Split Docker provider

2023-05-10 15:28:05 +02:00 · 2023-05-10 15:28:05 +02:00 · 466d7461b7
commit 466d7461b7
parent 2cebd0a083
71 changed files with 2677 additions and 1190 deletions
--- a/docs/content/middlewares/http/addprefix.md
+++ b/docs/content/middlewares/http/addprefix.md
@ -14,7 +14,7 @@ The AddPrefix middleware updates the path of a request before forwarding it.

 ## Configuration Examples

-```yaml tab="Docker"
+```yaml tab="Docker & Swarm"
 # Prefixing with /foo
 labels:
  - "traefik.http.middlewares.add-foo.addprefix.prefix=/foo"
--- a/docs/content/middlewares/http/basicauth.md
+++ b/docs/content/middlewares/http/basicauth.md
@ -14,7 +14,7 @@ The BasicAuth middleware restricts access to your services to known users.

 ## Configuration Examples

-```yaml tab="Docker"
+```yaml tab="Docker & Swarm"
 # Declaring the user list
 #
 # Note: when used in docker-compose.yml all dollar signs in the hash need to be doubled for escaping.
@ -88,7 +88,7 @@ The `users` option is an array of authorized users. Each user must be declared u
    Please note that these keys are not hashed or encrypted in any way, and therefore is less secure than other methods.
    You can find more information on the [Kubernetes Basic Authentication Secret Documentation](https://kubernetes.io/docs/concepts/configuration/secret/#basic-authentication-secret)

-```yaml tab="Docker"
+```yaml tab="Docker & Swarm"
 # Declaring the user list
 #
 # Note: when used in docker-compose.yml all dollar signs in the hash need to be doubled for escaping.
@ -177,7 +177,7 @@ The file content is a list of `name:hashed-password`.
    - If both `users` and `usersFile` are provided, the two are merged. The contents of `usersFile` have precedence over the values in `users`.
    - Because it does not make much sense to refer to a file path on Kubernetes, the `usersFile` field doesn't exist for Kubernetes IngressRoute, and one should use the `secret` field instead.

-```yaml tab="Docker"
+```yaml tab="Docker & Swarm"
 labels:
  - "traefik.http.middlewares.test-auth.basicauth.usersfile=/path/to/my/usersfile"
 ```
@ -233,7 +233,7 @@ http:

 You can customize the realm for the authentication with the `realm` option. The default value is `traefik`.

-```yaml tab="Docker"
+```yaml tab="Docker & Swarm"
 labels:
  - "traefik.http.middlewares.test-auth.basicauth.realm=MyRealm"
 ```
@ -270,7 +270,7 @@ http:

 You can define a header field to store the authenticated user using the `headerField`option.

-```yaml tab="Docker"
+```yaml tab="Docker & Swarm"
 labels:
  - "traefik.http.middlewares.my-auth.basicauth.headerField=X-WebAuth-User"
 ```
@ -309,7 +309,7 @@ http:

 Set the `removeHeader` option to `true` to remove the authorization header before forwarding the request to your service. (Default value is `false`.)

-```yaml tab="Docker"
+```yaml tab="Docker & Swarm"
 labels:
  - "traefik.http.middlewares.test-auth.basicauth.removeheader=true"
 ```
--- a/docs/content/middlewares/http/buffering.md
+++ b/docs/content/middlewares/http/buffering.md
@ -18,7 +18,7 @@ This can help services avoid large amounts of data (`multipart/form-data` for ex

 ## Configuration Examples

-```yaml tab="Docker"
+```yaml tab="Docker & Swarm"
 # Sets the maximum request body to 2MB
 labels:
  - "traefik.http.middlewares.limit.buffering.maxRequestBodyBytes=2000000"
@ -66,7 +66,7 @@ The `maxRequestBodyBytes` option configures the maximum allowed body size for th

 If the request exceeds the allowed size, it is not forwarded to the service, and the client gets a `413` (Request Entity Too Large) response.

