Merge branch 'v1.5' into master

docs/basics.md

@@ -321,35 +321,6 @@ In this example, traffic routed through the first frontend will have the `X-Fram
 !!! note
     The detailed documentation for those security headers can be found in [unrolled/secure](https://github.com/unrolled/secure#available-options).
 
-#### Rate limiting
-
-Rate limiting can be configured per frontend.  
-Multiple sets of rates can be added to each frontend, but the time periods must be unique.
-
-```toml
-[frontends]
-    [frontends.frontend1]
-    passHostHeader = true
-    entrypoints = ["http"]
-    backend = "backend1"
-        [frontends.frontend1.routes.test_1]
-        rule = "Path:/"
-    [frontends.frontend1.ratelimit]
-    extractorfunc = "client.ip"
-        [frontends.frontend1.ratelimit.rateset.rateset1]
-        period = "10s"
-        average = 100
-        burst = 200
-        [frontends.frontend1.ratelimit.rateset.rateset2]
-        period = "3s"
-        average = 5
-        burst = 10
-```
-
-In the above example, frontend1 is configured to limit requests by the client's ip address.  
-An average of 5 requests every 3 seconds is allowed and an average of 100 requests every 10 seconds.  
-These can "burst" up to 10 and 200 in each period respectively.
-
 ### Backends
 
 A backend is responsible to load-balance the traffic coming from one or more frontends to a set of http servers.

docs/configuration/acme.md

@@ -20,6 +20,12 @@ See also [Let's Encrypt examples](/user-guide/examples/#lets-encrypt-support) an
 #
 email = "test@traefik.io"
 
+# File used for certificates storage.
+#
+# Optional (Deprecated)
+#
+#storageFile = "acme.json"
+
 # File or key used for certificates storage.
 #
 # Required
@@ -55,7 +61,7 @@ entryPoint = "https"
 #
 # acmeLogging = true
 
-# Enable on demand certificate.
+# Enable on demand certificate. (Deprecated)
 #
 # Optional
 #
@@ -89,6 +95,10 @@ entryPoint = "https"
 # main = "local4.com"
 ```
 
+!!! note
+    ACME entryPoint has to be relied to the port 443, otherwise ACME Challenges can not be done.
+    It's a Let's Encrypt limitation as described on the [community forum](https://community.letsencrypt.org/t/support-for-ports-other-than-80-and-443/3419/72).
+
 ### `storage`
 
 ```toml
@@ -100,7 +110,7 @@ storage = "acme.json"
 
 File or key used for certificates storage.
 
-**WARNING** If you use Traefik in Docker, you have 2 options:
+**WARNING** If you use Træfik in Docker, you have 2 options:
 
 - create a file on your host and mount it as a volume:
 ```toml
@@ -118,6 +128,14 @@ storage = "/etc/traefik/acme/acme.json"
 docker run -v "/my/host/acme:/etc/traefik/acme" traefik
 ```
 
