Add Basic Auth per Frontend for Rancher & Docker Dynamic Provider
This commit is contained in:
Manuel Laufenberg
parent
4e0f131fcd
commit
8a892b21e1
11 changed files with 78 additions and 2 deletions
|
|
@ -250,6 +250,7 @@ func (p *Provider) loadDockerConfig(containersInspected []dockerData) *types.Con
|
|||
"getPassHostHeader": p.getPassHostHeader,
|
||||
"getPriority": p.getPriority,
|
||||
"getEntryPoints": p.getEntryPoints,
|
||||
"getBasicAuth": p.getBasicAuth,
|
||||
"getFrontendRule": p.getFrontendRule,
|
||||
"hasCircuitBreakerLabel": p.hasCircuitBreakerLabel,
|
||||
"getCircuitBreakerExpression": p.getCircuitBreakerExpression,
|
||||
|
|
@ -266,6 +267,7 @@ func (p *Provider) loadDockerConfig(containersInspected []dockerData) *types.Con
|
|||
"getServiceWeight": p.getServiceWeight,
|
||||
"getServiceProtocol": p.getServiceProtocol,
|
||||
"getServiceEntryPoints": p.getServiceEntryPoints,
|
||||
"getServiceBasicAuth": p.getServiceBasicAuth,
|
||||
"getServiceFrontendRule": p.getServiceFrontendRule,
|
||||
"getServicePassHostHeader": p.getServicePassHostHeader,
|
||||
"getServicePriority": p.getServicePriority,
|
||||
|
|
@ -377,6 +379,15 @@ func (p *Provider) getServiceEntryPoints(container dockerData, serviceName strin
|
|||
|
||||
}
|
||||
|
||||
// Extract basic auth from labels for a given service and a given docker container
|
||||
func (p *Provider) getServiceBasicAuth(container dockerData, serviceName string) []string {
|
||||
if basicAuth, ok := getContainerServiceLabel(container, serviceName, "frontend.auth.basic"); ok {
|
||||
return strings.Split(basicAuth, ",")
|
||||
}
|
||||
return p.getBasicAuth(container)
|
||||
|
||||
}
|
||||
|
||||
// Extract passHostHeader from labels for a given service and a given docker container
|
||||
func (p *Provider) getServicePassHostHeader(container dockerData, serviceName string) string {
|
||||
if servicePassHostHeader, ok := getContainerServiceLabel(container, serviceName, "frontend.passHostHeader"); ok {
|
||||
|
|
@ -645,6 +656,14 @@ func (p *Provider) getEntryPoints(container dockerData) []string {
|
|||
return []string{}
|
||||
}
|
||||
|
||||
func (p *Provider) getBasicAuth(container dockerData) []string {
|
||||
if basicAuth, err := getLabel(container, "traefik.frontend.auth.basic"); err == nil {
|
||||
return strings.Split(basicAuth, ",")
|
||||
}
|
||||
|
||||
return []string{}
|
||||
}
|
||||
|
||||
func isContainerEnabled(container dockerData, exposedByDefault bool) bool {
|
||||
return exposedByDefault && container.Labels["traefik.enable"] != "false" || container.Labels["traefik.enable"] == "true"
|
||||
}
|
||||
|
|
|
|||
|
|
@ -662,6 +662,7 @@ func TestDockerLoadDockerConfig(t *testing.T) {
|
|||
Backend: "backend-test",
|
||||
PassHostHeader: true,
|
||||
EntryPoints: []string{},
|
||||
BasicAuth: []string{},
|
||||
Routes: map[string]types.Route{
|
||||
"route-frontend-Host-test-docker-localhost": {
|
||||
Rule: "Host:test.docker.localhost",
|
||||
|
|
@ -688,6 +689,7 @@ func TestDockerLoadDockerConfig(t *testing.T) {
|
|||
labels(map[string]string{
|
||||
"traefik.backend": "foobar",
|
||||
"traefik.frontend.entryPoints": "http,https",
|
||||
"traefik.frontend.auth.basic": "test:$apr1$H6uskkkW$IgXLP6ewTrSuBkTrqE8wj/,test2:$apr1$d9hr9HBB$4HxwgUir3HP4EsggP/QNo0",
|
||||
}),
|
||||
ports(nat.PortMap{
|
||||
"80/tcp": {},
|
||||
|
|
@ -710,6 +712,7 @@ func TestDockerLoadDockerConfig(t *testing.T) {
|
|||
Backend: "backend-foobar",
|
||||
PassHostHeader: true,
|
||||
EntryPoints: []string{"http", "https"},
|
||||
BasicAuth: []string{"test:$apr1$H6uskkkW$IgXLP6ewTrSuBkTrqE8wj/", "test2:$apr1$d9hr9HBB$4HxwgUir3HP4EsggP/QNo0"},
|
||||
Routes: map[string]types.Route{
|
||||
"route-frontend-Host-test1-docker-localhost": {
|
||||
Rule: "Host:test1.docker.localhost",
|
||||
|
|
@ -720,6 +723,7 @@ func TestDockerLoadDockerConfig(t *testing.T) {
|
|||
Backend: "backend-foobar",
|
||||
PassHostHeader: true,
|
||||
EntryPoints: []string{},
|
||||
BasicAuth: []string{},
|
||||
Routes: map[string]types.Route{
|
||||
