homelab/traefik
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Changing default file format for the snippets from TOML to YAML

Browse source
This commit is contained in:
Tom Moulard 2021-06-19 00:08:08 +02:00 committed by GitHub
parent 99a23b0414
commit c9df233d24
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
79 changed files with 3965 additions and 3964 deletions
Download patch file Download diff file Expand all files Collapse all files

18
docs/content/middlewares/addprefix.md
View file

@ -1,9 +1,9 @@
# Add Prefix
Prefixing the Path
Prefixing the Path
{: .subtitle }
![AddPrefix](../assets/img/middleware/addprefix.png)
![AddPrefix](../assets/img/middleware/addprefix.png)
The AddPrefix middleware updates the path of a request before forwarding it.
@ -43,13 +43,6 @@ labels:
- "traefik.http.middlewares.add-foo.addprefix.prefix=/foo"
```
```toml tab="File (TOML)"
# Prefixing with /foo
[http.middlewares]
[http.middlewares.add-foo.addPrefix]
prefix = "/foo"
```
```yaml tab="File (YAML)"
# Prefixing with /foo
http:
@ -59,6 +52,13 @@ http:
prefix: "/foo"
```
```toml tab="File (TOML)"
# Prefixing with /foo
[http.middlewares]
[http.middlewares.add-foo.addPrefix]
prefix = "/foo"
```
## Configuration Options
### `prefix`

102
docs/content/middlewares/basicauth.md
View file

@ -48,16 +48,6 @@ labels:
- "traefik.http.middlewares.test-auth.basicauth.users=test:$apr1$H6uskkkW$IgXLP6ewTrSuBkTrqE8wj/,test2:$apr1$d9hr9HBB$4HxwgUir3HP4EsggP/QNo0"
```
```toml tab="File (TOML)"
# Declaring the user list
[http.middlewares]
[http.middlewares.test-auth.basicAuth]
users = [
"test:$apr1$H6uskkkW$IgXLP6ewTrSuBkTrqE8wj/",
"test2:$apr1$d9hr9HBB$4HxwgUir3HP4EsggP/QNo0",
]
```
```yaml tab="File (YAML)"
# Declaring the user list
http:
@ -65,17 +55,27 @@ http:
test-auth:
basicAuth:
users:
- "test:$apr1$H6uskkkW$IgXLP6ewTrSuBkTrqE8wj/"
- "test:$apr1$H6uskkkW$IgXLP6ewTrSuBkTrqE8wj/"
- "test2:$apr1$d9hr9HBB$4HxwgUir3HP4EsggP/QNo0"
```
```toml tab="File (TOML)"
# Declaring the user list
[http.middlewares]
[http.middlewares.test-auth.basicAuth]
users = [
"test:$apr1$H6uskkkW$IgXLP6ewTrSuBkTrqE8wj/",
"test2:$apr1$d9hr9HBB$4HxwgUir3HP4EsggP/QNo0",
]
```
## Configuration Options
### General
Passwords must be hashed using MD5, SHA1, or BCrypt.
!!! tip
!!! tip
Use `htpasswd` to generate the passwords.
@ -84,7 +84,7 @@ Passwords must be hashed using MD5, SHA1, or BCrypt.
The `users` option is an array of authorized users. Each user must be declared using the `name:hashed-password` format.
!!! note ""
- If both `users` and `usersFile` are provided, the two are merged. The contents of `usersFile` have precedence over the values in `users`.
- For security reasons, the field `users` doesn't exist for Kubernetes IngressRoute, and one should use the `secret` field instead.
@ -142,16 +142,6 @@ labels:
- "traefik.http.middlewares.test-auth.basicauth.users=test:$apr1$H6uskkkW$IgXLP6ewTrSuBkTrqE8wj/,test2:$apr1$d9hr9HBB$4HxwgUir3HP4EsggP/QNo0"
```
```toml tab="File (TOML)"
# Declaring the user list
[http.middlewares]
[http.middlewares.test-auth.basicAuth]
users = [
"test:$apr1$H6uskkkW$IgXLP6ewTrSuBkTrqE8wj/",
"test2:$apr1$d9hr9HBB$4HxwgUir3HP4EsggP/QNo0",
]
```
```yaml tab="File (YAML)"
# Declaring the user list
http:
@ -159,10 +149,20 @@ http:
test-auth:
basicAuth:
users:
- "test:$apr1$H6uskkkW$IgXLP6ewTrSuBkTrqE8wj/"
- "test:$apr1$H6uskkkW$IgXLP6ewTrSuBkTrqE8wj/"
- "test2:$apr1$d9hr9HBB$4HxwgUir3HP4EsggP/QNo0"
```
```toml tab="File (TOML)"
# Declaring the user list
[http.middlewares]
[http.middlewares.test-auth.basicAuth]
users = [
"test:$apr1$H6uskkkW$IgXLP6ewTrSuBkTrqE8wj/",
"test2:$apr1$d9hr9HBB$4HxwgUir3HP4EsggP/QNo0",
]
```
### `usersFile`
The `usersFile` option is the path to an external file that contains the authorized users for the middleware.
@ -170,9 +170,9 @@ The `usersFile` option is the path to an external file that contains the authori
The file content is a list of `name:hashed-password`.
!!! note ""
- If both `users` and `usersFile` are provided, the two are merged. The contents of `usersFile` have precedence over the values in `users`.
- Because it does not make much sense to refer to a file path on Kubernetes, the `usersFile` field doesn't exist for Kubernetes IngressRoute, and one should use the `secret` field instead.
- Because it does not make much sense to refer to a file path on Kubernetes, the `usersFile` field doesn't exist for Kubernetes IngressRoute, and one should use the `secret` field instead.
```yaml tab="Docker"
labels:
@ -216,12 +216,6 @@ labels:
- "traefik.http.middlewares.test-auth.basicauth.usersfile=/path/to/my/usersfile"
```
```toml tab="File (TOML)"
[http.middlewares]
[http.middlewares.test-auth.basicAuth]
usersFile = "/path/to/my/usersfile"
```
```yaml tab="File (YAML)"
http:
middlewares:
@ -230,6 +224,12 @@ http:
usersFile: "/path/to/my/usersfile"
```
```toml tab="File (TOML)"
[http.middlewares]
[http.middlewares.test-auth.basicAuth]
usersFile = "/path/to/my/usersfile"
```
??? example "A file containing test/test and test2/test2"
```txt
@ -239,7 +239,7 @@ http:
### `realm`
You can customize the realm for the authentication with the `realm` option. The default value is `traefik`.
You can customize the realm for the authentication with the `realm` option. The default value is `traefik`.
```yaml tab="Docker"
labels:
@ -271,12 +271,6 @@ labels:
- "traefik.http.middlewares.test-auth.basicauth.realm=MyRealm"
```
```toml tab="File (TOML)"
[http.middlewares]
[http.middlewares.test-auth.basicAuth]
realm = "MyRealm"
```
```yaml tab="File (YAML)"
http:
middlewares:
@ -285,6 +279,12 @@ http:
realm: "MyRealm"
```
```toml tab="File (TOML)"
[http.middlewares]
[http.middlewares.test-auth.basicAuth]
realm = "MyRealm"
```
### `headerField`
You can define a header field to store the authenticated user using the `headerField`option.
@ -315,12 +315,6 @@ spec:
}
```
```toml tab="File (TOML)"
[http.middlewares.my-auth.basicAuth]
# ...
headerField = "X-WebAuth-User"
```
```yaml tab="File (YAML)"
http:
middlewares:
@ -330,6 +324,12 @@ http:
headerField: "X-WebAuth-User"
```
```toml tab="File (TOML)"
[http.middlewares.my-auth.basicAuth]
# ...
headerField = "X-WebAuth-User"
```
### `removeHeader`
Set the `removeHeader` option to `true` to remove the authorization header before forwarding the request to your service. (Default value is `false`.)
@ -364,12 +364,6 @@ labels:
- "traefik.http.middlewares.test-auth.basicauth.removeheader=true"
```
```toml tab="File (TOML)"
[http.middlewares]
[http.middlewares.test-auth.basicAuth]
removeHeader = true
```
```yaml tab="File (YAML)"
http:
middlewares:
@ -377,3 +371,9 @@ http:
basicAuth:
removeHeader: true
```
```toml tab="File (TOML)"
[http.middlewares]
[http.middlewares.test-auth.basicAuth]
removeHeader = true
```

