homelab/traefik
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Reintroduce dropped v2 dynamic config

Browse source 
Co-authored-by: Baptiste Mayelle <baptiste.mayelle@traefik.io>
This commit is contained in:
Romain 2024-01-29 17:32:05 +01:00 committed by GitHub
parent 18203f57d2
commit 40de310927
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
53 changed files with 880 additions and 392 deletions
Download patch file Download diff file Expand all files Collapse all files

9
docs/content/reference/dynamic-configuration/docker-labels.yml
View file

@ -22,6 +22,7 @@
- "traefik.http.middlewares.middleware06.compress.includedcontenttypes=foobar, foobar"
- "traefik.http.middlewares.middleware06.compress.minresponsebodybytes=42"
- "traefik.http.middlewares.middleware07.contenttype=true"
- "traefik.http.middlewares.middleware07.contenttype.autodetect=true"
- "traefik.http.middlewares.middleware08.digestauth.headerfield=foobar"
- "traefik.http.middlewares.middleware08.digestauth.realm=foobar"
- "traefik.http.middlewares.middleware08.digestauth.removeheader=true"
@ -36,6 +37,7 @@
- "traefik.http.middlewares.middleware10.forwardauth.authresponseheaders=foobar, foobar"
- "traefik.http.middlewares.middleware10.forwardauth.authresponseheadersregex=foobar"
- "traefik.http.middlewares.middleware10.forwardauth.tls.ca=foobar"
- "traefik.http.middlewares.middleware10.forwardauth.tls.caoptional=true"
- "traefik.http.middlewares.middleware10.forwardauth.tls.cert=foobar"
- "traefik.http.middlewares.middleware10.forwardauth.tls.insecureskipverify=true"
- "traefik.http.middlewares.middleware10.forwardauth.tls.key=foobar"
@ -59,6 +61,7 @@
- "traefik.http.middlewares.middleware12.headers.customrequestheaders.name1=foobar"
- "traefik.http.middlewares.middleware12.headers.customresponseheaders.name0=foobar"
- "traefik.http.middlewares.middleware12.headers.customresponseheaders.name1=foobar"
- "traefik.http.middlewares.middleware12.headers.featurepolicy=foobar"
- "traefik.http.middlewares.middleware12.headers.forcestsheader=true"
- "traefik.http.middlewares.middleware12.headers.framedeny=true"
- "traefik.http.middlewares.middleware12.headers.hostsproxyheaders=foobar, foobar"
@ -66,8 +69,12 @@
- "traefik.http.middlewares.middleware12.headers.permissionspolicy=foobar"
- "traefik.http.middlewares.middleware12.headers.publickey=foobar"
- "traefik.http.middlewares.middleware12.headers.referrerpolicy=foobar"
- "traefik.http.middlewares.middleware12.headers.sslforcehost=true"
- "traefik.http.middlewares.middleware12.headers.sslhost=foobar"
- "traefik.http.middlewares.middleware12.headers.sslproxyheaders.name0=foobar"
- "traefik.http.middlewares.middleware12.headers.sslproxyheaders.name1=foobar"
- "traefik.http.middlewares.middleware12.headers.sslredirect=true"
- "traefik.http.middlewares.middleware12.headers.ssltemporaryredirect=true"
- "traefik.http.middlewares.middleware12.headers.stsincludesubdomains=true"
- "traefik.http.middlewares.middleware12.headers.stspreload=true"
- "traefik.http.middlewares.middleware12.headers.stsseconds=42"
@ -127,6 +134,7 @@
- "traefik.http.middlewares.middleware22.replacepathregex.replacement=foobar"
- "traefik.http.middlewares.middleware23.retry.attempts=42"
- "traefik.http.middlewares.middleware23.retry.initialinterval=42s"
- "traefik.http.middlewares.middleware24.stripprefix.forceslash=true"
- "traefik.http.middlewares.middleware24.stripprefix.prefixes=foobar, foobar"
- "traefik.http.middlewares.middleware25.stripprefixregex.regex=foobar, foobar"
- "traefik.http.routers.router0.entrypoints=foobar, foobar"
@ -214,6 +222,7 @@
- "traefik.tcp.services.tcpservice01.loadbalancer.proxyprotocol=true"
- "traefik.tcp.services.tcpservice01.loadbalancer.proxyprotocol.version=42"
- "traefik.tcp.services.tcpservice01.loadbalancer.serverstransport=foobar"
- "traefik.tcp.services.tcpservice01.loadbalancer.terminationdelay=42"
- "traefik.tcp.services.tcpservice01.loadbalancer.server.port=foobar"
- "traefik.tcp.services.tcpservice01.loadbalancer.server.tls=true"
- "traefik.udp.routers.udprouter0.entrypoints=foobar, foobar"