-```yaml tab="Docker"
+```yaml tab="Docker & Swarm"
 labels:
  - "traefik.http.middlewares.limit.buffering.maxRequestBodyBytes=2000000"
 ```
@ -105,7 +105,7 @@ _Optional, Default=1048576_

 You can configure a threshold (in bytes) from which the request will be buffered on disk instead of in memory with the `memRequestBodyBytes` option.

-```yaml tab="Docker"
+```yaml tab="Docker & Swarm"
 labels:
  - "traefik.http.middlewares.limit.buffering.memRequestBodyBytes=2000000"
 ```
@ -146,7 +146,7 @@ The `maxResponseBodyBytes` option configures the maximum allowed response size f

 If the response exceeds the allowed size, it is not forwarded to the client. The client gets a `500` (Internal Server Error) response instead.

-```yaml tab="Docker"
+```yaml tab="Docker & Swarm"
 labels:
  - "traefik.http.middlewares.limit.buffering.maxResponseBodyBytes=2000000"
 ```
@ -185,7 +185,7 @@ _Optional, Default=1048576_

 You can configure a threshold (in bytes) from which the response will be buffered on disk instead of in memory with the `memResponseBodyBytes` option.

-```yaml tab="Docker"
+```yaml tab="Docker & Swarm"
 labels:
  - "traefik.http.middlewares.limit.buffering.memResponseBodyBytes=2000000"
 ```
@ -226,7 +226,7 @@ You can have the Buffering middleware replay the request using `retryExpression`

 ??? example "Retries once in the case of a network error"

-    ```yaml tab="Docker"
+    ```yaml tab="Docker & Swarm"
    labels:
      - "traefik.http.middlewares.limit.buffering.retryExpression=IsNetworkError() && Attempts() < 2"
    ```
--- a/docs/content/middlewares/http/chain.md
+++ b/docs/content/middlewares/http/chain.md
@ -17,7 +17,7 @@ It makes reusing the same groups easier.

 Below is an example of a Chain containing `AllowList`, `BasicAuth`, and `RedirectScheme`.

-```yaml tab="Docker"
+```yaml tab="Docker & Swarm"
 labels:
  - "traefik.http.routers.router1.service=service1"
  - "traefik.http.routers.router1.middlewares=secured"
--- a/docs/content/middlewares/http/circuitbreaker.md
+++ b/docs/content/middlewares/http/circuitbreaker.md
@ -30,7 +30,7 @@ To assess if your system is healthy, the circuit breaker constantly monitors the

 ## Configuration Examples

-```yaml tab="Docker"
+```yaml tab="Docker & Swarm"
 # Latency Check
 labels:
  - "traefik.http.middlewares.latency-check.circuitbreaker.expression=LatencyAtQuantileMS(50.0) > 100"
--- a/docs/content/middlewares/http/compress.md
+++ b/docs/content/middlewares/http/compress.md
@ -15,7 +15,7 @@ The activation of compression, and the compression method choice rely (among oth

 ## Configuration Examples

-```yaml tab="Docker"
+```yaml tab="Docker & Swarm"
 # Enable compression
 labels:
  - "traefik.http.middlewares.test-compress.compress=true"
@ -82,7 +82,7 @@ Content types are compared in a case-insensitive, whitespace-ignored manner.

    Note that `application/grpc` is never compressed.

-```yaml tab="Docker"
+```yaml tab="Docker & Swarm"
 labels:
  - "traefik.http.middlewares.test-compress.compress.excludedcontenttypes=text/event-stream"
 ```
@ -125,7 +125,7 @@ _Optional, Default=1024_

 Responses smaller than the specified values will not be compressed.

-```yaml tab="Docker"
+```yaml tab="Docker & Swarm"
 labels:
  - "traefik.http.middlewares.test-compress.compress.minresponsebodybytes=1200"
 ```
--- a/docs/content/middlewares/http/contenttype.md
+++ b/docs/content/middlewares/http/contenttype.md
@ -18,7 +18,7 @@ when it is not set by the backend.

