fix: TLS configuration from directory.

pkg/provider/file/file.go

@@ -295,9 +295,31 @@ func (p *Provider) loadFileConfigFromDirectory(ctx context.Context, directory st
 				configTLSMaps[conf] = struct{}{}
 			}
 		}
+
+		for name, conf := range c.TLS.Options {
+			if _, exists := configuration.TLS.Options[name]; exists {
+				logger.Warnf("TLS options %v already configured, skipping", name)
+			} else {
+				if configuration.TLS.Options == nil {
+					configuration.TLS.Options = map[string]tls.Options{}
+				}
+				configuration.TLS.Options[name] = conf
+			}
+		}
+
+		for name, conf := range c.TLS.Stores {
+			if _, exists := configuration.TLS.Stores[name]; exists {
+				logger.Warnf("TLS store %v already configured, skipping", name)
+			} else {
+				if configuration.TLS.Stores == nil {
+					configuration.TLS.Stores = map[string]tls.Store{}
+				}
+				configuration.TLS.Stores[name] = conf
+			}
+		}
 	}
 
-	if len(configTLSMaps) > 0 {
+	if len(configTLSMaps) > 0 && configuration.TLS == nil {
 		configuration.TLS = &dynamic.TLSConfiguration{}
 	}
 

pkg/provider/file/file_test.go

@@ -17,12 +17,13 @@ import (
 )
 
 type ProvideTestCase struct {
-	desc               string
+	desc                  string
-	directoryPaths     []string
+	directoryPaths        []string
-	filePath           string
+	filePath              string
-	expectedNumRouter  int
+	expectedNumRouter     int
-	expectedNumService int
+	expectedNumService    int
-	expectedNumTLSConf int
+	expectedNumTLSConf    int
+	expectedNumTLSOptions int
 }
 
 func TestTLSContent(t *testing.T) {
@@ -94,6 +95,7 @@ func TestProvideWithoutWatch(t *testing.T) {
 				assert.Len(t, conf.Configuration.HTTP.Routers, test.expectedNumRouter)
 				require.NotNil(t, conf.Configuration.TLS)
 				assert.Len(t, conf.Configuration.TLS.Certificates, test.expectedNumTLSConf)
+				assert.Len(t, conf.Configuration.TLS.Options, test.expectedNumTLSOptions)
 			case <-timeout:
 				t.Errorf("timeout while waiting for config")
 			}
@@ -192,9 +194,10 @@ func getTestCases() []ProvideTestCase {
 				"./fixtures/toml/dir01_file02.toml",
 				"./fixtures/toml/dir01_file03.toml",
 			},
-			expectedNumRouter:  2,
+			expectedNumRouter:     2,
-			expectedNumService: 3,
+			expectedNumService:    3,
-			expectedNumTLSConf: 4,
+			expectedNumTLSConf:    4,
+			expectedNumTLSOptions: 1,
 		},
 		{
 			desc: "simple directory yaml",
@@ -203,9 +206,10 @@ func getTestCases() []ProvideTestCase {
 				"./fixtures/yaml/dir01_file02.yml",
 				"./fixtures/yaml/dir01_file03.yml",
 			},
-			expectedNumRouter:  2,
+			expectedNumRouter:     2,
-			expectedNumService: 3,
+			expectedNumService:    3,
-			expectedNumTLSConf: 4,
+			expectedNumTLSConf:    4,
+			expectedNumTLSOptions: 1,
 		},
 		{
 			desc: "template in directory",

pkg/provider/file/fixtures/toml/dir01_file03.toml

@@ -15,3 +15,7 @@
 [[tls.certificates]]
   certFile = "integration/fixtures/https/snitest4.com.cert"
   keyFile = "integration/fixtures/https/snitest4.com.key"
+
+[tls.options]
+  [tls.options.mintls13]
+    minVersion = "VersionTLS13"

pkg/provider/file/fixtures/yaml/dir01_file03.yml

@@ -8,3 +8,7 @@ tls:
     keyFile: integration/fixtures/https/snitest3.com.key
   - certFile: integration/fixtures/https/snitest4.com.cert
     keyFile: integration/fixtures/https/snitest4.com.key
+
+  options:
+    mintls13:
+      minVersion: VersionTLS13