86
docs/content/middlewares/buffering.md
View file

@ -47,13 +47,6 @@ labels:
- "traefik.http.middlewares.limit.buffering.maxRequestBodyBytes=2000000"
```
```toml tab="File (TOML)"
# Sets the maximum request body to 2MB
[http.middlewares]
[http.middlewares.limit.buffering]
maxRequestBodyBytes = 2000000
```
```yaml tab="File (YAML)"
# Sets the maximum request body to 2MB
http:
@ -63,6 +56,13 @@ http:
maxRequestBodyBytes: 2000000
```
```toml tab="File (TOML)"
# Sets the maximum request body to 2MB
[http.middlewares]
[http.middlewares.limit.buffering]
maxRequestBodyBytes = 2000000
```
## Configuration Options
### `maxRequestBodyBytes`
@ -101,12 +101,6 @@ labels:
- "traefik.http.middlewares.limit.buffering.maxRequestBodyBytes=2000000"
```
```toml tab="File (TOML)"
[http.middlewares]
[http.middlewares.limit.buffering]
maxRequestBodyBytes = 2000000
```
```yaml tab="File (YAML)"
http:
middlewares:
@ -115,6 +109,12 @@ http:
maxRequestBodyBytes: 2000000
```
```toml tab="File (TOML)"
[http.middlewares]
[http.middlewares.limit.buffering]
maxRequestBodyBytes = 2000000
```
### `memRequestBodyBytes`
You can configure a threshold (in bytes) from which the request will be buffered on disk instead of in memory with the `memRequestBodyBytes` option.
@ -149,12 +149,6 @@ labels:
- "traefik.http.middlewares.limit.buffering.memRequestBodyBytes=2000000"
```
```toml tab="File (TOML)"
[http.middlewares]
[http.middlewares.limit.buffering]
memRequestBodyBytes = 2000000
```
```yaml tab="File (YAML)"
http:
middlewares:
@ -163,6 +157,12 @@ http:
memRequestBodyBytes: 2000000
```
```toml tab="File (TOML)"
[http.middlewares]
[http.middlewares.limit.buffering]
memRequestBodyBytes = 2000000
```
### `maxResponseBodyBytes`
The `maxResponseBodyBytes` option configures the maximum allowed response size from the service (in bytes).
@ -199,12 +199,6 @@ labels:
- "traefik.http.middlewares.limit.buffering.maxResponseBodyBytes=2000000"
```
```toml tab="File (TOML)"
[http.middlewares]
[http.middlewares.limit.buffering]
maxResponseBodyBytes = 2000000
```
```yaml tab="File (YAML)"
http:
middlewares:
@ -213,6 +207,12 @@ http:
maxResponseBodyBytes: 2000000
```
```toml tab="File (TOML)"
[http.middlewares]
[http.middlewares.limit.buffering]
maxResponseBodyBytes = 2000000
```
### `memResponseBodyBytes`
You can configure a threshold (in bytes) from which the response will be buffered on disk instead of in memory with the `memResponseBodyBytes` option.
@ -247,12 +247,6 @@ labels:
- "traefik.http.middlewares.limit.buffering.memResponseBodyBytes=2000000"
```
```toml tab="File (TOML)"
[http.middlewares]
[http.middlewares.limit.buffering]
memResponseBodyBytes = 2000000
```
```yaml tab="File (YAML)"
http:
middlewares:
@ -261,17 +255,23 @@ http:
memResponseBodyBytes: 2000000
```
```toml tab="File (TOML)"
[http.middlewares]
[http.middlewares.limit.buffering]
memResponseBodyBytes = 2000000
```
### `retryExpression`
You can have the Buffering middleware replay the request using `retryExpression`.
??? example "Retries once in the case of a network error"
```yaml tab="Docker"
labels:
- "traefik.http.middlewares.limit.buffering.retryExpression=IsNetworkError() && Attempts() < 2"
```
```yaml tab="Kubernetes"
apiVersion: traefik.containo.us/v1alpha1
kind: Middleware
@ -281,28 +281,22 @@ You can have the Buffering middleware replay the request using `retryExpression`
buffering:
retryExpression: "IsNetworkError() && Attempts() < 2"
```
```yaml tab="Consul Catalog"
- "traefik.http.middlewares.limit.buffering.retryExpression=IsNetworkError() && Attempts() < 2"
```
```json tab="Marathon"
"labels": {
"traefik.http.middlewares.limit.buffering.retryExpression": "IsNetworkError() && Attempts() < 2"
}
```
```yaml tab="Rancher"
labels:
- "traefik.http.middlewares.limit.buffering.retryExpression=IsNetworkError() && Attempts() < 2"
```
```toml tab="File (TOML)"
[http.middlewares]
[http.middlewares.limit.buffering]
retryExpression = "IsNetworkError() && Attempts() < 2"
```
```yaml tab="File (YAML)"
http:
middlewares:
@ -311,6 +305,12 @@ You can have the Buffering middleware replay the request using `retryExpression`
retryExpression: "IsNetworkError() && Attempts() < 2"
```
```toml tab="File (TOML)"
[http.middlewares]
[http.middlewares.limit.buffering]
retryExpression = "IsNetworkError() && Attempts() < 2"
```
The retry expression is defined as a logical combination of the functions below with the operators AND (`&&`) and OR (`||`). At least one function is required:
- `Attempts()` number of attempts (the first one counts)

56
docs/content/middlewares/chain.md
View file

@ -117,34 +117,6 @@ labels:
- "traefik.http.services.service1.loadbalancer.server.port=80"
```
```toml tab="File (TOML)"
# ...
[http.routers]
[http.routers.router1]
service = "service1"
middlewares = ["secured"]
rule = "Host(`mydomain`)"
[http.middlewares]
[http.middlewares.secured.chain]
middlewares = ["https-only", "known-ips", "auth-users"]
[http.middlewares.auth-users.basicAuth]
users = ["test:$apr1$H6uskkkW$IgXLP6ewTrSuBkTrqE8wj/"]
[http.middlewares.https-only.redirectScheme]
scheme = "https"
[http.middlewares.known-ips.ipWhiteList]
sourceRange = ["192.168.1.7", "127.0.0.1/32"]
[http.services]
[http.services.service1]
[http.services.service1.loadBalancer]
[[http.services.service1.loadBalancer.servers]]
url = "http://127.0.0.1:80"
```
```yaml tab="File (YAML)"
# ...
http:
@ -184,3 +156,31 @@ http:
servers:
- url: "http://127.0.0.1:80"
```
```toml tab="File (TOML)"
# ...
[http.routers]
[http.routers.router1]
service = "service1"
middlewares = ["secured"]
rule = "Host(`mydomain`)"
[http.middlewares]
[http.middlewares.secured.chain]
middlewares = ["https-only", "known-ips", "auth-users"]
[http.middlewares.auth-users.basicAuth]
users = ["test:$apr1$H6uskkkW$IgXLP6ewTrSuBkTrqE8wj/"]
[http.middlewares.https-only.redirectScheme]
scheme = "https"
[http.middlewares.known-ips.ipWhiteList]
sourceRange = ["192.168.1.7", "127.0.0.1/32"]
[http.services]
[http.services.service1]
[http.services.service1.loadBalancer]
[[http.services.service1.loadBalancer.servers]]
url = "http://127.0.0.1:80"
```