 ## Configuration Examples

-```yaml tab="Docker"
+```yaml tab="Docker & Swarm"
 # Enable auto-detection
 labels:
  - "traefik.http.middlewares.autodetect.contenttype=true"
--- a/docs/content/middlewares/http/digestauth.md
+++ b/docs/content/middlewares/http/digestauth.md
@ -14,7 +14,7 @@ The DigestAuth middleware restricts access to your services to known users.

 ## Configuration Examples

-```yaml tab="Docker"
+```yaml tab="Docker & Swarm"
 # Declaring the user list
 labels:
  - "traefik.http.middlewares.test-auth.digestauth.users=test:traefik:a2688e031edb4be6a3797f3882655c05,test2:traefik:518845800f9e2bfb1f1f740ec24f074e"
@ -72,7 +72,7 @@ The `users` option is an array of authorized users. Each user will be declared u
    - If both `users` and `usersFile` are provided, the two are merged. The contents of `usersFile` have precedence over the values in `users`.
    - For security reasons, the field `users` doesn't exist for Kubernetes IngressRoute, and one should use the `secret` field instead.

-```yaml tab="Docker"
+```yaml tab="Docker & Swarm"
 labels:
  - "traefik.http.middlewares.test-auth.digestauth.users=test:traefik:a2688e031edb4be6a3797f3882655c05,test2:traefik:518845800f9e2bfb1f1f740ec24f074e"
 ```
@ -132,7 +132,7 @@ The file content is a list of `name:realm:encoded-password`.
    - If both `users` and `usersFile` are provided, the two are merged. The contents of `usersFile` have precedence over the values in `users`.
    - Because it does not make much sense to refer to a file path on Kubernetes, the `usersFile` field doesn't exist for Kubernetes IngressRoute, and one should use the `secret` field instead.

-```yaml tab="Docker"
+```yaml tab="Docker & Swarm"
 labels:
  - "traefik.http.middlewares.test-auth.digestauth.usersfile=/path/to/my/usersfile"
 ```
@ -188,7 +188,7 @@ http:

 You can customize the realm for the authentication with the `realm` option. The default value is `traefik`.

-```yaml tab="Docker"
+```yaml tab="Docker & Swarm"
 labels:
  - "traefik.http.middlewares.test-auth.digestauth.realm=MyRealm"
 ```
@ -225,7 +225,7 @@ http:

 You can customize the header field for the authenticated user using the `headerField`option.

-```yaml tab="Docker"
+```yaml tab="Docker & Swarm"
 labels:
  - "traefik.http.middlewares.my-auth.digestauth.headerField=X-WebAuth-User"
 ```
@ -264,7 +264,7 @@ http:

 Set the `removeHeader` option to `true` to remove the authorization header before forwarding the request to your service. (Default value is `false`.)

-```yaml tab="Docker"
+```yaml tab="Docker & Swarm"
 labels:
  - "traefik.http.middlewares.test-auth.digestauth.removeheader=true"
 ```
--- a/docs/content/middlewares/http/errorpages.md
+++ b/docs/content/middlewares/http/errorpages.md
@ -18,7 +18,7 @@ The Errors middleware returns a custom page in lieu of the default, according to

 ## Configuration Examples

-```yaml tab="Docker"
+```yaml tab="Docker & Swarm"
 # Dynamic Custom Error Page for 5XX Status Code
 labels:
  - "traefik.http.middlewares.test-errors.errors.status=500-599"
--- a/docs/content/middlewares/http/forwardauth.md
+++ b/docs/content/middlewares/http/forwardauth.md
@ -16,7 +16,7 @@ Otherwise, the response from the authentication server is returned.

 ## Configuration Examples

-```yaml tab="Docker"
+```yaml tab="Docker & Swarm"
 # Forward authentication to example.com
 labels:
  - "traefik.http.middlewares.test-auth.forwardauth.address=https://example.com/auth"
@ -72,7 +72,7 @@ The following request properties are provided to the forward-auth target endpoin

 The `address` option defines the authentication server address.

-```yaml tab="Docker"
+```yaml tab="Docker & Swarm"
 labels:
  - "traefik.http.middlewares.test-auth.forwardauth.address=https://example.com/auth"
 ```
@ -109,7 +109,7 @@ http:

 Set the `trustForwardHeader` option to `true` to trust all `X-Forwarded-*` headers.