11
docs/content/reference/dynamic-configuration/file.toml
View file

@ -145,6 +145,7 @@
minResponseBodyBytes = 42
[http.middlewares.Middleware07]
[http.middlewares.Middleware07.contentType]
autoDetect = true
[http.middlewares.Middleware08]
[http.middlewares.Middleware08.digestAuth]
users = ["foobar", "foobar"]
@ -170,6 +171,7 @@
cert = "foobar"
key = "foobar"
insecureSkipVerify = true
caOptional = true
[http.middlewares.Middleware11]
[http.middlewares.Middleware11.grpcWeb]
allowOrigins = ["foobar", "foobar"]
@ -199,6 +201,11 @@
referrerPolicy = "foobar"
permissionsPolicy = "foobar"
isDevelopment = true
featurePolicy = "foobar"
sslRedirect = true
sslTemporaryRedirect = true
sslHost = "foobar"
sslForceHost = true
[http.middlewares.Middleware12.headers.customRequestHeaders]
name0 = "foobar"
name1 = "foobar"
@ -298,6 +305,7 @@
[http.middlewares.Middleware24]
[http.middlewares.Middleware24.stripPrefix]
prefixes = ["foobar", "foobar"]
forceSlash = true
[http.middlewares.Middleware25]
[http.middlewares.Middleware25.stripPrefixRegex]
regex = ["foobar", "foobar"]
@ -395,6 +403,7 @@
[tcp.services.TCPService01]
[tcp.services.TCPService01.loadBalancer]
serversTransport = "foobar"
terminationDelay = 42
[tcp.services.TCPService01.loadBalancer.proxyProtocol]
version = 42
@ -514,6 +523,7 @@
curvePreferences = ["foobar", "foobar"]
sniStrict = true
alpnProtocols = ["foobar", "foobar"]
preferServerCipherSuites = true
[tls.options.Options0.clientAuth]
caFiles = ["foobar", "foobar"]
clientAuthType = "foobar"
@ -524,6 +534,7 @@
curvePreferences = ["foobar", "foobar"]
sniStrict = true
alpnProtocols = ["foobar", "foobar"]
preferServerCipherSuites = true
[tls.options.Options1.clientAuth]
caFiles = ["foobar", "foobar"]
clientAuthType = "foobar"

13
docs/content/reference/dynamic-configuration/file.yaml
View file

@ -153,7 +153,8 @@ http:
- foobar
minResponseBodyBytes: 42
Middleware07:
contentType: {}
contentType:
autoDetect: true
Middleware08:
digestAuth:
users:
@ -178,6 +179,7 @@ http:
cert: foobar
key: foobar
insecureSkipVerify: true
caOptional: true
trustForwardHeader: true
authResponseHeaders:
- foobar
@ -243,6 +245,11 @@ http:
referrerPolicy: foobar
permissionsPolicy: foobar
isDevelopment: true
featurePolicy: foobar
sslRedirect: true
sslTemporaryRedirect: true
sslHost: foobar
sslForceHost: true
Middleware13:
ipAllowList:
sourceRange:
@ -347,6 +354,7 @@ http:
prefixes:
- foobar
- foobar
forceSlash: true
Middleware25:
stripPrefixRegex:
regex:
@ -464,6 +472,7 @@ tcp:
- address: foobar
tls: true
serversTransport: foobar
terminationDelay: 42
TCPService02:
weighted:
services:
@ -584,6 +593,7 @@ tls:
alpnProtocols:
- foobar
- foobar
preferServerCipherSuites: true
Options1:
minVersion: foobar
maxVersion: foobar
@ -602,6 +612,7 @@ tls:
alpnProtocols:
- foobar
- foobar
preferServerCipherSuites: true
stores:
Store0:
defaultCertificate:

69
docs/content/reference/dynamic-configuration/kubernetes-crd-definition-v1.yml
View file