14
docs/content/middlewares/circuitbreaker.md
View file

@ -59,13 +59,6 @@ labels:
- "traefik.http.middlewares.latency-check.circuitbreaker.expression=LatencyAtQuantileMS(50.0) > 100"
```
```toml tab="File (TOML)"
# Latency Check
[http.middlewares]
[http.middlewares.latency-check.circuitBreaker]
expression = "LatencyAtQuantileMS(50.0) > 100"
```
```yaml tab="File (YAML)"
# Latency Check
http:
@ -75,6 +68,13 @@ http:
expression: "LatencyAtQuantileMS(50.0) > 100"
```
```toml tab="File (TOML)"
# Latency Check
[http.middlewares]
[http.middlewares.latency-check.circuitBreaker]
expression = "LatencyAtQuantileMS(50.0) > 100"
```
## Possible States
There are three possible states for your circuit breaker:

24
docs/content/middlewares/compress.md
View file

@ -42,12 +42,6 @@ labels:
- "traefik.http.middlewares.test-compress.compress=true"
```
```toml tab="File (TOML)"
# Enable gzip compression
[http.middlewares]
[http.middlewares.test-compress.compress]
```
```yaml tab="File (YAML)"
# Enable gzip compression
http:
@ -56,6 +50,12 @@ http:
compress: {}
```
```toml tab="File (TOML)"
# Enable gzip compression
[http.middlewares]
[http.middlewares.test-compress.compress]
```
!!! info
Responses are compressed when the following criteria are all met:
@ -108,12 +108,6 @@ labels:
- "traefik.http.middlewares.test-compress.compress.excludedcontenttypes=text/event-stream"
```
```toml tab="File (TOML)"
[http.middlewares]
[http.middlewares.test-compress.compress]
excludedContentTypes = ["text/event-stream"]
```
```yaml tab="File (YAML)"
http:
middlewares:
@ -122,3 +116,9 @@ http:
excludedContentTypes:
- text/event-stream
```
```toml tab="File (TOML)"
[http.middlewares]
[http.middlewares.test-compress.compress]
excludedContentTypes = ["text/event-stream"]
```

15
docs/content/middlewares/contenttype.md
View file

@ -1,4 +1,3 @@
# ContentType
Handling Content-Type auto-detection
@ -62,13 +61,6 @@ labels:
- "traefik.http.middlewares.autodetect.contenttype.autodetect=false"
```
```toml tab="File (TOML)"
# Disable auto-detection
[http.middlewares]
[http.middlewares.autodetect.contentType]
autoDetect=false
```
```yaml tab="File (YAML)"
# Disable auto-detection
http:
@ -78,6 +70,13 @@ http:
autoDetect: false
```
```toml tab="File (TOML)"
# Disable auto-detection
[http.middlewares]
[http.middlewares.autodetect.contentType]
autoDetect=false
```
## Configuration Options
### `autoDetect`

88
docs/content/middlewares/digestauth.md
View file

@ -43,16 +43,6 @@ labels:
- "traefik.http.middlewares.test-auth.digestauth.users=test:traefik:a2688e031edb4be6a3797f3882655c05,test2:traefik:518845800f9e2bfb1f1f740ec24f074e"
```
```toml tab="File (TOML)"
# Declaring the user list
[http.middlewares]
[http.middlewares.test-auth.digestAuth]
users = [
"test:traefik:a2688e031edb4be6a3797f3882655c05",
"test2:traefik:518845800f9e2bfb1f1f740ec24f074e",
]
```
```yaml tab="File (YAML)"
# Declaring the user list
http:
@ -64,6 +54,16 @@ http:
- "test2:traefik:518845800f9e2bfb1f1f740ec24f074e"
```
```toml tab="File (TOML)"
# Declaring the user list
[http.middlewares]
[http.middlewares.test-auth.digestAuth]
users = [
"test:traefik:a2688e031edb4be6a3797f3882655c05",
"test2:traefik:518845800f9e2bfb1f1f740ec24f074e",
]
```
## Configuration Options
!!! tip
@ -120,15 +120,6 @@ labels:
- "traefik.http.middlewares.test-auth.digestauth.users=test:traefik:a2688e031edb4be6a3797f3882655c05,test2:traefik:518845800f9e2bfb1f1f740ec24f074e"
```
```toml tab="File (TOML)"
[http.middlewares]
[http.middlewares.test-auth.digestAuth]
users = [
"test:traefik:a2688e031edb4be6a3797f3882655c05",
"test2:traefik:518845800f9e2bfb1f1f740ec24f074e",
]
```
```yaml tab="File (YAML)"
http:
middlewares:
@ -139,6 +130,15 @@ http:
- "test2:traefik:518845800f9e2bfb1f1f740ec24f074e"
```
```toml tab="File (TOML)"
[http.middlewares]
[http.middlewares.test-auth.digestAuth]
users = [
"test:traefik:a2688e031edb4be6a3797f3882655c05",
"test2:traefik:518845800f9e2bfb1f1f740ec24f074e",
]
```
### `usersFile`
The `usersFile` option is the path to an external file that contains the authorized users for the middleware.
@ -148,7 +148,7 @@ The file content is a list of `name:realm:encoded-password`.
!!! note ""
- If both `users` and `usersFile` are provided, the two are merged. The contents of `usersFile` have precedence over the values in `users`.
- Because it does not make much sense to refer to a file path on Kubernetes, the `usersFile` field doesn't exist for Kubernetes IngressRoute, and one should use the `secret` field instead.
- Because it does not make much sense to refer to a file path on Kubernetes, the `usersFile` field doesn't exist for Kubernetes IngressRoute, and one should use the `secret` field instead.
```yaml tab="Docker"
labels:
@ -192,12 +192,6 @@ labels:
- "traefik.http.middlewares.test-auth.digestauth.usersfile=/path/to/my/usersfile"
```
```toml tab="File (TOML)"
[http.middlewares]
[http.middlewares.test-auth.digestAuth]
usersFile = "/path/to/my/usersfile"
```
```yaml tab="File (YAML)"
http:
middlewares:
@ -206,6 +200,12 @@ http:
usersFile: "/path/to/my/usersfile"
```
```toml tab="File (TOML)"
[http.middlewares]
[http.middlewares.test-auth.digestAuth]
usersFile = "/path/to/my/usersfile"
```
??? example "A file containing test/test and test2/test2"
```txt
@ -247,12 +247,6 @@ labels:
- "traefik.http.middlewares.test-auth.digestauth.realm=MyRealm"
```
```toml tab="File (TOML)"
[http.middlewares]
[http.middlewares.test-auth.digestAuth]
realm = "MyRealm"
```
```yaml tab="File (YAML)"
http:
middlewares:
@ -261,6 +255,12 @@ http:
realm: "MyRealm"
```
```toml tab="File (TOML)"
[http.middlewares]
[http.middlewares.test-auth.digestAuth]
realm = "MyRealm"
```
### `headerField`
You can customize the header field for the authenticated user using the `headerField`option.
@ -296,12 +296,6 @@ labels:
- "traefik.http.middlewares.my-auth.digestauth.headerField=X-WebAuth-User"
```
```toml tab="File (TOML)"
[http.middlewares.my-auth.digestAuth]
# ...
headerField = "X-WebAuth-User"
```
```yaml tab="File (YAML)"
http:
middlewares:
@ -311,6 +305,12 @@ http:
headerField: "X-WebAuth-User"
```
```toml tab="File (TOML)"
[http.middlewares.my-auth.digestAuth]
# ...
headerField = "X-WebAuth-User"
```
### `removeHeader`
Set the `removeHeader` option to `true` to remove the authorization header before forwarding the request to your service. (Default value is `false`.)
@ -345,12 +345,6 @@ labels:
- "traefik.http.middlewares.test-auth.digestauth.removeheader=true"
```
```toml tab="File (TOML)"
[http.middlewares]
[http.middlewares.test-auth.digestAuth]
removeHeader = true
```
```yaml tab="File (YAML)"
http:
middlewares:
@ -358,3 +352,9 @@ http:
digestAuth:
removeHeader: true
```
```toml tab="File (TOML)"
[http.middlewares]
[http.middlewares.test-auth.digestAuth]
removeHeader = true
```

