[backends] {{range $backend := List .Prefix "/backends/" }} {{ $backendName := Last $backend }} {{ $circuitBreaker := getCircuitBreaker $backend }} {{if $circuitBreaker }} [backends."{{ $backendName }}".circuitBreaker] expression = "{{ $circuitBreaker.Expression }}" {{end}} {{ $loadBalancer := getLoadBalancer $backend }} {{if $loadBalancer }} [backends."{{ $backendName }}".loadBalancer] method = "{{ $loadBalancer.Method }}" sticky = {{ $loadBalancer.Sticky }} {{if $loadBalancer.Stickiness }} [backends."{{ $backendName }}".loadBalancer.stickiness] cookieName = "{{ $loadBalancer.Stickiness.CookieName }}" {{end}} {{end}} {{ $maxConn := getMaxConn $backend }} {{if $maxConn }} [backends."{{ $backendName }}".maxConn] extractorFunc = "{{ $maxConn.ExtractorFunc }}" amount = {{ $maxConn.Amount }} {{end}} {{ $healthCheck := getHealthCheck $backend }} {{if $healthCheck }} [backends.{{ $backendName }}.healthCheck] scheme = "{{ $healthCheck.Scheme }}" path = "{{ $healthCheck.Path }}" port = {{ $healthCheck.Port }} interval = "{{ $healthCheck.Interval }}" hostname = "{{ $healthCheck.Hostname }}" {{if $healthCheck.Headers }} [backends.{{ $backendName }}.healthCheck.headers] {{range $k, $v := $healthCheck.Headers }} {{$k}} = "{{$v}}" {{end}} {{end}} {{end}} {{ $buffering := getBuffering $backend }} {{if $buffering }} [backends.{{ $backendName }}.buffering] maxRequestBodyBytes = {{ $buffering.MaxRequestBodyBytes }} memRequestBodyBytes = {{ $buffering.MemRequestBodyBytes }} maxResponseBodyBytes = {{ $buffering.MaxResponseBodyBytes }} memResponseBodyBytes = {{ $buffering.MemResponseBodyBytes }} retryExpression = "{{ $buffering.RetryExpression }}" {{end}} {{range $serverName, $server := getServers $backend}} [backends."{{ $backendName }}".servers."{{ $serverName }}"] url = "{{ $server.URL }}" weight = {{ $server.Weight }} {{end}} {{end}} [frontends] {{range $frontend := List .Prefix "/frontends/" }} {{ $frontendName := Last $frontend }} [frontends."{{ $frontendName }}"] backend = "{{ getBackendName $frontend }}" priority = {{ getPriority $frontend }} passHostHeader = {{ getPassHostHeader $frontend }} passTLSCert = {{ getPassTLSCert $frontend }} entryPoints = [{{range getEntryPoints $frontend }} "{{.}}", {{end}}] {{ $tlsClientCert := getPassTLSClientCert $frontend }} {{if $tlsClientCert }} [frontends."{{ $frontendName }}".passTLSClientCert] pem = {{ $tlsClientCert.PEM }} {{ $infos := $tlsClientCert.Infos }} {{if $infos }} [frontends."{{ $frontendName }}".passTLSClientCert.infos] notAfter = {{ $infos.NotAfter }} notBefore = {{ $infos.NotBefore }} sans = {{ $infos.Sans }} {{ $subject := $infos.Subject }} {{if $subject }} [frontends."{{ $frontendName }}".passTLSClientCert.infos.subject] country = {{ $subject.Country }} province = {{ $subject.Province }} locality = {{ $subject.Locality }} organization = {{ $subject.Organization }} commonName = {{ $subject.CommonName }} serialNumber = {{ $subject.SerialNumber }} {{end}} {{end}} {{end}} {{ $auth := getAuth $frontend }} {{if $auth }} [frontends."{{ $frontendName }}".auth] headerField = "{{ $auth.HeaderField }}" {{if $auth.Forward }} [frontends."{{ $frontendName }}".auth.forward] address = "{{ $auth.Forward.Address }}" trustForwardHeader = {{ $auth.Forward.TrustForwardHeader }} {{if $auth.Forward.TLS }} [frontends."{{ $frontendName }}".auth.forward.tls] ca = "{{ $auth.Forward.TLS.CA }}" caOptional = {{ $auth.Forward.TLS.CAOptional }} cert = """{{ $auth.Forward.TLS.Cert }}""" key = """{{ $auth.Forward.TLS.Key }}""" insecureSkipVerify = {{ $auth.Forward.TLS.InsecureSkipVerify }} {{end}} {{end}} {{if $auth.Basic }} [frontends."{{ $frontendName }}".auth.basic] removeHeader = {{ $auth.Basic.RemoveHeader }} {{if $auth.Basic.Users }} users = [{{range $auth.Basic.Users }} "{{.