@ -393,6 +393,18 @@ spec:
between Traefik and your servers. Can only be used on
a Kubernetes Service.
type: string
terminationDelay:
description: 'TerminationDelay defines the deadline that
the proxy sets, after one of its connected peers indicates
it has closed the writing capability of its connection,
to close the reading capability as well, hence fully
terminating the connection. It is a duration in milliseconds,
defaulting to 100. A negative value means an infinite
deadline (i.e. the reading capability is never closed).
Deprecated: TerminationDelay is not supported APIVersion
traefik.io/v1, please use ServersTransport to configure
the TerminationDelay instead.'
type: integer
tls:
description: TLS determines whether to use TLS when dialing
with the backend.
@ -779,9 +791,17 @@ spec:
type: object
contentType:
description: ContentType holds the content-type middleware configuration.
This middleware sets the `Content-Type` header value to the media
type detected from the response content, when it is not set by the
backend.
This middleware exists to enable the correct behavior until at least
the default one can be changed in a future version.
properties:
autoDetect:
description: 'AutoDetect specifies whether to let the `Content-Type`
header, if it has not been set by the backend, be automatically
set to a value derived from the contents of the response. Deprecated:
AutoDetect option is deprecated, Content-Type middleware is
only meant to be used to enable the content-type detection,
please remove any usage of this option.'
type: boolean
type: object
digestAuth:
description: 'DigestAuth holds the digest auth middleware configuration.
@ -972,6 +992,10 @@ spec:
description: TLS defines the configuration used to secure the
connection to the authentication server.
properties:
caOptional:
description: 'Deprecated: TLS client authentication is a server
side option (see https://github.com/golang/go/blob/740a490f71d026bb7d2d13cb8fa2d6d6e0572b70/src/crypto/tls/common.go#L634).'
type: boolean
caSecret:
description: CASecret is the name of the referenced Kubernetes
Secret containing the CA to validate the server certificate.
@ -1090,6 +1114,10 @@ spec:
description: CustomResponseHeaders defines the header names and
values to apply to the response.
type: object
featurePolicy:
description: 'Deprecated: FeaturePolicy option is deprecated,
please use PermissionsPolicy instead.'
type: string
forceSTSHeader:
description: ForceSTSHeader defines whether to add the STS header
even when the connection is HTTP.
@ -1125,6 +1153,14 @@ spec:
value. This allows sites to control whether browsers forward
the Referer header to other sites.
type: string
sslForceHost:
description: 'Deprecated: SSLForceHost option is deprecated, please
use RedirectRegex instead.'
type: boolean
sslHost:
description: 'Deprecated: SSLHost option is deprecated, please
use RedirectRegex instead.'
type: string
sslProxyHeaders:
additionalProperties:
type: string
@ -1133,6 +1169,14 @@ spec:
useful when using other proxies (example: "X-Forwarded-Proto":
"https").'
type: object
sslRedirect:
description: 'Deprecated: SSLRedirect option is deprecated, please
use EntryPoint redirection or RedirectScheme instead.'
type: boolean
sslTemporaryRedirect:
description: 'Deprecated: SSLTemporaryRedirect option is deprecated,
please use EntryPoint redirection or RedirectScheme instead.'
type: boolean
stsIncludeSubdomains:
description: STSIncludeSubdomains defines whether the includeSubDomains
directive is appended to the Strict-Transport-Security header.
@ -1504,6 +1548,12 @@ spec:
This middleware removes the specified prefixes from the URL path.
More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/stripprefix/'
properties:
forceSlash:
description: 'Deprecated: ForceSlash option is deprecated, please
remove any usage of this option. ForceSlash ensures that the
resulting stripped path is not the empty string, by replacing
it with / when necessary. Default: true.'
type: boolean
prefixes:
description: Prefixes defines the prefixes to strip from the request
URL.
@ -1578,7 +1628,9 @@ spec:
type: integer
type: object
ipAllowList:
description: IPAllowList defines the IPAllowList middleware configuration.
description: 'IPAllowList defines the IPAllowList middleware configuration.
This middleware accepts/refuses connections based on the client
IP. More info: https://doc.traefik.io/traefik/v3.0/middlewares/tcp/ipallowlist/'
properties:
sourceRange:
description: SourceRange defines the allowed IPs (or ranges of
@ -1589,7 +1641,8 @@ spec:
type: object
ipWhiteList:
description: 'IPWhiteList defines the IPWhiteList middleware configuration.
Deprecated: please use IPAllowList instead.'
This middleware accepts/refuses connections based on the client
IP. Deprecated: please use IPAllowList instead. More info: https://doc.traefik.io/traefik/v3.0/middlewares/tcp/ipwhitelist/'
properties:
sourceRange:
description: SourceRange defines the allowed IPs (or ranges of
@ -1940,6 +1993,12 @@ spec:
will accept. Possible values: VersionTLS10, VersionTLS11, VersionTLS12,
VersionTLS13. Default: VersionTLS10.'
type: string
preferServerCipherSuites:
description: 'PreferServerCipherSuites defines whether the server
chooses a cipher suite among his own instead of among the client''s.
It is enabled automatically when minVersion or maxVersion is set.
Deprecated: https://github.com/golang/go/issues/45430'
type: boolean
sniStrict:
description: SniStrict defines whether Traefik allows connections
from clients connections that do not specify a server_name extension.