24
docs/content/middlewares/errorpages.md
View file

@ -58,18 +58,6 @@ labels:
- "traefik.http.middlewares.test-errorpage.errors.query=/{status}.html"
```
```toml tab="File (TOML)"
# Custom Error Page for 5XX
[http.middlewares]
[http.middlewares.test-errorpage.errors]
status = ["500-599"]
service = "serviceError"
query = "/{status}.html"
[http.services]
# ... definition of error-handler-service and my-service
```
```yaml tab="File (YAML)"
# Custom Error Page for 5XX
http:
@ -81,6 +69,18 @@ http:
service: serviceError
query: "/{status}.html"
services:
# ... definition of error-handler-service and my-service
```
```toml tab="File (TOML)"
# Custom Error Page for 5XX
[http.middlewares]
[http.middlewares.test-errorpage.errors]
status = ["500-599"]
service = "serviceError"
query = "/{status}.html"
[http.services]
# ... definition of error-handler-service and my-service
```

168
docs/content/middlewares/forwardauth.md
View file

@ -45,13 +45,6 @@ labels:
- "traefik.http.middlewares.test-auth.forwardauth.address=https://example.com/auth"
```
```toml tab="File (TOML)"
# Forward authentication to example.com
[http.middlewares]
[http.middlewares.test-auth.forwardAuth]
address = "https://example.com/auth"
```
```yaml tab="File (YAML)"
# Forward authentication to example.com
http:
@ -61,6 +54,13 @@ http:
address: "https://example.com/auth"
```
```toml tab="File (TOML)"
# Forward authentication to example.com
[http.middlewares]
[http.middlewares.test-auth.forwardAuth]
address = "https://example.com/auth"
```
## Forward-Request Headers
The following request properties are provided to the forward-auth target endpoint as `X-Forwarded-` headers.
@ -91,7 +91,7 @@ metadata:
name: test-auth
spec:
forwardAuth:
address: https://example.com/auth
address: https://example.com/auth
```
```yaml tab="Consul Catalog"
@ -109,12 +109,6 @@ labels:
- "traefik.http.middlewares.test-auth.forwardauth.address=https://example.com/auth"
```
```toml tab="File (TOML)"
[http.middlewares]
[http.middlewares.test-auth.forwardAuth]
address = "https://example.com/auth"
```
```yaml tab="File (YAML)"
http:
middlewares:
@ -123,6 +117,12 @@ http:
address: "https://example.com/auth"
```
```toml tab="File (TOML)"
[http.middlewares]
[http.middlewares.test-auth.forwardAuth]
address = "https://example.com/auth"
```
### `trustForwardHeader`
Set the `trustForwardHeader` option to `true` to trust all `X-Forwarded-*` headers.
@ -158,13 +158,6 @@ labels:
- "traefik.http.middlewares.test-auth.forwardauth.trustForwardHeader=true"
```
```toml tab="File (TOML)"
[http.middlewares]
[http.middlewares.test-auth.forwardAuth]
address = "https://example.com/auth"
trustForwardHeader = true
```
```yaml tab="File (YAML)"
http:
middlewares:
@ -174,6 +167,13 @@ http:
trustForwardHeader: true
```
```toml tab="File (TOML)"
[http.middlewares]
[http.middlewares.test-auth.forwardAuth]
address = "https://example.com/auth"
trustForwardHeader = true
```
### `authResponseHeaders`
The `authResponseHeaders` option is the list of headers to copy from the authentication server response and set on
@ -212,13 +212,6 @@ labels:
- "traefik.http.middlewares.test-auth.forwardauth.authResponseHeaders=X-Auth-User, X-Secret"
```
```toml tab="File (TOML)"
[http.middlewares]
[http.middlewares.test-auth.forwardAuth]
address = "https://example.com/auth"
authResponseHeaders = ["X-Auth-User", "X-Secret"]
```
```yaml tab="File (YAML)"
http:
middlewares:
@ -230,6 +223,13 @@ http:
- "X-Secret"
```
```toml tab="File (TOML)"
[http.middlewares]
[http.middlewares.test-auth.forwardAuth]
address = "https://example.com/auth"
authResponseHeaders = ["X-Auth-User", "X-Secret"]
```
### `authResponseHeadersRegex`
The `authResponseHeadersRegex` option is the regex to match headers to copy from the authentication server response and
@ -268,13 +268,6 @@ labels:
- "traefik.http.middlewares.test-auth.forwardauth.authResponseHeadersRegex=^X-"
```
```toml tab="File (TOML)"
[http.middlewares]
[http.middlewares.test-auth.forwardAuth]
address = "https://example.com/auth"
authResponseHeadersRegex = "^X-"
```
```yaml tab="File (YAML)"
http:
middlewares:
@ -284,6 +277,13 @@ http:
authResponseHeadersRegex: "^X-"
```
```toml tab="File (TOML)"
[http.middlewares]
[http.middlewares.test-auth.forwardAuth]
address = "https://example.com/auth"
authResponseHeadersRegex = "^X-"
```
### `authRequestHeaders`
The `authRequestHeaders` option is the list of the headers to copy from the request to the authentication server.
@ -323,13 +323,6 @@ labels:
- "traefik.http.middlewares.test-auth.forwardauth.authRequestHeaders=Accept,X-CustomHeader"
```
```toml tab="File (TOML)"
[http.middlewares]
[http.middlewares.test-auth.forwardAuth]
address = "https://example.com/auth"
authRequestHeaders = "Accept,X-CustomHeader"
```
```yaml tab="File (YAML)"
http:
middlewares:
@ -341,6 +334,13 @@ http:
- "X-CustomHeader"
```
```toml tab="File (TOML)"
[http.middlewares]
[http.middlewares.test-auth.forwardAuth]
address = "https://example.com/auth"
authRequestHeaders = "Accept,X-CustomHeader"
```
### `tls`
The `tls` option is the TLS configuration from Traefik to the authentication server.
@ -391,14 +391,6 @@ labels:
- "traefik.http.middlewares.test-auth.forwardauth.tls.ca=path/to/local.crt"
```
```toml tab="File (TOML)"
[http.middlewares]
[http.middlewares.test-auth.forwardAuth]
address = "https://example.com/auth"
[http.middlewares.test-auth.forwardAuth.tls]
ca = "path/to/local.crt"
```
```yaml tab="File (YAML)"
http:
middlewares:
@ -409,6 +401,14 @@ http:
ca: "path/to/local.crt"
```
```toml tab="File (TOML)"
[http.middlewares]
[http.middlewares.test-auth.forwardAuth]
address = "https://example.com/auth"
[http.middlewares.test-auth.forwardAuth.tls]
ca = "path/to/local.crt"
```
#### `tls.caOptional`
The value of `tls.caOptional` defines which policy should be used for the secure connection with TLS Client Authentication to the authentication server.
@ -453,14 +453,6 @@ labels:
- "traefik.http.middlewares.test-auth.forwardauth.tls.caOptional=true"
```
```toml tab="File (TOML)"
[http.middlewares]
[http.middlewares.test-auth.forwardAuth]
address = "https://example.com/auth"
[http.middlewares.test-auth.forwardAuth.tls]
caOptional = true
```
```yaml tab="File (YAML)"
http:
middlewares:
@ -471,6 +463,14 @@ http:
caOptional: true
```
```toml tab="File (TOML)"
[http.middlewares]
[http.middlewares.test-auth.forwardAuth]
address = "https://example.com/auth"
[http.middlewares.test-auth.forwardAuth.tls]
caOptional = true
```
#### `tls.cert`
The public certificate used for the secure connection to the authentication server.
@ -522,15 +522,6 @@ labels:
- "traefik.http.middlewares.test-auth.forwardauth.tls.key=path/to/foo.key"
```
```toml tab="File (TOML)"
[http.middlewares]
[http.middlewares.test-auth.forwardAuth]
address = "https://example.com/auth"
[http.middlewares.test-auth.forwardAuth.tls]
cert = "path/to/foo.cert"
key = "path/to/foo.key"
```
```yaml tab="File (YAML)"
http:
middlewares:
@ -542,6 +533,15 @@ http:
key: "path/to/foo.key"
```
```toml tab="File (TOML)"
[http.middlewares]
[http.middlewares.test-auth.forwardAuth]
address = "https://example.com/auth"
[http.middlewares.test-auth.forwardAuth.tls]
cert = "path/to/foo.cert"
key = "path/to/foo.key"
```
!!! info
For security reasons, the field does not exist for Kubernetes IngressRoute, and one should use the `secret` field instead.
@ -597,15 +597,6 @@ labels:
- "traefik.http.middlewares.test-auth.forwardauth.tls.key=path/to/foo.key"
```
```toml tab="File (TOML)"
[http.middlewares]
[http.middlewares.test-auth.forwardAuth]
address = "https://example.com/auth"
[http.middlewares.test-auth.forwardAuth.tls]
cert = "path/to/foo.cert"
key = "path/to/foo.key"
```
```yaml tab="File (YAML)"
http:
middlewares:
@ -617,6 +608,15 @@ http:
key: "path/to/foo.key"
```
```toml tab="File (TOML)"
[http.middlewares]
[http.middlewares.test-auth.forwardAuth]
address = "https://example.com/auth"
[http.middlewares.test-auth.forwardAuth.tls]
cert = "path/to/foo.cert"
key = "path/to/foo.key"
```
!!! info
For security reasons, the field does not exist for Kubernetes IngressRoute, and one should use the `secret` field instead.
@ -657,14 +657,6 @@ labels:
- "traefik.http.middlewares.test-auth.forwardauth.tls.InsecureSkipVerify=true"
```
```toml tab="File (TOML)"
[http.middlewares]
[http.middlewares.test-auth.forwardAuth]
address = "https://example.com/auth"
[http.middlewares.test-auth.forwardAuth.tls]
insecureSkipVerify: true
```
```yaml tab="File (YAML)"
http:
middlewares:
@ -674,3 +666,11 @@ http:
tls:
insecureSkipVerify: true
```
```toml tab="File (TOML)"
[http.middlewares]
[http.middlewares.test-auth.forwardAuth]
address = "https://example.com/auth"
[http.middlewares.test-auth.forwardAuth.tls]
insecureSkipVerify: true
```