-```yaml tab="Docker"
+```yaml tab="Docker & Swarm"
 labels:
  - "traefik.http.middlewares.test-auth.forwardauth.trustForwardHeader=true"
 ```
@ -150,7 +150,7 @@ http:
 The `authResponseHeaders` option is the list of headers to copy from the authentication server response and set on
 forwarded request, replacing any existing conflicting headers.

-```yaml tab="Docker"
+```yaml tab="Docker & Swarm"
 labels:
  - "traefik.http.middlewares.test-auth.forwardauth.authResponseHeaders=X-Auth-User, X-Secret"
 ```
@ -197,7 +197,7 @@ set on forwarded request, after stripping all headers that match the regex.
 It allows partial matching of the regular expression against the header key.
 The start of string (`^`) and end of string (`$`) anchors should be used to ensure a full match against the header key.

-```yaml tab="Docker"
+```yaml tab="Docker & Swarm"
 labels:
  - "traefik.http.middlewares.test-auth.forwardauth.authResponseHeadersRegex=^X-"
 ```
@ -245,7 +245,7 @@ The `authRequestHeaders` option is the list of the headers to copy from the requ
 It allows filtering headers that should not be passed to the authentication server.
 If not set or empty then all request headers are passed.

-```yaml tab="Docker"
+```yaml tab="Docker & Swarm"
 labels:
  - "traefik.http.middlewares.test-auth.forwardauth.authRequestHeaders=Accept,X-CustomHeader"
 ```
@ -298,7 +298,7 @@ _Optional_
 `ca` is the path to the certificate authority used for the secured connection to the authentication server,
 it defaults to the system bundle.

-```yaml tab="Docker"
+```yaml tab="Docker & Swarm"
 labels:
  - "traefik.http.middlewares.test-auth.forwardauth.tls.ca=path/to/local.crt"
 ```
@ -355,7 +355,7 @@ _Optional_
 `cert` is the path to the public certificate used for the secure connection to the authentication server.
 When using this option, setting the `key` option is required.

-```yaml tab="Docker"
+```yaml tab="Docker & Swarm"
 labels:
  - "traefik.http.middlewares.test-auth.forwardauth.tls.cert=path/to/foo.cert"
  - "traefik.http.middlewares.test-auth.forwardauth.tls.key=path/to/foo.key"
@ -420,7 +420,7 @@ _Optional_
 `key` is the path to the private key used for the secure connection to the authentication server.
 When using this option, setting the `cert` option is required.

-```yaml tab="Docker"
+```yaml tab="Docker & Swarm"
 labels:
  - "traefik.http.middlewares.test-auth.forwardauth.tls.cert=path/to/foo.cert"
  - "traefik.http.middlewares.test-auth.forwardauth.tls.key=path/to/foo.key"
@ -484,7 +484,7 @@ _Optional, Default=false_

 If `insecureSkipVerify` is `true`, the TLS connection to the authentication server accepts any certificate presented by the server regardless of the hostnames it covers.

-```yaml tab="Docker"
+```yaml tab="Docker & Swarm"
 labels:
  - "traefik.http.middlewares.test-auth.forwardauth.tls.insecureSkipVerify=true"
 ```
--- a/docs/content/middlewares/http/grpcweb.md
+++ b/docs/content/middlewares/http/grpcweb.md
@ -17,7 +17,7 @@ The GrpcWeb middleware converts gRPC Web requests to HTTP/2 gRPC requests before

