From c9bbfa1272db992d19939f22631a5fa6dc659175 Mon Sep 17 00:00:00 2001 From: Ludovic Fernandez Date: Fri, 25 Sep 2020 01:32:03 +0200 Subject: [PATCH 01/13] chore: Added configuration files for generating the changelog of a release. --- script/gcg/readme.md | 31 +++++++++++++++++++++ script/gcg/traefik-bugfix.toml | 27 ++++++++++++++++++ script/gcg/traefik-final-release-part1.toml | 27 ++++++++++++++++++ script/gcg/traefik-final-release-part2.toml | 27 ++++++++++++++++++ script/gcg/traefik-rc-first.toml | 27 ++++++++++++++++++ script/gcg/traefik-rc-new.toml | 27 ++++++++++++++++++ 6 files changed, 166 insertions(+) create mode 100644 script/gcg/readme.md create mode 100644 script/gcg/traefik-bugfix.toml create mode 100644 script/gcg/traefik-final-release-part1.toml create mode 100644 script/gcg/traefik-final-release-part2.toml create mode 100644 script/gcg/traefik-rc-first.toml create mode 100644 script/gcg/traefik-rc-new.toml diff --git a/script/gcg/readme.md b/script/gcg/readme.md new file mode 100644 index 000000000..393786e05 --- /dev/null +++ b/script/gcg/readme.md @@ -0,0 +1,31 @@ +# GCG - GitHub Changelog Generator + +Installation: https://github.com/ldez/gcg#how-to-install + +## Generates Changelog for a Bug Fix Release + +```bash +gcg --config-file=./script/gcg/traefik-bugfix.toml +``` + +## Generates Changelog for a Final Release + +```bash +gcg --config-file=./script/gcg/traefik-final-release-part1.toml +``` + +```bash +gcg --config-file=./script/gcg/traefik-final-release-part2.toml +``` + +## Generates Changelog for the first RC of a Version + +```bash +gcg --config-file=./script/gcg/traefik-rc-first.toml +``` + +## Generates Changelog for a RC of a Version + +```bash +gcg --config-file=./script/gcg/traefik-rc-new.toml +``` diff --git a/script/gcg/traefik-bugfix.toml b/script/gcg/traefik-bugfix.toml new file mode 100644 index 000000000..12a46dbef --- /dev/null +++ b/script/gcg/traefik-bugfix.toml @@ -0,0 +1,27 @@ +Owner = "traefik" +RepositoryName = "traefik" + +OutputType = "file" +FileName = "traefik_changelog.md" + +# example new bugfix v2.3.1 +CurrentRef = "v2.3" +PreviousRef = "v2.3.0" +BaseBranch = "v2.3" +FutureCurrentRefName = "v2.3.1" + +ThresholdPreviousRef = 10 +ThresholdCurrentRef = 10 + +Debug = true +DisplayLabel = true + +LabelExcludes = ["area/infrastructure"] +LabelEnhancement = "kind/enhancement" +LabelDocumentation = "area/documentation" +LabelBug = "kind/bug/fix" + +[DisplayLabelOptions] + FilteredPrefixes = ["area/", "platform/"] + ExcludedSuffixes = ["documentation"] + TrimmedPrefixes = ["area/provider/", "area/middleware/", "area/", "platform/"] diff --git a/script/gcg/traefik-final-release-part1.toml b/script/gcg/traefik-final-release-part1.toml new file mode 100644 index 000000000..7ef7b1fe0 --- /dev/null +++ b/script/gcg/traefik-final-release-part1.toml @@ -0,0 +1,27 @@ +Owner = "traefik" +RepositoryName = "traefik" + +OutputType = "file" +FileName = "traefik_changelog.md" + +# example final release of v2.3.0 +CurrentRef = "v2.3" +PreviousRef = "v2.3.0-rc7" +BaseBranch = "v2.3" +FutureCurrentRefName = "v2.3.0" + +ThresholdPreviousRef = 10 +ThresholdCurrentRef = 10 + +Debug = true +DisplayLabel = true + +LabelExcludes = ["area/infrastructure"] +LabelEnhancement = "kind/enhancement" +LabelDocumentation = "area/documentation" +LabelBug = "kind/bug/fix" + +[DisplayLabelOptions] + FilteredPrefixes = ["area/", "platform/"] + ExcludedSuffixes = ["documentation"] + TrimmedPrefixes = ["area/provider/", "area/middleware/", "area/", "platform/"] diff --git a/script/gcg/traefik-final-release-part2.toml b/script/gcg/traefik-final-release-part2.toml new file mode 100644 index 000000000..6fd821820 --- /dev/null +++ b/script/gcg/traefik-final-release-part2.toml @@ -0,0 +1,27 @@ +Owner = "traefik" +RepositoryName = "traefik" + +OutputType = "file" +FileName = "traefik_changelog.md" + +# example final release of v2.3.0 +CurrentRef = "v2.3.0-rc1" +PreviousRef = "v2.2.0-rc1" +BaseBranch = "master" +FutureCurrentRefName = "v2.3.0-rc1" + +ThresholdPreviousRef = 10 +ThresholdCurrentRef = 10 + +Debug = true +DisplayLabel = true + +LabelExcludes = ["area/infrastructure"] +LabelEnhancement = "kind/enhancement" +LabelDocumentation = "area/documentation" +LabelBug = "kind/bug/fix" + +[DisplayLabelOptions] + FilteredPrefixes = ["area/", "platform/"] + ExcludedSuffixes = ["documentation"] + TrimmedPrefixes = ["area/provider/", "area/middleware/", "area/", "platform/"] diff --git a/script/gcg/traefik-rc-first.toml b/script/gcg/traefik-rc-first.toml new file mode 100644 index 000000000..39435bdda --- /dev/null +++ b/script/gcg/traefik-rc-first.toml @@ -0,0 +1,27 @@ +Owner = "traefik" +RepositoryName = "traefik" + +OutputType = "file" +FileName = "traefik_changelog.md" + +# example RC1 of v2.3.0 +CurrentRef = "master" +PreviousRef = "v2.2.0-rc1" +BaseBranch = "master" +FutureCurrentRefName = "v2.3.0-rc1" + +ThresholdPreviousRef = 10 +ThresholdCurrentRef = 10 + +Debug = true +DisplayLabel = true + +LabelExcludes = ["area/infrastructure"] +LabelEnhancement = "kind/enhancement" +LabelDocumentation = "area/documentation" +LabelBug = "kind/bug/fix" + +[DisplayLabelOptions] + FilteredPrefixes = ["area/", "platform/"] + ExcludedSuffixes = ["documentation"] + TrimmedPrefixes = ["area/provider/", "area/middleware/", "area/", "platform/"] diff --git a/script/gcg/traefik-rc-new.toml b/script/gcg/traefik-rc-new.toml new file mode 100644 index 000000000..f66b0fe89 --- /dev/null +++ b/script/gcg/traefik-rc-new.toml @@ -0,0 +1,27 @@ +Owner = "traefik" +RepositoryName = "traefik" + +OutputType = "file" +FileName = "traefik_changelog.md" + +# example RC2 of v2.3.0 +CurrentRef = "v2.3" +PreviousRef = "v2.3.0-rc1" +BaseBranch = "v2.3" +FutureCurrentRefName = "v2.3.0-rc2" + +ThresholdPreviousRef = 10 +ThresholdCurrentRef = 10 + +Debug = true +DisplayLabel = true + +LabelExcludes = ["area/infrastructure"] +LabelEnhancement = "kind/enhancement" +LabelDocumentation = "area/documentation" +LabelBug = "kind/bug/fix" + +[DisplayLabelOptions] + FilteredPrefixes = ["area/", "platform/"] + ExcludedSuffixes = ["documentation"] + TrimmedPrefixes = ["area/provider/", "area/middleware/", "area/", "platform/"] From c5b4e589ff5e3d5c98729f01e3c4abd6661ca45f Mon Sep 17 00:00:00 2001 From: Damien Goujard Date: Fri, 25 Sep 2020 12:18:04 +0200 Subject: [PATCH 02/13] Update of the helm repo localisation --- docs/content/getting-started/install-traefik.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/content/getting-started/install-traefik.md b/docs/content/getting-started/install-traefik.md index a10d58212..484113ce5 100644 --- a/docs/content/getting-started/install-traefik.md +++ b/docs/content/getting-started/install-traefik.md @@ -42,7 +42,7 @@ Ensure that the following requirements are met: Add Traefik's chart repository to Helm: ```bash -helm repo add traefik https://traefik.github.io/traefik-helm-chart +helm repo add traefik https://helm.traefik.io/traefik ``` You can update the chart repository by running: From fc7002fbab3daf2fa6b77349f77cf9c6d4ee0f27 Mon Sep 17 00:00:00 2001 From: Matthieu Hostache Date: Mon, 28 Sep 2020 12:14:04 +0200 Subject: [PATCH 03/13] Fix blank webui on some browsers --- webui/package-lock.json | 5 ----- webui/package.json | 1 - webui/src/components/_commons/NavBar.vue | 3 +-- 3 files changed, 1 insertion(+), 8 deletions(-) diff --git a/webui/package-lock.json b/webui/package-lock.json index 9f66f9475..cedd76259 100644 --- a/webui/package-lock.json +++ b/webui/package-lock.json @@ -12488,11 +12488,6 @@ "integrity": "sha512-b39TBaTSfV6yBrapU89p5fKekE2m/NwnDocOVruQFS1/veMgdzuPcnOM34M6CwxW8jH/lxEa5rBoDeUwu5HHTw==", "dev": true }, - "semver-regex": { - "version": "3.1.1", - "resolved": "https://registry.npmjs.org/semver-regex/-/semver-regex-3.1.1.tgz", - "integrity": "sha512-3dPcmFqxblWB/cppQ2qXWqlp9b6GLgAS032+Ec5E0waDVHTkwYIL+7BFI9UqEe0tkoHle2f3pBgvT/Xl95+Dig==" - }, "send": { "version": "0.17.1", "resolved": "https://registry.npmjs.org/send/-/send-0.17.1.tgz", diff --git a/webui/package.json b/webui/package.json index 69c92ed13..3a4665be0 100644 --- a/webui/package.json +++ b/webui/package.json @@ -26,7 +26,6 @@ "moment": "^2.24.0", "quasar": "^1.4.4", "query-string": "^6.13.1", - "semver-regex": "^3.1.1", "vh-check": "^2.0.5", "vue-chartjs": "^3.4.2", "vuex-map-fields": "^1.3.4" diff --git a/webui/src/components/_commons/NavBar.vue b/webui/src/components/_commons/NavBar.vue index 549cb7911..2b577ab6b 100644 --- a/webui/src/components/_commons/NavBar.vue +++ b/webui/src/components/_commons/NavBar.vue @@ -46,7 +46,6 @@ import config from '../../../package' import PlatformAuthState from '../platform/PlatformAuthState' import { mapActions, mapGetters } from 'vuex' -import semverRegex from 'semver-regex' export default { name: 'NavBar', @@ -55,7 +54,7 @@ export default { ...mapGetters('core', { coreVersion: 'version' }), version () { if (!this.coreVersion.Version) return null - return semverRegex().test(this.coreVersion.Version) + return /^(v?\d+\.\d+)/.test(this.coreVersion.Version) ? this.coreVersion.Version : this.coreVersion.Version.substring(0, 7) }, From ddc663eac0dad112acc1d290f5f00fdc04da9613 Mon Sep 17 00:00:00 2001 From: Romain Date: Tue, 29 Sep 2020 17:36:04 +0200 Subject: [PATCH 04/13] Prepare release v2.3.1 --- CHANGELOG.md | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index f95aa03e1..7dfc90665 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,3 +1,14 @@ +## [v2.3.1](https://github.com/traefik/traefik/tree/v2.3.1) (2020-09-28) +[All Commits](https://github.com/traefik/traefik/compare/v2.3.0...v2.3.1) + +**Bug fixes:** +- **[webui]** Fix blank webui on some browsers ([#7364](https://github.com/traefik/traefik/pull/7364) by [matthieuh](https://github.com/matthieuh)) + +**Documentation:** +- **[k8s/helm]** Update of the helm repo localisation ([#7352](https://github.com/traefik/traefik/pull/7352) by [dgoujard](https://github.com/dgoujard)) +- restore traefik logo ([#7344](https://github.com/traefik/traefik/pull/7344) by [notsureifkevin](https://github.com/notsureifkevin)) +- Removes invalid items in the changelog. ([#7339](https://github.com/traefik/traefik/pull/7339) by [ldez](https://github.com/ldez)) + ## [v2.3.0](https://github.com/traefik/traefik/tree/v2.3.0) (2020-09-23) [All Commits](https://github.com/traefik/traefik/compare/v2.2.0-rc1...v2.3.0) From ab13019bdefe7e1bad7bc0de4625603f0f6d272f Mon Sep 17 00:00:00 2001 From: Anton Popovichenko Date: Wed, 30 Sep 2020 13:04:04 +0300 Subject: [PATCH 05/13] acme: Fix race condition in LocalStore during saving. --- pkg/provider/acme/local_store.go | 19 +++++- pkg/provider/acme/local_store_test.go | 87 +++++++++++++++++++++++++++ 2 files changed, 104 insertions(+), 2 deletions(-) create mode 100644 pkg/provider/acme/local_store_test.go diff --git a/pkg/provider/acme/local_store.go b/pkg/provider/acme/local_store.go index 81c509cbc..176eae960 100644 --- a/pkg/provider/acme/local_store.go +++ b/pkg/provider/acme/local_store.go @@ -34,7 +34,10 @@ func (s *LocalStore) save(resolverName string, storedData *StoredData) { defer s.lock.Unlock() s.storedData[resolverName] = storedData - s.saveDataChan <- s.storedData + + // we cannot pass s.storedData directly, map is reference type and as result + // we can face with race condition, so we need to work with objects copy + s.saveDataChan <- s.unSafeCopyOfStoredData() } func (s *LocalStore) get(resolverName string) (*StoredData, error) { @@ -81,7 +84,10 @@ func (s *LocalStore) get(resolverName string) (*StoredData, error) { } if len(certificates) < len(storedData.Certificates) { storedData.Certificates = certificates - s.saveDataChan <- s.storedData + + // we cannot pass s.storedData directly, map is reference type and as result + // we can face with race condition, so we need to work with objects copy + s.saveDataChan <- s.unSafeCopyOfStoredData() } } } @@ -111,6 +117,15 @@ func (s *LocalStore) listenSaveAction() { }) } +// unSafeCopyOfStoredData creates maps copy of storedData. Is not thread safe, you should use `s.lock`. +func (s *LocalStore) unSafeCopyOfStoredData() map[string]*StoredData { + result := map[string]*StoredData{} + for k, v := range s.storedData { + result[k] = v + } + return result +} + // GetAccount returns ACME Account. func (s *LocalStore) GetAccount(resolverName string) (*Account, error) { storedData, err := s.get(resolverName) diff --git a/pkg/provider/acme/local_store_test.go b/pkg/provider/acme/local_store_test.go new file mode 100644 index 000000000..ad3d1cf6c --- /dev/null +++ b/pkg/provider/acme/local_store_test.go @@ -0,0 +1,87 @@ +package acme + +import ( + "fmt" + "io/ioutil" + "path/filepath" + "testing" + "time" + + "github.com/stretchr/testify/assert" + "github.com/stretchr/testify/require" +) + +func TestLocalStore_GetAccount(t *testing.T) { + acmeFile := filepath.Join(t.TempDir(), "acme.json") + + email := "some42@email.com" + filePayload := fmt.Sprintf(`{ + "test": { + "Account": { + "Email": "%s" + } + } +}`, email) + + err := ioutil.WriteFile(acmeFile, []byte(filePayload), 0o600) + require.NoError(t, err) + + testCases := []struct { + desc string + filename string + expected *Account + }{ + { + desc: "empty file", + filename: filepath.Join(t.TempDir(), "acme-empty.json"), + expected: nil, + }, + { + desc: "file with data", + filename: acmeFile, + expected: &Account{Email: "some42@email.com"}, + }, + } + + for _, test := range testCases { + test := test + t.Run(test.desc, func(t *testing.T) { + s := NewLocalStore(test.filename) + + account, err := s.GetAccount("test") + require.NoError(t, err) + + assert.Equal(t, test.expected, account) + }) + } +} + +func TestLocalStore_SaveAccount(t *testing.T) { + acmeFile := filepath.Join(t.TempDir(), "acme.json") + + s := NewLocalStore(acmeFile) + + email := "some@email.com" + + err := s.SaveAccount("test", &Account{Email: email}) + require.NoError(t, err) + + time.Sleep(100 * time.Millisecond) + + file, err := ioutil.ReadFile(acmeFile) + require.NoError(t, err) + + expected := `{ + "test": { + "Account": { + "Email": "some@email.com", + "Registration": null, + "PrivateKey": null, + "KeyType": "" + }, + "Certificates": null + } +}` + + assert.Equal(t, expected, string(file)) +} From 3506cbd5e9ad2587fe32bacc0c2410cd00e72974 Mon Sep 17 00:00:00 2001 From: Matthias Schneider Date: Fri, 2 Oct 2020 17:38:04 +0200 Subject: [PATCH 06/13] fix: udp json struct tag --- pkg/config/runtime/runtime.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkg/config/runtime/runtime.go b/pkg/config/runtime/runtime.go index 71e2bb33b..12237cc33 100644 --- a/pkg/config/runtime/runtime.go +++ b/pkg/config/runtime/runtime.go @@ -23,7 +23,7 @@ type Configuration struct { TCPRouters map[string]*TCPRouterInfo `json:"tcpRouters,omitempty"` TCPServices map[string]*TCPServiceInfo `json:"tcpServices,omitempty"` UDPRouters map[string]*UDPRouterInfo `json:"udpRouters,omitempty"` - UDPServices map[string]*UDPServiceInfo `json:"updServices,omitempty"` + UDPServices map[string]*UDPServiceInfo `json:"udpServices,omitempty"` } // NewConfig returns a Configuration initialized with the given conf. It never returns nil. From e4a3df351653ac1be2d71d72aa675227737f25c4 Mon Sep 17 00:00:00 2001 From: Benjamin Durham <33912370+Bencey@users.noreply.github.com> Date: Wed, 7 Oct 2020 21:46:04 +1300 Subject: [PATCH 07/13] Fix broken logo --- README.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/README.md b/README.md index 887d6e575..4e2cb7779 100644 --- a/README.md +++ b/README.md @@ -152,9 +152,9 @@ We use [Semantic Versioning](https://semver.org/). ## Credits -Kudos to [Peka](http://peka.byethost11.com/photoblog/) for his awesome work on the logo ![logo](docs/content/assets/img/traefik.icon.png). +Kudos to [Peka](http://peka.byethost11.com/photoblog/) for his awesome work on the gopher's logo!. -Traefik's logo is licensed under the Creative Commons 3.0 Attributions license. +The gopher's logo of Traefik is licensed under the Creative Commons 3.0 Attributions license. -Traefik's logo was inspired by the gopher stickers made by [Takuya Ueda](https://twitter.com/tenntenn). +The gopher's logo of Traefik was inspired by the gopher stickers made by [Takuya Ueda](https://twitter.com/tenntenn). The original Go gopher was designed by [Renee French](https://reneefrench.blogspot.com/). From 4e508499dab41951aee42a262f61c17fc81a8042 Mon Sep 17 00:00:00 2001 From: Kevin Pollet Date: Wed, 7 Oct 2020 18:02:04 +0200 Subject: [PATCH 08/13] Fix containous links in readme --- CODE_OF_CONDUCT.md | 4 ++-- README.md | 8 ++++---- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/CODE_OF_CONDUCT.md b/CODE_OF_CONDUCT.md index ab197c5d9..789cb073b 100644 --- a/CODE_OF_CONDUCT.md +++ b/CODE_OF_CONDUCT.md @@ -36,7 +36,7 @@ Representation of a project may be further defined and clarified by project main ## Enforcement -Instances of abusive, harassing, or otherwise unacceptable behavior may be reported by contacting the project team at contact@containo.us +Instances of abusive, harassing, or otherwise unacceptable behavior may be reported by contacting the project team at contact@traefik.io All complaints will be reviewed and investigated and will result in a response that is deemed necessary and appropriate to the circumstances. The project team is obligated to maintain confidentiality with regard to the reporter of an incident. Further details of specific enforcement policies may be posted separately. @@ -48,4 +48,4 @@ Project maintainers who do not follow or enforce the Code of Conduct in good fai This Code of Conduct is adapted from the [Contributor Covenant][homepage], version 1.4, available at [http://contributor-covenant.org/version/1/4][version] [homepage]: http://contributor-covenant.org -[version]: http://contributor-covenant.org/version/1/4/ \ No newline at end of file +[version]: http://contributor-covenant.org/version/1/4/ diff --git a/README.md b/README.md index 4e2cb7779..646982142 100644 --- a/README.md +++ b/README.md @@ -8,7 +8,7 @@ [![Go Report Card](https://goreportcard.com/badge/traefik/traefik)](https://goreportcard.com/report/traefik/traefik) [![](https://images.microbadger.com/badges/image/traefik.svg)](https://microbadger.com/images/traefik) [![License](https://img.shields.io/badge/license-MIT-blue.svg)](https://github.com/traefik/traefik/blob/master/LICENSE.md) -[![Join the community support forum at https://community.containo.us/](https://img.shields.io/badge/style-register-green.svg?style=social&label=Discourse)](https://community.containo.us/) +[![Join the community support forum at https://community.traefik.io/](https://img.shields.io/badge/style-register-green.svg?style=social&label=Discourse)](https://community.traefik.io/) [![Twitter](https://img.shields.io/twitter/follow/traefik.svg?style=social)](https://twitter.com/intent/follow?screen_name=traefik) @@ -96,9 +96,9 @@ A collection of contributions around Traefik can be found at [https://awesome.tr ## Support To get community support, you can: -- join the Traefik community forum: [![Join the chat at https://community.containo.us/](https://img.shields.io/badge/style-register-green.svg?style=social&label=Discourse)](https://community.containo.us/) +- join the Traefik community forum: [![Join the chat at https://community.traefik.io/](https://img.shields.io/badge/style-register-green.svg?style=social&label=Discourse)](https://community.traefik.io/) -If you need commercial support, please contact [Containo.us](https://containo.us) by mail: . +If you need commercial support, please contact [Traefik.io](https://traefik.io) by mail: . ## Download @@ -122,7 +122,7 @@ git clone https://github.com/traefik/traefik ## Introductory Videos -You can find high level and deep dive videos on [videos.containo.us](https://videos.containo.us). +You can find high level and deep dive videos on [videos.traefik.io](https://videos.traefik.io). ## Maintainers From 495344591f81797789c0e67f16fd11b01aaa08b5 Mon Sep 17 00:00:00 2001 From: Ludovic Fernandez Date: Thu, 8 Oct 2020 00:48:03 +0200 Subject: [PATCH 09/13] fix: versions in the PR template. --- .github/PULL_REQUEST_TEMPLATE.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/PULL_REQUEST_TEMPLATE.md b/.github/PULL_REQUEST_TEMPLATE.md index 714b5e78e..ec1f92e67 100644 --- a/.github/PULL_REQUEST_TEMPLATE.md +++ b/.github/PULL_REQUEST_TEMPLATE.md @@ -3,11 +3,11 @@ PLEASE READ THIS MESSAGE. Documentation fixes or enhancements: - for Traefik v1: use branch v1.7 -- for Traefik v2: use branch v2.2 +- for Traefik v2: use branch v2.3 Bug fixes: - for Traefik v1: use branch v1.7 -- for Traefik v2: use branch v2.2 +- for Traefik v2: use branch v2.3 Enhancements: - for Traefik v1: we only accept bug fixes From 63683d35fc6dbc83d4b75e1842742581412c1292 Mon Sep 17 00:00:00 2001 From: Ludovic Fernandez Date: Thu, 8 Oct 2020 10:38:05 +0200 Subject: [PATCH 10/13] doc: add YAML sample. --- .../getting-started/install-traefik.md | 5 +- traefik.sample.yml | 151 ++++++++++++++++++ 2 files changed, 155 insertions(+), 1 deletion(-) create mode 100644 traefik.sample.yml diff --git a/docs/content/getting-started/install-traefik.md b/docs/content/getting-started/install-traefik.md index 484113ce5..577dcf63b 100644 --- a/docs/content/getting-started/install-traefik.md +++ b/docs/content/getting-started/install-traefik.md @@ -9,7 +9,10 @@ You can install Traefik with the following flavors: ## Use the Official Docker Image -Choose one of the [official Docker images](https://hub.docker.com/_/traefik) and run it with the [sample configuration file](https://raw.githubusercontent.com/traefik/traefik/v2.3/traefik.sample.toml): +Choose one of the [official Docker images](https://hub.docker.com/_/traefik) and run it with one sample configuration file: + +* [TOML](https://raw.githubusercontent.com/traefik/traefik/v2.3/traefik.sample.toml) +* [YAML](https://raw.githubusercontent.com/traefik/traefik/v2.3/traefik.sample.yml) ```bash docker run -d -p 8080:8080 -p 80:80 \ diff --git a/traefik.sample.yml b/traefik.sample.yml new file mode 100644 index 000000000..c13ebcd42 --- /dev/null +++ b/traefik.sample.yml @@ -0,0 +1,151 @@ +################################################################ +# +# Configuration sample for Traefik v2. +# +# For Traefik v1: https://github.com/traefik/traefik/blob/v1.7/traefik.sample.toml +# +################################################################ + +################################################################ +# Global configuration +################################################################ +global: + checkNewVersion: true + sendAnonymousUsage: true + +################################################################ +# EntryPoints configuration +################################################################ + +# EntryPoints definition +# +# Optional +# +entryPoints: + web: + address: :80 + + websecure: + address: :443 + +################################################################ +# Traefik logs configuration +################################################################ + +# Traefik logs +# Enabled by default and log to stdout +# +# Optional +# +#log: + # Log level + # + # Optional + # Default: "ERROR" + # +# level: DEBUG + + # Sets the filepath for the traefik log. If not specified, stdout will be used. + # Intermediate directories are created if necessary. + # + # Optional + # Default: os.Stdout + # +# filePath: log/traefik.log + + # Format is either "json" or "common". + # + # Optional + # Default: "common" + # +# format: json + +################################################################ +# Access logs configuration +################################################################ + +# Enable access logs +# By default it will write to stdout and produce logs in the textual +# Common Log Format (CLF), extended with additional fields. +# +# Optional +# +#accessLog: + # Sets the file path for the access log. If not specified, stdout will be used. + # Intermediate directories are created if necessary. + # + # Optional + # Default: os.Stdout + # +# filePath: /path/to/log/log.txt + + # Format is either "json" or "common". + # + # Optional + # Default: "common" + # +# format: json + +################################################################ +# API and dashboard configuration +################################################################ + +# Enable API and dashboard +# +# Optional +# +#api: + # Enable the API in insecure mode + # + # Optional + # Default: false + # +# insecure: true + + # Enabled Dashboard + # + # Optional + # Default: true + # +# dashboard: false + +################################################################ +# Ping configuration +################################################################ + +# Enable ping +#ping: + # Name of the related entry point + # + # Optional + # Default: "traefik" + # +# entryPoint: traefik + +################################################################ +# Docker configuration backend +################################################################ + +#providers: + # Enable Docker configuration backend +# docker: + # Docker server endpoint. Can be a tcp or a unix socket endpoint. + # + # Required + # Default: "unix:///var/run/docker.sock" + # +# endpoint: tcp://10.10.10.10:2375 + + # Default host rule. + # + # Optional + # Default: "Host(`{{ normalize .Name }}`)" + # +# defaultRule: Host(`{{ normalize .Name }}.docker.localhost`) + + # Expose containers by default in traefik + # + # Optional + # Default: true + # +# exposedByDefault: false From a4df4b028e9c9c8e6de22c11d1178ddf8d2c4aa2 Mon Sep 17 00:00:00 2001 From: Jean-Baptiste Doumenjou <925513+jbdoumenjou@users.noreply.github.com> Date: Thu, 8 Oct 2020 11:36:03 +0200 Subject: [PATCH 11/13] fix: pilot static configuration documentation --- docs/content/reference/static-configuration/file.toml | 5 +++-- docs/content/reference/static-configuration/file.yaml | 4 ++-- 2 files changed, 5 insertions(+), 4 deletions(-) diff --git a/docs/content/reference/static-configuration/file.toml b/docs/content/reference/static-configuration/file.toml index bd2af833e..8bef7d6ac 100644 --- a/docs/content/reference/static-configuration/file.toml +++ b/docs/content/reference/static-configuration/file.toml @@ -250,6 +250,9 @@ addEntryPointsLabels = true addServicesLabels = true +[pilot] + token = "foobar" + [ping] entryPoint = "foobar" manualRouting = true @@ -364,8 +367,6 @@ [certificatesResolvers.CertificateResolver1.acme.tlsChallenge] [experimental] - [experimental.pilot] - token = "foobar" [experimental.plugins] [experimental.plugins.Descriptor0] moduleName = "foobar" diff --git a/docs/content/reference/static-configuration/file.yaml b/docs/content/reference/static-configuration/file.yaml index 046019157..9da38a70a 100644 --- a/docs/content/reference/static-configuration/file.yaml +++ b/docs/content/reference/static-configuration/file.yaml @@ -269,6 +269,8 @@ metrics: password: foobar addEntryPointsLabels: true addServicesLabels: true +pilot: + token: foobar ping: entryPoint: foobar manualRouting: true @@ -383,8 +385,6 @@ certificatesResolvers: entryPoint: foobar tlsChallenge: {} experimental: - pilot: - token: foobar plugins: Descriptor0: moduleName: foobar From 556f7608db490f0348ad58fa51710dc5a5ad42f7 Mon Sep 17 00:00:00 2001 From: Michael Date: Thu, 8 Oct 2020 12:58:04 +0200 Subject: [PATCH 12/13] fix: use provider keytype instead of account keytype. --- docs/content/https/acme.md | 28 ++++++++++++++++++++++++++++ pkg/provider/acme/provider.go | 2 +- 2 files changed, 29 insertions(+), 1 deletion(-) diff --git a/docs/content/https/acme.md b/docs/content/https/acme.md index db5dcc2ef..266663b8e 100644 --- a/docs/content/https/acme.md +++ b/docs/content/https/acme.md @@ -516,6 +516,34 @@ certificatesResolvers: # ... ``` +### `keyType` + +_Optional, Default="RSA4096"_ + +KeyType used for generating certificate private key. Allow value 'EC256', 'EC384', 'RSA2048', 'RSA4096', 'RSA8192'. + +```toml tab="File (TOML)" +[certificatesResolvers.myresolver.acme] + # ... + keyType = "RSA4096" + # ... +``` + +```yaml tab="File (YAML)" +certificatesResolvers: + myresolver: + acme: + # ... + keyType: 'RSA4096' + # ... +``` + +```bash tab="CLI" +# ... +--certificatesresolvers.myresolver.acme.keyType="RSA4096" +# ... +``` + ## Fallback If Let's Encrypt is not reachable, the following certificates will apply: diff --git a/pkg/provider/acme/provider.go b/pkg/provider/acme/provider.go index 1283db6d8..20cc271dc 100644 --- a/pkg/provider/acme/provider.go +++ b/pkg/provider/acme/provider.go @@ -220,7 +220,7 @@ func (p *Provider) getClient() (*lego.Client, error) { config := lego.NewConfig(account) config.CADirURL = caServer - config.Certificate.KeyType = account.KeyType + config.Certificate.KeyType = GetKeyType(ctx, p.KeyType) config.UserAgent = fmt.Sprintf("containous-traefik/%s", version.Version) client, err := lego.NewClient(config) From d2435cf43b74dd99f2a980114dd58fc73ff19f0d Mon Sep 17 00:00:00 2001 From: Ludovic Fernandez Date: Thu, 8 Oct 2020 13:34:04 +0200 Subject: [PATCH 13/13] fix: restrict protocol for TLS Challenge. --- pkg/tls/tlsmanager.go | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) diff --git a/pkg/tls/tlsmanager.go b/pkg/tls/tlsmanager.go index b1fb572f1..0eb09a113 100644 --- a/pkg/tls/tlsmanager.go +++ b/pkg/tls/tlsmanager.go @@ -106,7 +106,7 @@ func (m *Manager) Get(storeName, configName string) (*tls.Config, error) { tlsConfig.GetCertificate = func(clientHello *tls.ClientHelloInfo) (*tls.Certificate, error) { domainToCheck := types.CanonicalDomain(clientHello.ServerName) - if m.TLSAlpnGetter != nil { + if m.TLSAlpnGetter != nil && isACMETLS(clientHello) { cert, err := m.TLSAlpnGetter(domainToCheck) if err != nil { return nil, err @@ -282,3 +282,13 @@ func buildDefaultCertificate(defaultCertificate *Certificate) (*tls.Certificate, } return &cert, nil } + +func isACMETLS(clientHello *tls.ClientHelloInfo) bool { + for _, proto := range clientHello.SupportedProtos { + if proto == tlsalpn01.ACMETLS1Protocol { + return true + } + } + + return false +}