70
docs/content/middlewares/headers.md
View file

@ -50,15 +50,6 @@ labels:
- "traefik.http.middlewares.testheader.headers.customresponseheaders.X-Custom-Response-Header=value"
```
```toml tab="File (TOML)"
[http.middlewares]
[http.middlewares.testHeader.headers]
[http.middlewares.testHeader.headers.customRequestHeaders]
X-Script-Name = "test"
[http.middlewares.testHeader.headers.customResponseHeaders]
X-Custom-Response-Header = "value"
```
```yaml tab="File (YAML)"
http:
middlewares:
@ -70,6 +61,15 @@ http:
X-Custom-Response-Header: "value"
```
```toml tab="File (TOML)"
[http.middlewares]
[http.middlewares.testHeader.headers]
[http.middlewares.testHeader.headers.customRequestHeaders]
X-Script-Name = "test"
[http.middlewares.testHeader.headers.customResponseHeaders]
X-Custom-Response-Header = "value"
```
### Adding and Removing Headers
In the following example, requests are proxied with an extra `X-Script-Name` header while their `X-Custom-Request-Header` header gets stripped,
@ -117,16 +117,6 @@ labels:
- "traefik.http.middlewares.testheader.headers.customresponseheaders.X-Custom-Response-Header="
```
```toml tab="File (TOML)"
[http.middlewares]
[http.middlewares.testHeader.headers]
[http.middlewares.testHeader.headers.customRequestHeaders]
X-Script-Name = "test" # Adds
X-Custom-Request-Header = "" # Removes
[http.middlewares.testHeader.headers.customResponseHeaders]
X-Custom-Response-Header = "" # Removes
```
```yaml tab="File (YAML)"
http:
middlewares:
@ -139,6 +129,16 @@ http:
X-Custom-Response-Header: "" # Removes
```
```toml tab="File (TOML)"
[http.middlewares]
[http.middlewares.testHeader.headers]
[http.middlewares.testHeader.headers.customRequestHeaders]
X-Script-Name = "test" # Adds
X-Custom-Request-Header = "" # Removes
[http.middlewares.testHeader.headers.customResponseHeaders]
X-Custom-Response-Header = "" # Removes
```
### Using Security Headers
Security-related headers (HSTS headers, SSL redirection, Browser XSS filter, etc) can be managed similarly to custom headers as shown above.
@ -179,13 +179,6 @@ labels:
- "traefik.http.middlewares.testheader.headers.sslredirect=true"
```
```toml tab="File (TOML)"
[http.middlewares]
[http.middlewares.testHeader.headers]
frameDeny = true
sslRedirect = true
```
```yaml tab="File (YAML)"
http:
middlewares:
@ -195,6 +188,13 @@ http:
sslRedirect: true
```
```toml tab="File (TOML)"
[http.middlewares]
[http.middlewares.testHeader.headers]
frameDeny = true
sslRedirect = true
```
### CORS Headers
CORS (Cross-Origin Resource Sharing) headers can be added and configured in a manner similar to the custom headers above.
@ -250,15 +250,6 @@ labels:
- "traefik.http.middlewares.testheader.headers.addvaryheader=true"
```
```toml tab="File (TOML)"
[http.middlewares]
[http.middlewares.testHeader.headers]
accessControlAllowMethods= ["GET", "OPTIONS", "PUT"]
accessControlAllowOriginList = ["https://foo.bar.org","https://example.org"]
accessControlMaxAge = 100
addVaryHeader = true
```
```yaml tab="File (YAML)"
http:
middlewares:
@ -275,6 +266,15 @@ http:
addVaryHeader: true
```
```toml tab="File (TOML)"
[http.middlewares]
[http.middlewares.testHeader.headers]
accessControlAllowMethods= ["GET", "OPTIONS", "PUT"]
accessControlAllowOriginList = ["https://foo.bar.org","https://example.org"]
accessControlMaxAge = 100
addVaryHeader = true
```
## Configuration Options
### General

84
docs/content/middlewares/inflightreq.md
View file

@ -41,13 +41,6 @@ labels:
- "traefik.http.middlewares.test-inflightreq.inflightreq.amount=10"
```
```toml tab="File (TOML)"
# Limiting to 10 simultaneous connections
[http.middlewares]
[http.middlewares.test-inflightreq.inFlightReq]
amount = 10
```
```yaml tab="File (YAML)"
# Limiting to 10 simultaneous connections
http:
@ -57,6 +50,13 @@ http:
amount: 10
```
```toml tab="File (TOML)"
# Limiting to 10 simultaneous connections
[http.middlewares]
[http.middlewares.test-inflightreq.inFlightReq]
amount = 10
```
## Configuration Options
### `amount`
@ -96,13 +96,6 @@ labels:
- "traefik.http.middlewares.test-inflightreq.inflightreq.amount=10"
```
```toml tab="File (TOML)"
# Limiting to 10 simultaneous connections
[http.middlewares]
[http.middlewares.test-inflightreq.inFlightReq]
amount = 10
```
```yaml tab="File (YAML)"
# Limiting to 10 simultaneous connections
http:
@ -112,6 +105,13 @@ http:
amount: 10
```
```toml tab="File (TOML)"
# Limiting to 10 simultaneous connections
[http.middlewares]
[http.middlewares.test-inflightreq.inFlightReq]
amount = 10
```
### `sourceCriterion`
The `sourceCriterion` option defines what criterion is used to group requests as originating from a common source.
@ -171,13 +171,6 @@ labels:
- "traefik.http.middlewares.test-inflightreq.inflightreq.sourcecriterion.ipstrategy.depth=2"
```
```toml tab="File (TOML)"
[http.middlewares]
[http.middlewares.test-inflightreq.inflightreq]
[http.middlewares.test-inflightreq.inFlightReq.sourceCriterion.ipStrategy]
depth = 2
```
```yaml tab="File (YAML)"
http:
middlewares:
@ -188,6 +181,13 @@ http:
depth: 2
```
```toml tab="File (TOML)"
[http.middlewares]
[http.middlewares.test-inflightreq.inflightreq]
[http.middlewares.test-inflightreq.inFlightReq.sourceCriterion.ipStrategy]
depth = 2
```
##### `ipStrategy.excludedIPs`
`excludedIPs` configures Traefik to scan the `X-Forwarded-For` header and select the first IP not in the list.
@ -238,13 +238,6 @@ labels:
- "traefik.http.middlewares.test-inflightreq.inflightreq.sourcecriterion.ipstrategy.excludedips=127.0.0.1/32, 192.168.1.7"
```
```toml tab="File (TOML)"
[http.middlewares]
[http.middlewares.test-inflightreq.inflightreq]
[http.middlewares.test-inflightreq.inFlightReq.sourceCriterion.ipStrategy]
excludedIPs = ["127.0.0.1/32", "192.168.1.7"]
```
```yaml tab="File (YAML)"
http:
middlewares:
@ -257,6 +250,13 @@ http:
- "192.168.1.7"
```
```toml tab="File (TOML)"
[http.middlewares]
[http.middlewares.test-inflightreq.inflightreq]
[http.middlewares.test-inflightreq.inFlightReq.sourceCriterion.ipStrategy]
excludedIPs = ["127.0.0.1/32", "192.168.1.7"]
```
#### `sourceCriterion.requestHeaderName`
Name of the header used to group incoming requests.
@ -292,13 +292,6 @@ labels:
- "traefik.http.middlewares.test-inflightreq.inflightreq.sourcecriterion.requestheadername=username"
```
```toml tab="File (TOML)"
[http.middlewares]
[http.middlewares.test-inflightreq.inflightreq]
[http.middlewares.test-inflightreq.inFlightReq.sourceCriterion]
requestHeaderName = "username"
```
```yaml tab="File (YAML)"
http:
middlewares:
@ -308,6 +301,13 @@ http:
requestHeaderName: username
```
```toml tab="File (TOML)"
[http.middlewares]
[http.middlewares.test-inflightreq.inflightreq]
[http.middlewares.test-inflightreq.inFlightReq.sourceCriterion]
requestHeaderName = "username"
```
#### `sourceCriterion.requestHost`
Whether to consider the request host as the source.
@ -343,13 +343,6 @@ labels:
- "traefik.http.middlewares.test-inflightreq.inflightreq.sourcecriterion.requesthost=true"
```
```toml tab="File (TOML)"
[http.middlewares]
[http.middlewares.test-inflightreq.inflightreq]
[http.middlewares.test-inflightreq.inFlightReq.sourceCriterion]
requestHost = true
```
```yaml tab="File (YAML)"
http:
middlewares:
@ -358,3 +351,10 @@ http:
sourceCriterion:
requestHost: true
```
```toml tab="File (TOML)"
[http.middlewares]
[http.middlewares.test-inflightreq.inflightreq]
[http.middlewares.test-inflightreq.inFlightReq.sourceCriterion]
requestHost = true
```

