depth of DNS recursive resolving | 5 |
 | log | Traefik log settings. | false |
 | log.compress | Determines if the rotated log files should be compressed using gzip. | false |
 | log.filepath | Traefik log file path. Stdout is used when omitted or empty. | |
 | log.format | Traefik log format: json | common | common |
 | log.level | Log level set to traefik logs. | ERROR |
 | log.maxage | Maximum number of days to retain old log files based on the timestamp encoded in their filename. | 0 |
 | log.maxbackups | Maximum number of old log files to retain. | 0 |
 | log.maxsize | Maximum size in megabytes of the log file before it gets rotated. | 0 |
 | log.nocolor | When using the 'common' format, disables the colorized output. | false |
 | log.otlp | Settings for OpenTelemetry. | false |
 | log.otlp.grpc | gRPC configuration for the OpenTelemetry collector. | false |
 | log.otlp.grpc.endpoint | Sets the gRPC endpoint (host:port) of the collector. | localhost:4317 |
 | log.otlp.grpc.headers._name_ | Headers sent with payload. | |
 | log.otlp.grpc.insecure | Disables client transport security for the exporter. | false |
 | log.otlp.grpc.tls.ca | TLS CA | |
 | log.otlp.grpc.tls.cert | TLS cert | |
 | log.otlp.grpc.tls.insecureskipverify | TLS insecure skip verify | false |
 | log.otlp.grpc.tls.key | TLS key | |
 | log.otlp.http | HTTP configuration for the OpenTelemetry collector. | false |
 | log.otlp.http.endpoint | Sets the HTTP endpoint (scheme://host:port/path) of the collector. | https://localhost:4318 |
 | log.otlp.http.headers._name_ | Headers sent with payload. | |
 | log.otlp.http.tls.ca | TLS CA | |
 | log.otlp.http.tls.cert | TLS cert | |
 | log.otlp.http.tls.insecureskipverify | TLS insecure skip verify | false |
 | log.otlp.http.tls.key | TLS key | |
 | log.otlp.resourceattributes._name_ | Defines additional resource attributes (key:value). | |
 | log.otlp.servicename | Defines the service name resource attribute. | traefik |
 | metrics.addinternals | Enables metrics for internal services (ping, dashboard, etc...). | false |
 | metrics.datadog | Datadog metrics exporter type. | false |
 | metrics.datadog.addentrypointslabels | Enable metrics on entry points. | true |
 | metrics.datadog.address | Datadog's address. | localhost:8125 |
 | metrics.datadog.addrouterslabels | Enable metrics on routers. | false |
 | metrics.datadog.addserviceslabels | Enable metrics on services. | true |
 | metrics.datadog.prefix | Prefix to use for metrics collection. | traefik |
 | metrics.datadog.pushinterval | Datadog push interval. | 10 |
 | metrics.influxdb2 | InfluxDB v2 metrics exporter type. | false |
 | metrics.influxdb2.addentrypointslabels | Enable metrics on entry points. | true |
 | metrics.influxdb2.additionallabels._name_ | Additional labels (influxdb tags) on all metrics | |
 | metrics.influxdb2.address | InfluxDB v2 address. | http://localhost:8086 |
 | metrics.influxdb2.addrouterslabels | Enable metrics on routers. | false |
 | metrics.influxdb2.addserviceslabels | Enable metrics on services. | true |
 | metrics.influxdb2.bucket | InfluxDB v2 bucket ID. | |
 | metrics.influxdb2.org | InfluxDB v2 org ID. | |
 | metrics.influxdb2.pushinterval | InfluxDB v2 push interval. | 10 |
 | metrics.influxdb2.token | InfluxDB v2 access token. | |
 | metrics.otlp | OpenTelemetry metrics exporter type. | false |
 | metrics.otlp.addentrypointslabels | Enable metrics on entry points. | true |
 | metrics.otlp.addrouterslabels | Enable metrics on routers. | false |
 | metrics.otlp.addserviceslabels | Enable metrics on services. | true |
 | metrics.otlp.explicitboundaries | Boundaries for latency metrics. | 0.005000, 0.010000, 0.025000, 0.050000, 0.075000, 0.100000, 0.250000, 0.500000, 0.750000, 1.000000, 2.500000, 5.000000, 7.500000, 10.000000 |
 | metrics.otlp.grpc | gRPC configuration for the OpenTelemetry collector. | false |
 | metrics.otlp.grpc.endpoint | Sets the gRPC endpoint (host:port) of the collector. | localhost:4317 |
 | metrics.otlp.grpc.headers._name_ | Headers sent with payload. | |
 | metrics.otlp.grpc.insecure | Disables client transport security for the exporter. | false |
 | metrics.otlp.grpc.tls.ca | TLS CA | |
 | metrics.otlp.grpc.tls.cert | TLS cert | |
 | metrics.otlp.grpc.tls.insecureskipverify | TLS insecure skip verify | false |
 | metrics.otlp.grpc.tls.key | TLS key | |
 | metrics.otlp.http | HTTP configuration for the OpenTelemetry collector. | false |
 | metrics.otlp.http.endpoint | Sets the HTTP endpoint (scheme://host:port/path) of the collector. | https://localhost:4318 |
 | metrics.otlp.http.headers._name_ | Headers sent with payload. | |
 | metrics.otlp.http.tls.ca | TLS CA | |
 | metrics.otlp.http.tls.cert | TLS cert | |
 | metrics.otlp.http.tls.insecureskipverify | TLS insecure skip verify | false |
 | metrics.otlp.http.tls.key | TLS key | |
 | metrics.otlp.pushinterval | Period between calls to collect a checkpoint. | 10 |
 | metrics.otlp.resourceattributes._name_ | Defines additional resource attributes (key:value). | |
 | metrics.otlp.servicename | Defines the service name resource attribute. | traefik |
 | metrics.prometheus | Prometheus metrics exporter type. | false |
 | metrics.prometheus.addentrypointslabels | Enable metrics on entry points. | true |
 | metrics.prometheus.addrouterslabels | Enable metrics on routers. | false |
 | metrics.prometheus.addserviceslabels | Enable metrics on services. | true |
 | metrics.prometheus.buckets | Buckets for latency metrics. | 0.100000, 0.300000, 1.200000, 5.000000 |
 | metrics.prometheus.entrypoint | EntryPoint | traefik |
 | metrics.prometheus.headerlabels._name_ | Defines the extra labels for the requests_total metrics, and for each of them, the request header containing the value for this label. | |
 | metrics.prometheus.manualrouting | Manual routing | false |
 | metrics.statsd | StatsD metrics exporter type. | false |
 | metrics.statsd.addentrypointslabels | Enable metrics on entry points. | true |
 | metrics.statsd.address | StatsD address. | localhost:8125 |
 | metrics.statsd.addrouterslabels | Enable metrics on routers. | false |
 | metrics.statsd.addserviceslabels | Enable metrics on services. | true |
 | metrics.statsd.prefix | Prefix to use for metrics collection. | traefik |
 | metrics.statsd.pushinterval | StatsD push interval. | 10 |
 | ocsp | OCSP configuration. | false |
 | ocsp.responderoverrides._name_ | Defines a map of OCSP responders to replace for querying OCSP servers. | |
 | ping | Enable ping. | false |
 | ping.entrypoint | EntryPoint | traefik |
 | ping.manualrouting | Manual routing | false |
 | ping.terminatingstatuscode | Terminating status code | 503 |
 | providers.consul | Enable Consul backend with default settings. | false |
 | providers.consul.endpoints | KV store endpoints. | 127.0.0.1:8500 |
 | providers.consul.namespaces | Sets the namespaces used to discover the configuration (Consul Enterprise only). | |
 | providers.consul.rootkey | Root key used for KV store. | traefik |
 | providers.consul.tls.ca | TLS CA | |
 | providers.consul.tls.cert | TLS cert | |
 | providers.consul.tls.insecureskipverify | TLS insecure skip verify | false |
 | providers.consul.tls.key | TLS key | |
 | providers.consul.token | Per-request ACL token. | |
 | providers.consulcatalog | Enable ConsulCatalog backend with default settings. | false |
 | providers.consulcatalog.cache | Use local agent caching for catalog reads. | false |
 | providers.consulcatalog.connectaware | Enable Consul Connect support. | false |
 | providers.consulcatalog.connectbydefault | Consider every service as Connect capable by default. | false |
 | providers.consulcatalog.constraints | Constraints is an expression that Traefik matches against the container's labels to determine whether to create any route for that container. | |
 | providers.consulcatalog.defaultrule | Default rule. | Host(`{{ normalize .Name }}`) |
 | providers.consulcatalog.endpoint.address | The address of the Consul server | |
 | providers.consulcatalog.endpoint.datacenter | Data center to use. If not provided, the default agent data center is used | |
 | providers.consulcatalog.endpoint.endpointwaittime | WaitTime limits how long a Watch will block. If not provided, the agent default values will be used | 0 |
 | providers.consulcatalog.endpoint.httpauth.password | Basic Auth password | |
 | providers.consulcatalog.endpoint.httpauth.username | Basic Auth username | |
 | providers.consulcatalog.endpoint.scheme | The URI scheme for the Consul server | |
 | providers.consulcatalog.endpoint.tls.ca | TLS CA | |
 | providers.consulcatalog.endpoint.tls.cert | TLS cert | |
 | providers.consulcatalog.endpoint.tls.insecureskipverify | TLS insecure skip verify | false |
 | providers.consulcatalog.endpoint.tls.key | TLS key | |
 | providers.consulcatalog.endpoint.token | Token is used to provide a per-request ACL token which overrides the agent's default token | |
 | providers.consulcatalog.exposedbydefault | Expose containers by default. | true |
 | providers.consulcatalog.namespaces | Sets the namespaces used to discover services (Consul Enterprise only). | |
 | providers.consulcatalog.prefix | Prefix for consul service tags. | traefik |
 | providers.consulcatalog.refreshinterval | Interval for check Consul API. | 15 |
 | providers.consulcatalog.requireconsistent | Forces the read to be fully consistent. | false |
 | providers.consulcatalog.servicename | Name of the Traefik service in Consul Catalog (needs to be registered via the orchestrator or manually). | traefik |
 | providers.consulcatalog.stale | Use stale consistency for catalog reads. | false |
 | providers.consulcatalog.strictchecks | A list of service health statuses to allow taking traffic. | passing, warning |
 | providers.consulcatalog.watch | Watch Consul API events. | false |
 | providers.docker | Enable Docker backend with default settings. | false |
 | providers.docker.allowemptyservices | Disregards the Docker containers health checks with respect to the creation or removal of the corresponding services. | false |
 | providers.docker.constraints | Constraints is an expression that Traefik matches against the container's labels to determine whether to create any route for that container. | |
 | providers.docker.defaultrule | Default rule. | Host(`{{ normalize .Name }}`) |
 | providers.docker.endpoint | Docker server endpoint. Can be a TCP or a Unix socket endpoint. | unix:///var/run/docker.sock |
 | providers.docker.exposedbydefault | Expose containers by default. | true |
 | providers.docker.httpclienttimeout | Client timeout for HTTP connections. | 0 |
 | providers.docker.network | Default Docker network used. | |
 | providers.docker.password | Password for Basic HTTP authentication. | |
 | providers.docker.tls.ca | TLS CA | |
 | providers.docker.tls.cert | TLS cert | |
 | providers.docker.tls.insecureskipverify | TLS insecure skip verify | false |
 | providers.docker.tls.key | TLS key | |
 | providers.docker.usebindportip | Use the ip address from the bound port, rather than from the inner network. | false |
 | providers.docker.username | Username for Basic HTTP authentication. | |
 | providers.docker.watch | Watch Docker events. | true |
 | providers.ecs | Enable AWS ECS backend with default settings. | false |
 | providers.ecs.accesskeyid | AWS credentials access key ID to use for making requests. | |
 | providers.ecs.autodiscoverclusters | Auto discover cluster. | false |
 | providers.ecs.clusters | ECS Cluster names. | default |
 | providers.ecs.constraints | Constraints is an expression that Traefik matches against the container's labels to determine whether to create any route for that container. | |
 | providers.ecs.defaultrule | Default rule. | Host(`{{ normalize .Name }}`) |
 | providers.ecs.ecsanywhere | Enable ECS Anywhere support. | false |
 | providers.ecs.exposedbydefault | Expose services by default. | true |
 | providers.ecs.healthytasksonly | Determines whether to discover only healthy tasks. | false |
 | providers.ecs.refreshseconds | Polling interval (in seconds). | 15 |
 | providers.ecs.region | AWS region to use for requests. | |
 | providers.ecs.secretaccesskey | AWS credentials access key to use for making requests. | |
 | providers.etcd | Enable Etcd backend with default settings. | false |
 | providers.etcd.endpoints | KV store endpoints. | 127.0.0.1:2379 |
 | providers.etcd.password | Password for authentication. | |
 | providers.etcd.rootkey | Root key used for KV store. | traefik |
 | providers.etcd.tls.ca | TLS CA | |
 | providers.etcd.tls.cert | TLS cert | |
 | providers.etcd.tls.insecureskipverify | TLS insecure skip verify | false |
 | providers.etcd.tls.key | TLS key | |
 | providers.etcd.username | Username for authentication. | |
 | providers.file.debugloggeneratedtemplate | Enable debug logging of generated configuration template. | false |
 | providers.file.directory | Load dynamic configuration from one or more .yml or .toml files in a directory. | |
 | providers.file.filename | Load dynamic configuration from a file. | |
 | providers.file.watch | Watch provider. | true |
 | providers.http | Enable HTTP backend with default settings. | false |
 | providers.http.endpoint | Load configuration from this endpoint. | |
 | providers.http.headers._name_ | Define custom headers to be sent to the endpoint. | |
 | providers.http.pollinterval | Polling interval for endpoint. | 5 |
 | providers.http.polltimeout | Polling timeout for endpoint. | 5 |
 | providers.http.tls.ca | TLS CA | |
 | providers.http.tls.cert | TLS cert | |
 | providers.http.tls.insecureskipverify | TLS insecure skip verify | false |
 | providers.http.tls.key | TLS key | |
 | providers.kubernetescrd | Enable Kubernetes backend with default settings. | false |
 | providers.kubernetescrd.allowcrossnamespace | Allow cross namespace resource reference. | false |
 | providers.kubernetescrd.allowemptyservices | Allow the creation of services without endpoints. | false |
 | providers.kubernetescrd.allowexternalnameservices | Allow ExternalName services. | false |
 | providers.kubernetescrd.certauthfilepath | Kubernetes certificate authority file path (not needed for in-cluster client). | |
 | providers.kubernetescrd.disableclusterscoperesources | Disables the lookup of cluster scope resources (incompatible with IngressClasses and NodePortLB enabled services). | false |
 | providers.kubernetescrd.endpoint | Kubernetes server endpoint (required for external cluster client). | |
 | providers.kubernetescrd.ingressclass | Value of kubernetes.io/ingress.class annotation to watch for. | |
 | providers.kubernetescrd.labelselector | Kubernetes label selector to use. | |
 | providers.kubernetescrd.namespaces | Kubernetes namespaces. | |
 | providers.kubernetescrd.nativelbbydefault | Defines whether to use Native Kubernetes load-balancing mode by default. | false |
 | providers.kubernetescrd.throttleduration | Ingress refresh throttle duration | 0 |
 | providers.kubernetescrd.token | Kubernetes bearer token (not needed for in-cluster client). It accepts either a token value or a file path to the token. | |
 | providers.kubernetesgateway | Enable Kubernetes gateway api provider with default settings. | false |
 | providers.kubernetesgateway.certauthfilepath | Kubernetes certificate authority file path (not needed for in-cluster client). | |
 | providers.kubernetesgateway.endpoint | Kubernetes server endpoint (required for external cluster client). | |
 | providers.kubernetesgateway.experimentalchannel | Toggles Experimental Channel resources support (TCPRoute, TLSRoute...). | false |
 | providers.kubernetesgateway.labelselector | Kubernetes label selector to select specific GatewayClasses. | |
 | providers.kubernetesgateway.namespaces | Kubernetes namespaces. | |
 | providers.kubernetesgateway.nativelbbydefault | Defines whether to use Native Kubernetes load-balancing by default. | false |
 | providers.kubernetesgateway.statusaddress.hostname | Hostname used for Kubernetes Gateway status address. | |
 | providers.kubernetesgateway.statusaddress.ip | IP used to set Kubernetes Gateway status address. | |
 | providers.kubernetesgateway.statusaddress.service | Published Kubernetes Service to copy status addresses from. | |
 | providers.kubernetesgateway.statusaddress.service.name | Name of the Kubernetes service. | |
 | providers.kubernetesgateway.statusaddress.service.namespace | Namespace of the Kubernetes service. | |
 | providers.kubernetesgateway.throttleduration | Kubernetes refresh throttle duration | 0 |
 | providers.kubernetesgateway.token | Kubernetes bearer token (not needed for in-cluster client). It accepts either a token value or a file path to the token. | |
 | providers.kubernetesingress | Enable Kubernetes backend with default settings. | false |
 | providers.kubernetesingress.allowemptyservices | Allow creation of services without endpoints. | false |
 | providers.kubernetesingress.allowexternalnameservices | Allow ExternalName services. | false |
 | providers.kubernetesingress.certauthfilepath | Kubernetes certificate authority file path (not needed for in-cluster client). | |
 | providers.kubernetesingress.disableclusterscoperesources | Disables the lookup of cluster scope resources (incompatible with IngressClasses and NodePortLB enabled services). | false |
 | providers.kubernetesingress.disableingressclasslookup | Disables the lookup of IngressClasses (Deprecated, please use DisableClusterScopeResources). | false |
 | providers.kubernetesingress.endpoint | Kubernetes server endpoint (required for external cluster client). | |
 | providers.kubernetesingress.ingressclass | Value of kubernetes.io/ingress.class annotation or IngressClass name to watch for. | |
 | providers.kubernetesingress.ingressendpoint.hostname | Hostname used for Kubernetes Ingress endpoints. | |
 | providers.kubernetesingress.ingressendpoint.ip | IP used for Kubernetes Ingress endpoints. | |
 | providers.kubernetesingress.ingressendpoint.publishedservice | Published Kubernetes Service to copy status from. | |
 | providers.kubernetesingress.labelselector | Kubernetes Ingress label selector to use. | |
 | providers.kubernetesingress.namespaces | Kubernetes namespaces. | |
 | providers.kubernetesingress.nativelbbydefault | Defines whether to use Native Kubernetes load-balancing mode by default. | false |
 | providers.kubernetesingress.strictprefixmatching | Make prefix matching strictly comply with the Kubernetes Ingress specification (path-element-wise matching instead of character-by-character string matching). | false |
 | providers.kubernetesingress.throttleduration | Ingress refresh throttle duration | 0 |
 | providers.kubernetesingress.token | Kubernetes bearer token (not needed for in-cluster client). It accepts either a token value or a file path to the token. | |
 | providers.kubernetesingressnginx | Enable Kubernetes Ingress NGINX provider. | false |
 | providers.kubernetesingressnginx.certauthfilepath | Kubernetes certificate authority file path (not needed for in-cluster client). | |
 | providers.kubernetesingressnginx.controllerclass | Ingress Class Controller value this controller satisfies. | k8s.io/ingress-nginx |
 | providers.kubernetesingressnginx.defaultbackendservice | Service used to serve HTTP requests not matching any known server name (catch-all). Takes the form 'namespace/name'. | |
 | providers.kubernetesingressnginx.disablesvcexternalname | Disable support for Services of type ExternalName. | false |
 | providers.kubernetesingressnginx.endpoint | Kubernetes server endpoint (required for external cluster client). | |
 | providers.kubernetesingressnginx.ingressclass | Name of the ingress class this controller satisfies. | nginx |
 | providers.kubernetesingressnginx.ingressclassbyname | Define if Ingress Controller should watch for Ingress Class by Name together with Controller Class. | false |
 | providers.kubernetesingressnginx.publishservice | Service fronting the Ingress controller. Takes the form 'namespace/name'. | |
 | providers.kubernetesingressnginx.publishstatusaddress | Customized address (or addresses, separated by comma) to set as the load-balancer status of Ingress objects this controller satisfies. | |
 | providers.kubernetesingressnginx.throttleduration | Ingress refresh throttle duration. | 0 |
 | providers.kubernetesingressnginx.token | Kubernetes bearer token (not needed for in-cluster client). It accepts either a token value or a file path to the token. | |
 | providers.kubernetesingressnginx.watchingresswithoutclass | Define if Ingress Controller should also watch for Ingresses without an IngressClass or the annotation specified. | false |
 | providers.kubernetesingressnginx.watchnamespace | Namespace the controller watches for updates to Kubernetes objects. All namespaces are watched if this parameter is left empty. | |
 | providers.kubernetesingressnginx.watchnamespaceselector | Selector selects namespaces the controller watches for updates to Kubernetes objects. | |
 | providers.nomad | Enable Nomad backend with default settings. | false |
 | providers.nomad.allowemptyservices | Allow the creation of services without endpoints. | false |
 | providers.nomad.constraints | Constraints is an expression that Traefik matches against the Nomad service's tags to determine whether to create route(s) for that service. | |
 | providers.nomad.defaultrule | Default rule. | Host(`{{ normalize .Name }}`) |
 | providers.nomad.endpoint.address | The address of the Nomad server, including scheme and port. | http://127.0.0.1:4646 |
 | providers.nomad.endpoint.endpointwaittime | WaitTime limits how long a Watch will block. If not provided, the agent default values will be used | 0 |
 | providers.nomad.endpoint.region | Nomad region to use. If not provided, the local agent region is used. | |
 | providers.nomad.endpoint.tls.ca | TLS CA | |
 | providers.nomad.endpoint.tls.cert | TLS cert | |
 | providers.nomad.endpoint.tls.insecureskipverify | TLS insecure skip verify | false |
 | providers.nomad.endpoint.tls.key | TLS key | |
 | providers.nomad.endpoint.token | Token is used to provide a per-request ACL token. | |
 | providers.nomad.exposedbydefault | Expose Nomad services by default. | true |
 | providers.nomad.namespaces | Sets the Nomad namespaces used to discover services. | |
 | providers.nomad.prefix | Prefix for nomad service tags. | traefik |
 | providers.nomad.refreshinterval | Interval for polling Nomad API. | 15 |
 | providers.nomad.stale | Use stale consistency for catalog reads. | false |
 | providers.nomad.throttleduration | Watch throttle duration. | 0 |
 | providers.nomad.watch | Watch Nomad Service events. | false |