+!!! note
+    `storage` replaces `storageFile` which is deprecated.
+
+!!! note
+    During Træfik configuration migration from a configuration file to a KV store (thanks to `storeconfig` subcommand as described [here](/user-guide/kv-config/#store-configuration-in-key-value-store)), if ACME certificates have to be migrated too, use both `storageFile` and `storage`.
+    `storageFile` will contain the path to the `acme.json` file to migrate.
+    `storage` will contain the key where the certificates will be stored.
+
 ### `dnsProvider`
 
 ```toml
@@ -146,7 +164,7 @@ Select the provider that matches the DNS domain that will host the challenge TXT
 | [GoDaddy](https://godaddy.com/domains)                 | `godaddy`      | `GODADDY_API_KEY`, `GODADDY_API_SECRET`                                                                                   |
 | [Google Cloud DNS](https://cloud.google.com/dns/docs/) | `gcloud`       | `GCE_PROJECT`, `GCE_SERVICE_ACCOUNT_FILE`                                                                                 |
 | [Linode](https://www.linode.com)                       | `linode`       | `LINODE_API_KEY`                                                                                                          |
-| manual                                                 | -              | none, but run Traefik interactively & turn on `acmeLogging` to see instructions & press <kbd>Enter</kbd>.                 |
+| manual                                                 | -              | none, but run Træfik interactively & turn on `acmeLogging` to see instructions & press <kbd>Enter</kbd>.                 |
 | [Namecheap](https://www.namecheap.com)                 | `namecheap`    | `NAMECHEAP_API_USER`, `NAMECHEAP_API_KEY`                                                                                 |
 | [Ns1](https://ns1.com/)                                | `ns1`          | `NS1_API_KEY`                                                                                                             |
 | [Open Telekom Cloud](https://cloud.telekom.de/en/)     | `otc`          | `OTC_DOMAIN_NAME`, `OTC_USER_NAME`, `OTC_PASSWORD`, `OTC_PROJECT_NAME`, `OTC_IDENTITY_ENDPOINT`                           |
@@ -171,7 +189,7 @@ If `delayDontCheckDNS` is greater than zero, avoid this & instead just wait so m
 
 Useful if internal networks block external DNS queries.
 
-### `onDemand`
+### `onDemand` (Deprecated)
 
 ```toml
 [acme]
@@ -188,7 +206,10 @@ This will request a certificate from Let's Encrypt during the first TLS handshak
     TLS handshakes will be slow when requesting a hostname certificate for the first time, this can lead to DoS attacks.
     
 !!! warning
-    Take note that Let's Encrypt have [rate limiting](https://letsencrypt.org/docs/rate-limits)
+    Take note that Let's Encrypt have [rate limiting](https://letsencrypt.org/docs/rate-limits).
+
+!!! warning
+    This option is deprecated.
 
 ### `onHostRule`
 
@@ -238,7 +259,7 @@ main = "local4.com"
 ```
 
 You can provide SANs (alternative domains) to each main domain.
-All domains must have A/AAAA records pointing to Traefik.
+All domains must have A/AAAA records pointing to Træfik.
 
 !!! warning
     Take note that Let's Encrypt have [rate limiting](https://letsencrypt.org/docs/rate-limits).

docs/configuration/backends/zookeeper.md

@@ -27,9 +27,9 @@ watch = true
 # Prefix used for KV store.
 #
 # Optional
-# Default: "/traefik"
+# Default: "traefik"
 #
-prefix = "/traefik"
+prefix = "traefik"
 
 # Override default configuration template.
 # For advanced users :)

docs/configuration/commons.md

@@ -277,6 +277,36 @@ Custom error pages are easiest to implement using the file provider.
 For dynamic providers, the corresponding template file needs to be customized accordingly and referenced in the Traefik configuration.
 
 
+## Rate limiting
+
+Rate limiting can be configured per frontend.  
+Multiple sets of rates can be added to each frontend, but the time periods must be unique.
+
+```toml
+[frontends]
+    [frontends.frontend1]
+    passHostHeader = true
+    entrypoints = ["http"]
+    backend = "backend1"
+        [frontends.frontend1.routes.test_1]
+        rule = "Path:/"
+    [frontends.frontend1.ratelimit]
+    extractorfunc = "client.ip"
+        [frontends.frontend1.ratelimit.rateset.rateset1]
+        period = "10s"
+        average = 100
+        burst = 200
+        [frontends.frontend1.ratelimit.rateset.rateset2]
+        period = "3s"
+        average = 5
+        burst = 10
+```
+
+In the above example, frontend1 is configured to limit requests by the client's ip address.  
+An average of 5 requests every 3 seconds is allowed and an average of 100 requests every 10 seconds.  
+These can "burst" up to 10 and 200 in each period respectively.
+
+
 ## Retry Configuration
 
 ```toml