traefik/docs/configuration/backends/file.md

193 lines
5.1 KiB
Markdown
Raw Normal View History

# File Backends
2017-08-25 19:32:33 +00:00
2017-09-11 17:10:04 +00:00
Like any other reverse proxy, Træfik can be configured with a file.
You have three choices:
- [Simple](/configuration/backends/file/#simple)
- [Rules in a Separate File](/configuration/backends/file/#rules-in-a-separate-file)
- [Multiple `.toml` Files](/configuration/backends/file/#multiple-toml-files)
2017-08-25 19:32:33 +00:00
To enable the file backend, you must either pass the `--file` option to the Træfik binary or put the `[file]` section (with or without inner settings) in the configuration file.
The configuration file allows managing both backends/frontends and HTTPS certificates (which are not [Let's Encrypt](https://letsencrypt.org) certificates generated through Træfik).
## Simple
Add your configuration at the end of the global configuration file `traefik.toml`:
2017-08-25 19:32:33 +00:00
```toml
defaultEntryPoints = ["http", "https"]
2017-09-05 13:58:03 +00:00
2017-08-25 19:32:33 +00:00
[entryPoints]
[entryPoints.http]
address = ":80"
[entryPoints.http.redirect]
2017-09-05 13:58:03 +00:00
entryPoint = "https"
2017-08-25 19:32:33 +00:00
[entryPoints.https]
address = ":443"
[entryPoints.https.tls]
[[entryPoints.https.tls.certificates]]
2017-12-06 12:05:08 +00:00
certFile = "integration/fixtures/https/snitest.org.cert"
keyFile = "integration/fixtures/https/snitest.org.key"
2017-08-25 19:32:33 +00:00
[file]
# rules
[backends]
[backends.backend1]
[backends.backend1.circuitbreaker]
2017-09-05 13:58:03 +00:00
expression = "NetworkErrorRatio() > 0.5"
2017-08-25 19:32:33 +00:00
[backends.backend1.servers.server1]
url = "http://172.17.0.2:80"
weight = 10
[backends.backend1.servers.server2]
url = "http://172.17.0.3:80"
weight = 1
[backends.backend2]
[backends.backend2.maxconn]
2017-09-05 13:58:03 +00:00
amount = 10
extractorfunc = "request.host"
2017-08-25 19:32:33 +00:00
[backends.backend2.LoadBalancer]
2017-09-05 13:58:03 +00:00
method = "drr"
2017-08-25 19:32:33 +00:00
[backends.backend2.servers.server1]
url = "http://172.17.0.4:80"
weight = 1
[backends.backend2.servers.server2]
url = "http://172.17.0.5:80"
weight = 2
[frontends]
[frontends.frontend1]
backend = "backend2"
[frontends.frontend1.routes.test_1]
rule = "Host:test.localhost"
2017-09-05 13:58:03 +00:00
2017-08-25 19:32:33 +00:00
[frontends.frontend2]
backend = "backend1"