 | providers.plugin._name_ | Plugins configuration. | |
 | providers.providersthrottleduration | Backends throttle duration: minimum duration between 2 events from providers before applying a new configuration. It avoids unnecessary reloads if multiples events are sent in a short amount of time. | 2 |
 | providers.redis | Enable Redis backend with default settings. | false |
 | providers.redis.db | Database to be selected after connecting to the server. | 0 |
 | providers.redis.endpoints | KV store endpoints. | 127.0.0.1:6379 |
 | providers.redis.password | Password for authentication. | |
 | providers.redis.rootkey | Root key used for KV store. | traefik |
 | providers.redis.sentinel.latencystrategy | Defines whether to route commands to the closest master or replica nodes (mutually exclusive with RandomStrategy and ReplicaStrategy). | false |
 | providers.redis.sentinel.mastername | Name of the master. | |
 | providers.redis.sentinel.password | Password for Sentinel authentication. | |
 | providers.redis.sentinel.randomstrategy | Defines whether to route commands randomly to master or replica nodes (mutually exclusive with LatencyStrategy and ReplicaStrategy). | false |
 | providers.redis.sentinel.replicastrategy | Defines whether to route all commands to replica nodes (mutually exclusive with LatencyStrategy and RandomStrategy). | false |
 | providers.redis.sentinel.usedisconnectedreplicas | Use replicas disconnected with master when cannot get connected replicas. | false |
 | providers.redis.sentinel.username | Username for Sentinel authentication. | |
 | providers.redis.tls.ca | TLS CA | |
 | providers.redis.tls.cert | TLS cert | |
 | providers.redis.tls.insecureskipverify | TLS insecure skip verify | false |
 | providers.redis.tls.key | TLS key | |
 | providers.redis.username | Username for authentication. | |
 | providers.rest | Enable Rest backend with default settings. | false |
 | providers.rest.insecure | Activate REST Provider directly on the entryPoint named traefik. | false |
 | providers.swarm | Enable Docker Swarm backend with default settings. | false |
 | providers.swarm.allowemptyservices | Disregards the Docker containers health checks with respect to the creation or removal of the corresponding services. | false |
 | providers.swarm.constraints | Constraints is an expression that Traefik matches against the container's labels to determine whether to create any route for that container. | |
 | providers.swarm.defaultrule | Default rule. | Host(`{{ normalize .Name }}`) |
 | providers.swarm.endpoint | Docker server endpoint. Can be a TCP or a Unix socket endpoint. | unix:///var/run/docker.sock |
 | providers.swarm.exposedbydefault | Expose containers by default. | true |
 | providers.swarm.httpclienttimeout | Client timeout for HTTP connections. | 0 |
 | providers.swarm.network | Default Docker network used. | |
 | providers.swarm.password | Password for Basic HTTP authentication. | |
 | providers.swarm.refreshseconds | Polling interval for swarm mode. | 15 |
 | providers.swarm.tls.ca | TLS CA | |
 | providers.swarm.tls.cert | TLS cert | |
 | providers.swarm.tls.insecureskipverify | TLS insecure skip verify | false |
 | providers.swarm.tls.key | TLS key | |
 | providers.swarm.usebindportip | Use the ip address from the bound port, rather than from the inner network. | false |
 | providers.swarm.username | Username for Basic HTTP authentication. | |
 | providers.swarm.watch | Watch Docker events. | true |
 | providers.zookeeper | Enable ZooKeeper backend with default settings. | false |
 | providers.zookeeper.endpoints | KV store endpoints. | 127.0.0.1:2181 |
 | providers.zookeeper.password | Password for authentication. | |
 | providers.zookeeper.rootkey | Root key used for KV store. | traefik |
 | providers.zookeeper.username | Username for authentication. | |
 | serverstransport.forwardingtimeouts.dialtimeout | The amount of time to wait until a connection to a backend server can be established. If zero, no timeout exists. | 30 |
 | serverstransport.forwardingtimeouts.idleconntimeout | The maximum period for which an idle HTTP keep-alive connection will remain open before closing itself | 90 |
 | serverstransport.forwardingtimeouts.responseheadertimeout | The amount of time to wait for a server's response headers after fully writing the request (including its body, if any). If zero, no timeout exists. | 0 |
 | serverstransport.insecureskipverify | Disable SSL certificate verification. | false |
 | serverstransport.maxidleconnsperhost | If non-zero, controls the maximum idle (keep-alive) to keep per-host. If zero, DefaultMaxIdleConnsPerHost is used | 200 |
 | serverstransport.rootcas | Add cert file for self-signed certificate. | |
 | serverstransport.spiffe | Defines the SPIFFE configuration. | false |
 | serverstransport.spiffe.ids | Defines the allowed SPIFFE IDs (takes precedence over the SPIFFE TrustDomain). | |
 | serverstransport.spiffe.trustdomain | Defines the allowed SPIFFE trust domain. | |
 | spiffe.workloadapiaddr | Defines the workload API address. | |
 | tcpserverstransport.dialkeepalive | Defines the interval between keep-alive probes for an active network connection. If zero, keep-alive probes are sent with a default value (currently 15 seconds), if supported by the protocol and operating system. Network protocols or operating systems that do not support keep-alives ignore this field. If negative, keep-alive probes are disabled | 15 |
 | tcpserverstransport.dialtimeout | Defines the amount of time to wait until a connection to a backend server can be established. If zero, no timeout exists. | 30 |
 | tcpserverstransport.terminationdelay | Defines the delay to wait before fully terminating the connection, after one connected peer has closed its writing capability. | 0 |
 | tcpserverstransport.tls | Defines the TLS configuration. | false |
 | tcpserverstransport.tls.insecureskipverify | Disables SSL certificate verification. | false |
 | tcpserverstransport.tls.rootcas | Defines a list of CA secret used to validate self-signed certificate | |
 | tcpserverstransport.tls.spiffe | Defines the SPIFFE TLS configuration. | false |
 | tcpserverstransport.tls.spiffe.ids | Defines the allowed SPIFFE IDs (takes precedence over the SPIFFE TrustDomain). | |
 | tcpserverstransport.tls.spiffe.trustdomain | Defines the allowed SPIFFE trust domain. | |
 | tracing | Tracing configuration. | false |
 | tracing.addinternals | Enables tracing for internal services (ping, dashboard, etc...). | false |
 | tracing.capturedrequestheaders | Request headers to add as attributes for server and client spans. | |
 | tracing.capturedresponseheaders | Response headers to add as attributes for server and client spans. | |
 | tracing.globalattributes._name_ | (Deprecated) Defines additional resource attributes (key:value). | |
 | tracing.otlp | Settings for OpenTelemetry. | false |
 | tracing.otlp.grpc | gRPC configuration for the OpenTelemetry collector. | false |
 | tracing.otlp.grpc.endpoint | Sets the gRPC endpoint (host:port) of the collector. | localhost:4317 |
 | tracing.otlp.grpc.headers._name_ | Headers sent with payload. | |
 | tracing.otlp.grpc.insecure | Disables client transport security for the exporter. | false |
 | tracing.otlp.grpc.tls.ca | TLS CA | |
 | tracing.otlp.grpc.tls.cert | TLS cert | |
 | tracing.otlp.grpc.tls.insecureskipverify | TLS insecure skip verify | false |
 | tracing.otlp.grpc.tls.key | TLS key | |
 | tracing.otlp.http | HTTP configuration for the OpenTelemetry collector. | false |
 | tracing.otlp.http.endpoint | Sets the HTTP endpoint (scheme://host:port/path) of the collector. | https://localhost:4318 |
 | tracing.otlp.http.headers._name_ | Headers sent with payload. | |
 | tracing.otlp.http.tls.ca | TLS CA | |
 | tracing.otlp.http.tls.cert | TLS cert | |
 | tracing.otlp.http.tls.insecureskipverify | TLS insecure skip verify | false |
 | tracing.otlp.http.tls.key | TLS key | |
 | tracing.resourceattributes._name_ | Defines additional resource attributes (key:value). | |
 | tracing.safequeryparams | Query params to not redact. | |
 | tracing.samplerate | Sets the rate between 0.0 and 1.0 of requests to trace. | 1.000000 |
 | tracing.servicename | Defines the service name resource attribute. | traefik |
--- a/docs/content/reference/install-configuration/observability/healthcheck/cli.md
+++ b/docs/content/reference/install-configuration/observability/healthcheck/cli.md
@ -0,0 +1,28 @@
 ---
 title: "Traefik Health Check CLI Command Documentation"
 description: "In Traefik Proxy, the healthcheck CLI command lets you check the health of your Traefik instances. Read the technical documentation for configuration examples and options."
 ---
 # Healthcheck Command
 Checking the Health of your Traefik Instances.
 {: .subtitle }
 ## Usage
 The healthcheck command allows you to make a request to the `/ping` endpoint (defined in the install (static) configuration) to check the health of Traefik. Its exit status is `0` if Traefik is healthy and `1` otherwise.
 This can be used with [HEALTHCHECK](https://docs.docker.com/engine/reference/builder/#healthcheck) instruction or any other health check orchestration mechanism.
 ```sh
 traefik healthcheck [command] [flags] [arguments]
 ```
 Example:
 ```sh
 $ traefik healthcheck
 OK: http://:8082/ping
 ```
 The command uses the [ping](./ping.md) endpoint that is defined in the Traefik install (static) configuration.
--- a/docs/content/reference/install-configuration/observability/healthcheck/ping.md
+++ b/docs/content/reference/install-configuration/observability/healthcheck/ping.md
@ -0,0 +1,66 @@
 ---
 title: "Traefik Ping Option Documentation"
 description: "In Traefik Proxy, the option Ping lets you check the health of your Traefik instances. Read the technical documentation for configuration examples and options."
 ---
 # Ping 
 Checking the Health of your Traefik Instances
 {: .subtitle }
 The `ping` options allows you to enable the ping endpoint to check Traefik liveness.
 The ping endpoint is reachable using the path `/ping` and the methods `GET`and `HEAD`.
 If the Traefik instance is alive, it returns the `200` HTTP code with the content: `OK`.
 ## Configuration Example
 To enable the API handler:
 ```yaml tab="File (YAML)"
 ping: {}
 ```
 ```toml tab="File (TOML)"
 [ping]
 ```
 ```bash tab="CLI"
 --ping=true
 ```
 ## Configuration Options
 The `ping` option is defined in the install (static) configuration.
 You can define it using the same [configuration methods](../../boot-environment.md#configuration-methods) as Traefik.
 | Field | Description                                               | Default              | Required |
 |:------|:----------------------------------------------------------|:---------------------|:---------|
 | `ping.entryPoint` | Enables `/ping` on a dedicated EntryPoint. | traefik  | No   |
 | `ping.manualRouting` | Disables the default internal router in order to allow one to create a custom router for the `ping@internal` service when set to `true`. | false | No   |
 | `ping.terminatingStatusCode` | Defines the status code for the ping handler during a graceful shut down. See more information [here](#terminatingstatuscode) | 503 | No   |
 ### `terminatingStatusCode`
 During the period in which Traefik is gracefully shutting down, the ping handler
 returns a `503` status code by default.  
 If Traefik is behind, for example a load-balancer
 doing health checks (such as the Kubernetes LivenessProbe), another code might
 be expected as the signal for graceful termination.  
 In that case, the terminatingStatusCode can be used to set the code returned by the ping
 handler during termination.
 ```yaml tab="File (YAML)"
 ping:
  terminatingStatusCode: 204
 ```
 ```toml tab="File (TOML)"
 [ping]
  terminatingStatusCode = 204
 ```
 ```bash tab="CLI"
 --ping.terminatingStatusCode=204
 ```
--- a/docs/content/reference/install-configuration/tls/ocsp.md
+++ b/docs/content/reference/install-configuration/tls/ocsp.md
@ -28,7 +28,7 @@ The OCSP response is cached in memory and is not persisted between Traefik resta
 ### General
-Enabling OCSP is part of the [static configuration](../../../getting-started/configuration-overview.md#the-static-configuration).
+Enabling OCSP is part of the [install configuration](../boot-environment.md).
 It can be defined by using a file (YAML or TOML) or CLI arguments:
 ```yaml tab="File (YAML)"
--- a/docs/content/reference/routing-configuration/http/load-balancing/service.md
+++ b/docs/content/reference/routing-configuration/http/load-balancing/service.md
@ -133,6 +133,164 @@ Below are the available options for the health check mechanism:
 | `method`            | Defines the HTTP method that will be used while connecting to the endpoint.                                                   | GET     | No       |
 | `status`            | Defines the expected HTTP status code of the response to the health check request.                                            |         | No       |
 #### Sticky sessions
 When sticky sessions are enabled, a `Set-Cookie` header is set on the initial response to let the client know which server handles the first response.
 On subsequent requests, to keep the session alive with the same server, the client should send the cookie with the value set.
 ##### Stickiness on multiple levels
    When chaining or mixing load-balancers (e.g. a load-balancer of servers is one of the "children" of a load-balancer of services), for stickiness to work all the way, the option needs to be specified at all required levels. Which means the client needs to send a cookie with as many key/value pairs as there are sticky levels.
 ##### Stickiness & Unhealthy Servers
    If the server specified in the cookie becomes unhealthy, the request will be forwarded to a new server (and the cookie will keep track of the new server).
 ##### Cookie Name
    The default cookie name is an abbreviation of a sha1 (ex: `_1d52e`).
 ##### MaxAge
    By default, the affinity cookie will never expire as the `MaxAge` option is set to zero.
    This option indicates the number of seconds until the cookie expires.  
    When set to a negative number, the cookie expires immediately.
 ##### Secure & HTTPOnly & SameSite flags
    By default, the affinity cookie is created without those flags.
    One however can change that through configuration.
    `SameSite` can be `none`, `lax`, `strict` or empty.
 ##### Domain
    The Domain attribute of a cookie specifies the domain for which the cookie is valid. 
    By setting the Domain attribute, the cookie can be shared across subdomains (for example, a cookie set for example.com would be accessible to www.example.com, api.example.com, etc.). This is particularly useful in cases where sticky sessions span multiple subdomains, ensuring that the session is maintained even when the client interacts with different parts of the infrastructure.
 ??? example "Adding Stickiness -- Using the [File Provider](../../../install-configuration/providers/others/file.md)"
    ```yaml tab="YAML"
    ## Dynamic configuration
    http:
      services:
        my-service:
          loadBalancer:
            sticky:
             cookie: {}
    ```
    ```toml tab="TOML"
    ## Dynamic configuration
    [http.services]
      [http.services.my-service]
        [http.services.my-service.loadBalancer.sticky.cookie]
    ```
 ??? example "Adding Stickiness with custom Options -- Using the [File Provider](../../../install-configuration/providers/others/file.md)"
    ```yaml tab="YAML"
    ## Dynamic configuration
    http:
      services:
        my-service:
          loadBalancer:
            sticky:
              cookie:
                name: my_sticky_cookie_name
                secure: true
                domain: mysite.site
                httpOnly: true
    ```
    ```toml tab="TOML"
    ## Dynamic configuration
    [http.services]
      [http.services.my-service]
        [http.services.my-service.loadBalancer.sticky.cookie]
          name = "my_sticky_cookie_name"
          secure = true
          httpOnly = true
          domain = "mysite.site"
          sameSite = "none"
    ```
 ??? example "Setting Stickiness on all the required levels -- Using the [File Provider](../../../install-configuration/providers/others/file.md)"
    ```yaml tab="YAML"
    ## Dynamic configuration
    http:
      services:
        wrr1:
          weighted:
            sticky:
              cookie:
                name: lvl1
            services:
              - name: whoami1
                weight: 1
              - name: whoami2
                weight: 1
        whoami1:
          loadBalancer:
            sticky:
              cookie:
                name: lvl2
            servers:
              - url: http://127.0.0.1:8081
              - url: http://127.0.0.1:8082
        whoami2:
          loadBalancer:
            sticky:
              cookie:
                name: lvl2
            servers:
              - url: http://127.0.0.1:8083
              - url: http://127.0.0.1:8084
    ```
    ```toml tab="TOML"
    ## Dynamic configuration
    [http.services]
      [http.services.wrr1]
        [http.services.wrr1.weighted.sticky.cookie]
          name = "lvl1"
        [[http.services.wrr1.weighted.services]]
          name = "whoami1"
          weight = 1
        [[http.services.wrr1.weighted.services]]
          name = "whoami2"
          weight = 1
      [http.services.whoami1]
        [http.services.whoami1.loadBalancer]
          [http.services.whoami1.loadBalancer.sticky.cookie]
            name = "lvl2"
          [[http.services.whoami1.loadBalancer.servers]]
            url = "http://127.0.0.1:8081"
          [[http.services.whoami1.loadBalancer.servers]]
            url = "http://127.0.0.1:8082"
      [http.services.whoami2]
        [http.services.whoami2.loadBalancer]
          [http.services.whoami2.loadBalancer.sticky.cookie]
            name = "lvl2"
          [[http.services.whoami2.loadBalancer.servers]]
            url = "http://127.0.0.1:8083"
          [[http.services.whoami2.loadBalancer.servers]]
            url = "http://127.0.0.1:8084"
    ```
    To keep a session open with the same server, the client would then need to specify the two levels within the cookie for each request, e.g. with curl:
    ```
    curl -b "lvl1=whoami1; lvl2=http://127.0.0.1:8081" http://localhost:8000
    ```
 ## Weighted Round Robin (WRR)
 The WRR is able to load balance the requests between multiple services based on weights.
@ -141,7 +299,7 @@ This strategy is only available to load balance between services and not between
 !!! info "Supported Providers"
-    This strategy can be defined currently with the [File](../../../install-configuration/providers/others/file.md) or [IngressRoute](../../../install-configuration/providers/kubernetes/kubernetes-ingress.md) providers. To load balance between servers based on weights, the Load Balancer service should be used instead.
+    This strategy can be defined currently with the [File](../../../install-configuration/providers/others/file.md) or [IngressRoute](../../../install-configuration/providers/kubernetes/kubernetes-crd.md) providers. To load balance between servers based on weights, the Load Balancer service should be used instead.
 ```yaml tab="Structured (YAML)"
 ## Dynamic configuration
@ -260,6 +418,37 @@ http:
      [[http.services.appv2.loadBalancer.servers]]
        url = "http://private-ip-server-2/"
 ```
 ## P2C
 Power of two choices algorithm is a load balancing strategy that selects two servers at random and chooses the one with the least number of active requests.
 ??? example "P2C Load Balancing -- Using the [File Provider](../../../install-configuration/providers/others/file.md)"
    ```yaml tab="YAML"
    ## Dynamic configuration
    http:
      services:
        my-service:
          loadBalancer:
            strategy: "p2c"
            servers:
            - url: "http://private-ip-server-1/"
            - url: "http://private-ip-server-2/"
            - url: "http://private-ip-server-3/"
    ```
    ```toml tab="TOML"
    ## Dynamic configuration
    [http.services]
      [http.services.my-service.loadBalancer]
        strategy = "p2c"
        [[http.services.my-service.loadBalancer.servers]]
          url = "http://private-ip-server-1/"
        [[http.services.my-service.loadBalancer.servers]]
          url = "http://private-ip-server-2/"       
        [[http.services.my-service.loadBalancer.servers]]
          url = "http://private-ip-server-3/"
    ```
 ## Mirroring
@ -271,7 +460,7 @@ The mirroring is able to mirror requests sent to a service to other services. Pl
 !!! info "Supported Providers"
-    This strategy can be defined currently with the [File](../../../install-configuration/providers/others/file.md) or [IngressRoute](../../../install-configuration/providers/kubernetes/kubernetes-ingress.md) providers.
+    This strategy can be defined currently with the [File](../../../install-configuration/providers/others/file.md) or [IngressRoute](../../../install-configuration/providers/kubernetes/kubernetes-crd.md) providers.
 ```yaml tab="Structured (YAML)"
 ## Dynamic configuration
--- a/docs/content/reference/routing-configuration/http/middlewares/addprefix.md
+++ b/docs/content/reference/routing-configuration/http/middlewares/addprefix.md
@ -3,8 +3,6 @@ title: "Traefik AddPrefix Documentation"
 description: "Learn how to implement the HTTP AddPrefix middleware in Traefik Proxy to updates request paths before being forwarded. Read the technical documentation."
 ---
 ![AddPrefix](../../../../assets/img/middleware/addprefix.png)
 The `addPrefix` middleware updates the path of a request before forwarding it.
 ## Configuration Examples
--- a/docs/content/reference/routing-configuration/http/middlewares/basicauth.md
+++ b/docs/content/reference/routing-configuration/http/middlewares/basicauth.md
@ -3,8 +3,6 @@ title: "Traefik BasicAuth Documentation"
 description: "The HTTP basic authentication (BasicAuth) middleware in Traefik Proxy restricts access to your Services to known users. Read the technical documentation."
 ---
 ![BasicAuth](../../../../assets/img/middleware/basicauth.png)
 The `basicAuth` middleware grants access to services to authorized users only.
 ## Configuration Examples
--- a/docs/content/reference/routing-configuration/http/middlewares/buffering.md
+++ b/docs/content/reference/routing-configuration/http/middlewares/buffering.md
@ -3,8 +3,6 @@ title: "Traefik Buffering Documentation"
 description: "The HTTP buffering middleware in Traefik Proxy limits the size of requests that can be forwarded to Services. Read the technical documentation."
