From 6fc110a71aff4c6447ad6d3c94f8c82649fd418d Mon Sep 17 00:00:00 2001 From: ScuttleSE Date: Sat, 15 Aug 2020 16:04:03 +0200 Subject: [PATCH 1/4] doc: fix typo in migration guide --- docs/content/migration/v1-to-v2.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/content/migration/v1-to-v2.md b/docs/content/migration/v1-to-v2.md index 8dbc4686a..fb8e0f983 100644 --- a/docs/content/migration/v1-to-v2.md +++ b/docs/content/migration/v1-to-v2.md @@ -501,7 +501,7 @@ To apply a redirection: [http.routers.router1.tls] [http.middlewares] - [http.middlewares.https-redirect.redirectScheme] + [http.middlewares.https_redirect.redirectScheme] scheme = "https" permanent = true ``` From 532b5865de72c973afe4ee281b2f0cd7ea32bf16 Mon Sep 17 00:00:00 2001 From: Kevin Crawley <3759919+notsureifkevin@users.noreply.github.com> Date: Tue, 25 Aug 2020 07:38:04 -0500 Subject: [PATCH 2/4] doc: added tz section to access log --- docs/content/observability/access-logs.md | 29 +++++++++++++++++++++++ 1 file changed, 29 insertions(+) diff --git a/docs/content/observability/access-logs.md b/docs/content/observability/access-logs.md index fc9f424dc..294182fb5 100644 --- a/docs/content/observability/access-logs.md +++ b/docs/content/observability/access-logs.md @@ -217,3 +217,32 @@ This allows the logs to be rotated and processed by an external program, such as !!! warning This does not work on Windows due to the lack of USR signals. + +## Time Zones + +Traefik will timestamp each log line in UTC time by default. + +It is possible to configure the Traefik to timestamp in a specific timezone by ensuring the following configuration has been made in your environment: + +1. Provide time zone data to `/etc/localtime` or `/usr/share/zoneinfo` (based on your distribution) or set the environment variable TZ to the desired timezone +2. Specify the field `StartLocal` by dropping the field named `StartUTC` (available on the default Common Log Format (CLF) as well as JSON) + +Example utilizing Docker Compose: + +```yaml +version: "3.7" + +services: + traefik: + image: traefik:v2.2 + environment: + - TZ=US/Alaska + command: + - --accesslog + - --accesslog.fields.names.StartUTC=drop + - --providers.docker + ports: + - 80:80 + volumes: + - /var/run/docker.sock:/var/run/docker.sock +``` From 3e3b7238e079d7017fd5d86d182c248d81c8deb6 Mon Sep 17 00:00:00 2001 From: Dakshraj Sharma Date: Tue, 25 Aug 2020 20:40:04 +0530 Subject: [PATCH 3/4] doc: Minor language improvement in TLS documentation --- docs/content/https/tls.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/docs/content/https/tls.md b/docs/content/https/tls.md index 9b1023386..789a46937 100644 --- a/docs/content/https/tls.md +++ b/docs/content/https/tls.md @@ -183,9 +183,9 @@ spec: ### Maximum TLS Version -We discourages the use of this setting to disable TLS1.3. +We discourage the use of this setting to disable TLS1.3. -The right approach is to update the clients to support TLS1.3. +The recommended approach is to update the clients to support TLS1.3. ```toml tab="File (TOML)" # Dynamic configuration @@ -316,7 +316,7 @@ spec: ### Strict SNI Checking -With strict SNI checking, Traefik won't allow connections from clients connections +With strict SNI checking enabled, Traefik won't allow connections from clients that do not specify a server_name extension or don't match any certificate configured on the tlsOption. ```toml tab="File (TOML)" From 0399d0c4d67c2e8bfcaa160e0a87800bb2326573 Mon Sep 17 00:00:00 2001 From: Mathias Petermann Date: Thu, 27 Aug 2020 12:08:03 +0200 Subject: [PATCH 4/4] Reorder migrations for v2 minor upgrades --- docs/content/migration/v2.md | 24 ++++++++++++------------ 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/docs/content/migration/v2.md b/docs/content/migration/v2.md index 43a7a7821..654c875e7 100644 --- a/docs/content/migration/v2.md +++ b/docs/content/migration/v2.md @@ -1,17 +1,5 @@ # Migration: Steps needed between the versions -## v2.2.2 to v2.2.5 - -### InsecureSNI removal - -In `v2.2.2` we introduced a new flag (`insecureSNI`) which was available as a global option to disable domain fronting. -Since `v2.2.5` this global option has been removed, and you should not use it anymore. - -### HostSNI rule matcher removal - -In `v2.2.2` we introduced a new rule matcher (`HostSNI`) which was allowing to match the Server Name Indication at the router level. -Since `v2.2.5` this rule has been removed, and you should not use it anymore. - ## v2.0 to v2.1 ### Kubernetes CRD @@ -314,3 +302,15 @@ providers: --entryPoints.websecure.address=:443 --providers.kubernetesIngress=true ``` + +## v2.2.2 to v2.2.5 + +### InsecureSNI removal + +In `v2.2.2` we introduced a new flag (`insecureSNI`) which was available as a global option to disable domain fronting. +Since `v2.2.5` this global option has been removed, and you should not use it anymore. + +### HostSNI rule matcher removal + +In `v2.2.2` we introduced a new rule matcher (`HostSNI`) which was allowing to match the Server Name Indication at the router level. +Since `v2.2.5` this rule has been removed, and you should not use it anymore.