 ## Configuration Examples

-```yaml tab="Docker"
+```yaml tab="Docker & Swarm"
 labels:
  - "traefik.http.middlewares.test-grpcweb.grpcweb.allowOrigins=*"
 ```
--- a/docs/content/middlewares/http/headers.md
+++ b/docs/content/middlewares/http/headers.md
@ -20,7 +20,7 @@ A set of forwarded headers are automatically added by default. See the [FAQ](../

 The following example adds the `X-Script-Name` header to the proxied request and the `X-Custom-Response-Header` header to the response

-```yaml tab="Docker"
+```yaml tab="Docker & Swarm"
 labels:
  - "traefik.http.middlewares.testHeader.headers.customrequestheaders.X-Script-Name=test"
  - "traefik.http.middlewares.testHeader.headers.customresponseheaders.X-Custom-Response-Header=value"
@ -69,7 +69,7 @@ http:
 In the following example, requests are proxied with an extra `X-Script-Name` header while their `X-Custom-Request-Header` header gets stripped,
 and responses are stripped of their `X-Custom-Response-Header` header.

-```yaml tab="Docker"
+```yaml tab="Docker & Swarm"
 labels:
  - "traefik.http.middlewares.testheader.headers.customrequestheaders.X-Script-Name=test"
  - "traefik.http.middlewares.testheader.headers.customrequestheaders.X-Custom-Request-Header="
@ -123,7 +123,7 @@ http:
 Security-related headers (HSTS headers, Browser XSS filter, etc) can be managed similarly to custom headers as shown above.
 This functionality makes it possible to easily use security features by adding headers.

-```yaml tab="Docker"
+```yaml tab="Docker & Swarm"
 labels:
  - "traefik.http.middlewares.testHeader.headers.framedeny=true"
  - "traefik.http.middlewares.testHeader.headers.browserxssfilter=true"
@ -170,7 +170,7 @@ instead the response will be generated and sent back to the client directly.
 Please note that the example below is by no means authoritative or exhaustive,
 and should not be used as is for production.

-```yaml tab="Docker"
+```yaml tab="Docker & Swarm"
 labels:
  - "traefik.http.middlewares.testheader.headers.accesscontrolallowmethods=GET,OPTIONS,PUT"
  - "traefik.http.middlewares.testheader.headers.accesscontrolallowheaders=*"
--- a/docs/content/middlewares/http/inflightreq.md
+++ b/docs/content/middlewares/http/inflightreq.md
@ -14,7 +14,7 @@ To proactively prevent services from being overwhelmed with high load, the numbe

 ## Configuration Examples

-```yaml tab="Docker"
+```yaml tab="Docker & Swarm"
 labels:
  - "traefik.http.middlewares.test-inflightreq.inflightreq.amount=10"
 ```
@ -57,7 +57,7 @@ http:
 The `amount` option defines the maximum amount of allowed simultaneous in-flight request.
 The middleware responds with `HTTP 429 Too Many Requests` if there are already `amount` requests in progress (based on the same `sourceCriterion` strategy).

-```yaml tab="Docker"
+```yaml tab="Docker & Swarm"
 labels:
  - "traefik.http.middlewares.test-inflightreq.inflightreq.amount=10"
 ```
@ -122,7 +122,7 @@ The `depth` option tells Traefik to use the `X-Forwarded-For` header and select
    | `"10.0.0.1,11.0.0.1,12.0.0.1,13.0.0.1"` | `3`     | `"11.0.0.1"` |
    | `"10.0.0.1,11.0.0.1,12.0.0.1,13.0.0.1"` | `5`     | `""`         |

-```yaml tab="Docker"
+```yaml tab="Docker & Swarm"
 labels:
  - "traefik.http.middlewares.test-inflightreq.inflightreq.sourcecriterion.ipstrategy.depth=2"
 ```
@ -176,7 +176,7 @@ http:
    | `"10.0.0.1,11.0.0.1,12.0.0.1,13.0.0.1"` | `"15.0.0.1,16.0.0.1"` | `"13.0.0.1"` |
    | `"10.0.0.1,11.0.0.1"`                   | `"10.0.0.1,11.0.0.1"` | `""`         |

