traefik/docs/content/middlewares/http/chain.md

180 lines
4.7 KiB
Markdown
Raw Normal View History

---
title: "Traefik Command Line Documentation"
description: "The HTTP chain middleware lets you define reusable combinations of other middleware, to reuse the same groups. Read the technical documentation."
---
# Chain
2019-04-03 12:32:04 +00:00
When One Isn't Enough
{: .subtitle }
2021-06-11 13:30:05 +00:00
![Chain](../../assets/img/middleware/chain.png)
2021-02-11 13:34:04 +00:00
The Chain middleware enables you to define reusable combinations of other pieces of middleware.
It makes reusing the same groups easier.
## Configuration Example
2022-10-26 15:16:05 +00:00
Below is an example of a Chain containing `AllowList`, `BasicAuth`, and `RedirectScheme`.
2019-04-03 12:32:04 +00:00
```yaml tab="Docker"
labels:
2019-09-23 15:00:06 +00:00
- "traefik.http.routers.router1.service=service1"
- "traefik.http.routers.router1.middlewares=secured"
- "traefik.http.routers.router1.rule=Host(`mydomain`)"
- "traefik.http.middlewares.secured.chain.middlewares=https-only,known-ips,auth-users"
- "traefik.http.middlewares.auth-users.basicauth.users=test:$apr1$H6uskkkW$IgXLP6ewTrSuBkTrqE8wj/"
- "traefik.http.middlewares.https-only.redirectscheme.scheme=https"
2022-10-26 15:16:05 +00:00
- "traefik.http.middlewares.known-ips.ipallowlist.sourceRange=192.168.1.7,127.0.0.1/32"
- "traefik.http.services.service1.loadbalancer.server.port=80"
2019-04-03 12:32:04 +00:00
```
```yaml tab="Kubernetes"
apiVersion: traefik.containo.us/v1alpha1
kind: IngressRoute
metadata:
name: test
namespace: default
spec:
entryPoints:
- web
routes:
- match: Host(`mydomain`)
kind: Rule
services:
- name: whoami
port: 80
middlewares:
- name: secured
---
apiVersion: traefik.containo.us/v1alpha1
kind: Middleware
metadata:
name: secured
spec:
chain:
middlewares:
- name: https-only
- name: known-ips
- name: auth-users
2019-04-03 12:32:04 +00:00
---
apiVersion: traefik.containo.us/v1alpha1
kind: Middleware
metadata:
name: auth-users
spec:
basicAuth:
users:
- test:$apr1$H6uskkkW$IgXLP6ewTrSuBkTrqE8wj/
---
apiVersion: traefik.containo.us/v1alpha1
kind: Middleware
metadata:
name: https-only
spec:
redirectScheme:
2019-04-03 12:32:04 +00:00
scheme: https
---
apiVersion: traefik.containo.us/v1alpha1
kind: Middleware
metadata:
name: known-ips
spec:
2022-10-26 15:16:05 +00:00
ipAllowList:
2019-04-03 12:32:04 +00:00
sourceRange:
- 192.168.1.7
- 127.0.0.1/32
```
2019-10-15 15:34:08 +00:00
```yaml tab="Consul Catalog"
- "traefik.http.routers.router1.service=service1"
- "traefik.http.routers.router1.middlewares=secured"
- "traefik.http.routers.router1.rule=Host(`mydomain`)"
- "traefik.http.middlewares.secured.chain.middlewares=https-only,known-ips,auth-users"
- "traefik.http.middlewares.auth-users.basicauth.users=test:$apr1$H6uskkkW$IgXLP6ewTrSuBkTrqE8wj/"
- "traefik.http.middlewares.https-only.redirectscheme.scheme=https"
2022-10-26 15:16:05 +00:00
- "traefik.http.middlewares.known-ips.ipallowlist.sourceRange=192.168.1.7,127.0.0.1/32"
- "traefik.http.services.service1.loadbalancer.server.port=80"
2019-10-15 15:34:08 +00:00
```
```json tab="Marathon"
"labels": {
"traefik.http.routers.router1.service": "service1",
"traefik.http.routers.router1.middlewares": "secured",
"traefik.http.routers.router1.rule": "Host(`mydomain`)",
"traefik.http.middlewares.secured.chain.middlewares": "https-only,known-ips,auth-users",
"traefik.http.middlewares.auth-users.basicauth.users": "test:$apr1$H6uskkkW$IgXLP6ewTrSuBkTrqE8wj/",
"traefik.http.middlewares.https-only.redirectscheme.scheme": "https",
2022-10-26 15:16:05 +00:00
"traefik.http.middlewares.known-ips.ipallowlist.sourceRange": "192.168.1.7,127.0.0.1/32",
"traefik.http.services.service1.loadbalancer.server.port": "80"
}
```
2019-07-22 07:58:04 +00:00
```yaml tab="File (YAML)"
2021-02-11 13:34:04 +00:00
# ...
2019-07-22 07:58:04 +00:00
http:
routers:
router1:
service: service1
middlewares:
2019-09-23 15:00:06 +00:00
- secured
2019-07-22 07:58:04 +00:00
rule: "Host(`mydomain`)"
middlewares:
secured:
chain:
middlewares:
2019-09-23 15:00:06 +00:00
- https-only
- known-ips
- auth-users
2019-07-22 07:58:04 +00:00
auth-users:
basicAuth:
users:
2019-09-23 15:00:06 +00:00
- "test:$apr1$H6uskkkW$IgXLP6ewTrSuBkTrqE8wj/"
2019-07-22 07:58:04 +00:00
https-only:
redirectScheme:
scheme: https
known-ips:
2022-10-26 15:16:05 +00:00
ipAllowList:
2019-07-22 07:58:04 +00:00
sourceRange:
2019-09-23 15:00:06 +00:00
- "192.168.1.7"
- "127.0.0.1/32"
2019-07-22 07:58:04 +00:00
services:
service1:
loadBalancer:
servers:
2019-09-23 15:00:06 +00:00
- url: "http://127.0.0.1:80"
2019-07-22 07:58:04 +00:00
```
```toml tab="File (TOML)"
# ...
[http.routers]
[http.routers.router1]
service = "service1"
middlewares = ["secured"]
rule = "Host(`mydomain`)"
[http.middlewares]
[http.middlewares.secured.chain]
middlewares = ["https-only", "known-ips", "auth-users"]
[http.middlewares.auth-users.basicAuth]
users = ["test:$apr1$H6uskkkW$IgXLP6ewTrSuBkTrqE8wj/"]
[http.middlewares.https-only.redirectScheme]
scheme = "https"
2022-10-26 15:16:05 +00:00
[http.middlewares.known-ips.ipAllowList]
sourceRange = ["192.168.1.7", "127.0.0.1/32"]
[http.services]
[http.services.service1]
[http.services.service1.loadBalancer]
[[http.services.service1.loadBalancer.servers]]
url = "http://127.0.0.1:80"
```