}}", {{end}}] {{end}} usersFile = "{{ $auth.Basic.UsersFile }}" {{end}} {{if $auth.Digest }} [frontends."{{ $frontendName }}".auth.digest] removeHeader = {{ $auth.Digest.RemoveHeader }} {{if $auth.Digest.Users }} users = [{{range $auth.Digest.Users }} "{{.}}", {{end}}] {{end}} usersFile = "{{ $auth.Digest.UsersFile }}" {{end}} {{end}} {{ $whitelist := getWhiteList $frontend }} {{if $whitelist }} [frontends."{{ $frontendName }}".whiteList] sourceRange = [{{range $whitelist.SourceRange }} "{{.}}", {{end}}] useXForwardedFor = {{ $whitelist.UseXForwardedFor }} {{end}} {{ $redirect := getRedirect $frontend }} {{if $redirect }} [frontends."{{ $frontendName }}".redirect] entryPoint = "{{ $redirect.EntryPoint }}" regex = "{{ $redirect.Regex }}" replacement = "{{ $redirect.Replacement }}" permanent = {{ $redirect.Permanent }} {{end}} {{ $errorPages := getErrorPages $frontend }} {{if $errorPages }} [frontends."{{ $frontendName }}".errors] {{range $pageName, $page := $errorPages }} [frontends."{{$frontendName}}".errors."{{ $pageName }}"] status = [{{range $page.Status }} "{{.}}", {{end}}] backend = "{{$page.Backend}}" query = "{{$page.Query}}" {{end}} {{end}} {{ $rateLimit := getRateLimit $frontend }} {{if $rateLimit }} [frontends."{{ $frontendName }}".rateLimit] extractorFunc = "{{ $rateLimit.ExtractorFunc }}" [frontends."{{ $frontendName }}".rateLimit.rateSet] {{range $limitName, $rateLimit := $rateLimit.RateSet }} [frontends."{{ $frontendName }}".rateLimit.rateSet."{{ $limitName }}"] period = "{{ $rateLimit.Period }}" average = {{ $rateLimit.Average }} burst = {{ $rateLimit.Burst }} {{end}} {{end}} {{ $headers := getHeaders $frontend }} {{if $headers }} [frontends."{{ $frontendName }}".headers] SSLRedirect = {{ $headers.SSLRedirect }} SSLTemporaryRedirect = {{ $headers.SSLTemporaryRedirect }} SSLHost = "{{ $headers.SSLHost }}" SSLForceHost = {{ $headers.SSLForceHost }} STSSeconds = {{ $headers.STSSeconds }} STSIncludeSubdomains = {{ $headers.STSIncludeSubdomains }} STSPreload = {{ $headers.STSPreload }} ForceSTSHeader = {{ $headers.ForceSTSHeader }} FrameDeny = {{ $headers.FrameDeny }} CustomFrameOptionsValue = "{{ $headers.CustomFrameOptionsValue }}" ContentTypeNosniff = {{ $headers.ContentTypeNosniff }} BrowserXSSFilter = {{ $headers.BrowserXSSFilter }} CustomBrowserXSSValue = "{{ $headers.CustomBrowserXSSValue }}" ContentSecurityPolicy = "{{ $headers.ContentSecurityPolicy }}" PublicKey = "{{ $headers.PublicKey }}" ReferrerPolicy = "{{ $headers.ReferrerPolicy }}" IsDevelopment = {{ $headers.IsDevelopment }} {{if $headers.AllowedHosts }} AllowedHosts = [{{range $headers.AllowedHosts }} "{{.}}", {{end}}] {{end}} {{if $headers.HostsProxyHeaders }} HostsProxyHeaders = [{{range $headers.HostsProxyHeaders }} "{{.}}", {{end}}] {{end}} {{if $headers.CustomRequestHeaders }} [frontends."{{ $frontendName }}".headers.customRequestHeaders] {{range $k, $v := $headers.CustomRequestHeaders }} {{$k}} = "{{$v}}" {{end}} {{end}} {{if $headers.CustomResponseHeaders }} [frontends."{{ $frontendName }}".headers.customResponseHeaders] {{range $k, $v := $headers.CustomResponseHeaders }} {{$k}} = "{{$v}}" {{end}} {{end}} {{if $headers.SSLProxyHeaders }} [frontends."{{ $frontendName }}".headers.SSLProxyHeaders] {{range $k, $v := $headers.SSLProxyHeaders}} {{$k}} = "{{$v}}" {{end}} {{end}} {{end}} {{range $routeName, $route := getRoutes $frontend }} [frontends."{{ $frontendName }}".routes."{{ $routeName }}"] rule = "{{ $route.Rule }}" {{end}} {{end}} {{range $tls := getTLSSection .Prefix }} [[tls]] entryPoints = [{{range $tls.EntryPoints }} "{{.}}", {{end}}] [tls.certificate] certFile = """{{ $tls.Certificate.CertFile }}""" keyFile = """{{ $tls.Certificate.KeyFile }}""" {{end}}