diff --git a/docs/content/middlewares/basicauth.md b/docs/content/middlewares/basicauth.md index 83f97d0cb..cd032f03f 100644 --- a/docs/content/middlewares/basicauth.md +++ b/docs/content/middlewares/basicauth.md @@ -79,10 +79,6 @@ Passwords must be encoded using MD5, SHA1, or BCrypt. The `users` option is an array of authorized users. Each user will be declared using the `name:encoded-password` format. -!!! Note - - If both `users` and `usersFile` are provided, the two are merged. The content of `usersFile` has precedence over `users`. - ### `usersFile` The `usersFile` option is the path to an external file that contains the authorized users for the middleware. @@ -106,7 +102,7 @@ You can customize the realm for the authentication with the `realm` option. The ### `headerField` -You can customize the header field for the authenticated user using the `headerField`option. +You can define a header field to store the authenticated user using the `headerField`option. ```yaml tab="Docker" labels: diff --git a/docs/content/middlewares/circuitbreaker.md b/docs/content/middlewares/circuitbreaker.md index 03f2c0c19..1f4c928ed 100644 --- a/docs/content/middlewares/circuitbreaker.md +++ b/docs/content/middlewares/circuitbreaker.md @@ -132,7 +132,7 @@ For example, the expression `LatencyAtQuantileMS(50.0) > 100` will trigger the c !!! Note - You must provide a float number (with the leading .0) for the quantile value + You must provide a float number (with the trailing .0) for the quantile value #### Using multiple metrics @@ -153,7 +153,6 @@ Here is the list of supported operators: - Greater or equal than (`>=`) - Lesser than (`<`) - Lesser or equal than (`<=`) -- Not (`!`) - Equal (`==`) - Not Equal (`!=`) diff --git a/docs/content/middlewares/compress.md b/docs/content/middlewares/compress.md index a1b07b84e..8137899f2 100644 --- a/docs/content/middlewares/compress.md +++ b/docs/content/middlewares/compress.md @@ -55,6 +55,6 @@ http: Responses are compressed when: -* The response body is larger than `512` bytes. +* The response body is larger than `1400` bytes. * The `Accept-Encoding` request header contains `gzip`. * The response is not already compressed, i.e. the `Content-Encoding` response header is not already set. diff --git a/docs/content/middlewares/errorpages.md b/docs/content/middlewares/errorpages.md index 29ee280ba..e3ae0c110 100644 --- a/docs/content/middlewares/errorpages.md +++ b/docs/content/middlewares/errorpages.md @@ -77,7 +77,7 @@ http: ``` !!! note - In this example, the error page URL is based on the status code (`query=/{status}.html)`. + In this example, the error page URL is based on the status code (`query=/{status}.html`). ## Configuration Options diff --git a/docs/content/middlewares/headers.md b/docs/content/middlewares/headers.md index a81be1a52..9ba57f386 100644 --- a/docs/content/middlewares/headers.md +++ b/docs/content/middlewares/headers.md @@ -70,7 +70,12 @@ http: `X-Script-Name` header added to the proxied request, the `X-Custom-Request-Header` header removed from the request, and the `X-Custom-Response-Header` header removed from the response. -Please note that is not possible to remove headers through the use of labels (Docker, Rancher, Marathon, ...) for now. +Please note that it is not possible to remove headers through the use of labels (Docker, Rancher, Marathon, ...) for now. + +```yaml tab="Docker" +labels: + - "traefik.http.middlewares.testheader.headers.customrequestheaders.X-Script-Name=test" +``` ```yaml tab="Kubernetes" apiVersion: traefik.containo.us/v1alpha1 @@ -86,17 +91,17 @@ spec: X-Custom-Response-Header: "" # Removes ``` -```yaml tab="Rancher" -labels: - - "traefik.http.middlewares.testheader.headers.customrequestheaders.X-Script-Name=test" -``` - ```json tab="Marathon" "labels": { "traefik.http.middlewares.testheader.headers.customrequestheaders.X-Script-Name": "test", } ``` +```yaml tab="Rancher" +labels: + - "traefik.http.middlewares.testheader.headers.customrequestheaders.X-Script-Name=test" +``` + ```toml tab="File (TOML)" [http.middlewares] [http.middlewares.testHeader.headers] @@ -121,7 +126,7 @@ http: ### Using Security Headers -Security related headers (HSTS headers, SSL redirection, Browser XSS filter, etc) can be added and configured per frontend in a similar manner to the custom headers above. +Security related headers (HSTS headers, SSL redirection, Browser XSS filter, etc) can be added and configured in a manner similar to the custom headers above. This functionality allows for some easy security features to quickly be set. ```yaml tab="Docker" @@ -141,12 +146,6 @@ spec: sslRedirect: "true" ``` -```yaml tab="Rancher" -labels: - - "traefik.http.middlewares.testheader.headers.framedeny=true" - - "traefik.http.middlewares.testheader.headers.sslredirect=true" -``` - ```json tab="Marathon" "labels": { "traefik.http.middlewares.testheader.headers.framedeny": "true", @@ -154,6 +153,12 @@ labels: } ``` +```yaml tab="Rancher" +labels: + - "traefik.http.middlewares.testheader.headers.framedeny=true" + - "traefik.http.middlewares.testheader.headers.sslredirect=true" +``` + ```toml tab="File (TOML)" [http.middlewares] [http.middlewares.testHeader.headers] @@ -172,7 +177,7 @@ http: ### CORS Headers -CORS (Cross-Origin Resource Sharing) headers can be added and configured per frontend in a similar manner to the custom headers above. +CORS (Cross-Origin Resource Sharing) headers can be added and configured in a manner similar to the custom headers above. This functionality allows for more advanced security features to quickly be set. ```yaml tab="Docker" @@ -199,14 +204,6 @@ spec: addVaryHeader: "true" ``` -```yaml tab="Rancher" -labels: - - "traefik.http.middlewares.testheader.headers.accesscontrolallowmethods=GET,OPTIONS,PUT" - - "traefik.http.middlewares.testheader.headers.accesscontrolalloworigin=origin-list-or-null" - - "traefik.http.middlewares.testheader.headers.accesscontrolmaxage=100" - - "traefik.http.middlewares.testheader.headers.addvaryheader=true" -``` - ```json tab="Marathon" "labels": { "traefik.http.middlewares.testheader.headers.accesscontrolallowmethods": "GET,OPTIONS,PUT", @@ -216,6 +213,14 @@ labels: } ``` +```yaml tab="Rancher" +labels: + - "traefik.http.middlewares.testheader.headers.accesscontrolallowmethods=GET,OPTIONS,PUT" + - "traefik.http.middlewares.testheader.headers.accesscontrolalloworigin=origin-list-or-null" + - "traefik.http.middlewares.testheader.headers.accesscontrolmaxage=100" + - "traefik.http.middlewares.testheader.headers.addvaryheader=true" +``` + ```toml tab="File (TOML)" [http.middlewares] [http.middlewares.testHeader.headers] diff --git a/docs/content/middlewares/inflightreq.md b/docs/content/middlewares/inflightreq.md index 9b07b7a82..770a3463d 100644 --- a/docs/content/middlewares/inflightreq.md +++ b/docs/content/middlewares/inflightreq.md @@ -74,7 +74,7 @@ The `ipStrategy` option defines two parameters that sets how Traefik will determ The `depth` option tells Traefik to use the `X-Forwarded-For` header and take the IP located at the `depth` position (starting from the right). - If `depth` is greater than the total number of IPs in `X-Forwarded-For`, then the client IP will be empty. -- `depth` is ignored if its value is is lesser than or equal to 0. +- `depth` is ignored if its value is lesser than or equal to 0. !!! note "Example of Depth & X-Forwarded-For" diff --git a/docs/content/middlewares/ipwhitelist.md b/docs/content/middlewares/ipwhitelist.md index 869ba0af8..1594c13cc 100644 --- a/docs/content/middlewares/ipwhitelist.md +++ b/docs/content/middlewares/ipwhitelist.md @@ -144,7 +144,7 @@ The `depth` option tells Traefik to use the `X-Forwarded-For` header and take th !!! note - If `depth` is greater than the total number of IPs in `X-Forwarded-For`, then the client IP will be empty. - - `depth` is ignored if its value is is lesser than or equal to 0. + - `depth` is ignored if its value is lesser than or equal to 0. #### `ipStrategy.excludedIPs` diff --git a/docs/content/middlewares/passtlsclientcert.md b/docs/content/middlewares/passtlsclientcert.md index 46b6aec36..6498000e3 100644 --- a/docs/content/middlewares/passtlsclientcert.md +++ b/docs/content/middlewares/passtlsclientcert.md @@ -219,7 +219,7 @@ PassTLSClientCert can add two headers to the request: !!! note The headers are filled with escaped string so it can be safely placed inside a URL query. -In the following example, you can see a complete certificate. We will use each part of it to explains the middleware options. +In the following example, you can see a complete certificate. We will use each part of it to explain the middleware options. ??? example "A complete client tls certificate" diff --git a/docs/content/middlewares/ratelimit.md b/docs/content/middlewares/ratelimit.md index b1d7a0a84..fcd0d4eb4 100644 --- a/docs/content/middlewares/ratelimit.md +++ b/docs/content/middlewares/ratelimit.md @@ -171,7 +171,7 @@ The `ipStrategy` option defines two parameters that sets how Traefik will determ The `depth` option tells Traefik to use the `X-Forwarded-For` header and take the IP located at the `depth` position (starting from the right). - If `depth` is greater than the total number of IPs in `X-Forwarded-For`, then the client IP will be empty. -- `depth` is ignored if its value is is lesser than or equal to 0. +- `depth` is ignored if its value is lesser than or equal to 0. !!! note "Example of Depth & X-Forwarded-For" diff --git a/docs/content/providers/docker.md b/docs/content/providers/docker.md index 6e20e5e4b..f0a030073 100644 --- a/docs/content/providers/docker.md +++ b/docs/content/providers/docker.md @@ -477,7 +477,7 @@ You can declare TCP Routers and/or Services using labels. # ... labels: - traefik.tcp.routers.my-router.rule="HostSNI(`my-host.com`)" - - traefik.tcp.routers.my-router.rule.tls="true" + - traefik.tcp.routers.my-router.tls="true" - traefik.tcp.services.my-service.loadbalancer.server.port="4123" ``` diff --git a/docs/content/providers/file.md b/docs/content/providers/file.md index 48f9a62a0..78e471a1c 100644 --- a/docs/content/providers/file.md +++ b/docs/content/providers/file.md @@ -46,7 +46,7 @@ You can write these configuration elements: entryPoints = ["web"] middlewares = ["my-basic-auth"] service = "service-foo" - rule = "Path(`foo`)" + rule = "Path(`/foo`)" # Add the middleware [http.middlewares] @@ -75,7 +75,7 @@ You can write these configuration elements: middlewares: - my-basic-auth service: service-foo - rule: Path(`foo`) + rule: Path(`/foo`) # Add the middleware middlewares: diff --git a/docs/content/routing/routers/index.md b/docs/content/routing/routers/index.md index 4951d7240..642292d98 100644 --- a/docs/content/routing/routers/index.md +++ b/docs/content/routing/routers/index.md @@ -216,7 +216,7 @@ The table below lists all the available matchers: | ```Host(`domain-1`, ...)``` | Check if the request domain targets one of the given `domains`. | | ```HostRegexp(`traefik.io`, `{subdomain:[a-z]+}.traefik.io`, ...)``` | Check if the request domain matches the given `regexp`. | | ```Method(`GET`, ...)``` | Check if the request method is one of the given `methods` (`GET`, `POST`, `PUT`, `DELETE`, `PATCH`) | -| ```Path(`path`, `/articles/{category}/{id:[0-9]+}`, ...)``` | Match exact request path. It accepts a sequence of literal and regular expression paths. | +| ```Path(`/path`, `/articles/{category}/{id:[0-9]+}`, ...)``` | Match exact request path. It accepts a sequence of literal and regular expression paths. | | ```PathPrefix(`/products/`, `/articles/{category}/{id:[0-9]+}`)``` | Match request prefix path. It accepts a sequence of literal and regular expression prefix paths. | | ```Query(`foo=bar`, `bar=baz`)``` | Match` Query String parameters. It accepts a sequence of key=value pairs. | diff --git a/docs/content/user-guides/marathon.md b/docs/content/user-guides/marathon.md index e47489e91..847a96016 100644 --- a/docs/content/user-guides/marathon.md +++ b/docs/content/user-guides/marathon.md @@ -98,7 +98,7 @@ The remaining section is going to explore them along with a benefit/cost trade-o It may seem obvious to reuse the Marathon health checks as a signal to Traefik whether an application should be taken into load-balancing rotation or not. -Apart from the increased latency a failing health check may have, a major problem with this is is that Marathon does not persist the health check results. +Apart from the increased latency a failing health check may have, a major problem with this is that Marathon does not persist the health check results. Consequently, if a master re-election occurs in the Marathon clusters, all health check results will revert to the _unknown_ state, effectively causing all applications inside the cluster to become unavailable and leading to a complete cluster failure. Re-elections do not only happen during regular maintenance work (often requiring rolling upgrades of the Marathon nodes) but also when the Marathon leader fails spontaneously. As such, there is no way to handle this situation deterministically.