48
docs/content/middlewares/ipwhitelist.md
View file

@ -44,13 +44,6 @@ labels:
- "traefik.http.middlewares.test-ipwhitelist.ipwhitelist.sourcerange=127.0.0.1/32, 192.168.1.7"
```
```toml tab="File (TOML)"
# Accepts request from defined IP
[http.middlewares]
[http.middlewares.test-ipwhitelist.ipWhiteList]
sourceRange = ["127.0.0.1/32", "192.168.1.7"]
```
```yaml tab="File (YAML)"
# Accepts request from defined IP
http:
@ -62,6 +55,13 @@ http:
- "192.168.1.7"
```
```toml tab="File (TOML)"
# Accepts request from defined IP
[http.middlewares]
[http.middlewares.test-ipwhitelist.ipWhiteList]
sourceRange = ["127.0.0.1/32", "192.168.1.7"]
```
## Configuration Options
### `sourceRange`
@ -131,15 +131,6 @@ labels:
- "traefik.http.middlewares.testIPwhitelist.ipwhitelist.ipstrategy.depth=2"
```
```toml tab="File (TOML)"
# Whitelisting Based on `X-Forwarded-For` with `depth=2`
[http.middlewares]
[http.middlewares.test-ipwhitelist.ipWhiteList]
sourceRange = ["127.0.0.1/32", "192.168.1.7"]
[http.middlewares.test-ipwhitelist.ipWhiteList.ipStrategy]
depth = 2
```
```yaml tab="File (YAML)"
# Whitelisting Based on `X-Forwarded-For` with `depth=2`
http:
@ -153,6 +144,15 @@ http:
depth: 2
```
```toml tab="File (TOML)"
# Whitelisting Based on `X-Forwarded-For` with `depth=2`
[http.middlewares]
[http.middlewares.test-ipwhitelist.ipWhiteList]
sourceRange = ["127.0.0.1/32", "192.168.1.7"]
[http.middlewares.test-ipwhitelist.ipWhiteList.ipStrategy]
depth = 2
```
#### `ipStrategy.excludedIPs`
`excludedIPs` configures Traefik to scan the `X-Forwarded-For` header and select the first IP not in the list.
@ -206,14 +206,6 @@ labels:
- "traefik.http.middlewares.test-ipwhitelist.ipwhitelist.ipstrategy.excludedips=127.0.0.1/32, 192.168.1.7"
```
```toml tab="File (TOML)"
# Exclude from `X-Forwarded-For`
[http.middlewares]
[http.middlewares.test-ipwhitelist.ipWhiteList]
[http.middlewares.test-ipwhitelist.ipWhiteList.ipStrategy]
excludedIPs = ["127.0.0.1/32", "192.168.1.7"]
```
```yaml tab="File (YAML)"
# Exclude from `X-Forwarded-For`
http:
@ -225,3 +217,11 @@ http:
- "127.0.0.1/32"
- "192.168.1.7"
```
```toml tab="File (TOML)"
# Exclude from `X-Forwarded-For`
[http.middlewares]
[http.middlewares.test-ipwhitelist.ipWhiteList]
[http.middlewares.test-ipwhitelist.ipWhiteList.ipStrategy]
excludedIPs = ["127.0.0.1/32", "192.168.1.7"]
```

40
docs/content/middlewares/overview.md
View file

@ -91,26 +91,6 @@ labels:
- "traefik.http.routers.router1.middlewares=foo-add-prefix@rancher"
```
```toml tab="File (TOML)"
# As TOML Configuration File
[http.routers]
[http.routers.router1]
service = "myService"
middlewares = ["foo-add-prefix"]
rule = "Host(`example.com`)"
[http.middlewares]
[http.middlewares.foo-add-prefix.addPrefix]
prefix = "/foo"
[http.services]
[http.services.service1]
[http.services.service1.loadBalancer]
[[http.services.service1.loadBalancer.servers]]
url = "http://127.0.0.1:80"
```
```yaml tab="File (YAML)"
# As YAML Configuration File
http:
@ -133,6 +113,26 @@ http:
- url: "http://127.0.0.1:80"
```
```toml tab="File (TOML)"
# As TOML Configuration File
[http.routers]
[http.routers.router1]
service = "myService"
middlewares = ["foo-add-prefix"]
rule = "Host(`example.com`)"
[http.middlewares]
[http.middlewares.foo-add-prefix.addPrefix]
prefix = "/foo"
[http.services]
[http.services.service1]
[http.services.service1.loadBalancer]
[[http.services.service1.loadBalancer.servers]]
url = "http://127.0.0.1:80"
```
## Available Middlewares
| Middleware | Purpose | Area |