 ---
 ![Buffering](../../../../assets/img/middleware/buffering.png)
 The `buffering` middleware limits the size of requests that can be forwarded to services.
 With buffering, Traefik reads the entire request into memory (possibly buffering large requests into disk), and rejects requests that are over a specified size limit.
--- a/docs/content/reference/routing-configuration/http/middlewares/circuitbreaker.md
+++ b/docs/content/reference/routing-configuration/http/middlewares/circuitbreaker.md
@ -3,8 +3,6 @@ title: "Traefik CircuitBreaker Documentation"
 description: "The HTTP circuit breaker in Traefik Proxy prevents stacking requests to unhealthy Services, resulting in cascading failures. Read the technical documentation."
 ---
 ![Circuit Breaker](../../../../assets/img/middleware/circuitbreaker.png)
 The HTTP circuit breaker prevents stacking requests to unhealthy Services, resulting in cascading failures.
 When your system is healthy, the circuit is closed (normal operations).
--- a/docs/content/reference/routing-configuration/http/middlewares/digestauth.md
+++ b/docs/content/reference/routing-configuration/http/middlewares/digestauth.md
@ -3,8 +3,6 @@ title: "Traefik DigestAuth Documentation"
 description: "Traefik Proxy's HTTP DigestAuth middleware restricts access to your services to known users. Read the technical documentation."
 ---
 ![DigestAuth](../../../../assets/img/middleware/digestauth.png)
 The `DigestAuth` middleware grants access to services to authorized users only.
 ## Configuration Examples
--- a/docs/content/reference/routing-configuration/http/middlewares/errorpages.md
+++ b/docs/content/reference/routing-configuration/http/middlewares/errorpages.md
@ -3,8 +3,6 @@ title: "Traefik Errors Documentation"
 description: "In Traefik Proxy, the Errors middleware returns custom pages according to configured ranges of HTTP Status codes. Read the technical documentation."
 ---
 ![Errors](../../../../assets/img/middleware/errorpages.png)
 The `errors` middleware returns a custom page in lieu of the default, according to configured ranges of HTTP Status codes.
 ## Configuration Examples
--- a/docs/content/reference/routing-configuration/http/middlewares/forwardauth.md
+++ b/docs/content/reference/routing-configuration/http/middlewares/forwardauth.md
@ -3,8 +3,6 @@ title: "Traefik ForwardAuth Documentation"
 description: "In Traefik Proxy, the HTTP ForwardAuth middleware delegates authentication to an external Service. Read the technical documentation."
 ---
 ![AuthForward](../../../../assets/img/middleware/authforward.png)
 The `forwardAuth` middleware delegates authentication to an external service.
 If the service answers with a 2XX code, access is granted, and the original request is performed.
 Otherwise, the response from the authentication server is returned.
--- a/docs/content/reference/routing-configuration/http/middlewares/headers.md
+++ b/docs/content/reference/routing-configuration/http/middlewares/headers.md
@ -3,8 +3,6 @@ title: "Traefik Headers Documentation"
 description: "In Traefik Proxy, the HTTP headers middleware manages the headers of requests and responses. Read the technical documentation."
 ---
 ![Headers](../../../../assets/img/middleware/headers.png)
 The Headers middleware manages the headers of requests and responses.
 By default, the following headers are automatically added when proxying requests:
--- a/docs/content/reference/routing-configuration/other-providers/file.md
+++ b/docs/content/reference/routing-configuration/other-providers/file.md
@ -0,0 +1,120 @@
 ---
 title: "Traefik File Dynamic Configuration"
 description: "This guide will provide you with the YAML and TOML files for dynamic configuration in Traefik Proxy. Read the technical documentation."
 ---
 # Traefik and Configuration Files
 !!! warning "Work In Progress"
    This page is still work in progress to provide a better documention of the routing options.
    It has been created to provide a centralized page with all the option in YAML and TOML format.
 ## Configuration Options
 ```yml  tab="YAML"
 --8<-- "content/reference/routing-configuration/other-providers/file.yaml"
 ```
 ```toml  tab="TOML"
 --8<-- "content/reference/routing-configuration/other-providers/file.toml"
 ```
 ## Go Templating
 !!! warning
    Go Templating only works with dedicated dynamic configuration files.
    Templating does not work in the Traefik main static configuration file.
 Traefik supports using Go templating to automatically generate repetitive sections of configuration files.
 These sections must be a valid [Go template](https://pkg.go.dev/text/template/), and can use
 [sprig template functions](https://masterminds.github.io/sprig/).
 To illustrate, it is possible to easily define multiple routers, services, and TLS certificates as described in the following examples:
 ??? example "Configuring Using Templating"
    ```yaml tab="YAML"
    http:
      routers:
        {{range $i, $e := until 100 }}
        router{{ $e }}-{{ env "MY_ENV_VAR" }}:
          # ...
        {{end}}
      services:
        {{range $i, $e := until 100 }}
        application{{ $e }}:
          # ...
        {{end}}
    tcp:
      routers:
        {{range $i, $e := until 100 }}
        router{{ $e }}:
          # ...
        {{end}}
      services:
        {{range $i, $e := until 100 }}
        service{{ $e }}:
          # ...
        {{end}}
    tls:
      certificates:
      {{ range $i, $e := until 10 }}
      - certFile: "/etc/traefik/cert-{{ $e }}.pem"
        keyFile: "/etc/traefik/cert-{{ $e }}.key"
        store:
        - "my-store-foo-{{ $e }}"
        - "my-store-bar-{{ $e }}"
      {{end}}
    ```
    ```toml tab="TOML"
    # template-rules.toml
    [http]
      [http.routers]
      {{ range $i, $e := until 100 }}
        [http.routers.router{{ $e }}-{{ env "MY_ENV_VAR" }}]
        # ...
      {{ end }}
      [http.services]
      {{ range $i, $e := until 100 }}
          [http.services.service{{ $e }}]
          # ...
      {{ end }}
    [tcp]
      [tcp.routers]
      {{ range $i, $e := until 100 }}
        [tcp.routers.router{{ $e }}]
        # ...
      {{ end }}
      [tcp.services]
      {{ range $i, $e := until 100 }}
          [http.services.service{{ $e }}]
          # ...
      {{ end }}
    {{ range $i, $e := until 10 }}
    [[tls.certificates]]
      certFile = "/etc/traefik/cert-{{ $e }}.pem"
      keyFile = "/etc/traefik/cert-{{ $e }}.key"
      stores = ["my-store-foo-{{ $e }}", "my-store-bar-{{ $e }}"]
    {{ end }}
    [tls.config]
    {{ range $i, $e := until 10 }}
      [tls.config.TLS{{ $e }}]
      # ...
    {{ end }}
    ```
--- a/docs/content/reference/routing-configuration/other-providers/file.toml
+++ b/docs/content/reference/routing-configuration/other-providers/file.toml
@ -0,0 +1,611 @@
 ## CODE GENERATED AUTOMATICALLY
 ## THIS FILE MUST NOT BE EDITED BY HAND
 [http]
  [http.routers]
    [http.routers.Router0]
      entryPoints = ["foobar", "foobar"]
      middlewares = ["foobar", "foobar"]
      service = "foobar"
      rule = "foobar"
      ruleSyntax = "foobar"
      priority = 42
      [http.routers.Router0.tls]
        options = "foobar"
        certResolver = "foobar"
        [[http.routers.Router0.tls.domains]]
          main = "foobar"
          sans = ["foobar", "foobar"]
        [[http.routers.Router0.tls.domains]]
          main = "foobar"
          sans = ["foobar", "foobar"]
      [http.routers.Router0.observability]
        accessLogs = true
        metrics = true
        tracing = true
        traceVerbosity = "foobar"
    [http.routers.Router1]
      entryPoints = ["foobar", "foobar"]
      middlewares = ["foobar", "foobar"]
      service = "foobar"
      rule = "foobar"
      ruleSyntax = "foobar"
      priority = 42
      [http.routers.Router1.tls]
        options = "foobar"
        certResolver = "foobar"
        [[http.routers.Router1.tls.domains]]
          main = "foobar"
          sans = ["foobar", "foobar"]
        [[http.routers.Router1.tls.domains]]
          main = "foobar"
          sans = ["foobar", "foobar"]
      [http.routers.Router1.observability]
        accessLogs = true
        metrics = true
        tracing = true
        traceVerbosity = "foobar"
  [http.services]
    [http.services.Service01]
      [http.services.Service01.failover]
        service = "foobar"
        fallback = "foobar"
        [http.services.Service01.failover.healthCheck]
    [http.services.Service02]
      [http.services.Service02.loadBalancer]
        strategy = "foobar"
        passHostHeader = true
        serversTransport = "foobar"
        [http.services.Service02.loadBalancer.sticky]
          [http.services.Service02.loadBalancer.sticky.cookie]
            name = "foobar"
            secure = true
            httpOnly = true
            sameSite = "foobar"
            maxAge = 42
            path = "foobar"
            domain = "foobar"
        [[http.services.Service02.loadBalancer.servers]]
          url = "foobar"
          weight = 42
          preservePath = true
        [[http.services.Service02.loadBalancer.servers]]
          url = "foobar"
          weight = 42
          preservePath = true
        [http.services.Service02.loadBalancer.healthCheck]
          scheme = "foobar"
          mode = "foobar"
          path = "foobar"
          method = "foobar"
          status = 42
          port = 42
          interval = "42s"
          unhealthyInterval = "42s"
          timeout = "42s"
          hostname = "foobar"
          followRedirects = true
          [http.services.Service02.loadBalancer.healthCheck.headers]
            name0 = "foobar"
            name1 = "foobar"
        [http.services.Service02.loadBalancer.responseForwarding]
          flushInterval = "42s"
    [http.services.Service03]
      [http.services.Service03.mirroring]
        service = "foobar"
        mirrorBody = true
        maxBodySize = 42
        [[http.services.Service03.mirroring.mirrors]]
          name = "foobar"
          percent = 42
        [[http.services.Service03.mirroring.mirrors]]
          name = "foobar"
          percent = 42
        [http.services.Service03.mirroring.healthCheck]
    [http.services.Service04]
      [http.services.Service04.weighted]
        [[http.services.Service04.weighted.services]]
          name = "foobar"
          weight = 42
        [[http.services.Service04.weighted.services]]
          name = "foobar"
          weight = 42
        [http.services.Service04.weighted.sticky]
          [http.services.Service04.weighted.sticky.cookie]
            name = "foobar"
            secure = true
            httpOnly = true
            sameSite = "foobar"
            maxAge = 42
            path = "foobar"
            domain = "foobar"
        [http.services.Service04.weighted.healthCheck]
  [http.middlewares]
    [http.middlewares.Middleware01]
      [http.middlewares.Middleware01.addPrefix]
        prefix = "foobar"
    [http.middlewares.Middleware02]
      [http.middlewares.Middleware02.basicAuth]
        users = ["foobar", "foobar"]
        usersFile = "foobar"
        realm = "foobar"
        removeHeader = true
        headerField = "foobar"
    [http.middlewares.Middleware03]
      [http.middlewares.Middleware03.buffering]
        maxRequestBodyBytes = 42
        memRequestBodyBytes = 42
        maxResponseBodyBytes = 42
        memResponseBodyBytes = 42
        retryExpression = "foobar"
    [http.middlewares.Middleware04]
      [http.middlewares.Middleware04.chain]
        middlewares = ["foobar", "foobar"]
    [http.middlewares.Middleware05]
      [http.middlewares.Middleware05.circuitBreaker]
        expression = "foobar"
        checkPeriod = "42s"
        fallbackDuration = "42s"
        recoveryDuration = "42s"
        responseCode = 42
    [http.middlewares.Middleware06]
      [http.middlewares.Middleware06.compress]
        excludedContentTypes = ["foobar", "foobar"]
        includedContentTypes = ["foobar", "foobar"]
        minResponseBodyBytes = 42
        encodings = ["foobar", "foobar"]
        defaultEncoding = "foobar"
    [http.middlewares.Middleware07]
      [http.middlewares.Middleware07.contentType]
        autoDetect = true
    [http.middlewares.Middleware08]
      [http.middlewares.Middleware08.digestAuth]
        users = ["foobar", "foobar"]
        usersFile = "foobar"
        removeHeader = true
        realm = "foobar"
        headerField = "foobar"
    [http.middlewares.Middleware09]
      [http.middlewares.Middleware09.errors]
        status = ["foobar", "foobar"]
        service = "foobar"
        query = "foobar"
        [http.middlewares.Middleware09.errors.statusRewrites]
          name0 = 42
          name1 = 42
    [http.middlewares.Middleware10]
      [http.middlewares.Middleware10.forwardAuth]
        address = "foobar"
        trustForwardHeader = true
        authResponseHeaders = ["foobar", "foobar"]
        authResponseHeadersRegex = "foobar"
        authRequestHeaders = ["foobar", "foobar"]
        addAuthCookiesToResponse = ["foobar", "foobar"]
        headerField = "foobar"
        forwardBody = true
        maxBodySize = 42
        preserveLocationHeader = true
        preserveRequestMethod = true
        [http.middlewares.Middleware10.forwardAuth.tls]
          ca = "foobar"
          cert = "foobar"
          key = "foobar"
          insecureSkipVerify = true
          caOptional = true
    [http.middlewares.Middleware11]
      [http.middlewares.Middleware11.grpcWeb]
        allowOrigins = ["foobar", "foobar"]
    [http.middlewares.Middleware12]
      [http.middlewares.Middleware12.headers]
        accessControlAllowCredentials = true
        accessControlAllowHeaders = ["foobar", "foobar"]
        accessControlAllowMethods = ["foobar", "foobar"]
        accessControlAllowOriginList = ["foobar", "foobar"]
        accessControlAllowOriginListRegex = ["foobar", "foobar"]
        accessControlExposeHeaders = ["foobar", "foobar"]
        accessControlMaxAge = 42
        addVaryHeader = true
        allowedHosts = ["foobar", "foobar"]
        hostsProxyHeaders = ["foobar", "foobar"]
        stsSeconds = 42
        stsIncludeSubdomains = true
        stsPreload = true
        forceSTSHeader = true
        frameDeny = true
        customFrameOptionsValue = "foobar"
        contentTypeNosniff = true
        browserXssFilter = true
        customBrowserXSSValue = "foobar"
        contentSecurityPolicy = "foobar"
        contentSecurityPolicyReportOnly = "foobar"
        publicKey = "foobar"
        referrerPolicy = "foobar"
        permissionsPolicy = "foobar"
        isDevelopment = true
        featurePolicy = "foobar"
        sslRedirect = true
        sslTemporaryRedirect = true
        sslHost = "foobar"
        sslForceHost = true
        [http.middlewares.Middleware12.headers.customRequestHeaders]
          name0 = "foobar"
          name1 = "foobar"
        [http.middlewares.Middleware12.headers.customResponseHeaders]
          name0 = "foobar"
          name1 = "foobar"
        [http.middlewares.Middleware12.headers.sslProxyHeaders]
          name0 = "foobar"
          name1 = "foobar"
    [http.middlewares.Middleware13]
      [http.middlewares.Middleware13.ipAllowList]
        sourceRange = ["foobar", "foobar"]
        rejectStatusCode = 42
        [http.middlewares.Middleware13.ipAllowList.ipStrategy]
          depth = 42
          excludedIPs = ["foobar", "foobar"]
          ipv6Subnet = 42
    [http.middlewares.Middleware14]
      [http.middlewares.Middleware14.ipWhiteList]
        sourceRange = ["foobar", "foobar"]
        [http.middlewares.Middleware14.ipWhiteList.ipStrategy]
          depth = 42
          excludedIPs = ["foobar", "foobar"]
          ipv6Subnet = 42
    [http.middlewares.Middleware15]
      [http.middlewares.Middleware15.inFlightReq]
        amount = 42
        [http.middlewares.Middleware15.inFlightReq.sourceCriterion]
          requestHeaderName = "foobar"
          requestHost = true
          [http.middlewares.Middleware15.inFlightReq.sourceCriterion.ipStrategy]
            depth = 42
            excludedIPs = ["foobar", "foobar"]
            ipv6Subnet = 42
    [http.middlewares.Middleware16]
      [http.middlewares.Middleware16.passTLSClientCert]
        pem = true
        [http.middlewares.Middleware16.passTLSClientCert.info]
          notAfter = true
          notBefore = true
          sans = true
          serialNumber = true
          [http.middlewares.Middleware16.passTLSClientCert.info.subject]
            country = true
            province = true
            locality = true
            organization = true
            organizationalUnit = true
            commonName = true
            serialNumber = true
            domainComponent = true
          [http.middlewares.Middleware16.passTLSClientCert.info.issuer]
            country = true
            province = true
            locality = true
            organization = true
            commonName = true
            serialNumber = true
            domainComponent = true
    [http.middlewares.Middleware17]
      [http.middlewares.Middleware17.plugin]
        [http.middlewares.Middleware17.plugin.PluginConf0]
          name0 = "foobar"
          name1 = "foobar"
        [http.middlewares.Middleware17.plugin.PluginConf1]
          name0 = "foobar"
          name1 = "foobar"
    [http.middlewares.Middleware18]
      [http.middlewares.Middleware18.rateLimit]
        average = 42
        period = "42s"
        burst = 42
        [http.middlewares.Middleware18.rateLimit.sourceCriterion]
          requestHeaderName = "foobar"
          requestHost = true
          [http.middlewares.Middleware18.rateLimit.sourceCriterion.ipStrategy]
            depth = 42
            excludedIPs = ["foobar", "foobar"]
            ipv6Subnet = 42
        [http.middlewares.Middleware18.rateLimit.redis]
          endpoints = ["foobar", "foobar"]
          username = "foobar"
          password = "foobar"
          db = 42
          poolSize = 42
          minIdleConns = 42
          maxActiveConns = 42
          readTimeout = "42s"
          writeTimeout = "42s"
          dialTimeout = "42s"
          [http.middlewares.Middleware18.rateLimit.redis.tls]
            ca = "foobar"
            cert = "foobar"
            key = "foobar"
            insecureSkipVerify = true
    [http.middlewares.Middleware19]
      [http.middlewares.Middleware19.redirectRegex]
        regex = "foobar"
        replacement = "foobar"
        permanent = true
    [http.middlewares.Middleware20]
      [http.middlewares.Middleware20.redirectScheme]
        scheme = "foobar"
        port = "foobar"
        permanent = true
    [http.middlewares.Middleware21]
      [http.middlewares.Middleware21.replacePath]
        path = "foobar"
    [http.middlewares.Middleware22]
      [http.middlewares.Middleware22.replacePathRegex]
        regex = "foobar"
        replacement = "foobar"
    [http.middlewares.Middleware23]
      [http.middlewares.Middleware23.retry]
        attempts = 42
        initialInterval = "42s"
    [http.middlewares.Middleware24]
      [http.middlewares.Middleware24.stripPrefix]
        prefixes = ["foobar", "foobar"]
        forceSlash = true
    [http.middlewares.Middleware25]
      [http.middlewares.Middleware25.stripPrefixRegex]
        regex = ["foobar", "foobar"]
  [http.serversTransports]
    [http.serversTransports.ServersTransport0]
      serverName = "foobar"
      insecureSkipVerify = true
      rootCAs = ["foobar", "foobar"]
      maxIdleConnsPerHost = 42
      disableHTTP2 = true
      peerCertURI = "foobar"
      [[http.serversTransports.ServersTransport0.certificates]]
        certFile = "foobar"
        keyFile = "foobar"
      [[http.serversTransports.ServersTransport0.certificates]]
        certFile = "foobar"
        keyFile = "foobar"
      [http.serversTransports.ServersTransport0.forwardingTimeouts]
        dialTimeout = "42s"
        responseHeaderTimeout = "42s"
        idleConnTimeout = "42s"
        readIdleTimeout = "42s"
        pingTimeout = "42s"
      [http.serversTransports.ServersTransport0.spiffe]
        ids = ["foobar", "foobar"]
        trustDomain = "foobar"
    [http.serversTransports.ServersTransport1]
      serverName = "foobar"
      insecureSkipVerify = true
      rootCAs = ["foobar", "foobar"]
      maxIdleConnsPerHost = 42
      disableHTTP2 = true
      peerCertURI = "foobar"
      [[http.serversTransports.ServersTransport1.certificates]]
        certFile = "foobar"
        keyFile = "foobar"
      [[http.serversTransports.ServersTransport1.certificates]]
        certFile = "foobar"
        keyFile = "foobar"
      [http.serversTransports.ServersTransport1.forwardingTimeouts]
        dialTimeout = "42s"
        responseHeaderTimeout = "42s"
        idleConnTimeout = "42s"
        readIdleTimeout = "42s"
        pingTimeout = "42s"
      [http.serversTransports.ServersTransport1.spiffe]
        ids = ["foobar", "foobar"]
        trustDomain = "foobar"
 [tcp]
  [tcp.routers]
    [tcp.routers.TCPRouter0]
      entryPoints = ["foobar", "foobar"]
      middlewares = ["foobar", "foobar"]
      service = "foobar"
      rule = "foobar"
      ruleSyntax = "foobar"
      priority = 42
      [tcp.routers.TCPRouter0.tls]
        passthrough = true
        options = "foobar"
        certResolver = "foobar"
        [[tcp.routers.TCPRouter0.tls.domains]]
          main = "foobar"
          sans = ["foobar", "foobar"]
        [[tcp.routers.TCPRouter0.tls.domains]]
          main = "foobar"
          sans = ["foobar", "foobar"]
    [tcp.routers.TCPRouter1]
      entryPoints = ["foobar", "foobar"]
      middlewares = ["foobar", "foobar"]
      service = "foobar"
      rule = "foobar"
