Add kubernetes examples + better document methods of applying authentication
Closes #33
This commit is contained in:
Thom Seddon
@ -0,0 +1,8 @@
|
||||
rule.example_public.action=allow
|
||||
rule.example_public.rule=Host("stats.example.com") && PathPrefix("/api/public")
|
||||
|
||||
rule.example_api.action=allow
|
||||
rule.example_api.rule=Host("api.example.com") && Headers("X-API-Authorization", "a-long-api-key")
|
||||
|
||||
rule.example_api_query.action=allow
|
||||
rule.example_api_query.rule=Host("api.example.com") && && Query("api_key=a-long-api-key")
|
||||
@ -0,0 +1,169 @@
|
||||
################################################################
|
||||
# Global configuration
|
||||
################################################################
|
||||
|
||||
# Enable debug mode
|
||||
#
|
||||
# Optional
|
||||
# Default: false
|
||||
#
|
||||
# debug = true
|
||||
|
||||
# Log level
|
||||
#
|
||||
# Optional
|
||||
# Default: "ERROR"
|
||||
#
|
||||
logLevel = "INFO"
|
||||
|
||||
# Entrypoints to be used by frontends that do not specify any entrypoint.
|
||||
# Each frontend can specify its own entrypoints.
|
||||
#
|
||||
# Optional
|
||||
# Default: ["http"]
|
||||
#
|
||||
defaultEntryPoints = ["http", "https"]
|
||||
|
||||
# If set to true invalid SSL certificates are accepted for backends.
|
||||
# This disables detection of man-in-the-middle attacks so should only be used on secure backend networks.
|
||||
#
|
||||
# Optional
|
||||
# Default: false
|
||||
#
|
||||
insecureSkipVerify = true
|
||||
|
||||
################################################################
|
||||
# Entrypoints configuration
|
||||
################################################################
|
||||
|
||||
# Entrypoints definition
|
||||
#
|
||||
# Optional
|
||||
# Default:
|
||||
[entryPoints]
|
||||
[entryPoints.http]
|
||||
address = ":80"
|
||||
compress = true
|
||||
|
||||
[entryPoints.http.redirect]
|
||||
entryPoint = "https"
|
||||
|
||||
[entryPoints.https]
|
||||
address = ":443"
|
||||
compress = true
|
||||
|
||||
[entryPoints.https.tls]
|
||||
|
||||
[entryPoints.https.auth.forward]
|
||||
address = "http://127.0.0.1:4181"
|
||||
authResponseHeaders = ["X-Forwarded-User"]
|
||||
|
||||
[entryPoints.traefik]
|
||||
address = ":8080"
|
||||
|
||||
################################################################
|
||||
# Traefik logs configuration
|
||||
################################################################
|
||||
|
||||
# Traefik logs
|
||||
# Enabled by default and log to stdout
|
||||
#
|
||||
# Optional
|
||||
#
|
||||
[traefikLog]
|
||||
format = "json"
|
||||
|
||||
# Sets the filepath for the traefik log. If not specified, stdout will be used.
|
||||
# Intermediate directories are created if necessary.
|
||||
#
|
||||
# Optional
|
||||
# Default: os.Stdout
|
||||
#
|
||||
# filePath = "log/traefik.log"
|
||||
|
||||
# Format is either "json" or "common".
|
||||
#
|
||||
# Optional
|
||||
# Default: "common"
|
||||
#
|
||||
# format = "common"
|
||||
|
||||
################################################################
|
||||
# Access logs configuration
|
||||
################################################################
|
||||
|
||||
# Enable access logs
|
||||
# By default it will write to stdout and produce logs in the textual
|
||||
# Common Log Format (CLF), extended with additional fields.
|
||||
#
|
||||
# Optional
|
||||
#
|
||||
# [accessLog]
|
||||
|
||||
# Sets the file path for the access log. If not specified, stdout will be used.
|
||||
# Intermediate directories are created if necessary.
|
||||
#
|
||||
# Optional
|
||||
# Default: os.Stdout
|
||||
#
|
||||
# filePath = "/path/to/log/log.txt"
|
||||
|
||||
# Format is either "json" or "common".
|
||||
#
|
||||
# Optional
|
||||
# Default: "common"
|
||||
#
|
||||
# format = "common"
|
||||
|
||||
################################################################
|
||||
# API and dashboard configuration
|
||||
################################################################
|
||||
|
||||
# Enable API and dashboard
|
||||
[api]
|
||||
|
||||
# Name of the related entry point
|
||||
#
|
||||
# Optional
|
||||
# Default: "traefik"
|
||||
#
|
||||
# entryPoint = "traefik"
|
||||
|
||||
# Enabled Dashboard
|
||||
#
|
||||
# Optional
|
||||
# Default: true
|
||||
#
|
||||
# dashboard = false
|
||||
|
||||
################################################################
|
||||
# Ping configuration
|
||||
################################################################
|
||||
|
||||
# Enable ping
|
||||
[ping]
|
||||
|
||||
# Name of the related entry point
|
||||
#
|
||||
# Optional
|
||||
# Default: "traefik"
|
||||
#
|
||||
# entryPoint = "traefik"
|
||||
|
||||
################################################################
|
||||
# Docker configuration backend
|
||||
################################################################
|
||||
|
||||
# Enable Kubernetes configuration backend
|
||||
[kubernetes]
|
||||
|
||||
[acme]
|
||||
KeyType = "RSA4096"
|
||||
email = "you@example.com"
|
||||
storage = "/acme/acme.json"
|
||||
entryPoint = "https"
|
||||
onHostRule = true
|
||||
acmeLogging = true
|
||||
|
||||
[acme.httpChallenge]
|
||||
entryPoint = "http"
|
||||
Reference in New Issue
Block a user