66
docs/content/middlewares/passtlsclientcert.md
View file

@ -46,13 +46,6 @@ labels:
- "traefik.http.middlewares.test-passtlsclientcert.passtlsclientcert.pem=true"
```
```toml tab="File (TOML)"
# Pass the escaped pem in the `X-Forwarded-Tls-Client-Cert` header.
[http.middlewares]
[http.middlewares.test-passtlsclientcert.passTLSClientCert]
pem = true
```
```yaml tab="File (YAML)"
# Pass the escaped pem in the `X-Forwarded-Tls-Client-Cert` header.
http:
@ -62,6 +55,13 @@ http:
pem: true
```
```toml tab="File (TOML)"
# Pass the escaped pem in the `X-Forwarded-Tls-Client-Cert` header.
[http.middlewares]
[http.middlewares.test-passtlsclientcert.passTLSClientCert]
pem = true
```
??? example "Pass the escaped pem in the `X-Forwarded-Tls-Client-Cert` header"
```yaml tab="Docker"
@ -182,32 +182,6 @@ http:
- "traefik.http.middlewares.test-passtlsclientcert.passtlsclientcert.info.issuer.serialnumber=true"
```
```toml tab="File (TOML)"
# Pass all the available info in the `X-Forwarded-Tls-Client-Cert-Info` header
[http.middlewares]
[http.middlewares.test-passtlsclientcert.passTLSClientCert]
[http.middlewares.test-passtlsclientcert.passTLSClientCert.info]
notAfter = true
notBefore = true
sans = true
[http.middlewares.test-passtlsclientcert.passTLSClientCert.info.subject]
country = true
province = true
locality = true
organization = true
commonName = true
serialNumber = true
domainComponent = true
[http.middlewares.test-passtlsclientcert.passTLSClientCert.info.issuer]
country = true
province = true
locality = true
organization = true
commonName = true
serialNumber = true
domainComponent = true
```
```yaml tab="File (YAML)"
# Pass all the available info in the `X-Forwarded-Tls-Client-Cert-Info` header
http:
@ -236,6 +210,32 @@ http:
domainComponent: true
```
```toml tab="File (TOML)"
# Pass all the available info in the `X-Forwarded-Tls-Client-Cert-Info` header
[http.middlewares]
[http.middlewares.test-passtlsclientcert.passTLSClientCert]
[http.middlewares.test-passtlsclientcert.passTLSClientCert.info]
notAfter = true
notBefore = true
sans = true
[http.middlewares.test-passtlsclientcert.passTLSClientCert.info.subject]
country = true
province = true
locality = true
organization = true
commonName = true
serialNumber = true
domainComponent = true
[http.middlewares.test-passtlsclientcert.passTLSClientCert.info.issuer]
country = true
province = true
locality = true
organization = true
commonName = true
serialNumber = true
domainComponent = true
```
## Configuration Options
### General

116
docs/content/middlewares/ratelimit.md
View file

@ -50,15 +50,6 @@ labels:
- "traefik.http.middlewares.test-ratelimit.ratelimit.burst=50"
```
```toml tab="File (TOML)"
# Here, an average of 100 requests per second is allowed.
# In addition, a burst of 50 requests is allowed.
[http.middlewares]
[http.middlewares.test-ratelimit.rateLimit]
average = 100
burst = 50
```
```yaml tab="File (YAML)"
# Here, an average of 100 requests per second is allowed.
# In addition, a burst of 50 requests is allowed.
@ -70,6 +61,15 @@ http:
burst: 50
```
```toml tab="File (TOML)"
# Here, an average of 100 requests per second is allowed.
# In addition, a burst of 50 requests is allowed.
[http.middlewares]
[http.middlewares.test-ratelimit.rateLimit]
average = 100
burst = 50
```
## Configuration Options
### `average`
@ -114,13 +114,6 @@ labels:
- "traefik.http.middlewares.test-ratelimit.ratelimit.average=100"
```
```toml tab="File (TOML)"
# 100 reqs/s
[http.middlewares]
[http.middlewares.test-ratelimit.rateLimit]
average = 100
```
```yaml tab="File (YAML)"
# 100 reqs/s
http:
@ -130,6 +123,13 @@ http:
average: 100
```
```toml tab="File (TOML)"
# 100 reqs/s
[http.middlewares]
[http.middlewares.test-ratelimit.rateLimit]
average = 100
```
### `period`
`period`, in combination with `average`, defines the actual maximum rate, such as:
@ -179,14 +179,6 @@ labels:
- "traefik.http.middlewares.test-ratelimit.ratelimit.period=1m"
```
```toml tab="File (TOML)"
# 6 reqs/minute
[http.middlewares]
[http.middlewares.test-ratelimit.rateLimit]
average = 6
period = "1m"
```
```yaml tab="File (YAML)"
# 6 reqs/minute
http:
@ -197,6 +189,14 @@ http:
period: 1m
```
```toml tab="File (TOML)"
# 6 reqs/minute
[http.middlewares]
[http.middlewares.test-ratelimit.rateLimit]
average = 6
period = "1m"
```
### `burst`
`burst` is the maximum number of requests allowed to go through in the same arbitrarily small period of time.
@ -233,12 +233,6 @@ labels:
- "traefik.http.middlewares.test-ratelimit.ratelimit.burst=100"
```
```toml tab="File (TOML)"
[http.middlewares]
[http.middlewares.test-ratelimit.rateLimit]
burst = 100
```
```yaml tab="File (YAML)"
http:
middlewares:
@ -247,6 +241,12 @@ http:
burst: 100
```
```toml tab="File (TOML)"
[http.middlewares]
[http.middlewares.test-ratelimit.rateLimit]
burst = 100
```
### `sourceCriterion`
The `sourceCriterion` option defines what criterion is used to group requests as originating from a common source.
@ -306,13 +306,6 @@ labels:
- "traefik.http.middlewares.test-ratelimit.ratelimit.sourcecriterion.ipstrategy.depth=2"
```
```toml tab="File (TOML)"
[http.middlewares]
[http.middlewares.test-ratelimit.rateLimit]
[http.middlewares.test-ratelimit.rateLimit.sourceCriterion.ipStrategy]
depth = 2
```
```yaml tab="File (YAML)"
http:
middlewares:
@ -323,6 +316,13 @@ http:
depth: 2
```
```toml tab="File (TOML)"
[http.middlewares]
[http.middlewares.test-ratelimit.rateLimit]
[http.middlewares.test-ratelimit.rateLimit.sourceCriterion.ipStrategy]
depth = 2
```
##### `ipStrategy.excludedIPs`
!!! important "Contrary to what the name might suggest, this option is _not_ about excluding an IP from the rate limiter, and therefore cannot be used to deactivate rate limiting for some IPs."
@ -400,13 +400,6 @@ labels:
- "traefik.http.middlewares.test-ratelimit.ratelimit.sourcecriterion.ipstrategy.excludedips=127.0.0.1/32, 192.168.1.7"
```
```toml tab="File (TOML)"
[http.middlewares]
[http.middlewares.test-ratelimit.rateLimit]
[http.middlewares.test-ratelimit.rateLimit.sourceCriterion.ipStrategy]
excludedIPs = ["127.0.0.1/32", "192.168.1.7"]
```
```yaml tab="File (YAML)"
http:
middlewares:
@ -419,6 +412,13 @@ http:
- "192.168.1.7"
```
```toml tab="File (TOML)"
[http.middlewares]
[http.middlewares.test-ratelimit.rateLimit]
[http.middlewares.test-ratelimit.rateLimit.sourceCriterion.ipStrategy]
excludedIPs = ["127.0.0.1/32", "192.168.1.7"]
```
#### `sourceCriterion.requestHeaderName`
Name of the header used to group incoming requests.
@ -454,13 +454,6 @@ labels:
- "traefik.http.middlewares.test-ratelimit.ratelimit.sourcecriterion.requestheadername=username"
```
```toml tab="File (TOML)"
[http.middlewares]
[http.middlewares.test-ratelimit.rateLimit]
[http.middlewares.test-ratelimit.rateLimit.sourceCriterion]
requestHeaderName = "username"
```
```yaml tab="File (YAML)"
http:
middlewares:
@ -470,6 +463,13 @@ http:
requestHeaderName: username
```
```toml tab="File (TOML)"
[http.middlewares]
[http.middlewares.test-ratelimit.rateLimit]
[http.middlewares.test-ratelimit.rateLimit.sourceCriterion]
requestHeaderName = "username"
```
#### `sourceCriterion.requestHost`
Whether to consider the request host as the source.
@ -505,13 +505,6 @@ labels:
- "traefik.http.middlewares.test-ratelimit.ratelimit.sourcecriterion.requesthost=true"
```
```toml tab="File (TOML)"
[http.middlewares]
[http.middlewares.test-ratelimit.rateLimit]
[http.middlewares.test-ratelimit.rateLimit.sourceCriterion]
requestHost = true
```
```yaml tab="File (YAML)"
http:
middlewares:
@ -520,3 +513,10 @@ http:
sourceCriterion:
requestHost: true
```
```toml tab="File (TOML)"
[http.middlewares]
[http.middlewares.test-ratelimit.rateLimit]
[http.middlewares.test-ratelimit.rateLimit.sourceCriterion]
requestHost = true
```

18
docs/content/middlewares/redirectregex.md
View file

@ -53,14 +53,6 @@ labels:
- "traefik.http.middlewares.test-redirectregex.redirectregex.replacement=http://mydomain/$${1}"
```
```toml tab="File (TOML)"
# Redirect with domain replacement
[http.middlewares]
[http.middlewares.test-redirectregex.redirectRegex]
regex = "^http://localhost/(.*)"
replacement = "http://mydomain/${1}"
```
```yaml tab="File (YAML)"
# Redirect with domain replacement
http:
@ -71,6 +63,14 @@ http:
replacement: "http://mydomain/${1}"
```
```toml tab="File (TOML)"
# Redirect with domain replacement
[http.middlewares]
[http.middlewares.test-redirectregex.redirectRegex]
regex = "^http://localhost/(.*)"
replacement = "http://mydomain/${1}"
```
## Configuration Options
!!! tip
@ -84,7 +84,7 @@ Set the `permanent` option to `true` to apply a permanent redirection.
### `regex`
The `regex` option is the regular expression to match and capture elements from the request URL.
### `replacement`
The `replacement` option defines how to modify the URL to have the new target URL.

