homelab/traefik
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Fix Proxy Protocol documentation

Browse source
This commit is contained in:
Emile Vauge 2017-10-12 11:10:03 +02:00 committed by Traefiker
parent 7a2ce59563
commit dbc796359f
1 changed files with 5 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

8
docs/configuration/entrypoints.md
View file

@ -188,11 +188,14 @@ To enable IP whitelisting at the entrypoint level.
whiteListSourceRange = ["127.0.0.1/32", "192.168.1.7"] whiteListSourceRange = ["127.0.0.1/32", "192.168.1.7"]
``` ```
## ProxyProtocol Support ## ProxyProtocol
To enable [ProxyProtocol](https://www.haproxy.org/download/1.8/doc/proxy-protocol.txt) support. To enable [ProxyProtocol](https://www.haproxy.org/download/1.8/doc/proxy-protocol.txt) support.
Only IPs in `trustedIPs` will lead to remote client address replacement: you should declare your load-balancer IP or CIDR range here. Only IPs in `trustedIPs` will lead to remote client address replacement: you should declare your load-balancer IP or CIDR range here (in testing environment, you can trust everyone using `0.0.0.0/0`).
!!! danger
When queuing Træfik behind another load-balancer, be sure to carefully configure Proxy Protocol on both sides.
Otherwise, it could introduce a security risk in your system by forging requests.
```toml ```toml
[entryPoints] [entryPoints]
@ -201,4 +204,3 @@ Only IPs in `trustedIPs` will lead to remote client address replacement: you sho
[entryPoints.http.proxyProtocol] [entryPoints.http.proxyProtocol]
trustedIPs = ["127.0.0.1/32", "192.168.1.7"] trustedIPs = ["127.0.0.1/32", "192.168.1.7"]
``` ```
²