-```yaml tab="Docker"
+```yaml tab="Docker & Swarm"
 labels:
  - "traefik.http.middlewares.test-inflightreq.inflightreq.sourcecriterion.ipstrategy.excludedips=127.0.0.1/32, 192.168.1.7"
 ```
@ -222,7 +222,7 @@ http:

 Name of the header used to group incoming requests.

-```yaml tab="Docker"
+```yaml tab="Docker & Swarm"
 labels:
  - "traefik.http.middlewares.test-inflightreq.inflightreq.sourcecriterion.requestheadername=username"
 ```
@ -262,7 +262,7 @@ http:

 Whether to consider the request host as the source.

-```yaml tab="Docker"
+```yaml tab="Docker & Swarm"
 labels:
  - "traefik.http.middlewares.test-inflightreq.inflightreq.sourcecriterion.requesthost=true"
 ```
--- a/docs/content/middlewares/http/ipallowlist.md
+++ b/docs/content/middlewares/http/ipallowlist.md
@ -12,7 +12,7 @@ IPAllowList accepts / refuses requests based on the client IP.

 ## Configuration Examples

-```yaml tab="Docker"
+```yaml tab="Docker & Swarm"
 # Accepts request from defined IP
 labels:
  - "traefik.http.middlewares.test-ipallowlist.ipallowlist.sourcerange=127.0.0.1/32, 192.168.1.7"
@ -83,7 +83,7 @@ The `depth` option tells Traefik to use the `X-Forwarded-For` header and take th
    | `"10.0.0.1,11.0.0.1,12.0.0.1,13.0.0.1"` | `3`     | `"11.0.0.1"` |
    | `"10.0.0.1,11.0.0.1,12.0.0.1,13.0.0.1"` | `5`     | `""`         |

-```yaml tab="Docker"
+```yaml tab="Docker & Swarm"
 # Allowlisting Based on `X-Forwarded-For` with `depth=2`
 labels:
  - "traefik.http.middlewares.test-ipallowlist.ipallowlist.sourcerange=127.0.0.1/32, 192.168.1.7"
@ -149,7 +149,7 @@ http:
    | `"10.0.0.1,11.0.0.1,12.0.0.1,13.0.0.1"` | `"15.0.0.1,16.0.0.1"` | `"13.0.0.1"` |
    | `"10.0.0.1,11.0.0.1"`                   | `"10.0.0.1,11.0.0.1"` | `""`         |

-```yaml tab="Docker"
+```yaml tab="Docker & Swarm"
 # Exclude from `X-Forwarded-For`
 labels:
    - "traefik.http.middlewares.test-ipallowlist.ipallowlist.ipstrategy.excludedips=127.0.0.1/32, 192.168.1.7"
--- a/docs/content/middlewares/http/overview.md
+++ b/docs/content/middlewares/http/overview.md
@ -12,7 +12,7 @@ Controlling connections

 ## Configuration Example

-```yaml tab="Docker"
+```yaml tab="Docker & Swarm"
 # As a Docker Label
 whoami:
  #  A container that exposes an API to show its IP address
--- a/docs/content/middlewares/http/passtlsclientcert.md
+++ b/docs/content/middlewares/http/passtlsclientcert.md
@ -18,7 +18,7 @@ PassTLSClientCert adds the selected data from the passed client TLS certificate

 Pass the pem in the `X-Forwarded-Tls-Client-Cert` header.

-```yaml tab="Docker"
+```yaml tab="Docker & Swarm"
 # Pass the pem in the `X-Forwarded-Tls-Client-Cert` header.
 labels:
  - "traefik.http.middlewares.test-passtlsclientcert.passtlsclientcert.pem=true"
@ -57,7 +57,7 @@ http:

 ??? example "Pass the pem in the `X-Forwarded-Tls-Client-Cert` header"