      ruleSyntax = "foobar"
      priority = 42
      [tcp.routers.TCPRouter1.tls]
        passthrough = true
        options = "foobar"
        certResolver = "foobar"
        [[tcp.routers.TCPRouter1.tls.domains]]
          main = "foobar"
          sans = ["foobar", "foobar"]
        [[tcp.routers.TCPRouter1.tls.domains]]
          main = "foobar"
          sans = ["foobar", "foobar"]
  [tcp.services]
    [tcp.services.TCPService01]
      [tcp.services.TCPService01.loadBalancer]
        serversTransport = "foobar"
        terminationDelay = 42
        [tcp.services.TCPService01.loadBalancer.proxyProtocol]
          version = 42
        [[tcp.services.TCPService01.loadBalancer.servers]]
          address = "foobar"
          tls = true
        [[tcp.services.TCPService01.loadBalancer.servers]]
          address = "foobar"
          tls = true
    [tcp.services.TCPService02]
      [tcp.services.TCPService02.weighted]
        [[tcp.services.TCPService02.weighted.services]]
          name = "foobar"
          weight = 42
        [[tcp.services.TCPService02.weighted.services]]
          name = "foobar"
          weight = 42
  [tcp.middlewares]
    [tcp.middlewares.TCPMiddleware01]
      [tcp.middlewares.TCPMiddleware01.ipAllowList]
        sourceRange = ["foobar", "foobar"]
    [tcp.middlewares.TCPMiddleware02]
      [tcp.middlewares.TCPMiddleware02.ipWhiteList]
        sourceRange = ["foobar", "foobar"]
    [tcp.middlewares.TCPMiddleware03]
      [tcp.middlewares.TCPMiddleware03.inFlightConn]
        amount = 42
  [tcp.serversTransports]
    [tcp.serversTransports.TCPServersTransport0]
      dialKeepAlive = "42s"
      dialTimeout = "42s"
      terminationDelay = "42s"
      [tcp.serversTransports.TCPServersTransport0.tls]
        serverName = "foobar"
        insecureSkipVerify = true
        rootCAs = ["foobar", "foobar"]
        peerCertURI = "foobar"
        [[tcp.serversTransports.TCPServersTransport0.tls.certificates]]
          certFile = "foobar"
          keyFile = "foobar"
        [[tcp.serversTransports.TCPServersTransport0.tls.certificates]]
          certFile = "foobar"
          keyFile = "foobar"
        [tcp.serversTransports.TCPServersTransport0.tls.spiffe]
          ids = ["foobar", "foobar"]
          trustDomain = "foobar"
    [tcp.serversTransports.TCPServersTransport1]
      dialKeepAlive = "42s"
      dialTimeout = "42s"
      terminationDelay = "42s"
      [tcp.serversTransports.TCPServersTransport1.tls]
        serverName = "foobar"
        insecureSkipVerify = true
        rootCAs = ["foobar", "foobar"]
        peerCertURI = "foobar"
        [[tcp.serversTransports.TCPServersTransport1.tls.certificates]]
          certFile = "foobar"
          keyFile = "foobar"
        [[tcp.serversTransports.TCPServersTransport1.tls.certificates]]
          certFile = "foobar"
          keyFile = "foobar"
        [tcp.serversTransports.TCPServersTransport1.tls.spiffe]
          ids = ["foobar", "foobar"]
          trustDomain = "foobar"
 [udp]
  [udp.routers]
    [udp.routers.UDPRouter0]
      entryPoints = ["foobar", "foobar"]
      service = "foobar"
    [udp.routers.UDPRouter1]
      entryPoints = ["foobar", "foobar"]
      service = "foobar"
  [udp.services]
    [udp.services.UDPService01]
      [udp.services.UDPService01.loadBalancer]
        [[udp.services.UDPService01.loadBalancer.servers]]
          address = "foobar"
        [[udp.services.UDPService01.loadBalancer.servers]]
          address = "foobar"
    [udp.services.UDPService02]
      [udp.services.UDPService02.weighted]
        [[udp.services.UDPService02.weighted.services]]
          name = "foobar"
          weight = 42
        [[udp.services.UDPService02.weighted.services]]
          name = "foobar"
          weight = 42
 [tls]
  [[tls.certificates]]
    certFile = "foobar"
    keyFile = "foobar"
    stores = ["foobar", "foobar"]
  [[tls.certificates]]
    certFile = "foobar"
    keyFile = "foobar"
    stores = ["foobar", "foobar"]
  [tls.options]
    [tls.options.Options0]
      minVersion = "foobar"
      maxVersion = "foobar"
      cipherSuites = ["foobar", "foobar"]
      curvePreferences = ["foobar", "foobar"]
      sniStrict = true
      alpnProtocols = ["foobar", "foobar"]
      disableSessionTickets = true
      preferServerCipherSuites = true
      [tls.options.Options0.clientAuth]
        caFiles = ["foobar", "foobar"]
        clientAuthType = "foobar"
    [tls.options.Options1]
      minVersion = "foobar"
      maxVersion = "foobar"
      cipherSuites = ["foobar", "foobar"]
      curvePreferences = ["foobar", "foobar"]
      sniStrict = true
      alpnProtocols = ["foobar", "foobar"]
      disableSessionTickets = true
      preferServerCipherSuites = true
      [tls.options.Options1.clientAuth]
        caFiles = ["foobar", "foobar"]
        clientAuthType = "foobar"
  [tls.stores]
    [tls.stores.Store0]
      [tls.stores.Store0.defaultCertificate]
        certFile = "foobar"
        keyFile = "foobar"
      [tls.stores.Store0.defaultGeneratedCert]
        resolver = "foobar"
        [tls.stores.Store0.defaultGeneratedCert.domain]
          main = "foobar"
          sans = ["foobar", "foobar"]
    [tls.stores.Store1]
      [tls.stores.Store1.defaultCertificate]
        certFile = "foobar"
        keyFile = "foobar"
      [tls.stores.Store1.defaultGeneratedCert]
        resolver = "foobar"
        [tls.stores.Store1.defaultGeneratedCert.domain]
          main = "foobar"
          sans = ["foobar", "foobar"]
--- a/docs/content/reference/routing-configuration/other-providers/file.yaml
+++ b/docs/content/reference/routing-configuration/other-providers/file.yaml
@ -0,0 +1,694 @@
 ## CODE GENERATED AUTOMATICALLY
 ## THIS FILE MUST NOT BE EDITED BY HAND
 http:
  routers:
    Router0:
      entryPoints:
        - foobar
        - foobar
      middlewares:
        - foobar
        - foobar
      service: foobar
      rule: foobar
      ruleSyntax: foobar
      priority: 42
      tls:
        options: foobar
        certResolver: foobar
        domains:
          - main: foobar
            sans:
              - foobar
              - foobar
          - main: foobar
            sans:
              - foobar
              - foobar
      observability:
        accessLogs: true
        metrics: true
        tracing: true
        traceVerbosity: foobar
    Router1:
      entryPoints:
        - foobar
        - foobar
      middlewares:
        - foobar
        - foobar
      service: foobar
      rule: foobar
      ruleSyntax: foobar
      priority: 42
      tls:
        options: foobar
        certResolver: foobar
        domains:
          - main: foobar
            sans:
              - foobar
              - foobar
          - main: foobar
            sans:
              - foobar
              - foobar
      observability:
        accessLogs: true
        metrics: true
        tracing: true
        traceVerbosity: foobar
  services:
    Service01:
      failover:
        service: foobar
        fallback: foobar
        healthCheck: {}
    Service02:
      loadBalancer:
        sticky:
          cookie:
            name: foobar
            secure: true
            httpOnly: true
            sameSite: foobar
            maxAge: 42
            path: foobar
            domain: foobar
        servers:
          - url: foobar
            weight: 42
            preservePath: true
          - url: foobar
            weight: 42
            preservePath: true
        strategy: foobar
        healthCheck:
          scheme: foobar
          mode: foobar
          path: foobar
          method: foobar
          status: 42
          port: 42
          interval: 42s
          unhealthyInterval: 42s
          timeout: 42s
          hostname: foobar
          followRedirects: true
          headers:
            name0: foobar
            name1: foobar
        passHostHeader: true
        responseForwarding:
          flushInterval: 42s
        serversTransport: foobar
    Service03:
      mirroring:
        service: foobar
        mirrorBody: true
        maxBodySize: 42
        mirrors:
          - name: foobar
            percent: 42
          - name: foobar
            percent: 42
        healthCheck: {}
    Service04:
      weighted:
        services:
          - name: foobar
            weight: 42
          - name: foobar
            weight: 42
        sticky:
          cookie:
            name: foobar
            secure: true
            httpOnly: true
            sameSite: foobar
            maxAge: 42
            path: foobar
            domain: foobar
        healthCheck: {}
  middlewares:
    Middleware01:
      addPrefix:
        prefix: foobar
    Middleware02:
      basicAuth:
        users:
          - foobar
          - foobar
        usersFile: foobar
        realm: foobar
        removeHeader: true
        headerField: foobar
    Middleware03:
      buffering:
        maxRequestBodyBytes: 42
        memRequestBodyBytes: 42
        maxResponseBodyBytes: 42
        memResponseBodyBytes: 42
        retryExpression: foobar
    Middleware04:
      chain:
        middlewares:
          - foobar
          - foobar
    Middleware05:
      circuitBreaker:
        expression: foobar
        checkPeriod: 42s
        fallbackDuration: 42s
        recoveryDuration: 42s
        responseCode: 42
    Middleware06:
      compress:
        excludedContentTypes:
          - foobar
          - foobar
        includedContentTypes:
          - foobar
          - foobar
        minResponseBodyBytes: 42
        encodings:
          - foobar
          - foobar
        defaultEncoding: foobar
    Middleware07:
      contentType:
        autoDetect: true
    Middleware08:
      digestAuth:
        users:
          - foobar
          - foobar
        usersFile: foobar
        removeHeader: true
        realm: foobar
        headerField: foobar
    Middleware09:
      errors:
        status:
          - foobar
          - foobar
        statusRewrites:
          name0: 42
          name1: 42
        service: foobar
        query: foobar
    Middleware10:
      forwardAuth:
        address: foobar
        tls:
          ca: foobar
          cert: foobar
          key: foobar
          insecureSkipVerify: true
          caOptional: true
        trustForwardHeader: true
        authResponseHeaders:
          - foobar
          - foobar
        authResponseHeadersRegex: foobar
        authRequestHeaders:
          - foobar
          - foobar
        addAuthCookiesToResponse:
          - foobar
          - foobar
        headerField: foobar
        forwardBody: true
        maxBodySize: 42
        preserveLocationHeader: true
        preserveRequestMethod: true
    Middleware11:
      grpcWeb:
        allowOrigins:
          - foobar
          - foobar
    Middleware12:
      headers:
        customRequestHeaders:
          name0: foobar
          name1: foobar
        customResponseHeaders:
          name0: foobar
          name1: foobar
        accessControlAllowCredentials: true
        accessControlAllowHeaders:
          - foobar
          - foobar
        accessControlAllowMethods:
          - foobar
          - foobar
        accessControlAllowOriginList:
          - foobar
          - foobar
        accessControlAllowOriginListRegex:
          - foobar
          - foobar
        accessControlExposeHeaders:
          - foobar
          - foobar
        accessControlMaxAge: 42
        addVaryHeader: true
        allowedHosts:
          - foobar
          - foobar
        hostsProxyHeaders:
          - foobar
          - foobar
        sslProxyHeaders:
          name0: foobar
          name1: foobar
        stsSeconds: 42
        stsIncludeSubdomains: true
        stsPreload: true
        forceSTSHeader: true
        frameDeny: true
        customFrameOptionsValue: foobar
        contentTypeNosniff: true
        browserXssFilter: true
        customBrowserXSSValue: foobar
        contentSecurityPolicy: foobar
        contentSecurityPolicyReportOnly: foobar
        publicKey: foobar
        referrerPolicy: foobar
        permissionsPolicy: foobar
        isDevelopment: true
        featurePolicy: foobar
        sslRedirect: true
        sslTemporaryRedirect: true
        sslHost: foobar
        sslForceHost: true
    Middleware13:
      ipAllowList:
        sourceRange:
          - foobar
          - foobar
        ipStrategy:
          depth: 42
          excludedIPs:
            - foobar
            - foobar
          ipv6Subnet: 42
        rejectStatusCode: 42
    Middleware14:
      ipWhiteList:
        sourceRange:
          - foobar
          - foobar
        ipStrategy:
          depth: 42
          excludedIPs:
            - foobar
            - foobar
          ipv6Subnet: 42
    Middleware15:
      inFlightReq:
        amount: 42
        sourceCriterion:
          ipStrategy:
            depth: 42
            excludedIPs:
              - foobar
              - foobar
            ipv6Subnet: 42
          requestHeaderName: foobar
          requestHost: true
    Middleware16:
      passTLSClientCert:
        pem: true
        info:
          notAfter: true
          notBefore: true
          sans: true
          serialNumber: true
          subject:
            country: true
            province: true
            locality: true
            organization: true
            organizationalUnit: true
            commonName: true
            serialNumber: true
            domainComponent: true
          issuer:
            country: true
            province: true
            locality: true
            organization: true
            commonName: true
            serialNumber: true
            domainComponent: true
    Middleware17:
      plugin:
        PluginConf0:
          name0: foobar
          name1: foobar
        PluginConf1:
          name0: foobar
          name1: foobar
    Middleware18:
      rateLimit:
        average: 42
        period: 42s
        burst: 42
        sourceCriterion:
          ipStrategy:
            depth: 42
            excludedIPs:
              - foobar
              - foobar
            ipv6Subnet: 42
          requestHeaderName: foobar
          requestHost: true
        redis:
          endpoints:
            - foobar
            - foobar
          tls:
            ca: foobar
            cert: foobar
            key: foobar
            insecureSkipVerify: true
          username: foobar
          password: foobar
          db: 42
          poolSize: 42
          minIdleConns: 42
          maxActiveConns: 42
          readTimeout: 42s
          writeTimeout: 42s
          dialTimeout: 42s
    Middleware19:
      redirectRegex:
        regex: foobar
        replacement: foobar
        permanent: true
    Middleware20:
      redirectScheme:
        scheme: foobar
        port: foobar
        permanent: true
    Middleware21:
      replacePath:
        path: foobar
    Middleware22:
      replacePathRegex:
        regex: foobar
        replacement: foobar
    Middleware23:
      retry:
        attempts: 42
        initialInterval: 42s
    Middleware24:
      stripPrefix:
        prefixes:
          - foobar
          - foobar
        forceSlash: true
    Middleware25:
      stripPrefixRegex:
        regex:
          - foobar
          - foobar
  serversTransports:
    ServersTransport0:
      serverName: foobar
      insecureSkipVerify: true
      rootCAs:
        - foobar
        - foobar
      certificates:
        - certFile: foobar
          keyFile: foobar
        - certFile: foobar
          keyFile: foobar
      maxIdleConnsPerHost: 42
      forwardingTimeouts:
        dialTimeout: 42s
        responseHeaderTimeout: 42s
        idleConnTimeout: 42s
        readIdleTimeout: 42s
        pingTimeout: 42s
      disableHTTP2: true
      peerCertURI: foobar
      spiffe:
        ids:
          - foobar
          - foobar
        trustDomain: foobar
    ServersTransport1:
      serverName: foobar
      insecureSkipVerify: true
      rootCAs:
        - foobar
        - foobar
      certificates:
        - certFile: foobar
          keyFile: foobar
        - certFile: foobar
          keyFile: foobar
      maxIdleConnsPerHost: 42
      forwardingTimeouts:
        dialTimeout: 42s
        responseHeaderTimeout: 42s
        idleConnTimeout: 42s
        readIdleTimeout: 42s
        pingTimeout: 42s
      disableHTTP2: true
      peerCertURI: foobar
      spiffe:
        ids:
          - foobar
          - foobar
        trustDomain: foobar
 tcp:
  routers:
    TCPRouter0:
      entryPoints:
        - foobar
        - foobar
      middlewares:
        - foobar
        - foobar
      service: foobar
      rule: foobar
      ruleSyntax: foobar
      priority: 42
      tls:
        passthrough: true
        options: foobar
        certResolver: foobar
        domains:
          - main: foobar
            sans:
              - foobar
              - foobar
          - main: foobar
            sans:
              - foobar
              - foobar
    TCPRouter1:
      entryPoints:
        - foobar
        - foobar
      middlewares:
        - foobar
        - foobar
      service: foobar
      rule: foobar
      ruleSyntax: foobar
      priority: 42
      tls:
        passthrough: true
        options: foobar
        certResolver: foobar
        domains:
          - main: foobar
            sans:
              - foobar
              - foobar
          - main: foobar
            sans:
              - foobar
              - foobar
  services:
    TCPService01:
      loadBalancer:
        proxyProtocol:
          version: 42
        servers:
          - address: foobar
            tls: true
          - address: foobar
            tls: true
        serversTransport: foobar
        terminationDelay: 42
    TCPService02:
      weighted:
        services:
          - name: foobar
            weight: 42
          - name: foobar
            weight: 42
  middlewares:
    TCPMiddleware01:
      ipAllowList:
        sourceRange:
          - foobar
          - foobar
    TCPMiddleware02:
      ipWhiteList:
        sourceRange:
          - foobar
          - foobar
    TCPMiddleware03:
      inFlightConn:
        amount: 42
  serversTransports:
    TCPServersTransport0:
      dialKeepAlive: 42s
      dialTimeout: 42s
      terminationDelay: 42s
      tls:
        serverName: foobar
        insecureSkipVerify: true
        rootCAs:
          - foobar
          - foobar
        certificates:
          - certFile: foobar
            keyFile: foobar
          - certFile: foobar
            keyFile: foobar
        peerCertURI: foobar
        spiffe:
          ids:
            - foobar
            - foobar
          trustDomain: foobar
    TCPServersTransport1:
      dialKeepAlive: 42s
      dialTimeout: 42s
      terminationDelay: 42s
      tls:
        serverName: foobar
        insecureSkipVerify: true
        rootCAs:
          - foobar
          - foobar
        certificates:
          - certFile: foobar
            keyFile: foobar
          - certFile: foobar
            keyFile: foobar
        peerCertURI: foobar
        spiffe:
          ids:
            - foobar
            - foobar
          trustDomain: foobar
 udp:
  routers:
    UDPRouter0:
      entryPoints:
        - foobar
        - foobar
      service: foobar
    UDPRouter1:
      entryPoints:
        - foobar
        - foobar
      service: foobar
  services:
    UDPService01:
      loadBalancer:
        servers:
          - address: foobar
          - address: foobar
    UDPService02:
      weighted:
        services:
          - name: foobar
            weight: 42
          - name: foobar
            weight: 42
 tls:
  certificates:
    - certFile: foobar
      keyFile: foobar
      stores:
        - foobar
        - foobar
    - certFile: foobar
      keyFile: foobar
      stores:
        - foobar
        - foobar
  options:
    Options0:
      minVersion: foobar
      maxVersion: foobar
      cipherSuites:
        - foobar
        - foobar
      curvePreferences:
        - foobar
        - foobar
      clientAuth:
        caFiles:
          - foobar
          - foobar
        clientAuthType: foobar
      sniStrict: true
      alpnProtocols:
        - foobar
        - foobar
      disableSessionTickets: true
      preferServerCipherSuites: true
    Options1:
      minVersion: foobar
      maxVersion: foobar
      cipherSuites:
        - foobar
        - foobar
      curvePreferences:
        - foobar
        - foobar
      clientAuth:
        caFiles:
          - foobar
          - foobar
        clientAuthType: foobar
      sniStrict: true
      alpnProtocols:
        - foobar
        - foobar
      disableSessionTickets: true
      preferServerCipherSuites: true
  stores:
    Store0:
      defaultCertificate:
        certFile: foobar
        keyFile: foobar
      defaultGeneratedCert:
        resolver: foobar
        domain:
          main: foobar
          sans:
            - foobar
            - foobar
    Store1:
      defaultCertificate:
        certFile: foobar
        keyFile: foobar
      defaultGeneratedCert:
        resolver: foobar
        domain:
          main: foobar
          sans:
            - foobar
            - foobar
--- a/docs/content/reference/routing-configuration/other-providers/kv.md
+++ b/docs/content/reference/routing-configuration/other-providers/kv.md
@ -5,395 +5,87 @@ description: "Read the technical documentation to learn the Traefik Routing Conf
 # Traefik & KV Stores
-## Routing Configuration
+## Configuration Options
 !!! info "Keys"
    Keys are case-insensitive.
-### Routers
+### HTTP
 #### Routers
 !!! warning "The character `@` is not authorized in the router name `<router_name>`."