12
docs/content/reference/dynamic-configuration/kv-ref.md
View file

@ -26,7 +26,7 @@ THIS FILE MUST NOT BE EDITED BY HAND
| `traefik/http/middlewares/Middleware06/compress/includedContentTypes/0` | `foobar` |
| `traefik/http/middlewares/Middleware06/compress/includedContentTypes/1` | `foobar` |
| `traefik/http/middlewares/Middleware06/compress/minResponseBodyBytes` | `42` |
| `traefik/http/middlewares/Middleware07/contentType` | `` |
| `traefik/http/middlewares/Middleware07/contentType/autoDetect` | `true` |
| `traefik/http/middlewares/Middleware08/digestAuth/headerField` | `foobar` |
| `traefik/http/middlewares/Middleware08/digestAuth/realm` | `foobar` |
| `traefik/http/middlewares/Middleware08/digestAuth/removeHeader` | `true` |
@ -46,6 +46,7 @@ THIS FILE MUST NOT BE EDITED BY HAND
| `traefik/http/middlewares/Middleware10/forwardAuth/authResponseHeaders/1` | `foobar` |
| `traefik/http/middlewares/Middleware10/forwardAuth/authResponseHeadersRegex` | `foobar` |
| `traefik/http/middlewares/Middleware10/forwardAuth/tls/ca` | `foobar` |
| `traefik/http/middlewares/Middleware10/forwardAuth/tls/caOptional` | `true` |
| `traefik/http/middlewares/Middleware10/forwardAuth/tls/cert` | `foobar` |
| `traefik/http/middlewares/Middleware10/forwardAuth/tls/insecureSkipVerify` | `true` |
| `traefik/http/middlewares/Middleware10/forwardAuth/tls/key` | `foobar` |
@ -76,6 +77,7 @@ THIS FILE MUST NOT BE EDITED BY HAND
| `traefik/http/middlewares/Middleware12/headers/customRequestHeaders/name1` | `foobar` |
| `traefik/http/middlewares/Middleware12/headers/customResponseHeaders/name0` | `foobar` |
| `traefik/http/middlewares/Middleware12/headers/customResponseHeaders/name1` | `foobar` |
| `traefik/http/middlewares/Middleware12/headers/featurePolicy` | `foobar` |
| `traefik/http/middlewares/Middleware12/headers/forceSTSHeader` | `true` |
| `traefik/http/middlewares/Middleware12/headers/frameDeny` | `true` |
| `traefik/http/middlewares/Middleware12/headers/hostsProxyHeaders/0` | `foobar` |
@ -84,8 +86,12 @@ THIS FILE MUST NOT BE EDITED BY HAND
| `traefik/http/middlewares/Middleware12/headers/permissionsPolicy` | `foobar` |
| `traefik/http/middlewares/Middleware12/headers/publicKey` | `foobar` |
| `traefik/http/middlewares/Middleware12/headers/referrerPolicy` | `foobar` |
| `traefik/http/middlewares/Middleware12/headers/sslForceHost` | `true` |
| `traefik/http/middlewares/Middleware12/headers/sslHost` | `foobar` |
| `traefik/http/middlewares/Middleware12/headers/sslProxyHeaders/name0` | `foobar` |
| `traefik/http/middlewares/Middleware12/headers/sslProxyHeaders/name1` | `foobar` |