-    ```yaml tab="Docker"
+    ```yaml tab="Docker & Swarm"
    # Pass all the available info in the `X-Forwarded-Tls-Client-Cert-Info` header
    labels:
      - "traefik.http.middlewares.test-passtlsclientcert.passtlsclientcert.info.notafter=true"
--- a/docs/content/middlewares/http/ratelimit.md
+++ b/docs/content/middlewares/http/ratelimit.md
@ -14,7 +14,7 @@ It is based on a [token bucket](https://en.wikipedia.org/wiki/Token_bucket) impl

 ## Configuration Example

-```yaml tab="Docker"
+```yaml tab="Docker & Swarm"
 # Here, an average of 100 requests per second is allowed.
 # In addition, a burst of 50 requests is allowed.
 labels:
@ -73,7 +73,7 @@ It defaults to `0`, which means no rate limiting.
 The rate is actually defined by dividing `average` by `period`.
 So for a rate below 1 req/s, one needs to define a `period` larger than a second.

-```yaml tab="Docker"
+```yaml tab="Docker & Swarm"
 # 100 reqs/s
 labels:
  - "traefik.http.middlewares.test-ratelimit.ratelimit.average=100"
@ -121,7 +121,7 @@ r = average / period

 It defaults to `1` second.

-```yaml tab="Docker"
+```yaml tab="Docker & Swarm"
 # 6 reqs/minute
 labels:
  - "traefik.http.middlewares.test-ratelimit.ratelimit.average=6"
@ -170,7 +170,7 @@ http:

 It defaults to `1`.

-```yaml tab="Docker"
+```yaml tab="Docker & Swarm"
 labels:
  - "traefik.http.middlewares.test-ratelimit.ratelimit.burst=100"
 ```
@ -232,7 +232,7 @@ The `depth` option tells Traefik to use the `X-Forwarded-For` header and select
    | `"10.0.0.1,11.0.0.1,12.0.0.1,13.0.0.1"` | `3`     | `"11.0.0.1"` |
    | `"10.0.0.1,11.0.0.1,12.0.0.1,13.0.0.1"` | `5`     | `""`         |

-```yaml tab="Docker"
+```yaml tab="Docker & Swarm"
 labels:
  - "traefik.http.middlewares.test-ratelimit.ratelimit.sourcecriterion.ipstrategy.depth=2"
 ```
@ -313,7 +313,7 @@ and the first IP that is _not_ in the pool (if any) is returned.
    | `"10.0.0.1,11.0.0.1,13.0.0.1"` | `"15.0.0.1,16.0.0.1"` | `"13.0.0.1"` |
    | `"10.0.0.1,11.0.0.1"`          | `"10.0.0.1,11.0.0.1"` | `""`         |

-```yaml tab="Docker"
+```yaml tab="Docker & Swarm"
 labels:
  - "traefik.http.middlewares.test-ratelimit.ratelimit.sourcecriterion.ipstrategy.excludedips=127.0.0.1/32, 192.168.1.7"
 ```
@ -359,7 +359,7 @@ http:

 Name of the header used to group incoming requests.

-```yaml tab="Docker"
+```yaml tab="Docker & Swarm"
 labels:
  - "traefik.http.middlewares.test-ratelimit.ratelimit.sourcecriterion.requestheadername=username"
 ```
@ -399,7 +399,7 @@ http:

 Whether to consider the request host as the source.

-```yaml tab="Docker"
+```yaml tab="Docker & Swarm"
 labels:
  - "traefik.http.middlewares.test-ratelimit.ratelimit.sourcecriterion.requesthost=true"
 ```
--- a/docs/content/middlewares/http/redirectregex.md
+++ b/docs/content/middlewares/http/redirectregex.md
@ -16,7 +16,7 @@ The RedirectRegex redirects a request using regex matching and replacement.