62
docs/content/middlewares/redirectscheme.md
View file

@ -51,14 +51,6 @@ labels:
- "traefik.http.middlewares.test-redirectscheme.redirectscheme.permanent=true"
```
```toml tab="File (TOML)"
# Redirect to https
[http.middlewares]
[http.middlewares.test-redirectscheme.redirectScheme]
scheme = "https"
permanent = true
```
```yaml tab="File (YAML)"
# Redirect to https
http:
@ -69,6 +61,14 @@ http:
permanent: true
```
```toml tab="File (TOML)"
# Redirect to https
[http.middlewares]
[http.middlewares.test-redirectscheme.redirectScheme]
scheme = "https"
permanent = true
```
## Configuration Options
### `permanent`
@ -115,14 +115,6 @@ labels:
- "traefik.http.middlewares.test-redirectscheme.redirectscheme.permanent=true"
```
```toml tab="File (TOML)"
# Redirect to https
[http.middlewares]
[http.middlewares.test-redirectscheme.redirectScheme]
# ...
permanent = true
```
```yaml tab="File (YAML)"
# Redirect to https
http:
@ -133,6 +125,14 @@ http:
permanent: true
```
```toml tab="File (TOML)"
# Redirect to https
[http.middlewares]
[http.middlewares.test-redirectscheme.redirectScheme]
# ...
permanent = true
```
### `scheme`
The `scheme` option defines the scheme of the new URL.
@ -172,13 +172,6 @@ labels:
- "traefik.http.middlewares.test-redirectscheme.redirectscheme.scheme=https"
```
```toml tab="File (TOML)"
# Redirect to https
[http.middlewares]
[http.middlewares.test-redirectscheme.redirectScheme]
scheme = "https"
```
```yaml tab="File (YAML)"
# Redirect to https
http:
@ -188,6 +181,13 @@ http:
scheme: https
```
```toml tab="File (TOML)"
# Redirect to https
[http.middlewares]
[http.middlewares.test-redirectscheme.redirectScheme]
scheme = "https"
```
### `port`
The `port` option defines the port of the new URL.
@ -232,14 +232,6 @@ labels:
- "traefik.http.middlewares.test-redirectscheme.redirectscheme.port=443"
```
```toml tab="File (TOML)"
# Redirect to https
[http.middlewares]
[http.middlewares.test-redirectscheme.redirectScheme]
# ...
port = 443
```
```yaml tab="File (YAML)"
# Redirect to https
http:
@ -250,4 +242,12 @@ http:
port: "443"
```
```toml tab="File (TOML)"
# Redirect to https
[http.middlewares]
[http.middlewares.test-redirectscheme.redirectScheme]
# ...
port = 443
```
!!! info "Port in this configuration is a string, not a numeric value."

14
docs/content/middlewares/replacepath.md
View file

@ -45,13 +45,6 @@ labels:
- "traefik.http.middlewares.test-replacepath.replacepath.path=/foo"
```
```toml tab="File (TOML)"
# Replace the path with /foo
[http.middlewares]
[http.middlewares.test-replacepath.replacePath]
path = "/foo"
```
```yaml tab="File (YAML)"
# Replace the path with /foo
http:
@ -61,6 +54,13 @@ http:
path: "/foo"
```
```toml tab="File (TOML)"
# Replace the path with /foo
[http.middlewares]
[http.middlewares.test-replacepath.replacePath]
path = "/foo"
```
## Configuration Options
### General

18
docs/content/middlewares/replacepathregex.md
View file

@ -50,14 +50,6 @@ labels:
- "traefik.http.middlewares.test-replacepathregex.replacepathregex.replacement=/bar/$1"
```
```toml tab="File (TOML)"
# Replace path with regex
[http.middlewares]
[http.middlewares.test-replacepathregex.replacePathRegex]
regex = "^/foo/(.*)"
replacement = "/bar/$1"
```
```yaml tab="File (YAML)"
# Replace path with regex
http:
@ -68,6 +60,14 @@ http:
replacement: "/bar/$1"
```
```toml tab="File (TOML)"
# Replace path with regex
[http.middlewares]
[http.middlewares.test-replacepathregex.replacePathRegex]
regex = "^/foo/(.*)"
replacement = "/bar/$1"
```
## Configuration Options
### General
@ -84,7 +84,7 @@ The ReplacePathRegex middleware will:
### `regex`
The `regex` option is the regular expression to match and capture the path from the request URL.
### `replacement`
The `replacement` option defines the replacement path format, which can include captured variables.

16
docs/content/middlewares/retry.md
View file

@ -52,14 +52,6 @@ labels:
- "traefik.http.middlewares.test-retry.retry.initialinterval=100ms"
```
```toml tab="File (TOML)"
# Retry 4 times with exponential backoff
[http.middlewares]
[http.middlewares.test-retry.retry]
attempts = 4
initialInterval = "100ms"
```
```yaml tab="File (YAML)"
# Retry 4 times with exponential backoff
http:
@ -70,6 +62,14 @@ http:
initialInterval: 100ms
```
```toml tab="File (TOML)"
# Retry 4 times with exponential backoff
[http.middlewares]
[http.middlewares.test-retry.retry]
attempts = 4
initialInterval = "100ms"
```
## Configuration Options
### `attempts`

28
docs/content/middlewares/stripprefix.md
View file

@ -47,13 +47,6 @@ labels:
- "traefik.http.middlewares.test-stripprefix.stripprefix.prefixes=/foobar,/fiibar"
```
```toml tab="File (TOML)"
# Strip prefix /foobar and /fiibar
[http.middlewares]
[http.middlewares.test-stripprefix.stripPrefix]
prefixes = ["/foobar", "/fiibar"]
```
```yaml tab="File (YAML)"
# Strip prefix /foobar and /fiibar
http:
@ -65,6 +58,13 @@ http:
- "/fiibar"
```
```toml tab="File (TOML)"
# Strip prefix /foobar and /fiibar
[http.middlewares]
[http.middlewares.test-stripprefix.stripPrefix]
prefixes = ["/foobar", "/fiibar"]
```
## Configuration Options
### General
@ -149,13 +149,6 @@ labels:
- "traefik.http.middlewares.example.stripprefix.forceSlash=false"
```
```toml tab="File (TOML)"
[http.middlewares]
[http.middlewares.example.stripPrefix]
prefixes = ["/foobar"]
forceSlash = false
```
```yaml tab="File (YAML)"
http:
middlewares:
@ -165,3 +158,10 @@ http:
- "/foobar"
forceSlash: false
```
```toml tab="File (TOML)"
[http.middlewares]
[http.middlewares.example.stripPrefix]
prefixes = ["/foobar"]
forceSlash = false
```

12
docs/content/middlewares/stripprefixregex.md
View file

@ -38,12 +38,6 @@ labels:
- "traefik.http.middlewares.test-stripprefixregex.stripprefixregex.regex=/foo/[a-z0-9]+/[0-9]+/"
```
```toml tab="File (TOML)"
[http.middlewares]
[http.middlewares.test-stripprefixregex.stripPrefixRegex]
regex = ["/foo/[a-z0-9]+/[0-9]+/"]
```
```yaml tab="File (YAML)"
http:
middlewares:
@ -53,6 +47,12 @@ http:
- "/foo/[a-z0-9]+/[0-9]+/"
```
```toml tab="File (TOML)"
[http.middlewares]
[http.middlewares.test-stripprefixregex.stripPrefixRegex]
regex = ["/foo/[a-z0-9]+/[0-9]+/"]
```
## Configuration Options
### General