| `traefik/http/middlewares/Middleware12/headers/sslRedirect` | `true` |
| `traefik/http/middlewares/Middleware12/headers/sslTemporaryRedirect` | `true` |
| `traefik/http/middlewares/Middleware12/headers/stsIncludeSubdomains` | `true` |
| `traefik/http/middlewares/Middleware12/headers/stsPreload` | `true` |
| `traefik/http/middlewares/Middleware12/headers/stsSeconds` | `42` |
@ -149,6 +155,7 @@ THIS FILE MUST NOT BE EDITED BY HAND
| `traefik/http/middlewares/Middleware22/replacePathRegex/replacement` | `foobar` |
| `traefik/http/middlewares/Middleware23/retry/attempts` | `42` |
| `traefik/http/middlewares/Middleware23/retry/initialInterval` | `42s` |
| `traefik/http/middlewares/Middleware24/stripPrefix/forceSlash` | `true` |
| `traefik/http/middlewares/Middleware24/stripPrefix/prefixes/0` | `foobar` |
| `traefik/http/middlewares/Middleware24/stripPrefix/prefixes/1` | `foobar` |
| `traefik/http/middlewares/Middleware25/stripPrefixRegex/regex/0` | `foobar` |
@ -342,6 +349,7 @@ THIS FILE MUST NOT BE EDITED BY HAND
| `traefik/tcp/services/TCPService01/loadBalancer/servers/1/address` | `foobar` |
| `traefik/tcp/services/TCPService01/loadBalancer/servers/1/tls` | `true` |
| `traefik/tcp/services/TCPService01/loadBalancer/serversTransport` | `foobar` |
| `traefik/tcp/services/TCPService01/loadBalancer/terminationDelay` | `42` |
| `traefik/tcp/services/TCPService02/weighted/services/0/name` | `foobar` |
| `traefik/tcp/services/TCPService02/weighted/services/0/weight` | `42` |
| `traefik/tcp/services/TCPService02/weighted/services/1/name` | `foobar` |
@ -365,6 +373,7 @@ THIS FILE MUST NOT BE EDITED BY HAND
| `traefik/tls/options/Options0/curvePreferences/1` | `foobar` |
| `traefik/tls/options/Options0/maxVersion` | `foobar` |
| `traefik/tls/options/Options0/minVersion` | `foobar` |
| `traefik/tls/options/Options0/preferServerCipherSuites` | `true` |
| `traefik/tls/options/Options0/sniStrict` | `true` |
| `traefik/tls/options/Options1/alpnProtocols/0` | `foobar` |
| `traefik/tls/options/Options1/alpnProtocols/1` | `foobar` |
@ -377,6 +386,7 @@ THIS FILE MUST NOT BE EDITED BY HAND
| `traefik/tls/options/Options1/curvePreferences/1` | `foobar` |
| `traefik/tls/options/Options1/maxVersion` | `foobar` |
| `traefik/tls/options/Options1/minVersion` | `foobar` |
| `traefik/tls/options/Options1/preferServerCipherSuites` | `true` |
| `traefik/tls/options/Options1/sniStrict` | `true` |
| `traefik/tls/stores/Store0/defaultCertificate/certFile` | `foobar` |
| `traefik/tls/stores/Store0/defaultCertificate/keyFile` | `foobar` |

12
docs/content/reference/dynamic-configuration/traefik.io_ingressroutetcps.yaml
View file

@ -116,6 +116,18 @@ spec:
between Traefik and your servers. Can only be used on
a Kubernetes Service.
type: string
terminationDelay:
description: 'TerminationDelay defines the deadline that
the proxy sets, after one of its connected peers indicates
it has closed the writing capability of its connection,
to close the reading capability as well, hence fully
terminating the connection. It is a duration in milliseconds,
defaulting to 100. A negative value means an infinite
deadline (i.e. the reading capability is never closed).
Deprecated: TerminationDelay is not supported APIVersion
traefik.io/v1, please use ServersTransport to configure
the TerminationDelay instead.'
type: integer
tls:
description: TLS determines whether to use TLS when dialing
with the backend.

44
docs/content/reference/dynamic-configuration/traefik.io_middlewares.yaml
View file

@ -190,9 +190,17 @@ spec:
type: object
contentType:
description: ContentType holds the content-type middleware configuration.
This middleware sets the `Content-Type` header value to the media
type detected from the response content, when it is not set by the
backend.
This middleware exists to enable the correct behavior until at least
the default one can be changed in a future version.
properties:
autoDetect:
description: 'AutoDetect specifies whether to let the `Content-Type`
header, if it has not been set by the backend, be automatically
set to a value derived from the contents of the response. Deprecated:
AutoDetect option is deprecated, Content-Type middleware is
only meant to be used to enable the content-type detection,
please remove any usage of this option.'
type: boolean
type: object
digestAuth:
description: 'DigestAuth holds the digest auth middleware configuration.
@ -383,6 +391,10 @@ spec:
description: TLS defines the configuration used to secure the
connection to the authentication server.
properties:
caOptional:
description: 'Deprecated: TLS client authentication is a server
side option (see https://github.com/golang/go/blob/740a490f71d026bb7d2d13cb8fa2d6d6e0572b70/src/crypto/tls/common.go#L634).'
type: boolean
caSecret:
description: CASecret is the name of the referenced Kubernetes
Secret containing the CA to validate the server certificate.
@ -501,6 +513,10 @@ spec:
description: CustomResponseHeaders defines the header names and
values to apply to the response.
type: object
featurePolicy:
description: 'Deprecated: FeaturePolicy option is deprecated,
please use PermissionsPolicy instead.'
type: string
forceSTSHeader:
description: ForceSTSHeader defines whether to add the STS header
even when the connection is HTTP.
@ -536,6 +552,14 @@ spec:
value. This allows sites to control whether browsers forward
the Referer header to other sites.
type: string
sslForceHost:
description: 'Deprecated: SSLForceHost option is deprecated, please
use RedirectRegex instead.'
type: boolean
sslHost:
description: 'Deprecated: SSLHost option is deprecated, please
use RedirectRegex instead.'
type: string
sslProxyHeaders:
additionalProperties:
type: string
@ -544,6 +568,14 @@ spec:
useful when using other proxies (example: "X-Forwarded-Proto":
"https").'
type: object
sslRedirect:
description: 'Deprecated: SSLRedirect option is deprecated, please
use EntryPoint redirection or RedirectScheme instead.'
type: boolean
sslTemporaryRedirect:
description: 'Deprecated: SSLTemporaryRedirect option is deprecated,
please use EntryPoint redirection or RedirectScheme instead.'
type: boolean
stsIncludeSubdomains:
description: STSIncludeSubdomains defines whether the includeSubDomains
directive is appended to the Strict-Transport-Security header.
@ -915,6 +947,12 @@ spec:
This middleware removes the specified prefixes from the URL path.
More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/stripprefix/'
properties:
forceSlash:
description: 'Deprecated: ForceSlash option is deprecated, please
remove any usage of this option. ForceSlash ensures that the
resulting stripped path is not the empty string, by replacing
it with / when necessary. Default: true.'
type: boolean
prefixes:
description: Prefixes defines the prefixes to strip from the request
URL.

7
docs/content/reference/dynamic-configuration/traefik.io_middlewaretcps.yaml
View file

@ -46,7 +46,9 @@ spec:
type: integer
type: object
ipAllowList:
description: IPAllowList defines the IPAllowList middleware configuration.
description: 'IPAllowList defines the IPAllowList middleware configuration.
This middleware accepts/refuses connections based on the client
IP. More info: https://doc.traefik.io/traefik/v3.0/middlewares/tcp/ipallowlist/'
properties:
sourceRange:
description: SourceRange defines the allowed IPs (or ranges of
@ -57,7 +59,8 @@ spec:
type: object
ipWhiteList:
description: 'IPWhiteList defines the IPWhiteList middleware configuration.
Deprecated: please use IPAllowList instead.'
This middleware accepts/refuses connections based on the client
IP. Deprecated: please use IPAllowList instead. More info: https://doc.traefik.io/traefik/v3.0/middlewares/tcp/ipwhitelist/'
properties:
sourceRange:
description: SourceRange defines the allowed IPs (or ranges of

6
docs/content/reference/dynamic-configuration/traefik.io_tlsoptions.yaml
View file

@ -86,6 +86,12 @@ spec:
will accept. Possible values: VersionTLS10, VersionTLS11, VersionTLS12,
VersionTLS13. Default: VersionTLS10.'
type: string
preferServerCipherSuites:
description: 'PreferServerCipherSuites defines whether the server
chooses a cipher suite among his own instead of among the client''s.
It is enabled automatically when minVersion or maxVersion is set.
Deprecated: https://github.com/golang/go/issues/45430'
type: boolean
sniStrict:
description: SniStrict defines whether Traefik allows connections
from clients connections that do not specify a server_name extension.