passHostHeader = true
priority = 10
# restrict access to this frontend to the specified list of IPv4/IPv6 CIDR Nets
# an unset or empty list allows all Source-IPs to access
# if one of the Net-Specifications are invalid, the whole list is invalid
# and allows all Source-IPs to access.
whitelistSourceRange = ["10.42.0.0/16", "152.89.1.33/32", "afed:be44::/16"]
entrypoints = ["https"] # overrides defaultEntryPoints
[frontends.frontend2.routes.test_1]
rule = "Host:{subdomain:[a-z]+}.localhost"
2017-09-05 13:58:03 +00:00
2017-08-25 19:32:33 +00:00
[frontends.frontend3]
entrypoints = ["http", "https"] # overrides defaultEntryPoints
backend = "backend2"
2017-09-05 13:58:03 +00:00
rule = "Path:/test"
# HTTPS certificate
2018-01-23 15:30:07 +00:00
[[tls]]
2018-01-23 08:12:03 +00:00
entryPoints = ["https"]
2018-01-23 15:30:07 +00:00
[tls.certificate]
2018-01-23 08:12:03 +00:00
certFile = "path/to/my.cert"
keyFile = "path/to/my.key"
2018-01-23 15:30:07 +00:00
[[tls]]
2018-01-23 08:12:03 +00:00
entryPoints = ["https"]
2018-01-23 15:30:07 +00:00
[tls.certificate]
2018-01-23 08:12:03 +00:00
certFile = "path/to/my/other.cert"
keyFile = "path/to/my/other.key"
2017-08-25 19:32:33 +00:00
```
!!! note
adding certificates directly to the entrypoint is still maintained but certificates declared in this way cannot be managed dynamically.
It's recommended to use the file provider to declare certificates.
## Rules in a Separate File
Put your rules in a separate file, for example `rules.toml`:
2017-08-25 19:32:33 +00:00
```toml
# traefik.toml
[entryPoints]
[entryPoints.http]
address = ":80"
[entryPoints.http.redirect]
entryPoint = "https"
[entryPoints.https]
address = ":443"
[entryPoints.https.tls]
[file]
filename = "rules.toml"
```
```toml
# rules.toml
[backends]
[backends.backend1]
[backends.backend1.circuitbreaker]
2017-09-05 13:58:03 +00:00
expression = "NetworkErrorRatio() > 0.5"
2017-08-25 19:32:33 +00:00
[backends.backend1.servers.server1]
url = "http://172.17.0.2:80"
weight = 10
[backends.backend1.servers.server2]
url = "http://172.17.0.3:80"
weight = 1
[backends.backend2]
[backends.backend2.maxconn]
2017-09-05 13:58:03 +00:00
amount = 10
extractorfunc = "request.host"
2017-08-25 19:32:33 +00:00
[backends.backend2.LoadBalancer]
2017-09-05 13:58:03 +00:00
method = "drr"
2017-08-25 19:32:33 +00:00
[backends.backend2.servers.server1]
url = "http://172.17.0.4:80"
weight = 1
[backends.backend2.servers.server2]
url = "http://172.17.0.5:80"
weight = 2
[frontends]
[frontends.frontend1]
backend = "backend2"
[frontends.frontend1.routes.test_1]
rule = "Host:test.localhost"
[frontends.frontend2]
backend = "backend1"
passHostHeader = true
priority = 10
entrypoints = ["https"] # overrides defaultEntryPoints
[frontends.frontend2.routes.test_1]
rule = "Host:{subdomain:[a-z]+}.localhost"
[frontends.frontend3]
entrypoints = ["http", "https"] # overrides defaultEntryPoints
backend = "backend2"
2017-09-05 13:58:03 +00:00
rule = "Path:/test"
2017-12-06 12:05:08 +00:00
# HTTPS certificate
2018-01-23 15:30:07 +00:00
[[tls]]
2017-12-06 12:05:08 +00:00
entryPoints = ["https"]
2018-01-23 15:30:07 +00:00
[tls.certificate]
2018-01-23 08:12:03 +00:00
certFile = "path/to/my.cert"
keyFile = "path/to/my.key"
2018-01-23 15:30:07 +00:00
[[tls]]
2017-12-06 12:05:08 +00:00
entryPoints = ["https"]
2018-01-23 15:30:07 +00:00
[tls.certificate]
2018-01-23 08:12:03 +00:00
certFile = "path/to/my/other.cert"
keyFile = "path/to/my/other.key"
2017-08-25 19:32:33 +00:00
2017-09-11 17:10:04 +00:00
## Multiple `.toml` Files
You could have multiple `.toml` files in a directory (and recursively in its sub-directories):
2017-09-07 10:02:03 +00:00
2017-08-25 19:32:33 +00:00
```toml
[file]
directory = "/path/to/config/"
```
If you want Træfik to watch file changes automatically, just add:
```toml
[file]
watch = true
```