 ## Configuration Examples

-```yaml tab="Docker"
+```yaml tab="Docker & Swarm"
 # Redirect with domain replacement
 # Note: all dollar signs need to be doubled for escaping.
 labels:
--- a/docs/content/middlewares/http/redirectscheme.md
+++ b/docs/content/middlewares/http/redirectscheme.md
@ -25,7 +25,7 @@ The RedirectScheme middleware redirects the request if the request scheme is dif

 ## Configuration Examples

-```yaml tab="Docker"
+```yaml tab="Docker & Swarm"
 # Redirect to https
 labels:
  - "traefik.http.middlewares.test-redirectscheme.redirectscheme.scheme=https"
@ -75,7 +75,7 @@ http:

 Set the `permanent` option to `true` to apply a permanent redirection.

-```yaml tab="Docker"
+```yaml tab="Docker & Swarm"
 # Redirect to https
 labels:
  # ...
@ -123,7 +123,7 @@ http:

 The `scheme` option defines the scheme of the new URL.

-```yaml tab="Docker"
+```yaml tab="Docker & Swarm"
 # Redirect to https
 labels:
  - "traefik.http.middlewares.test-redirectscheme.redirectscheme.scheme=https"
@ -166,7 +166,7 @@ http:

 The `port` option defines the port of the new URL.

-```yaml tab="Docker"
+```yaml tab="Docker & Swarm"
 # Redirect to https
 labels:
  # ...
--- a/docs/content/middlewares/http/replacepath.md
+++ b/docs/content/middlewares/http/replacepath.md
@ -16,7 +16,7 @@ Replace the path of the request URL.

 ## Configuration Examples

-```yaml tab="Docker"
+```yaml tab="Docker & Swarm"
 # Replace the path with /foo
 labels:
  - "traefik.http.middlewares.test-replacepath.replacepath.path=/foo"
--- a/docs/content/middlewares/http/replacepathregex.md
+++ b/docs/content/middlewares/http/replacepathregex.md
@ -16,7 +16,7 @@ The ReplaceRegex replaces the path of a URL using regex matching and replacement

 ## Configuration Examples

-```yaml tab="Docker"
+```yaml tab="Docker & Swarm"
 # Replace path with regex
 labels:
  - "traefik.http.middlewares.test-replacepathregex.replacepathregex.regex=^/foo/(.*)"
--- a/docs/content/middlewares/http/retry.md
+++ b/docs/content/middlewares/http/retry.md
@ -18,7 +18,7 @@ The Retry middleware has an optional configuration to enable an exponential back

 ## Configuration Examples

-```yaml tab="Docker"
+```yaml tab="Docker & Swarm"
 # Retry 4 times with exponential backoff
 labels:
  - "traefik.http.middlewares.test-retry.retry.attempts=4"
--- a/docs/content/middlewares/http/stripprefix.md
+++ b/docs/content/middlewares/http/stripprefix.md
@ -16,7 +16,7 @@ Remove the specified prefixes from the URL path.

 ## Configuration Examples

-```yaml tab="Docker"
+```yaml tab="Docker & Swarm"
 # Strip prefix /foobar and /fiibar
 labels:
  - "traefik.http.middlewares.test-stripprefix.stripprefix.prefixes=/foobar,/fiibar"
--- a/docs/content/middlewares/http/stripprefixregex.md
+++ b/docs/content/middlewares/http/stripprefixregex.md
@ -12,7 +12,7 @@ Remove the matching prefixes from the URL path.

 ## Configuration Examples

-```yaml tab="Docker"
+```yaml tab="Docker & Swarm"
 labels:
  - "traefik.http.middlewares.test-stripprefixregex.stripprefixregex.regex=/foo/[a-z0-9]+/[0-9]+/"
 ```