-??? info "`traefik/http/routers/<router_name>/rule`"
+| Key (Path)                           | Description                          | Value                      |
 |--------------------------------------|--------------------------------------|----------------------------|
 | `traefik/http/routers/<router_name>/rule` | See [rule](../http/router/rules-and-priority.md#rules) for more information. | ```Host(`example.com`)```  |
 | `traefik/http/routers/<router_name>/ruleSyntax` | See [rule](../http/router/rules-and-priority.md#rulesyntax) for more information.<br/>RuleSyntax option is deprecated and will be removed in the next major version.<br/>Please do not use this field and rewrite the router rules to use the v3 syntax. | `v3`  |
 | `traefik/http/routers/<router_name>/entrypoints/0` | See [entry points](../../install-configuration/entrypoints.md) for more information. | `web`       |
 | `traefik/http/routers/<router_name>/entrypoints/1` | See [entry points](../../install-configuration/entrypoints.md) for more information. | `websecure` |
 | `traefik/http/routers/<router_name>/middlewares/0` | See [middlewares overview](../http/middlewares/overview.md) for more information. | `auth`      |
 | `traefik/http/routers/<router_name>/middlewares/1` |  | `prefix`    |
 | `traefik/http/routers/<router_name>/service` | See [service](../http/load-balancing/service.md) for more information. | `myservice` |
 | `traefik/http/routers/<router_name>/tls` | See [tls](../http/tls/overview.md) for more information. | `true` |
 | `traefik/http/routers/<router_name>/tls/certresolver` | See [certResolver](../../install-configuration/tls/certificate-resolvers/overview.md) for more information. | `myresolver` |
 | `traefik/http/routers/<router_name>/tls/domains/0/main` | See [domains](../../install-configuration/tls/certificate-resolvers/acme.md#domain-definition) for more information. | `example.org` |
 | `traefik/http/routers/<router_name>/tls/domains/0/sans/0` | See [domains](../../install-configuration/tls/certificate-resolvers/acme.md#domain-definition) for more information. | `test.example.org` |
 | `traefik/http/routers/<router_name>/tls/domains/0/sans/1` | See [domains](../../install-configuration/tls/certificate-resolvers/acme.md#domain-definition) for more information. | `dev.example.org`  |
 | `traefik/http/routers/<router_name>/tls/options` | See [TLS Options](../http/tls/tls-options.md) for more information. | `foobar` |
 | `traefik/http/routers/<router_name>/observability/accesslogs` | The accessLogs option controls whether the router will produce access-logs. | `true` |
 | `traefik/http/routers/<router_name>/observability/metrics` | The metrics option controls whether the router will produce metrics. | `true` |
 | `traefik/http/routers/<router_name>/observability/tracing` | The tracing option controls whether the router will produce traces. | `true` |
 | `traefik/http/routers/<router_name>/priority` | See [priority](../http/router/rules-and-priority.md#priority-calculation) for more information. | `42`  |
-    See [rule](../http/router/rules-and-priority.md#rules) for more information.
+#### Services
    | Key (Path)                           | Value                      |
    |--------------------------------------|----------------------------|
    | `traefik/http/routers/myrouter/rule` | ```Host(`example.com`)```  |
 ??? info "`traefik/http/routers/<router_name>/ruleSyntax`"
    !!! warning
        RuleSyntax option is deprecated and will be removed in the next major version.
        Please do not use this field and rewrite the router rules to use the v3 syntax.
    See [rule](../http/router/rules-and-priority.md#rulesyntax) for more information.
    | Key (Path)                           | Value                      |
    |--------------------------------------|----------------------------|
    | `traefik/http/routers/myrouter/ruleSyntax` | `v3`  |
 ??? info "`traefik/http/routers/<router_name>/entrypoints`"
    See [entry points](../../install-configuration/entrypoints.md) for more information.
    | Key (Path)                                    | Value       |
    |-----------------------------------------------|-------------|
    | `traefik/http/routers/myrouter/entrypoints/0` | `web`       |
    | `traefik/http/routers/myrouter/entrypoints/1` | `websecure` |
 ??? info "`traefik/http/routers/<router_name>/middlewares`"
    See [middlewares overview](../http/middlewares/overview.md) for more information.
    | Key (Path)                                    | Value       |
    |-----------------------------------------------|-------------|
    | `traefik/http/routers/myrouter/middlewares/0` | `auth`      |
    | `traefik/http/routers/myrouter/middlewares/1` | `prefix`    |
    | `traefik/http/routers/myrouter/middlewares/2` | `cb`        |
 ??? info "`traefik/http/routers/<router_name>/service`"
    See [service](../http/load-balancing/service.md) for more information.
    | Key (Path)                              | Value       |
    |-----------------------------------------|-------------|
    | `traefik/http/routers/myrouter/service` | `myservice` |
 ??? info "`traefik/http/routers/<router_name>/tls`"
    See [tls](../http/tls/overview.md) for more information.
    | Key (Path)                          | Value  |
    |-------------------------------------|--------|
    | `traefik/http/routers/myrouter/tls` | `true` |
 ??? info "`traefik/http/routers/<router_name>/tls/certresolver`"
    See [certResolver](../../install-configuration/tls/certificate-resolvers/overview.md) for more information.
    | Key (Path)                                       | Value        |
    |--------------------------------------------------|--------------|
    | `traefik/http/routers/myrouter/tls/certresolver` | `myresolver` |    
 ??? info "`traefik/http/routers/<router_name>/tls/domains/<n>/main`"
    See [domains](../../install-configuration/tls/certificate-resolvers/acme.md#domain-definition) for more information.
    | Key (Path)                                         | Value         |
    |----------------------------------------------------|---------------|
    | `traefik/http/routers/myrouter/tls/domains/0/main` | `example.org` |
 ??? info "`traefik/http/routers/<router_name>/tls/domains/<n>/sans/<n>`"
    See [domains](../../install-configuration/tls/certificate-resolvers/acme.md#domain-definition) for more information.
    | Key (Path)                                           | Value              |
    |------------------------------------------------------|--------------------|
    | `traefik/http/routers/myrouter/tls/domains/0/sans/0` | `test.example.org` |
    | `traefik/http/routers/myrouter/tls/domains/0/sans/1` | `dev.example.org`  |
 ??? info "`traefik/http/routers/<router_name>/tls/options`"
    See [TLS](../http/tls/overview.md) for more information.
    | Key (Path)                                  | Value    |
    |---------------------------------------------|----------|
    | `traefik/http/routers/myrouter/tls/options` | `foobar` |
 ??? info "`traefik/http/routers/<router_name>/observability/accesslogs`"
    The accessLogs option controls whether the router will produce access-logs.
    | Key (Path)                                               | Value  |
    |----------------------------------------------------------|--------|
    | `traefik/http/routers/myrouter/observability/accesslogs` | `true` |
 ??? info "`traefik/http/routers/<router_name>/observability/metrics`"
    The metrics option controls whether the router will produce metrics.
    | Key (Path)                                            | Value  |
    |-------------------------------------------------------|--------|
    | `traefik/http/routers/myrouter/observability/metrics` | `true` |
 ??? info "`traefik/http/routers/<router_name>/observability/tracing`"
    The tracing option controls whether the router will produce traces.
    | Key (Path)                                            | Value  |
    |-------------------------------------------------------|--------|
    | `traefik/http/routers/myrouter/observability/tracing` | `true` |
 ??? info "`traefik/http/routers/<router_name>/priority`"
    See [domains](../../install-configuration/tls/certificate-resolvers/acme.md#domain-definition) for more information.
    | Key (Path)                               | Value |
    |------------------------------------------|-------|
    | `traefik/http/routers/myrouter/priority` | `42`  |
 ### Services
 !!! warning "The character `@` is not authorized in the service name `<service_name>`."
-??? info "`traefik/http/services/<service_name>/loadbalancer/servers/<n>/url`"
+| Key (Path)                                                      | Description                                                      |  Value                                   |
-
+|-----------------------------------------------------------------|-----------------------------------------------------------------|-----------------------------------------|
-    See [servers](../http/load-balancing/service.md#servers) for more information.
+| `traefik/http/services/myservice/loadbalancer/servers/0/url`    | See [servers](../http/load-balancing/service.md#servers) for more information. | `http://<ip-server-1>:<port-server-1>/` |
-
+| `traefik/http/services/myservice/loadbalancer/servers/0/preservePath`    | See [servers](../http/load-balancing/service.md#servers) for more information. | `true` |
-    | Key (Path)                                                      | Value                                   |
+| `traefik/http/services/myservice/loadbalancer/servers/0/weight`    | See [servers](../http/load-balancing/service.md#servers) for more information. | `1` |
-    |-----------------------------------------------------------------|-----------------------------------------|
+| `traefik/http/services/myservice/loadbalancer/serverstransport` | Allows to reference a ServersTransport resource that is defined either with the File provider or the Kubernetes CRD one.<br/> See [serverstransport](../http/load-balancing/serverstransport.md) for more information. | `foobar@file` |
-    | `traefik/http/services/myservice/loadbalancer/servers/0/url`    | `http://<ip-server-1>:<port-server-1>/` |
+| `traefik/http/services/myservice/loadbalancer/passhostheader`   | See [Service](../http/load-balancing/service.md) for more information. | `true` |
-
+| `traefik/http/services/myservice/loadbalancer/healthcheck/headers/X-Foo` | See [health check](../http/load-balancing/service.md#health-check) for more information. | `foobar` |
-??? info "`traefik/http/services/<service_name>/loadbalancer/servers/<n>/preservePath`"
+| `traefik/http/services/myservice/loadbalancer/healthcheck/hostname` | See [health check](../http/load-balancing/service.md#health-check) for more information. | `example.org` |
-
+| `traefik/http/services/myservice/loadbalancer/healthcheck/interval` | See [health check](../http/load-balancing/service.md#health-check) for more information. | `10`  |
-    See [servers](../http/load-balancing/service.md#servers) for more information.
+| `traefik/http/services/myservice/loadbalancer/healthcheck/path` | See [health check](../http/load-balancing/service.md#health-check) for more information. | `/foo` |
-
+| `traefik/http/services/myservice/loadbalancer/healthcheck/method` | See [health check](../http/load-balancing/service.md#health-check) for more information. | `foobar` |
-    | Key (Path)                                                      | Value                                   |
+| `traefik/http/services/myservice/loadbalancer/healthcheck/status` | See [health check](../http/load-balancing/service.md#health-check) for more information. | `42`  |
-    |-----------------------------------------------------------------|-----------------------------------------|
+| `traefik/http/services/myservice/loadbalancer/healthcheck/port` | See [health check](../http/load-balancing/service.md#health-check) for more information. | `42`  |
-    | `traefik/http/services/myservice/loadbalancer/servers/0/preservePath`    | `true` |
+| `traefik/http/services/myservice/loadbalancer/healthcheck/scheme` | See [health check](../http/load-balancing/service.md#health-check) for more information. | `http` |
-
+| `traefik/http/services/myservice/loadbalancer/healthcheck/timeout` | See [health check](../http/load-balancing/service.md#health-check) for more information. | `10`  |
-??? info "`traefik/http/services/<service_name>/loadbalancer/servers/<n>/weight`"
+| `traefik/http/services/myservice/loadbalancer/sticky` | See [Service](../http/load-balancing/service.md#sticky-sessions) for more information. | `true` |
-
+| `traefik/http/services/myservice/loadbalancer/sticky/cookie/httponly` | See [Service](../http/load-balancing/service.md#sticky-sessions) for more information. | `true` |
-    See [servers](../http/load-balancing/service.md#servers) for more information.
+| `traefik/http/services/myservice/loadbalancer/sticky/cookie/name` | See [Service](../http/load-balancing/service.md#sticky-sessions) for more information. | `foobar` |
-
+| `traefik/http/services/myservice/loadbalancer/sticky/cookie/path` | See [Service](../http/load-balancing/service.md#sticky-sessions) for more information. | `/foobar` |
-    | Key (Path)                                                      | Value                                   |
+| `traefik/http/services/myservice/loadbalancer/sticky/cookie/secure` | See [Service](../http/load-balancing/service.md#sticky-sessions) for more information. | `true` |
-    |-----------------------------------------------------------------|-----------------------------------------|
+| `traefik/http/services/myservice/loadbalancer/sticky/cookie/samesite` | See [Service](../http/load-balancing/service.md#sticky-sessions) for more information. | `none` |
-    | `traefik/http/services/myservice/loadbalancer/servers/0/weight`    | `1` |
+| `traefik/http/services/myservice/loadbalancer/sticky/cookie/maxage` | See [Service](../http/load-balancing/service.md#sticky-sessions) for more information. | `42`  |
-
+| `traefik/http/services/myservice/loadbalancer/responseforwarding/flushinterval` | See [Service](../http/load-balancing/service.md) for more information. | `10`  |
-??? info "`traefik/http/services/<service_name>/loadbalancer/serverstransport`"
+| `traefik/http/services/<service_name>/mirroring/service` | See [Service](../http/load-balancing/service.md#mirroring) for more information. | `foobar` |
-
+| `traefik/http/services/<service_name>/mirroring/mirrors/<n>/name` | See [Service](../http/load-balancing/service.md#mirroring) for more information. | `foobar` |
-    Allows to reference a ServersTransport resource that is defined either with the File provider or the Kubernetes CRD one.
+| `traefik/http/services/<service_name>/mirroring/mirrors/<n>/percent` | See [Service](../http/load-balancing/service.md#mirroring)for more information. | `42`  |
-    See [serverstransport](../http/load-balancing/serverstransport.md) for more information.
+| `traefik/http/services/<service_name>/weighted/services/<n>/name` | See [Service](../http/load-balancing/service.md#weighted-round-robin-wrr) for more information. | `foobar` |
-
+| `traefik/http/services/<service_name>/weighted/services/<n>/weight` | See [Service](../http/load-balancing/service.md#weighted-round-robin-wrr) for more information. | `42`  |
-    | Key (Path)                                                      | Value         |
+| `traefik/http/services/<service_name>/weighted/sticky/cookie/name` | See [Service](../http/load-balancing/service.md#weighted-round-robin-wrr) for more information. | `foobar` |
-    |-----------------------------------------------------------------|---------------|
+| `traefik/http/services/<service_name>/weighted/sticky/cookie/secure` | See [Service](../http/load-balancing/service.md#weighted-round-robin-wrr) for more information. | `true` |
-    | `traefik/http/services/myservice/loadbalancer/serverstransport` | `foobar@file` |
+| `traefik/http/services/<service_name>/weighted/sticky/cookie/samesite` | See [Service](../http/load-balancing/service.md#weighted-round-robin-wrr) for more information. | `none` |
-
+| `traefik/http/services/<service_name>/weighted/sticky/cookie/httpOnly` | See [Service](../http/load-balancing/service.md#weighted-round-robin-wrr) for more information. | `true` |
-??? info "`traefik/http/services/<service_name>/loadbalancer/passhostheader`"
+| `traefik/http/services/<service_name>/weighted/sticky/cookie/maxage` | See [Service](../http/load-balancing/service.md#weighted-round-robin-wrr) for more information. | `42`  |
-
+| `traefik/http/services/<service_name>/failover/fallback` | See [Failover](../http/load-balancing/service.md#failover) for more information. | `backup`  |
-    | Key (Path)                                                      | Value  |
+| `traefik/http/services/<service_name>/failover/healthcheck` | See [Failover](../http/load-balancing/service.md#failover) for more information. | `{}`  |
-    |-----------------------------------------------------------------|--------|
+| `traefik/http/services/<service_name>/failover/service` | See [Failover](../http/load-balancing/service.md#failover) for more information. | `main`  |
-    | `traefik/http/services/myservice/loadbalancer/passhostheader`   | `true` |
+
-
+#### Middleware
-??? info "`traefik/http/services/<service_name>/loadbalancer/healthcheck/headers/<header_name>`"
+
-
+##### Configuration Options
-    See [health check](../http/load-balancing/service.md#health-check) for more information.
+
-
+| Key (Path)                                                      | Description                                                      |  Value                                   |
-    | Key (Path)                                                               | Value    |
+|-----------------------------------------------------------------|-----------------------------------------------------------------|-----------------------------------------|
-    |--------------------------------------------------------------------------|----------|
+| `traefik/http/middlewares/mymiddleware/middleware_type/middleware_option`    | With `middleware_type` the type of middleware (ex: `forwardAuth`, `headers`, etc)<br/>and `middleware_option` the middleware option to set (ex for the middleware `addPrefix`: `prefix`).<br/> More information about available middlewares in the dedicated [middlewares section](../http/middlewares/overview.md). | `foobar` |
    | `traefik/http/services/myservice/loadbalancer/healthcheck/headers/X-Foo` | `foobar` |
 ??? info "`traefik/http/services/<service_name>/loadbalancer/healthcheck/hostname`"
    See [health check](../http/load-balancing/service.md#health-check) for more information.
    | Key (Path)                                                          | Value         |
    |---------------------------------------------------------------------|---------------|
    | `traefik/http/services/myservice/loadbalancer/healthcheck/hostname` | `example.org` |
 ??? info "`traefik/http/services/<service_name>/loadbalancer/healthcheck/interval`"
    See [health check](../http/load-balancing/service.md#health-check) for more information.
    | Key (Path)                                                          | Value |
    |---------------------------------------------------------------------|-------|
    | `traefik/http/services/myservice/loadbalancer/healthcheck/interval` | `10`  |
 ??? info "`traefik/http/services/<service_name>/loadbalancer/healthcheck/unhealthyinterval`"
    See [health check](../http/load-balancing/service.md#health-check) for more information.
    | Key (Path)                                                                   | Value |
    |------------------------------------------------------------------------------|-------|
    | `traefik/http/services/myservice/loadbalancer/healthcheck/unhealthyinterval` | `10`  |
 ??? info "`traefik/http/services/<service_name>/loadbalancer/healthcheck/path`"
    See [health check](../http/load-balancing/service.md#health-check) for more information.
    | Key (Path)                                                      | Value  |
    |-----------------------------------------------------------------|--------|
    | `traefik/http/services/myservice/loadbalancer/healthcheck/path` | `/foo` |
 ??? info "`traefik/http/services/<service_name>/loadbalancer/healthcheck/method`"
    See [health check](../http/load-balancing/service.md#health-check) for more information.
    | Key (Path)                                                        | Value    |
    |-------------------------------------------------------------------|----------|
    | `traefik/http/services/myservice/loadbalancer/healthcheck/method` | `foobar` |
 ??? info "`traefik/http/services/<service_name>/loadbalancer/healthcheck/status`"
    See [health check](../http/load-balancing/service.md#health-check) for more information.
    | Key (Path)                                                        | Value |
    |-------------------------------------------------------------------|-------|
    | `traefik/http/services/myservice/loadbalancer/healthcheck/status` | `42`  |
 ??? info "`traefik/http/services/<service_name>/loadbalancer/healthcheck/port`"
    See [health check](../http/load-balancing/service.md#health-check) for more information.
    | Key (Path)                                                      | Value |
    |-----------------------------------------------------------------|-------|
    | `traefik/http/services/myservice/loadbalancer/healthcheck/port` | `42`  |
 ??? info "`traefik/http/services/<service_name>/loadbalancer/healthcheck/scheme`"
    See [health check](../http/load-balancing/service.md#health-check) for more information.
    | Key (Path)                                                        | Value  |
    |-------------------------------------------------------------------|--------|
    | `traefik/http/services/myservice/loadbalancer/healthcheck/scheme` | `http` |
 ??? info "`traefik/http/services/<service_name>/loadbalancer/healthcheck/timeout`"
    See [health check](../http/load-balancing/service.md#health-check) for more information.
    | Key (Path)                                                         | Value |
    |--------------------------------------------------------------------|-------|
    | `traefik/http/services/myservice/loadbalancer/healthcheck/timeout` | `10`  |
 ??? info "`traefik/http/services/<service_name>/loadbalancer/sticky`"
    | Key (Path)                                            | Value  |
    |-------------------------------------------------------|--------|
    | `traefik/http/services/myservice/loadbalancer/sticky` | `true` |
 ??? info "`traefik/http/services/<service_name>/loadbalancer/sticky/cookie/httponly`"
    | Key (Path)                                                            | Value  |
    |-----------------------------------------------------------------------|--------|
    | `traefik/http/services/myservice/loadbalancer/sticky/cookie/httponly` | `true` |
 ??? info "`traefik/http/services/<service_name>/loadbalancer/sticky/cookie/name`"
    | Key (Path)                                                        | Value    |
    |-------------------------------------------------------------------|----------|
    | `traefik/http/services/myservice/loadbalancer/sticky/cookie/name` | `foobar` |
 ??? info "`traefik/http/services/<service_name>/loadbalancer/sticky/cookie/path`"
    | Key (Path)                                                        | Value     |
    |-------------------------------------------------------------------|-----------|
    | `traefik/http/services/myservice/loadbalancer/sticky/cookie/path` | `/foobar` |
 ??? info "`traefik/http/services/<service_name>/loadbalancer/sticky/cookie/secure`"
    | Key (Path)                                                          | Value  |
    |---------------------------------------------------------------------|--------|
    | `traefik/http/services/myservice/loadbalancer/sticky/cookie/secure` | `true` |
 ??? info "`traefik/http/services/<service_name>/loadbalancer/sticky/cookie/samesite`"
    | Key (Path)                                                            | Value  |
    |-----------------------------------------------------------------------|--------|
    | `traefik/http/services/myservice/loadbalancer/sticky/cookie/samesite` | `none` |
 ??? info "`traefik/http/services/<service_name>/loadbalancer/sticky/cookie/maxage`"
    | Key (Path)                                                          | Value |
    |---------------------------------------------------------------------|-------|
    | `traefik/http/services/myservice/loadbalancer/sticky/cookie/maxage` | `42`  |
 ??? info "`traefik/http/services/<service_name>/loadbalancer/responseforwarding/flushinterval`"
    | Key (Path)                                                                      | Value |
    |---------------------------------------------------------------------------------|-------|
    | `traefik/http/services/myservice/loadbalancer/responseforwarding/flushinterval` | `10`  |
 ??? info "`traefik/http/services/<service_name>/mirroring/service`"
    | Key (Path)                                               | Value    |
    |----------------------------------------------------------|----------|
    | `traefik/http/services/<service_name>/mirroring/service` | `foobar` |
 ??? info "`traefik/http/services/<service_name>/mirroring/mirrors/<n>/name`"
    | Key (Path)                                                        | Value    |
    |-------------------------------------------------------------------|----------|
    | `traefik/http/services/<service_name>/mirroring/mirrors/<n>/name` | `foobar` |
 ??? info "`traefik/http/services/<service_name>/mirroring/mirrors/<n>/percent`"
    | Key (Path)                                                           | Value |
    |----------------------------------------------------------------------|-------|
    | `traefik/http/services/<service_name>/mirroring/mirrors/<n>/percent` | `42`  |
 ??? info "`traefik/http/services/<service_name>/weighted/services/<n>/name`"
    | Key (Path)                                                        | Value    |
    |-------------------------------------------------------------------|----------|
    | `traefik/http/services/<service_name>/weighted/services/<n>/name` | `foobar` |
 ??? info "`traefik/http/services/<service_name>/weighted/services/<n>/weight`"
    | Key (Path)                                                          | Value |
    |---------------------------------------------------------------------|-------|
    | `traefik/http/services/<service_name>/weighted/services/<n>/weight` | `42`  |
 ??? info "`traefik/http/services/<service_name>/weighted/sticky/cookie/name`"
    | Key (Path)                                                         | Value    |
    |--------------------------------------------------------------------|----------|
    | `traefik/http/services/<service_name>/weighted/sticky/cookie/name` | `foobar` |
 ??? info "`traefik/http/services/<service_name>/weighted/sticky/cookie/secure`"
    | Key (Path)                                                           | Value  |
    |----------------------------------------------------------------------|--------|
    | `traefik/http/services/<service_name>/weighted/sticky/cookie/secure` | `true` |
 ??? info "`traefik/http/services/<service_name>/weighted/sticky/cookie/samesite`"
    | Key (Path)                                                             | Value  |
    |------------------------------------------------------------------------|--------|
    | `traefik/http/services/<service_name>/weighted/sticky/cookie/samesite` | `none` |
 ??? info "`traefik/http/services/<service_name>/weighted/sticky/cookie/httpOnly`"
    | Key (Path)                                                             | Value  |
    |------------------------------------------------------------------------|--------|
    | `traefik/http/services/<service_name>/weighted/sticky/cookie/httpOnly` | `true` |
 ??? info "`traefik/http/services/<service_name>/weighted/sticky/cookie/maxage`"
    | Key (Path)                                                           | Value |
    |----------------------------------------------------------------------|-------|
    | `traefik/http/services/<service_name>/weighted/sticky/cookie/maxage` | `42`  |
 ??? info "`traefik/http/services/<service_name>/failover/fallback`"
    See [Failover](../http/load-balancing/service.md#failover) for more information
    | Key (Path)                                                           | Value |
    |----------------------------------------------------------------------|-------|
    | `traefik/http/services/<service_name>/failover/fallback` | `backup`  |
 ??? info "`traefik/http/services/<service_name>/failover/healthcheck`"
    See [Failover](../http/load-balancing/service.md#failover) for more information
    | Key (Path)                                                           | Value |
    |----------------------------------------------------------------------|-------|
    | `traefik/http/services/<service_name>/failover/healthcheck` | `{}`  |
 ??? info "`traefik/http/services/<service_name>/failover/service`"
    See [Failover](../http/load-balancing/service.md#failover) for more information
    | Key (Path)                                                           | Value |
    |----------------------------------------------------------------------|-------|
    | `traefik/http/services/<service_name>/failover/service` | `main`  |
 ### Middleware
 More information about available middlewares in the dedicated [middlewares section](../http/middlewares/overview.md).