"route-frontend-Host-test2-docker-localhost": {
|
||||
Rule: "Host:test2.docker.localhost",
|
||||
|
|
@ -766,6 +770,7 @@ func TestDockerLoadDockerConfig(t *testing.T) {
|
|||
Backend: "backend-foobar",
|
||||
PassHostHeader: true,
|
||||
EntryPoints: []string{"http", "https"},
|
||||
BasicAuth: []string{},
|
||||
Routes: map[string]types.Route{
|
||||
"route-frontend-Host-test1-docker-localhost": {
|
||||
Rule: "Host:test1.docker.localhost",
|
||||
|
|
|
|||
|
|
@ -332,6 +332,7 @@ func TestDockerLoadDockerServiceConfig(t *testing.T) {
|
|||
labels(map[string]string{
|
||||
"traefik.service.port": "2503",
|
||||
"traefik.service.frontend.entryPoints": "http,https",
|
||||
"traefik.service.frontend.auth.basic": "test:$apr1$H6uskkkW$IgXLP6ewTrSuBkTrqE8wj/,test2:$apr1$d9hr9HBB$4HxwgUir3HP4EsggP/QNo0",
|
||||
}),
|
||||
ports(nat.PortMap{
|
||||
"80/tcp": {},
|
||||
|
|
@ -344,6 +345,7 @@ func TestDockerLoadDockerServiceConfig(t *testing.T) {
|
|||
Backend: "backend-foo-service",
|
||||
PassHostHeader: true,
|
||||
EntryPoints: []string{"http", "https"},
|
||||
BasicAuth: []string{"test:$apr1$H6uskkkW$IgXLP6ewTrSuBkTrqE8wj/", "test2:$apr1$d9hr9HBB$4HxwgUir3HP4EsggP/QNo0"},
|
||||
Routes: map[string]types.Route{
|
||||
"service-service": {
|
||||
Rule: "Host:foo.docker.localhost",
|
||||
|
|
@ -376,6 +378,7 @@ func TestDockerLoadDockerServiceConfig(t *testing.T) {
|
|||
"traefik.service.frontend.rule": "Path:/mypath",
|
||||
"traefik.service.frontend.priority": "5000",
|
||||
"traefik.service.frontend.entryPoints": "http,https,ws",
|
||||
"traefik.service.frontend.auth.basic": "test:$apr1$H6uskkkW$IgXLP6ewTrSuBkTrqE8wj/,test2:$apr1$d9hr9HBB$4HxwgUir3HP4EsggP/QNo0",
|
||||
}),
|
||||
ports(nat.PortMap{
|
||||
"80/tcp": {},
|
||||
|
|
@ -401,6 +404,7 @@ func TestDockerLoadDockerServiceConfig(t *testing.T) {
|
|||
PassHostHeader: false,
|
||||
Priority: 5000,
|
||||
EntryPoints: []string{"http", "https", "ws"},
|
||||
BasicAuth: []string{"test:$apr1$H6uskkkW$IgXLP6ewTrSuBkTrqE8wj/", "test2:$apr1$d9hr9HBB$4HxwgUir3HP4EsggP/QNo0"},
|
||||
Routes: map[string]types.Route{
|
||||
"service-service": {
|
||||
Rule: "Path:/mypath",
|
||||
|
|
@ -411,6 +415,7 @@ func TestDockerLoadDockerServiceConfig(t *testing.T) {
|
|||
Backend: "backend-test2-anotherservice",
|
||||
PassHostHeader: true,
|
||||
EntryPoints: []string{},
|
||||
BasicAuth: []string{},
|
||||
Routes: map[string]types.Route{
|
||||
"service-anotherservice": {
|
||||
Rule: "Path:/anotherpath",
|
||||
|
|
|
|||
|
|
@ -641,6 +641,7 @@ func TestSwarmLoadDockerConfig(t *testing.T) {
|
|||
Backend: "backend-test",
|
||||
PassHostHeader: true,
|
||||
EntryPoints: []string{},
|
||||
BasicAuth: []string{},
|
||||
Routes: map[string]types.Route{
|
||||
"route-frontend-Host-test-docker-localhost": {
|
||||
Rule: "Host:test.docker.localhost",
|
||||
|
|
@ -674,6 +675,7 @@ func TestSwarmLoadDockerConfig(t *testing.T) {
|
|||
"traefik.port": "80",
|
||||
"traefik.backend": "foobar",
|
||||
"traefik.frontend.entryPoints": "http,https",
|
||||
"traefik.frontend.auth.basic": "test:$apr1$H6uskkkW$IgXLP6ewTrSuBkTrqE8wj/,test2:$apr1$d9hr9HBB$4HxwgUir3HP4EsggP/QNo0",
|
||||
}),
|
||||
withEndpointSpec(modeVIP),
|
||||
withEndpoint(virtualIP("1", "127.0.0.1/24")),
|
||||
|
|
@ -693,6 +695,7 @@ func TestSwarmLoadDockerConfig(t *testing.T) {
|
|||
Backend: "backend-foobar",
|
||||
PassHostHeader: true,
|
||||
EntryPoints: []string{"http", "https"},
|
||||
BasicAuth: []string{"test:$apr1$H6uskkkW$IgXLP6ewTrSuBkTrqE8wj/", "test2:$apr1$d9hr9HBB$4HxwgUir3HP4EsggP/QNo0"},
|
||||
Routes: map[string]types.Route{
|
||||
"route-frontend-Host-test1-docker-localhost": {
|
||||
Rule: "Host:test1.docker.localhost",
|
||||
|
|
@ -703,6 +706,7 @@ func TestSwarmLoadDockerConfig(t *testing.T) {
|
|||
Backend: "backend-foobar",
|
||||
PassHostHeader: true,
|
||||
EntryPoints: []string{},
|
||||
BasicAuth: []string{},
|
||||
Routes: map[string]types.Route{
|
||||
"route-frontend-Host-test2-docker-localhost": {
|
||||
Rule: "Host:test2.docker.localhost",
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue