Commit graph

82 commits

Author SHA1 Message Date
enxebre
175659a3dd Support for Metrics and Prometheus. 2017-01-16 15:00:16 +01:00
Bilal Amarni
22b97b7214 check permissions on acme.json during startup
Follow-up from #639. At the moment people that were affected
by this security issue would still be vulnerable even after upgrading.

This patch makes sure permissions are also checked for already existing
files.

Signed-off-by: Bilal Amarni <bilal.amarni@gmail.com>
2017-01-12 12:14:35 +01:00
Matthieu Martin
2bfc237e53 Don't fetch ACME certificates for frontends using non-TLS entrypoints 2017-01-06 17:06:48 +01:00
Emile Vauge
bef55db120 Merge branch 'master' into addprefix 2016-12-20 12:18:37 +01:00
Julien Salleyron
d9fc66fdbc Add Rule AddPrefix 2016-12-19 17:12:52 +01:00
Emile Vauge
3ebfd729cf
Refactor StatsRecorder
Signed-off-by: Emile Vauge <emile@vauge.com>
2016-12-19 15:24:00 +01:00
Emile Vauge
dca08af003
Merge v1.1.1 into master
Signed-off-by: Emile Vauge <emile@vauge.com>
2016-12-06 08:44:23 +01:00
Julien Salleyron
2af6cc4d1b feat(provider): Add Eureka Provider 2016-11-16 22:00:24 +01:00
Ed Robinson
66e914a8ab
Adds Cleanup method to safe.Pool 2016-11-16 14:03:23 +00:00
Ed Robinson
5c0297fb61
Context is part of the stdlib on 1.7 2016-11-16 14:03:23 +00:00
Emile Vauge
00c7e5c72b
Ensure HTTP/2 enabled 2016-11-09 17:56:41 +01:00
Emile Vauge
adcf58da68
Fix ProvidersThrottleDuration doc 2016-10-26 12:47:19 +02:00
Nathan Osman
05f6b79e29
Add optional statistics to API and web UI.
A new option (--web.statistics) enables the collection of some basic
information about requests and responses. This currently consists of
the most recent 10 requests that resulted in HTTP 4xx or 5xx errors.
2016-10-25 15:36:23 -07:00
Guilhem Lettron
649cb548d0 Use sdnotify for systemd (#768)
* Use sdnotify for systemd

This is useful if a configuration is long to load.
Systemd will continue dependency chain only when server have finish to start.

https://www.freedesktop.org/software/systemd/man/systemd.service.html#Type=

* Extract the waiting behavior from Start()
2016-10-25 08:59:39 -07:00
Emile Vauge
e72e65858f
Challenge certs PEM encoding
Signed-off-by: Emile Vauge <emile@vauge.com>
2016-09-30 11:26:25 +02:00
Emile Vauge
a42845502e
Add ACME store
Signed-off-by: Emile Vauge <emile@vauge.com>
2016-09-30 11:26:17 +02:00
Emile Vauge
bea5ad3f13
Add leadership election
Signed-off-by: Emile Vauge <emile@vauge.com>
2016-09-30 11:26:05 +02:00
Emile Vauge
5a0440d6f8
Add KV datastore
Signed-off-by: Emile Vauge <emile@vauge.com>
2016-09-30 11:26:05 +02:00
Emile Vauge
462d8b3e74
Fix Docker & KV templates for sticky
Signed-off-by: Emile Vauge <emile@vauge.com>
2016-09-30 10:57:55 +02:00
Emile Vauge
291c3b6dbc
Fix sticky sessions Docker/Marathon labels 2016-09-30 10:56:47 +02:00
Owen Marshall
df225d9170
Change cookie name to match documentation 2016-09-30 10:56:36 +02:00
Owen Marshall
3d7c44735a
Reorder sticky session definitions 2016-09-30 10:56:17 +02:00
Owen Marshall
d78c419627
Add sticky support to DRR lb 2016-09-30 10:56:17 +02:00
Owen Marshall
dc52abf4ce
Add sticky session support to Traefik.
This change adds sticky session support, by using the new
oxy/rr/StickySession feature.

To use it, set traefik.backend.sticky to true.

This is currently only implemented in the wrr load balancer, and against
the Marathon backend, but lifting it should be very doable.

In the wrr load balancer, a cookie called _TRAEFIK_SERVERNAME will be
set with the backend to use.  If the cookie is altered to an invalid
backend server, or the server is removed from the load balancer, the
next server will be used instead.

Otherwise, the cookie will be checked in Oxy's rr on access and if valid
the connection will be wired through to it.
2016-09-30 10:56:17 +02:00
tuier
a58750992d lint 2016-09-28 23:04:18 +01:00
tuier
17546c3a08 Add HTTP compression 2016-09-28 23:04:18 +01:00
Daniel Tomcej
e249983c77 add TLS Min Version
silly copy paste
Add cipher selection

add TLS Min Version

silly copy paste

silly copy paste

add TLS Min Version

silly copy paste

fix formatting

Add cipher selection

linted

arg

update cipher map
2016-09-27 14:29:36 -06:00
Diego Osse Fernandes
99c8bffcbf Initial support for Docker 1.12 Swarm Mode 2016-09-27 14:21:38 -03:00
Yoann Dubreuil
82cb21fca3 Disable gorilla/mux URL cleaning to prevent sending redirect
This fixes #167 and #651. By default, gorilla/mux cleans URL paths
such that adjacent slashes are collapsed into one single slash. This
behavior is pretty common in application stacks and it is fine, but
for Traefik, this can lead to incorrect URL paths forwarded to backend
servers.

See https://github.com/gorilla/mux/issues/94 for background.
2016-09-20 20:31:11 +02:00
Emile Vauge
11297b38c5
Remove misused Fatal* 2016-08-19 10:36:54 +02:00
Emile Vauge
5e01c0a7db
Add Host cert ACME generation
Signed-off-by: Emile Vauge <emile@vauge.com>
2016-08-18 14:20:55 +02:00
Emile Vauge
e62cca1e7c
Merge v1.0.1
Signed-off-by: Emile Vauge <emile@vauge.com>
2016-07-28 20:15:09 +02:00
Emile Vauge
3a5b67a3e1
Add basic/digest auth
Signed-off-by: Emile Vauge <emile@vauge.com>
2016-07-28 18:19:47 +02:00
Martin
7ada80b619 Certificate can contain path or file contents
Signed-off-by: Martin <martin.piegay@zenika.com>
2016-07-21 09:22:35 +02:00
Anders Betnér
959c7dc783 Support for client certificate authentication 2016-07-20 14:41:38 +02:00
julien
5afcf17706 add mesos provider inspired by mesos-dns & marathon provider 2016-07-20 11:56:14 +02:00
Emile Vauge
be8ebdba46 Merge pull request #527 from containous/add-sse-support
Add sse support
2016-07-19 11:51:21 +02:00
Emile Vauge
d1b5cf99d0
Add GraceTimeOut support
Signed-off-by: Emile Vauge <emile@vauge.com>
2016-07-18 18:01:59 +02:00
Emile Vauge
3c5cb31775
default values logs from WARN to DEBUG
Signed-off-by: Emile Vauge <emile@vauge.com>
2016-07-18 17:59:50 +02:00
Jsewill
bd29bac716 Update server.go
Fixed a bug that caused a panic when sending multiple signals: signals are no longer sent on the server.signals channel after it has closed.
2016-07-14 03:22:18 -05:00
Vincent Demeester
a73baded88
Remove traefik.frontend.value support in docker…
… provider 👼. Was deprecated in 1.0, removing it for 1.1.

Signed-off-by: Vincent Demeester <vincent@sbr.pm>
2016-07-13 19:28:08 +02:00
Emile Vauge
24d3a698a0
Fix acme checkOnDemandDomain
Signed-off-by: Emile Vauge <emile@vauge.com>
2016-07-13 19:25:47 +02:00
Emile Vauge
018b8a6315
Fix default weight in server.LoadConfig
Signed-off-by: Emile Vauge <emile@vauge.com>
2016-07-05 10:26:28 +02:00
Emile Vauge
e4ed7fd8f7
Fix bad circuit breaker expression
Signed-off-by: Emile Vauge <emile@vauge.com>
2016-06-23 16:33:54 +02:00
Emile Vauge
606e667b88
Fix spamming events in listenProviders
Signed-off-by: Emile Vauge <emile@vauge.com>
2016-06-23 16:33:54 +02:00
Emile Vauge
93494c7e35 Fix errors load config (#470)
* Trim spaces in rules

Signed-off-by: Emile Vauge <emile@vauge.com>

* dont break the whole config while only one part is wrong

Signed-off-by: Emile Vauge <emile@vauge.com>
2016-06-20 15:19:52 +02:00
Emile Vauge
450d86be7d
Fix websocket connection Hijack
Signed-off-by: Emile Vauge <emile@vauge.com>
2016-06-18 13:37:21 +02:00
Emile Vauge
56ef678c09
Fix memory leak in listenProviders
Signed-off-by: Emile Vauge <emile@vauge.com>
2016-06-16 22:49:57 +02:00
Emile Vauge
208998972a
Add routes priorities
Signed-off-by: Emile Vauge <emile@vauge.com>
2016-06-07 09:17:39 +02:00
Samuel BERTHE
d297a220ce fix(constraints): Syntax 2016-06-01 10:30:34 +02:00