 !!! warning "The character `@` is not authorized in the middleware name."
@ -401,142 +93,69 @@ More information about available middlewares in the dedicated [middlewares secti
    If you declare multiple middleware with the same name but with different parameters, the middleware fails to be declared.
 ##### Configuration Example
 ```bash
 # Declaring a middleware
 traefik/http/middlewares/myAddPrefix/addPrefix/prefix=/foobar
 # Referencing a middleware
 traefik/http/routers/<router_name>/middlewares/0=myAddPrefix
 ```
 #### ServerTransport
 ##### Configuration Options
 | Key (Path)                                                      | Description                                                      |  Value                                   |
 |-----------------------------------------------------------------|-----------------------------------------------------------------|-----------------------------------------|
 | `traefik/http/serversTransports/<serversTransportName>/st_option`    | With  `st_option` the ServerTransport option to set (ex `maxIdleConnsPerHost`).<br/> More information about available options in the dedicated [ServerTransport section](../http/load-balancing/serverstransport.md). | ServerTransport Options |
 ##### Configuration Example
 ```bash
 # Declaring a ServerTransport
 traefik/http/serversTransports/myServerTransport/maxIdleConnsPerHost=-1
 traefik/http/serversTransports/myServerTransport/certificates/0/certFile=mypath/cert.pem
 traefik/http/serversTransports/myServerTransport/certificates/0/keyFile=mypath/key.pem
 # Referencing a middleware
 traefik/http/services/myService/serversTransports/0=myServerTransport
 ```
 ### TCP
 You can declare TCP Routers and/or Services using KV.
-#### TCP Routers
+#### Routers
-??? info "`traefik/tcp/routers/<router_name>/entrypoints`"
+| Key (Path)                                      |  Description | Value |
 |-------------------------------------------------|-------------------------------------------------|-------|
 | `traefik/tcp/routers/mytcprouter/entrypoints/0` | See [entry points](../../install-configuration/entrypoints.md) for more information. | `ep1` |
 | `traefik/tcp/routers/mytcprouter/entrypoints/1` | See [entry points](../../install-configuration/entrypoints.md) for more information. | `ep2` |
 | `traefik/tcp/routers/my-router/rule` | See [entry points](../../install-configuration/entrypoints.md) for more information. | ```HostSNI(`example.com`)``` |
 | `traefik/tcp/routers/mytcprouter/service` | See [service](../tcp/service.md) for more information. | `myservice` |
 | `traefik/tcp/routers/mytcprouter/tls` | See [TLS](../tcp/tls.md) for more information. | `true` |
 | `traefik/tcp/routers/mytcprouter/tls/certresolver` | See [certResolver](../tcp/tls.md#configuration-options) for more information. | `myresolver` |
 | `traefik/tcp/routers/mytcprouter/tls/domains/0/main` | See [TLS](../tcp/tls.md) for more information. | `example.org` |
 | `traefik/tcp/routers/mytcprouter/tls/domains/0/sans/0` | See [TLS](../tcp/tls.md) for more information. | `test.example.org` |
 | `traefik/tcp/routers/mytcprouter/tls/domains/0/sans/1` | See [TLS](../tcp/tls.md) for more information. | `dev.example.org`  |
 | `traefik/tcp/routers/mytcprouter/tls/options` | See [TLS](../tcp/tls.md) for more information. | `foobar` |
 | `traefik/tcp/routers/mytcprouter/tls/passthrough` | See [TLS](../tcp/tls.md) for more information. | `true` |
 | `traefik/tcp/routers/mytcprouter/priority`  | See [priority](../tcp/router/rules-and-priority.md#priority) for more information. | `42`  |
-    See [entry points](../../install-configuration/entrypoints.md) for more information.
+#### Services
-    | Key (Path)                                      | Value |
+| Key (Path)                                                         | Description                                                         | Value            |
-    |-------------------------------------------------|-------|
+|--------------------------------------------------------------------|--------------------------------------------------------------------|------------------|
-    | `traefik/tcp/routers/mytcprouter/entrypoints/0` | `ep1` |
+| `traefik/tcp/services/mytcpservice/loadbalancer/servers/0/address` | See [servers](../tcp/service.md#servers-load-balancer) for more information. | `xx.xx.xx.xx:xx` |
-    | `traefik/tcp/routers/mytcprouter/entrypoints/1` | `ep2` |
+| `traefik/tcp/services/mytcpservice/loadbalancer/servers/0/tls` | See [servers](../tcp/service.md#servers-load-balancer) for more information. | `true` |
 | `traefik/tcp/services/mytcpservice/loadbalancer/proxyprotocol/version` | See [PROXY protocol](../tcp/service.md#proxy-protocol) for more information. | `1`   |
 | `traefik/tcp/services/myservice/loadbalancer/serverstransport` | Allows to reference a ServersTransport resource that is defined either with the File provider or the Kubernetes CRD one.<br/>See [serverstransport](../tcp/serverstransport.md) for more information. | `foobar@file` |
 | `traefik/tcp/services/<service_name>/weighted/services/0/name`      | See [Service](../tcp/service.md#weighted-round-robin) for more information. | `foobar` |
 | `traefik/tcp/services/<service_name>/weighted/services/0/weight` | See [Service](../tcp/service.md#weighted-round-robin-wrr) for more information. | `42`  |
-??? info "`traefik/tcp/routers/<router_name>/rule`"
+#### Middleware
-    See [entry points](../../install-configuration/entrypoints.md) for more information.
+##### Configuration Options
    | Key (Path)                           | Value                        |
    |--------------------------------------|------------------------------|
    | `traefik/tcp/routers/my-router/rule` | ```HostSNI(`example.com`)``` |  
 ??? info "`traefik/tcp/routers/<router_name>/service`"
    See [service](../tcp/service.md) for more information.
    | Key (Path)                                | Value       |
    |-------------------------------------------|-------------|
    | `traefik/tcp/routers/mytcprouter/service` | `myservice` |
 ??? info "`traefik/tcp/routers/<router_name>/tls`"
    See [TLS](../tcp/tls.md) for more information.
    | Key (Path)                            | Value  |
    |---------------------------------------|--------|
    | `traefik/tcp/routers/mytcprouter/tls` | `true` |
 ??? info "`traefik/tcp/routers/<router_name>/tls/certresolver`"
    See [certResolver](../tcp/tls.md#configuration-options) for more information.
    | Key (Path)                                         | Value        |
    |----------------------------------------------------|--------------|
    | `traefik/tcp/routers/mytcprouter/tls/certresolver` | `myresolver` |
 ??? info "`traefik/tcp/routers/<router_name>/tls/domains/<n>/main`"
    See [TLS](../tcp/tls.md) for more information.
    | Key (Path)                                           | Value         |
    |------------------------------------------------------|---------------|
    | `traefik/tcp/routers/mytcprouter/tls/domains/0/main` | `example.org` |
 ??? info "`traefik/tcp/routers/<router_name>/tls/domains/<n>/sans`"
    See [TLS](../tcp/tls.md) for more information.
    | Key (Path)                                             | Value              |
    |--------------------------------------------------------|--------------------|
    | `traefik/tcp/routers/mytcprouter/tls/domains/0/sans/0` | `test.example.org` |
    | `traefik/tcp/routers/mytcprouter/tls/domains/0/sans/1` | `dev.example.org`  |
 ??? info "`traefik/tcp/routers/<router_name>/tls/options`"
    See [TLS](../tcp/tls.md) for more information.
    | Key (Path)                                    | Value    |
    |-----------------------------------------------|----------|
    | `traefik/tcp/routers/mytcprouter/tls/options` | `foobar` |
 ??? info "`traefik/tcp/routers/<router_name>/tls/passthrough`"
    See [TLS](../tcp/tls.md) for more information.
    | Key (Path)                                        | Value  |
    |---------------------------------------------------|--------|
    | `traefik/tcp/routers/mytcprouter/tls/passthrough` | `true` |
 ??? info "`traefik/tcp/routers/<router_name>/priority`"
    See [priority](../tcp/router/rules-and-priority.md#priority) for more information.
    | Key (Path)                               | Value |
    |------------------------------------------|-------|
    | `traefik/tcp/routers/mytcprouter/priority`  | `42`  |
 #### TCP Services
 ??? info "`traefik/tcp/services/<service_name>/loadbalancer/servers/<n>/address`"
    See [servers](../tcp/service.md#servers-load-balancer) for more information.
    | Key (Path)                                                         | Value            |
    |--------------------------------------------------------------------|------------------|
    | `traefik/tcp/services/mytcpservice/loadbalancer/servers/0/address` | `xx.xx.xx.xx:xx` |
 ??? info "`traefik/tcp/services/<service_name>/loadbalancer/servers/<n>/tls`"
    See [servers](../tcp/service.md#servers-load-balancer) for more information.
    | Key (Path)                                                         | Value            |
    |--------------------------------------------------------------------|------------------|
    | `traefik/tcp/services/mytcpservice/loadbalancer/servers/0/tls` | `true` |
 ??? info "`traefik/tcp/services/<service_name>/loadbalancer/proxyprotocol/version`"
    See [PROXY protocol](../tcp/service.md#proxy-protocol) for more information.
    | Key (Path)                                                             | Value |
    |------------------------------------------------------------------------|-------|
    | `traefik/tcp/services/mytcpservice/loadbalancer/proxyprotocol/version` | `1`   |
 ??? info "`traefik/tcp/services/<service_name>/loadbalancer/serverstransport`"
    Allows to reference a ServersTransport resource that is defined either with the File provider or the Kubernetes CRD one.
    See [serverstransport](../tcp/serverstransport.md) for more information.
    | Key (Path)                                                      | Value         |
    |-----------------------------------------------------------------|---------------|
    | `traefik/tcp/services/myservice/loadbalancer/serverstransport` | `foobar@file` |
 ??? info "`traefik/tcp/services/<service_name>/weighted/services/<n>/name`"
    | Key (Path)                                                          | Value    |
    |---------------------------------------------------------------------|----------|
    | `traefik/tcp/services/<service_name>/weighted/services/0/name`      | `foobar` |
 ??? info "`traefik/tcp/services/<service_name>/weighted/services/<n>/weight`"
    | Key (Path)                                                       | Value |
    |------------------------------------------------------------------|-------|
    | `traefik/tcp/services/<service_name>/weighted/services/0/weight` | `42`  |
 #### TCP Middleware
 You can declare pieces of middleware using tags starting with `traefik/tcp/middlewares/{name-of-your-choice}.`, followed by the middleware type/options.
@ -544,80 +163,83 @@ For example, to declare a middleware [`InFlightConn`](../tcp/middlewares/infligh
 More information about available middlewares in the dedicated [middlewares section](../tcp/middlewares/overview.md).
-??? example "Declaring and Referencing a Middleware"
+| Key (Path)                                                      | Description                                                      |  Value                                   |
-    
+|-----------------------------------------------------------------|-----------------------------------------------------------------|-----------------------------------------|
-    ```bash
+| `traefik/tcp/middlewares/mymiddleware/middleware_type/middleware_option`    | With `middleware_type` the type of middleware (ex: `inflightconn`)<br/>and `middleware_option` the middleware option to set (ex for the middleware `inflightconn`: `amount`).<br/> More information about available middlewares in the dedicated [middlewares section](../tcp/middlewares/overview.md). | `foobar` |
    # ...
    # Declaring a middleware
    traefik/tcp/middlewares/test-inflightconn/amount=10
    # Referencing a middleware
    traefik/tcp/routers.my-service/middlewares=test-inflightconn
    ```
 !!! warning "Conflicts in Declaration"
    If you declare multiple middleware with the same name but with different parameters, the middleware fails to be declared.
 ##### Configuration Example
 ```bash
 # Declaring a middleware
 traefik/tcp/middlewares/test-inflightconn/amount=10
 # Referencing a middleware
 traefik/tcp/routers/<router_name>/middlewares/0=test-inflightconn
 ```
 #### ServerTransport
 ##### Configuration Options
 | Key (Path)                                                      | Description                                                      |  Value                                   |
 |-----------------------------------------------------------------|-----------------------------------------------------------------|-----------------------------------------|
 | `traefik/tcp/serversTransports/<serversTransportName>/st_option`    | With  `st_option` the ServerTransport option to set (ex `maxIdleConnsPerHost`).<br/> More information about available options in the dedicated [ServerTransport section](../tcp/serverstransport.md). | ServerTransport Options |
 ##### Configuration Example
 ```bash
 # Declaring a ServerTransport
 traefik/tcp/serversTransports/myServerTransport/maxIdleConnsPerHost=-1
 # Referencing a middleware
 traefik/tcp/services/myService/serversTransports/0=myServerTransport
 ```
 ### UDP
 You can declare UDP Routers and/or Services using KV.
-#### UDP Routers
+#### Routers
-??? info "`traefik/udp/routers/<router-name>/entrypoints/<n>`"
+| Key (Path)                                                       | Description                                                       | Value |
 |------------------------------------------------------------------|------------------------------------------------------------------|-------|
 | `traefik/udp/routers/myudprouter/entrypoints/0` | See [UDP Router](../udp/router/rules-priority.md#entrypoints) for more information. | `foobar`  |
 | `traefik/udp/routers/myudprouter/service` | See [UDP Router](../udp/router/rules-priority.md#configuration-example) for more information. | `foobar`  |
-    | Key (Path)                                                       | Value |
+#### Services
    |------------------------------------------------------------------|-------|
    | `traefik/udp/routers/myudprouter/entrypoints/0` | `foobar`  |
-??? info "`traefik/udp/routers/<router-name>/service`"
+| Key (Path)                                                       | Description                                                       | Value |
-
+|------------------------------------------------------------------|------------------------------------------------------------------|-------|
-    | Key (Path)                                                       | Value |
+| `traefik/udp/services/loadBalancer/servers/<n>/address` | See [UDP Service](../udp/service.md) for more information. | `foobar`  |
-    |------------------------------------------------------------------|-------|
+| `traefik/udp/services/weighted/services/0/name` | See [UDP Service](../udp/service.md) for more information. | `foobar`  |
-    | `traefik/udp/routers/myudprouter/service` | `foobar`  |
+| `traefik/udp/services/weighted/servers/0/weight` |See [UDP Service](../udp/service.md) for more information. | `42`  | 
 #### UDP Services
 ??? info "`traefik/udp/services/loadBalancer/servers/<n>/address`"
    | Key (Path)                                                       | Value |
    |------------------------------------------------------------------|-------|
    | `traefik/udp/services/loadBalancer/servers/<n>/address` | `foobar`  |
 ??? info "`traefik/udp/services/weighted/services/<n>/name`"
    | Key (Path)                                                       | Value |
    |------------------------------------------------------------------|-------|
    | `traefik/udp/services/weighted/services/0/name` | `foobar`  |
 ??? info "`traefik/udp/services/weighted/services/<n>/name`"
    | Key (Path)                                                       | Value |
    |------------------------------------------------------------------|-------|
    | `traefik/udp/services/weighted/servers/0/weight` | `42`  |
 ## TLS
 ### TLS Options
-With the KV provider, you configure some parameters of the TLS connection using the `tls/options` key. For example, you can define a basic setup like this:
+With the KV provider, you configure some parameters of the TLS connection using the `tls/options` key.
-| Key (Path)                                           | Value    |
+For example, you can define a basic setup like this:
 |------------------------------------------------------|----------|
 | `traefik/tls/options/Options0/alpnProtocols/0`       | `foobar` |
 | `traefik/tls/options/Options0/cipherSuites/0`        | `foobar` |
 | `traefik/tls/options/Options0/clientAuth/caFiles/0`  | `foobar` |
 | `traefik/tls/options/Options0/disableSessiontickets` | `true`   |
-For more information on the available TLS options that can be configured, please refer to the [TLS Options](../http/tls/tls-options.md) page.
+| Key (Path)                                           | Description                                           | Value    |
 |------------------------------------------------------|------------------------------------------------------|----------|
 | `traefik/tls/options/Options0/alpnProtocols/0`       | See [TLS Options](../http/tls/tls-options.md) for more information. | `foobar` | 
 | `traefik/tls/options/Options0/cipherSuites/0`        | See [TLS Options](../http/tls/tls-options.md) for more information. | `foobar` | 
 | `traefik/tls/options/Options0/clientAuth/caFiles/0`  | See [TLS Options](../http/tls/tls-options.md) for more information. | `foobar` | 
 | `traefik/tls/options/Options0/disableSessiontickets` | See [TLS Options](../http/tls/tls-options.md) for more information. |  `true`   |
 ### TLS Default Generated Certificates
-You can configure Traefik to use an ACME provider (like Let's Encrypt) to generate the default certificate. The configuration to resolve the default certificate should be defined in a TLS store:
+You can configure Traefik to use an ACME provider (like Let's Encrypt) to generate the default certificate.
-| Key (Path)                                                     | Value    |
+The configuration to resolve the default certificate should be defined in a TLS store.
-|----------------------------------------------------------------|----------|
+
-| `traefik/tls/stores/Store0/defaultGeneratedCert/domain/main`   | `foobar` |
+| Key (Path)                                                     | Description                                                     | Value    |
-| `traefik/tls/stores/Store0/defaultGeneratedCert/domain/sans/0` | `foobar` |
+|----------------------------------------------------------------|----------------------------------------------------------------|----------|
-| `traefik/tls/stores/Store0/defaultGeneratedCert/domain/sans/1` | `foobar` |
+| `traefik/tls/stores/Store0/defaultGeneratedCert/domain/main`   | See [TLS](../http/tls/tls-certificates/#certificates-stores) for more information. | `foobar` |
-| `traefik/tls/stores/Store0/defaultGeneratedCert/resolver`      | `foobar` |
+| `traefik/tls/stores/Store0/defaultGeneratedCert/domain/sans/0` | See [TLS](../http/tls/tls-certificates/#certificates-stores) for more information| `foobar` |
 | `traefik/tls/stores/Store0/defaultGeneratedCert/domain/sans/1` | See [TLS](../http/tls/tls-certificates/#certificates-stores) for more information| `foobar` |
 | `traefik/tls/stores/Store0/defaultGeneratedCert/resolver`      | See [TLS](../http/tls/tls-certificates/#certificates-stores) for more information| `foobar` |
--- a/docs/content/reference/static-configuration/cli.md
+++ b/docs/content/reference/static-configuration/cli.md
@ -1,9 +0,0 @@
 ---
 title: "Traefik CLI Flags Documentation"
 description: "Reference the CLI flags for static configuration in Traefik Proxy. Read the technical documentation."
 ---
 # Static Configuration: CLI
 --8<-- "content/reference/static-configuration/cli-ref.md"
--- a/docs/content/reference/static-configuration/env.md
+++ b/docs/content/reference/static-configuration/env.md
@ -1,27 +0,0 @@
 ---
 title: "Traefik Environment Variables Documentation"
 description: "Reference the environment variables for static configuration in Traefik Proxy. Read the technical documentation."
 ---
 # Static Configuration: Environment variables
 !!! warning "Environment Variable Casing"
    Traefik normalizes the environment variable key-value pairs by lowercasing them.
    This means that when you interpolate a string in an environment variable's name,
    that string will be treated as lowercase, regardless of its original casing.
    For example, assuming you have set environment variables as follows:
    ```bash
        export TRAEFIK_ENTRYPOINTS_WEB=true
        export TRAEFIK_ENTRYPOINTS_WEB_ADDRESS=:80
        export TRAEFIK_CERTIFICATESRESOLVERS_myResolver=true
        export TRAEFIK_CERTIFICATESRESOLVERS_myResolver_ACME_CASERVER=....
    ```
    Although the Entrypoint is named `WEB` and the Certificate Resolver is named `myResolver`, 
    they have to be referenced respectively as `web`, and `myresolver` in the configuration.
 --8<-- "content/reference/static-configuration/env-ref.md"
--- a/docs/content/reference/static-configuration/file.md
+++ b/docs/content/reference/static-configuration/file.md
@ -1,14 +0,0 @@
 ---
 title: "Traefik File Static Configuration"
 description: "Reference the YAML and TOML files for static configuration in Traefik Proxy. Read the technical documentation."
 ---
 # Static Configuration: File
 ```yml  tab="YAML"
 --8<-- "content/reference/static-configuration/file.yaml"
 ```
 ```toml  tab="TOML"
 --8<-- "content/reference/static-configuration/file.toml"
 ```
--- a/docs/content/reference/static-configuration/overview.md
+++ b/docs/content/reference/static-configuration/overview.md
@ -1,10 +0,0 @@
 ---
 title: "Traefik Static Configuration Overview"
 description: "Read the official Traefik documentation to get started with static configuration in Traefik Proxy."
 ---
 # Static Configuration
 - [File](./file.md)
 - [CLI](./cli.md)
 - [Environment Variables](./env.md)
--- a/docs/content/routing/providers/consul-catalog.md
+++ b/docs/content/routing/providers/consul-catalog.md
@ -25,7 +25,7 @@ With Consul Catalog, Traefik can leverage tags attached to a service to generate
 !!! info "tags"
    - tags are case-insensitive.
-    - The complete list of tags can be found [the reference page](../../reference/dynamic-configuration/consul-catalog.md)
+    - The complete list of tags can be found [the reference page](../../reference/routing-configuration/other-providers/consul-catalog.md)
 ### General
--- a/docs/content/routing/providers/docker.md
+++ b/docs/content/routing/providers/docker.md
@ -93,7 +93,7 @@ With Docker, Traefik can leverage labels attached to a container to generate rou
 !!! info "Labels"
    - Labels are case-insensitive.
-    - The complete list of labels can be found in [the reference page](../../reference/dynamic-configuration/docker.md).
+    - The complete list of labels can be found in [the reference page](../../reference/routing-configuration/other-providers/docker.md).
 ### General
--- a/docs/content/routing/providers/ecs.md
+++ b/docs/content/routing/providers/ecs.md
@ -23,7 +23,7 @@ With ECS, Traefik can leverage labels attached to a container to generate routin
 !!! info "labels"
    - labels are case-insensitive.
-    - The complete list of labels can be found in [the reference page](../../reference/dynamic-configuration/ecs.md).
+    - The complete list of labels can be found in [the reference page](../../reference/routing-configuration/other-providers/ecs.md).
 ### General
--- a/docs/content/routing/providers/kv.md
+++ b/docs/content/routing/providers/kv.md
@ -13,7 +13,7 @@ A Story of key & values
 !!! info "Keys"
    - Keys are case-insensitive.
-    - The complete list of keys can be found in [the reference page](../../reference/dynamic-configuration/kv.md).
+    - The complete list of keys can be found in [the reference page](../../reference/routing-configuration/other-providers/kv.md).
 ### Routers
--- a/docs/content/routing/providers/nomad.md
+++ b/docs/content/routing/providers/nomad.md
@ -25,7 +25,7 @@ With Nomad, Traefik can leverage tags attached to a service to generate routing
 !!! info "tags"
    - tags are case-insensitive.
-    - The complete list of tags can be found [the reference page](../../reference/dynamic-configuration/nomad.md)
+    - The complete list of tags can be found [the reference page](../../reference/routing-configuration/other-providers/nomad.md)
 ### General
--- a/docs/content/routing/providers/swarm.md
+++ b/docs/content/routing/providers/swarm.md
@ -116,7 +116,7 @@ With Docker Swarm, Traefik can leverage labels attached to a service to generate
 !!! info "Labels"
    - Labels are case-insensitive.
-    - The complete list of labels can be found in [the reference page](../../reference/dynamic-configuration/docker.md).
+    - The complete list of labels can be found in [the reference page](../../reference/routing-configuration/other-providers/swarm.md).
 ### General
--- a/docs/mkdocs.yml
+++ b/docs/mkdocs.yml
@ -33,15 +33,116 @@ extra_javascript:
  - assets/js/hljs/highlight.pack.js # Download from https://highlightjs.org/download/ and enable YAML, TOML and Dockerfile
  - assets/js/extra.js
 extra_css:
  - assets/css/menu-icons.css
 plugins:
  - search
  - exclude:
      glob:
        - "**/include-*.md"
-
+  - redirects:
      redirect_maps:
        # Providers
        'providers/overview.md': 'reference/install-configuration/providers/overview.md'
        'providers/docker.md': 'reference/install-configuration/providers/docker.md'
        'providers/swarm.md': 'reference/install-configuration/providers/swarm.md'
        'providers/kubernetes-crd.md': 'reference/install-configuration/providers/kubernetes/kubernetes-crd.md'
        'providers/kubernetes-ingress.md': 'reference/install-configuration/providers/kubernetes/kubernetes-ingress.md'
        'providers/kubernetes-gateway.md': 'reference/install-configuration/providers/kubernetes/kubernetes-gateway.md'
        'providers/consul-catalog.md': 'reference/install-configuration/providers/hashicorp/consul-catalog.md'
        'providers/nomad.md': 'reference/install-configuration/providers/hashicorp/nomad.md'
        'providers/ecs.md': 'reference/install-configuration/providers/others/ecs.md'
        'providers/file.md': 'reference/install-configuration/providers/others/file.md'
        'providers/consul.md': 'reference/install-configuration/providers/kv/consul.md'
        'providers/etcd.md': 'reference/install-configuration/providers/kv/etcd.md'
        'providers/zookeeper.md': 'reference/install-configuration/providers/kv/zk.md'
        'providers/redis.md': 'reference/install-configuration/providers/kv/redis.md'
        'providers/http.md': 'reference/install-configuration/providers/others/http.md'
        # Routing
        'routing/overview.md': 'reference/routing-configuration/dynamic-configuration-methods.md'
        'routing/entrypoints.md': 'reference/install-configuration/entrypoints.md'
        'routing/routers/index.md': 'reference/routing-configuration/http/router/rules-and-priority.md'
        'routing/services/index.md': 'reference/routing-configuration/http/load-balancing/service.md'
        'routing/providers/docker.md': 'reference/routing-configuration/other-providers/docker.md'
        'routing/providers/swarm.md': 'reference/routing-configuration/other-providers/swarm.md'
        'routing/providers/kubernetes-crd.md': 'reference/routing-configuration/kubernetes/crd/http/ingressroute.md'
        'routing/providers/kubernetes-ingress.md': 'reference/routing-configuration/kubernetes/ingress.md'
        'routing/providers/kubernetes-gateway.md': 'reference/routing-configuration/kubernetes/gateway-api.md'
        'routing/providers/consul-catalog.md': 'reference/routing-configuration/other-providers/consul-catalog.md'
        'routing/providers/nomad.md': 'reference/routing-configuration/other-providers/nomad.md'
        'routing/providers/ecs.md': 'reference/routing-configuration/other-providers/ecs.md'
        'routing/providers/kv.md': 'reference/routing-configuration/other-providers/kv.md'
        # Observability
        'observability/overview.md': 'observe/overview.md'
        'observability/logs.md': 'reference/install-configuration/observability/logs-and-accesslogs.md'
        'observability/access-logs.md': 'reference/install-configuration/observability/logs-and-accesslogs.md'
        'observability/metrics/overview.md': 'reference/install-configuration/observability/metrics.md'
        'observability/metrics/datadog.md': 'reference/install-configuration/observability/metrics.md'
        'observability/metrics/influxdb2.md': 'reference/install-configuration/observability/metrics.md'
        'observability/metrics/opentelemetry.md': 'reference/install-configuration/observability/metrics.md'
        'observability/metrics/prometheus.md': 'reference/install-configuration/observability/metrics.md'
        'observability/metrics/statsd.md': 'reference/install-configuration/observability/metrics.md'
        'observability/tracing/overview.md': 'reference/install-configuration/observability/tracing.md'
        'observability/tracing/opentelemetry.md': 'reference/install-configuration/observability/tracing.md'
        # Operations
        'operations/cli.md': 'reference/install-configuration/observability/healthcheck.md'
        'operations/dashboard.md': 'reference/install-configuration/api-dashboard.md'
        'operations/api.md': 'reference/install-configuration/api-dashboard.md'
        'operations/ping.md': 'reference/install-configuration/observability/healthcheck.md'
        # HTTPS & TLS
        'https/overview.md':  'reference/routing-configuration/http/tls/overview.md'
        'https/tls.md': 'reference/routing-configuration/http/tls/tls-certificates.md'
        'https/acme.md': 'reference/install-configuration/tls/certificate-resolvers/acme.md'
        'https/tailscale.md': 'reference/install-configuration/tls/certificate-resolvers/tailscale.md'
        'https/spiffe.md': 'reference/install-configuration/tls/spiffe.md'
        # Middlewares
        'middlewares/overview.md': 'reference/routing-configuration/http/middlewares/overview.md'
        # HTTP
        'middlewares/http/overview.md': 'reference/routing-configuration/http/middlewares/overview.md'
        'middlewares/http/addprefix.md': 'reference/routing-configuration/http/middlewares/addprefix.md'
        'middlewares/http/basicauth.md': 'reference/routing-configuration/http/middlewares/basicauth.md'
        'middlewares/http/buffering.md': 'reference/routing-configuration/http/middlewares/buffering.md'
        'middlewares/http/chain.md': 'reference/routing-configuration/http/middlewares/chain.md'
        'middlewares/http/circuitbreaker.md': 'reference/routing-configuration/http/middlewares/circuitbreaker.md'
        'middlewares/http/compress.md': 'reference/routing-configuration/http/middlewares/compress.md'
        'middlewares/http/contenttype.md': 'reference/routing-configuration/http/middlewares/contenttype.md'
        'middlewares/http/digestauth.md': 'reference/routing-configuration/http/middlewares/digestauth.md'
        'middlewares/http/errorpages.md': 'reference/routing-configuration/http/middlewares/errorpages.md'
        'middlewares/http/forwardauth.md': 'reference/routing-configuration/http/middlewares/forwardauth.md'
        'middlewares/http/grpcweb.md': 'reference/routing-configuration/http/middlewares/grpcweb.md'
        'middlewares/http/headers.md': 'reference/routing-configuration/http/middlewares/headers.md'
        'middlewares/http/ipwhitelist.md': 'reference/routing-configuration/http/middlewares/ipallowlist.md'
        'middlewares/http/ipallowlist.md': 'reference/routing-configuration/http/middlewares/ipallowlist.md'
        'middlewares/http/inflightreq.md': 'reference/routing-configuration/http/middlewares/inflightreq.md'
        'middlewares/http/passtlsclientcert.md': 'reference/routing-configuration/http/middlewares/passtlsclientcert.md'
        'middlewares/http/ratelimit.md': 'reference/routing-configuration/http/middlewares/ratelimit.md'
        'middlewares/http/redirectregex.md': 'reference/routing-configuration/http/middlewares/redirectregex.md'
        'middlewares/http/redirectscheme.md': 'reference/routing-configuration/http/middlewares/redirectscheme.md'
        'middlewares/http/replacepath.md': 'reference/routing-configuration/http/middlewares/replacepath.md'
        'middlewares/http/replacepathregex.md': 'reference/routing-configuration/http/middlewares/replacepathregex.md'
        'middlewares/http/retry.md': 'reference/routing-configuration/http/middlewares/retry.md'
        'middlewares/http/stripprefix.md': 'reference/routing-configuration/http/middlewares/stripprefix.md'
        'middlewares/http/stripprefixregex.md': 'reference/routing-configuration/http/middlewares/stripprefixregex.md'
        # TCP
        'middlewares/tcp/overview.md': 'reference/routing-configuration/tcp/middlewares/overview.md'
        'middlewares/tcp/inflightconn.md': 'reference/routing-configuration/tcp/middlewares/inflightconn.md'
        'middlewares/tcp/ipwhitelist.md': 'reference/routing-configuration/tcp/middlewares/ipallowlist.md'
        'middlewares/tcp/ipallowlist.md': 'reference/routing-configuration/tcp/middlewares/ipallowlist.md'
        # References
        # Static Configuration
        'reference/static-configuration/overview.md': 'reference/install-configuration/configuration-options.md'
        'reference/static-configuration/file.md': 'reference/install-configuration/configuration-options.md'
        'reference/static-configuration/cli.md': 'reference/install-configuration/configuration-options.md'
        'reference/static-configuration/env.md': 'reference/install-configuration/configuration-options.md'
        # Dynamic Configuration
        'reference/dynamic-configuration/file.md': 'reference/routing-configuration/other-providers/file.md'
        'reference/dynamic-configuration/docker.md': 'reference/routing-configuration/other-providers/docker.md'
        'reference/dynamic-configuration/kubernetes-crd.md': 'reference/routing-configuration/kubernetes/crd/http/ingressroute.md'
        'reference/dynamic-configuration/kubernetes-gateway.md': 'reference/routing-configuration/kubernetes/gateway-api.md'
        'reference/dynamic-configuration/consul-catalog.md': 'reference/routing-configuration/other-providers/consul-catalog.md'
        "reference/dynamic-configuration/nomad.md": 'reference/routing-configuration/other-providers/nomad.md'
        'reference/dynamic-configuration/ecs.md': 'reference/routing-configuration/other-providers/ecs.md'
        'reference/dynamic-configuration/kv.md': 'reference/routing-configuration/other-providers/kv.md'
        ## Plugins
        'plugins/index.md': "extend/extend-traefik.md"
 # https://squidfunk.github.io/mkdocs-material/extensions/admonition/
 # https://facelessuser.github.io/pymdown-extensions/
 markdown_extensions:
@ -53,7 +154,6 @@ markdown_extensions:
  - pymdownx.inlinehilite
  - pymdownx.highlight:
      use_pygments: false # hljs is used instead of pygment for TOML highlighting support
  - pymdownx.smartsymbols
  - pymdownx.superfences
  - pymdownx.tabbed
@ -75,7 +175,6 @@ nav:
        - 'Kubernetes': 'getting-started/kubernetes.md'
        - 'Docker': 'getting-started/docker.md'
      - 'Configuration Introduction': 'getting-started/configuration-overview.md'
      - 'Frequently Asked Questions': 'getting-started/faq.md'
  - 'Setup':
      - 'Kubernetes': 'setup/kubernetes.md'
      - 'Docker': 'setup/docker.md'
@ -92,130 +191,12 @@ nav:
      - 'Tracing': 'observe/tracing.md'
  - 'Extend': 'extend/extend-traefik.md'
  - 'Migrate':
-      - 'Traefik v3': 'migrate/v3.md'
+      - 'Traefik v3 minor migrations': 'migration/v3.md'
      - 'Traefik v2 to v3':
-        - 'Migration guide': 'migrate/v2-to-v3.md'
+        - 'Migration guide': 'migration/v2-to-v3.md'
-        - 'Configuration changes for v3': 'migrate/v2-to-v3-details.md'
+        - 'Configuration changes for v3': 'migration/v2-to-v3-details.md'
-      - 'Traefik v2': 'migrate/v2.md'
+      - 'Traefik v2 minor migrations': 'migration/v2.md'
-      - 'Traefik v1 to v2': 'migrate/v1-to-v2.md'
+      - 'Traefik v1 to v2': 'migration/v1-to-v2.md'
  - 'Configuration Discovery':
      - 'Overview': 'providers/overview.md'
      - 'Docker': 'providers/docker.md'
      - 'Swarm': 'providers/swarm.md'
      - 'Kubernetes IngressRoute': 'providers/kubernetes-crd.md'
      - 'Kubernetes Ingress': 'providers/kubernetes-ingress.md'
      - 'Kubernetes Ingress NGINX': 'reference/install-configuration/providers/kubernetes/kubernetes-ingress-nginx.md'
      - 'Kubernetes Gateway API': 'providers/kubernetes-gateway.md'
      - 'Consul Catalog': 'providers/consul-catalog.md'
      - 'Nomad': 'providers/nomad.md'
      - 'ECS': 'providers/ecs.md'
      - 'File': 'providers/file.md'
      - 'Consul': 'providers/consul.md'
      - 'Etcd': 'providers/etcd.md'
      - 'ZooKeeper': 'providers/zookeeper.md'
      - 'Redis': 'providers/redis.md'
      - 'HTTP': 'providers/http.md'
  - 'Routing & Load Balancing':
      - 'Overview': 'routing/overview.md'
      - 'EntryPoints': 'routing/entrypoints.md'
      - 'Routers': 'routing/routers/index.md'
      - 'Services': 'routing/services/index.md'
      - 'Providers':
          - 'Docker': 'routing/providers/docker.md'
          - 'Swarm': 'routing/providers/swarm.md'
          - 'Kubernetes IngressRoute': 'routing/providers/kubernetes-crd.md'
          - 'Kubernetes Ingress': 'routing/providers/kubernetes-ingress.md'
          - 'Kubernetes Ingress NGINX': 'reference/routing-configuration/kubernetes/ingress-nginx.md'
          - 'Kubernetes Gateway API': 'routing/providers/kubernetes-gateway.md'
          - 'Consul Catalog': 'routing/providers/consul-catalog.md'
          - 'Nomad': 'routing/providers/nomad.md'
          - 'ECS': 'routing/providers/ecs.md'
          - 'KV': 'routing/providers/kv.md'
  - 'HTTPS & TLS':
      - 'Overview': 'https/overview.md'
      - 'TLS': 'https/tls.md'
      - 'Let''s Encrypt': 'https/acme.md'
      - 'Tailscale': 'https/tailscale.md'
      - 'SPIFFE': 'https/spiffe.md'
      - 'OCSP': 'https/ocsp.md'
  - 'Middlewares':
    - 'Overview': 'middlewares/overview.md'
    - 'HTTP':
        - 'Overview': 'middlewares/http/overview.md'
        - 'AddPrefix': 'middlewares/http/addprefix.md'
        - 'BasicAuth': 'middlewares/http/basicauth.md'
        - 'Buffering': 'middlewares/http/buffering.md'
        - 'Chain': 'middlewares/http/chain.md'
        - 'CircuitBreaker': 'middlewares/http/circuitbreaker.md'
        - 'Compress': 'middlewares/http/compress.md'
        - 'ContentType': 'middlewares/http/contenttype.md'
        - 'DigestAuth': 'middlewares/http/digestauth.md'
        - 'Errors': 'middlewares/http/errorpages.md'
        - 'ForwardAuth': 'middlewares/http/forwardauth.md'
        - 'GrpcWeb': 'middlewares/http/grpcweb.md'
        - 'Headers': 'middlewares/http/headers.md'
        - 'IPWhiteList': 'middlewares/http/ipwhitelist.md'
        - 'IPAllowList': 'middlewares/http/ipallowlist.md'
        - 'InFlightReq': 'middlewares/http/inflightreq.md'
        - 'PassTLSClientCert': 'middlewares/http/passtlsclientcert.md'
        - 'RateLimit': 'middlewares/http/ratelimit.md'
        - 'RedirectRegex': 'middlewares/http/redirectregex.md'
        - 'RedirectScheme': 'middlewares/http/redirectscheme.md'
        - 'ReplacePath': 'middlewares/http/replacepath.md'
        - 'ReplacePathRegex': 'middlewares/http/replacepathregex.md'
        - 'Retry': 'middlewares/http/retry.md'
        - 'StripPrefix': 'middlewares/http/stripprefix.md'
        - 'StripPrefixRegex': 'middlewares/http/stripprefixregex.md'
    - 'TCP':
        - 'Overview': 'middlewares/tcp/overview.md'
        - 'InFlightConn': 'middlewares/tcp/inflightconn.md'
        - 'IPWhiteList': 'middlewares/tcp/ipwhitelist.md'
        - 'IPAllowList': 'middlewares/tcp/ipallowlist.md'
  - 'Plugins & Plugin Catalog': 'plugins/index.md'
  - 'Operations':
      - 'CLI': 'operations/cli.md'
      - 'Dashboard' : 'operations/dashboard.md'
      - 'API': 'operations/api.md'
      - 'Ping': 'operations/ping.md'
  - 'Observability':
      - 'Overview': 'observability/overview.md'
      - 'Logs': 'observability/logs.md'
      - 'Access Logs': 'observability/access-logs.md'
      - 'Metrics':
          - 'Overview': 'observability/metrics/overview.md'
          - 'Datadog': 'observability/metrics/datadog.md'
          - 'InfluxDB2': 'observability/metrics/influxdb2.md'
          - 'OpenTelemetry': 'observability/metrics/opentelemetry.md'
          - 'Prometheus': 'observability/metrics/prometheus.md'
          - 'StatsD': 'observability/metrics/statsd.md'
      - 'Tracing':
          - 'Overview': 'observability/tracing/overview.md'
          - 'OpenTelemetry': 'observability/tracing/opentelemetry.md'
  - 'Security':
        - 'Content-Length': 'security/content-length.md'
        - 'TLS in Multi-Tenant Kubernetes': 'security/tls-certs-in-multi-tenant-kubernetes.md'
  - 'User Guides':
      - 'FastProxy': 'user-guides/fastproxy.md'
      - 'Kubernetes and Let''s Encrypt': 'user-guides/crd-acme/index.md'
      - 'Kubernetes and cert-manager': 'user-guides/cert-manager.md'
      - 'gRPC Examples': 'user-guides/grpc.md'
      - 'WebSocket Examples': 'user-guides/websocket.md'
      - 'Docker':
        - 'Basic Example': 'user-guides/docker-compose/basic-example/index.md'
        - 'HTTPS with Let''s Encrypt':
          - 'TLS Challenge': 'user-guides/docker-compose/acme-tls/index.md'
          - 'HTTP Challenge': 'user-guides/docker-compose/acme-http/index.md'
          - 'DNS Challenge': 'user-guides/docker-compose/acme-dns/index.md'
  - 'Contributing':
      - 'Thank You!': 'contributing/thank-you.md'
      - 'Submitting Issues': 'contributing/submitting-issues.md'
      - 'Submitting PRs': 'contributing/submitting-pull-requests.md'
      - 'Security': 'contributing/submitting-security-issues.md'
      - 'Building and Testing': 'contributing/building-testing.md'
      - 'Documentation': 'contributing/documentation.md'
      - 'Data Collection': 'contributing/data-collection.md'
      - 'Advocating': 'contributing/advocating.md'
      - 'Maintainers': 'contributing/maintainers.md'
  - 'Reference':
    - 'Install Configuration':
      - 'Boot Environment': 'reference/install-configuration/boot-environment.md'
@ -255,7 +236,7 @@ nav:
          - 'Tracing': 'reference/install-configuration/observability/tracing.md'
          - 'Logs & AccessLogs': 'reference/install-configuration/observability/logs-and-accesslogs.md'
          - 'Health Check (CLI & Ping)': 'reference/install-configuration/observability/healthcheck.md'
-      # - 'Options List':  'reference/install-configuration/cli-options-list.md' -- Todo
+      - 'Options List': 'reference/install-configuration/configuration-options.md'
    - 'Routing Configuration':
        - 'General' :
          - 'Configuration Methods' : 'reference/routing-configuration/dynamic-configuration-methods.md'
@ -273,7 +254,6 @@ nav:
            - 'Middlewares' :
              - 'Overview' : 'reference/routing-configuration/http/middlewares/overview.md'
              - 'AddPrefix' : 'reference/routing-configuration/http/middlewares/addprefix.md'
              - '<span class="nav-link-with-icon">APIKey <img src="https://doc.traefik.io/traefik-hub/img/ps-traefik-hub-logo-light.svg" class="menu-icon" alt="Traefik Hub API Gateway"></span>' : 'reference/routing-configuration/http/middlewares/apikey.md'
              - 'BasicAuth' : 'reference/routing-configuration/http/middlewares/basicauth.md'
              - 'Buffering': 'reference/routing-configuration/http/middlewares/buffering.md'
              - 'Chain': 'reference/routing-configuration/http/middlewares/chain.md'
@ -285,15 +265,8 @@ nav:
              - 'ForwardAuth': 'reference/routing-configuration/http/middlewares/forwardauth.md'
              - 'GrpcWeb': 'reference/routing-configuration/http/middlewares/grpcweb.md'
              - 'Headers': 'reference/routing-configuration/http/middlewares/headers.md'
              - '<span class="nav-link-with-icon">HMAC <img src="https://doc.traefik.io/traefik-hub/img/ps-traefik-hub-logo-light.svg" class="menu-icon" alt="Traefik Hub API Gateway"></span>' : 'reference/routing-configuration/http/middlewares/hmac.md'
              - 'IPAllowList': 'reference/routing-configuration/http/middlewares/ipallowlist.md'
              - 'InFlightReq': 'reference/routing-configuration/http/middlewares/inflightreq.md'
              - '<span class="nav-link-with-icon">JWT <img src="https://doc.traefik.io/traefik-hub/img/ps-traefik-hub-logo-light.svg" class="menu-icon" alt="Traefik Hub API Gateway"></span>' : 'reference/routing-configuration/http/middlewares/jwt.md'
              - '<span class="nav-link-with-icon">LDAP <img src="https://doc.traefik.io/traefik-hub/img/ps-traefik-hub-logo-light.svg" class="menu-icon" alt="Traefik Hub API Gateway"></span>' : 'reference/routing-configuration/http/middlewares/ldap.md'
              - '<span class="nav-link-with-icon">Token Introspection <img src="https://doc.traefik.io/traefik-hub/img/ps-traefik-hub-logo-light.svg" class="menu-icon" alt="Traefik Hub API Gateway"></span>' : 'reference/routing-configuration/http/middlewares/oauth2-token-introspection.md'
              - '<span class="nav-link-with-icon">Client Credentials <img src="https://doc.traefik.io/traefik-hub/img/ps-traefik-hub-logo-light.svg" class="menu-icon" alt="Traefik Hub API Gateway"></span>' : 'reference/routing-configuration/http/middlewares/oauth2-client-credentials.md'
              - '<span class="nav-link-with-icon">OIDC <img src="https://doc.traefik.io/traefik-hub/img/ps-traefik-hub-logo-light.svg" class="menu-icon" alt="Traefik Hub API Gateway"></span>' : 'reference/routing-configuration/http/middlewares/oidc.md'
              - '<span class="nav-link-with-icon">OPA <img src="https://doc.traefik.io/traefik-hub/img/ps-traefik-hub-logo-light.svg" class="menu-icon" alt="Traefik Hub API Gateway"></span>' : 'reference/routing-configuration/http/middlewares/opa.md'
              - 'PassTLSClientCert': 'reference/routing-configuration/http/middlewares/passtlsclientcert.md'
              - 'RateLimit': 'reference/routing-configuration/http/middlewares/ratelimit.md'
              - 'RedirectRegex': 'reference/routing-configuration/http/middlewares/redirectregex.md'
@ -303,7 +276,6 @@ nav:
              - 'Retry': 'reference/routing-configuration/http/middlewares/retry.md'
              - 'StripPrefix': 'reference/routing-configuration/http/middlewares/stripprefix.md'
              - 'StripPrefixRegex': 'reference/routing-configuration/http/middlewares/stripprefixregex.md'
              - '<span class="nav-link-with-icon">WAF <img src="https://doc.traefik.io/traefik-hub/img/ps-traefik-hub-logo-light.svg" class="menu-icon" alt="Traefik Hub API Gateway"></span>' : 'reference/routing-configuration/http/middlewares/waf.md'
          - 'TCP' :
              - 'Router' :
                - 'Rules & Priority' : 'reference/routing-configuration/tcp/router/rules-and-priority.md'
@ -345,6 +317,33 @@ nav:
          - 'Nomad' : 'reference/routing-configuration/other-providers/nomad.md'
          - 'ECS' : 'reference/routing-configuration/other-providers/ecs.md'
          - 'KV' : 'reference/routing-configuration/other-providers/kv.md'
        - 'File' : 'reference/routing-configuration/other-providers/file.md'
  - 'Security':
        - 'Content-Length': 'security/content-length.md'
        - 'TLS in Multi-Tenant Kubernetes': 'security/tls-certs-in-multi-tenant-kubernetes.md'
  - 'User Guides':
      - 'FastProxy': 'user-guides/fastproxy.md'
      - 'Kubernetes and Let''s Encrypt': 'user-guides/crd-acme/index.md'
      - 'Kubernetes and cert-manager': 'user-guides/cert-manager.md'
      - 'gRPC Examples': 'user-guides/grpc.md'
      - 'WebSocket Examples': 'user-guides/websocket.md'
      - 'Docker':
        - 'Basic Example': 'user-guides/docker-compose/basic-example/index.md'
        - 'HTTPS with Let''s Encrypt':
          - 'TLS Challenge': 'user-guides/docker-compose/acme-tls/index.md'
          - 'HTTP Challenge': 'user-guides/docker-compose/acme-http/index.md'
          - 'DNS Challenge': 'user-guides/docker-compose/acme-dns/index.md'
  - 'Deprecation Notices':
      - 'Releases': 'deprecation/releases.md'
      - 'Features': 'deprecation/features.md'
  - 'Contributing':
      - 'Thank You!': 'contributing/thank-you.md'
      - 'Submitting Issues': 'contributing/submitting-issues.md'
      - 'Submitting PRs': 'contributing/submitting-pull-requests.md'
      - 'Security': 'contributing/submitting-security-issues.md'
      - 'Building and Testing': 'contributing/building-testing.md'
      - 'Documentation': 'contributing/documentation.md'
      - 'Data Collection': 'contributing/data-collection.md'
      - 'Advocating': 'contributing/advocating.md'
      - 'Maintainers': 'contributing/maintainers.md'
  - 'Frequently Asked Questions': 'getting-started/faq.md'
--- a/docs/requirements.txt
+++ b/docs/requirements.txt
@ -2,6 +2,7 @@ markdown-include==0.5.1
 mkdocs==1.2.4
 mkdocs-exclude==1.0.2
 mkdocs-traefiklabs>=100.0.7
 mkdocs-redirects==1.2.2
 click==8.1.7
 colorama==0.4.6
--- a/internal/gendoc.go
+++ b/internal/gendoc.go
@ -5,23 +5,17 @@ import (
 	"fmt"
 	"io"
 	"os"
 	"path"
 	"path/filepath"
 	"reflect"
 	"sort"
 	"strconv"
 	"strings"
 	"github.com/BurntSushi/toml"
 	"github.com/rs/zerolog/log"
 	"github.com/traefik/paerser/env"
 	"github.com/traefik/paerser/flag"
 	"github.com/traefik/paerser/generator"
 	"github.com/traefik/paerser/parser"
 	"github.com/traefik/traefik/v3/cmd"
 	"github.com/traefik/traefik/v3/pkg/collector/hydratation"
 	"github.com/traefik/traefik/v3/pkg/config/dynamic"
 	"github.com/traefik/traefik/v3/pkg/config/static"
 	"gopkg.in/yaml.v3"
 )
@ -30,6 +24,12 @@ var commentGenerated = `## CODE GENERATED AUTOMATICALLY
 `
 func main() {
 	genRoutingConfDoc()
 	genInstallConfDoc()
 }
 // Generate the Routing Configuration YAML and TOML files.
 func genRoutingConfDoc() {
 	logger := log.With().Logger()
 	dynConf := &dynamic.Configuration{}
@ -46,118 +46,14 @@ func main() {
 	clean(dynConf.TCP.Services)
 	clean(dynConf.UDP.Services)
-	err = tomlWrite("./docs/content/reference/dynamic-configuration/file.toml", dynConf)
+	err = tomlWrite("./docs/content/reference/routing-configuration/other-providers/file.toml", dynConf)
 	if err != nil {
 		logger.Fatal().Err(err).Send()
 	}
-	err = yamlWrite("./docs/content/reference/dynamic-configuration/file.yaml", dynConf)
+	err = yamlWrite("./docs/content/reference/routing-configuration/other-providers/file.yaml", dynConf)
 	if err != nil {
 		logger.Fatal().Err(err).Send()
 	}
 	err = labelsWrite("./docs/content/reference/dynamic-configuration", dynConf)
 	if err != nil {
 		logger.Fatal().Err(err).Send()
 	}
 	staticConf := &static.Configuration{}
 	err = hydratation.Hydrate(staticConf)
 	if err != nil {
 		logger.Fatal().Err(err).Send()
 	}
 	delete(staticConf.EntryPoints, "EntryPoint1")
 	err = tomlWrite("./docs/content/reference/static-configuration/file.toml", staticConf)
 	if err != nil {
 		logger.Fatal().Err(err).Send()
 	}
 	err = yamlWrite("./docs/content/reference/static-configuration/file.yaml", staticConf)
 	if err != nil {
 		logger.Fatal().Err(err).Send()
 	}
 	genStaticConfDoc("./docs/content/reference/static-configuration/env-ref.md", "", func(i interface{}) ([]parser.Flat, error) {
 		return env.Encode(env.DefaultNamePrefix, i)
 	})
 	genStaticConfDoc("./docs/content/reference/static-configuration/cli-ref.md", "--", flag.Encode)
 	genKVDynConfDoc("./docs/content/reference/dynamic-configuration/kv-ref.md")
 }
 func labelsWrite(outputDir string, element *dynamic.Configuration) error {
 	cleanServers(element)
 	etnOpts := parser.EncoderToNodeOpts{OmitEmpty: true, TagName: parser.TagLabel, AllowSliceAsStruct: true}
 	node, err := parser.EncodeToNode(element, parser.DefaultRootName, etnOpts)
 	if err != nil {
 		return err
 	}
 	metaOpts := parser.MetadataOpts{TagName: parser.TagLabel, AllowSliceAsStruct: true}
 	err = parser.AddMetadata(element, node, metaOpts)
 	if err != nil {
 		return err
 	}
 	labels := make(map[string]string)
 	encodeNode(labels, node.Name, node)
 	var keys []string
 	for k := range labels {
 		keys = append(keys, k)
 	}
 	sort.Strings(keys)
 	dockerLabels, err := os.Create(filepath.Join(outputDir, "docker-labels.yml"))
 	if err != nil {
 		return err
 	}
 	defer dockerLabels.Close()
 	// Write the comment at the beginning of the file
 	if _, err := dockerLabels.WriteString(commentGenerated); err != nil {
 		return err
 	}
 	for _, k := range keys {
 		v := labels[k]
 		if v != "" {
 			if v == "42000000000" {
 				v = "42s"
 			}
 			fmt.Fprintln(dockerLabels, `- "`+strings.ToLower(k)+`=`+v+`"`)
 		}
 	}
 	return nil
 }
 func cleanServers(element *dynamic.Configuration) {
 	for _, svc := range element.HTTP.Services {
 		if svc.LoadBalancer != nil {
 			server := svc.LoadBalancer.Servers[0]
 			svc.LoadBalancer.Servers = nil
 			svc.LoadBalancer.Servers = append(svc.LoadBalancer.Servers, server)
 		}
 	}
 	for _, svc := range element.TCP.Services {
 		if svc.LoadBalancer != nil {
 			server := svc.LoadBalancer.Servers[0]
 			svc.LoadBalancer.Servers = nil
 			svc.LoadBalancer.Servers = append(svc.LoadBalancer.Servers, server)
 		}
 	}
 	for _, svc := range element.UDP.Services {
 		if svc.LoadBalancer != nil {
 			server := svc.LoadBalancer.Servers[0]
 			svc.LoadBalancer.Servers = nil
 			svc.LoadBalancer.Servers = append(svc.LoadBalancer.Servers, server)
 		}
 	}
 }
 func yamlWrite(outputFile string, element any) error {
@ -167,7 +63,7 @@ func yamlWrite(outputFile string, element any) error {
 	}
 	defer file.Close()
-	// Write the comment at the beginning of the file
+	// Write the comment at the beginning of the file.
 	if _, err := file.WriteString(commentGenerated); err != nil {
 		return err
 	}
@ -191,7 +87,7 @@ func tomlWrite(outputFile string, element any) error {
 	}
 	defer file.Close()
-	// Write the comment at the beginning of the file
+	// Write the comment at the beginning of the file.
 	if _, err := file.WriteString(commentGenerated); err != nil {
 		return err
 	}
@ -229,14 +125,16 @@ func clean(element any) {
 	valSvcs.SetMapIndex(reflect.ValueOf(fmt.Sprintf("%s1", valueSvcRoot.Type().Name())), reflect.Value{})
 }
-func genStaticConfDoc(outputFile, prefix string, encodeFn func(interface{}) ([]parser.Flat, error)) {
+// Generate the Install Configuration in a table.
 func genInstallConfDoc() {
 	outputFile := "./docs/content/reference/install-configuration/configuration-options.md"
 	logger := log.With().Str("file", outputFile).Logger()
 	element := &cmd.NewTraefikConfiguration().Configuration
 	generator.Generate(element)
-	flats, err := encodeFn(element)
+	flats, err := flag.Encode(element)
 	if err != nil {
 		logger.Fatal().Err(err).Send()
 	}
@ -259,9 +157,14 @@ func genStaticConfDoc(outputFile, prefix string, encodeFn func(interface{}) ([]p
 CODE GENERATED AUTOMATICALLY
 THIS FILE MUST NOT BE EDITED BY HAND
 -->`)
-	w.writeln()
+	w.writeln(`# Install Configuration Options`)
 	w.writeln(`## Configuration Options`)
-	for i, flat := range flats {
+	w.writeln(`
 | Field | Description | Default | 
 |:-------|:------------|:-------|`)
 	for _, flat := range flats {
 		// TODO must be move into the flats creation.
 		if flat.Name == "experimental.plugins.<name>" || flat.Name == "TRAEFIK_EXPERIMENTAL_PLUGINS_<NAME>" {
 			continue
@ -271,21 +174,15 @@ THIS FILE MUST NOT BE EDITED BY HAND
 			continue
 		}
-		if prefix == "" {
+		line := "| " + strings.ReplaceAll(strings.ReplaceAll(flat.Name, "<", "_"), ">", "_") + " | " + flat.Description + " | "
 			w.writeln("`" + prefix + strings.ReplaceAll(flat.Name, "[0]", "_n") + "`:  ")
 		} else {
 			w.writeln("`" + prefix + strings.ReplaceAll(flat.Name, "[0]", "[n]") + "`:  ")
 		}
 		if flat.Default == "" {
-			w.writeln(flat.Description)
+			line += "|"
 		} else {
-			w.writeln(flat.Description + " (Default: ```" + flat.Default + "```)")
+			line += flat.Default + " |"
 		}
-		if i < len(flats)-1 {
+		w.writeln(line)
 			w.writeln()
 		}
 	}
 	if w.err != nil {
@ -305,106 +202,3 @@ func (ew *errWriter) writeln(a ...interface{}) {
 	_, ew.err = fmt.Fprintln(ew.w, a...)
 }
 func genKVDynConfDoc(outputFile string) {
 	dynConfPath := "./docs/content/reference/dynamic-configuration/file.toml"
 	conf := map[string]interface{}{}
 	_, err := toml.DecodeFile(dynConfPath, &conf)
 	if err != nil {
 		log.Fatal().Err(err).Send()
 	}
 	file, err := os.Create(outputFile)
 	if err != nil {
 		log.Fatal().Err(err).Send()
 	}
 	store := storeWriter{data: map[string]string{}}
 	c := client{store: store}
 	err = c.load("traefik", conf)
 	if err != nil {
 		log.Fatal().Err(err).Send()
 	}
 	var keys []string
 	for k := range store.data {
 		keys = append(keys, k)
 	}
 	sort.Strings(keys)
 	_, _ = fmt.Fprintf(file, `<!--
 CODE GENERATED AUTOMATICALLY
 THIS FILE MUST NOT BE EDITED BY HAND
 -->
 `)
 	_, _ = fmt.Fprintf(file, `
 | Key (Path) | Value |
 |------------|-------|
 `)
 	for _, k := range keys {
 		_, _ = fmt.Fprintf(file, "| `%s` | `%s` |\n", k, store.data[k])
 	}
 }
 type storeWriter struct {
 	data map[string]string
 }
 func (f storeWriter) Put(key string, value []byte, _ []string) error {
 	f.data[key] = string(value)
 	return nil
 }
 type client struct {
 	store storeWriter
 }
 func (c client) load(parentKey string, conf map[string]interface{}) error {
 	for k, v := range conf {
 		switch entry := v.(type) {
 		case map[string]interface{}:
 			key := path.Join(parentKey, k)
 			if len(entry) == 0 {
 				err := c.store.Put(key, nil, nil)
 				if err != nil {
 					return err
 				}
 			} else {
 				err := c.load(key, entry)
 				if err != nil {
 					return err
 				}
 			}
 		case []map[string]interface{}:
 			for i, o := range entry {
 				key := path.Join(parentKey, k, strconv.Itoa(i))
 				if err := c.load(key, o); err != nil {
 					return err
 				}
 			}
 		case []interface{}:
 			for i, o := range entry {
 				key := path.Join(parentKey, k, strconv.Itoa(i))
 				err := c.store.Put(key, []byte(fmt.Sprintf("%v", o)), nil)
 				if err != nil {
 					return err
 				}
 			}
 		default:
 			key := path.Join(parentKey, k)
 			err := c.store.Put(key, []byte(fmt.Sprintf("%v", v)), nil)
 			if err != nil {
 				return err
 			}
 		}
 	}
 	return nil
 }
--- a/internal/parser.go
+++ b/internal/parser.go
@ -1,66 +0,0 @@
 package main
 import (
 	"fmt"
 	"reflect"
 	"strings"
 	"github.com/traefik/paerser/parser"
 )
 func encodeNode(labels map[string]string, root string, node *parser.Node) {
 	for _, child := range node.Children {
 		if child.Disabled {
 			continue
 		}
 		var sep string
 		if child.Name[0] != '[' {
 			sep = "."
 		}
 		childName := root + sep + child.Name
 		if child.RawValue != nil {
 			encodeRawValue(labels, childName, child.RawValue)
 			continue
 		}
 		if strings.Contains(child.Tag.Get(parser.TagLabel), parser.TagLabelAllowEmpty) {
 			labels[childName] = "true"
 		}
 		if len(child.Children) > 0 {
 			encodeNode(labels, childName, child)
 		} else if len(child.Name) > 0 {
 			labels[childName] = child.Value
 		}
 	}
 }
 func encodeRawValue(labels map[string]string, root string, rawValue interface{}) {
 	if rawValue == nil {
 		return
 	}
 	tValue := reflect.TypeOf(rawValue)
 	if tValue.Kind() == reflect.Map && tValue.Elem().Kind() == reflect.Interface {
 		r := reflect.ValueOf(rawValue).
 			Convert(reflect.TypeFor[map[string]interface{}]()).
 			Interface().(map[string]interface{})
 		for k, v := range r {
 			switch tv := v.(type) {
 			case string:
 				labels[root+"."+k] = tv
 			case []interface{}:
 				for i, e := range tv {
 					encodeRawValue(labels, fmt.Sprintf("%s.%s[%d]", root, k, i), e)
 				}
 			default:
 				encodeRawValue(labels, root+"."+k, v)
 			}
 		}
 	}
 }
		`@ -1,2 +0,0 @@`
			`- "traefik.enable=true"`
			`- "traefik.consulcatalog.connect=true"`
		`@ -1,2 +0,0 @@`
			`- "traefik.enable=true"`
			`- "traefik.docker.network=foobar"`