{{ $apps := .Applications }} [backends] {{range $backendName, $app := $apps }} [backends."{{ $backendName }}"] {{ $circuitBreaker := getCircuitBreaker $app.SegmentLabels }} {{if $circuitBreaker }} [backends."{{ $backendName }}".circuitBreaker] expression = "{{ $circuitBreaker.Expression }}" {{end}} {{ $loadBalancer := getLoadBalancer $app.SegmentLabels }} {{if $loadBalancer }} [backends."{{ $backendName }}".loadBalancer] method = "{{ $loadBalancer.Method }}" {{if $loadBalancer.Stickiness }} [backends."{{ $backendName }}".loadBalancer.stickiness] cookieName = "{{ $loadBalancer.Stickiness.CookieName }}" {{end}} {{end}} {{ $maxConn := getMaxConn $app.SegmentLabels }} {{if $maxConn }} [backends."{{ $backendName }}".maxConn] extractorFunc = "{{ $maxConn.ExtractorFunc }}" amount = {{ $maxConn.Amount }} {{end}} {{ $healthCheck := getHealthCheck $app.SegmentLabels }} {{if $healthCheck }} [backends."{{ $backendName }}".healthCheck] scheme = "{{ $healthCheck.Scheme }}" path = "{{ $healthCheck.Path }}" port = {{ $healthCheck.Port }} interval = "{{ $healthCheck.Interval }}" timeout = "{{ $healthCheck.Timeout }}" hostname = "{{ $healthCheck.Hostname }}" {{if $healthCheck.Headers }} [backends.{{ $backendName }}.healthCheck.headers] {{range $k, $v := $healthCheck.Headers }} {{$k}} = "{{$v}}" {{end}} {{end}} {{end}} {{ $buffering := getBuffering $app.SegmentLabels }} {{if $buffering }} [backends."{{ $backendName }}".buffering] maxRequestBodyBytes = {{ $buffering.MaxRequestBodyBytes }} memRequestBodyBytes = {{ $buffering.MemRequestBodyBytes }} maxResponseBodyBytes = {{ $buffering.MaxResponseBodyBytes }} memResponseBodyBytes = {{ $buffering.MemResponseBodyBytes }} retryExpression = "{{ $buffering.RetryExpression }}" {{end}} {{range $serverName, $server := getServers $app }} [backends."{{ $backendName }}".servers."{{ $serverName }}"] url = "{{ $server.URL }}" weight = {{ $server.Weight }} {{end}} {{end}} [frontends] {{range $backendName, $app := $apps }} {{ $frontendName := getFrontendName $app }} [frontends."{{ $frontendName }}"] backend = "{{ $backendName }}" priority = {{ getPriority $app.SegmentLabels }} passHostHeader = {{ getPassHostHeader $app.SegmentLabels }} passTLSCert = {{ getPassTLSCert $app.SegmentLabels }} entryPoints = [{{range getEntryPoints $app.SegmentLabels }} "{{.}}", {{end}}] {{ $tlsClientCert := getPassTLSClientCert $app.SegmentLabels }} {{if $tlsClientCert }} [frontends."{{ $frontendName }}".passTLSClientCert] pem = {{ $tlsClientCert.PEM }} {{ $infos := $tlsClientCert.Infos }} {{if $infos }} [frontends."{{ $frontendName }}".passTLSClientCert.infos] notAfter = {{ $infos.NotAfter }} notBefore = {{ $infos.NotBefore }} sans = {{ $infos.Sans }} {{ $subject := $infos.Subject }} {{if $subject }} [frontends."{{ $frontendName }}".passTLSClientCert.infos.subject] country = {{ $subject.Country }} province = {{ $subject.Province }} locality = {{ $subject.Locality }} organization = {{ $subject.Organization }} commonName = {{ $subject.CommonName }} serialNumber = {{ $subject.SerialNumber }} {{end}} {{end}} {{end}} {{ $auth := getAuth $app.SegmentLabels }} {{if $auth }} [frontends."{{ $frontendName }}".auth] headerField = "{{ $auth.HeaderField }}" {{if $auth.Forward }} [frontends."{{ $frontendName }}".auth.forward] address = "{{ $auth.Forward.Address }}" trustForwardHeader = {{ $auth.Forward.TrustForwardHeader }} {{if $auth.Forward.TLS }} [frontends."{{ $frontendName }}".auth.forward.tls] ca = "{{ $auth.Forward.TLS.CA }}" caOptional = {{ $auth.Forward.TLS.CAOptional }} cert = """{{ $auth.Forward.TLS.Cert }}""" key = """{{ $auth.Forward.TLS.Key }}""" insecureSkipVerify = {{ $auth.Forward.TLS.InsecureSkipVerify }} {{end}} {{end}} {{if $auth.Basic }} [frontends."{{ $frontendName }}".auth.basic] removeHeader = {{ $auth.Basic.RemoveHeader }} {{if $auth.Basic.Users }} users = [{{range $auth.Basic.Users }} "{{.}}", {{end}}] {{end}} usersFile = "{{ $auth.Basic.UsersFile }}" {{end}} {{if $auth.Digest }} [frontends."{{ $frontendName }}".auth.digest] removeHeader = {{ $auth.Digest.RemoveHeader }} {{if $auth.Digest.Users }} users = [{{range $auth.Digest.Users }} "{{.}}", {{end}}] {{end}} usersFile = "{{ $auth.Digest.UsersFile }}" {{end}} {{end}} {{ $whitelist := getWhiteList $app.SegmentLabels }} {{if $whitelist }} [frontends."{{ $frontendName }}".whiteList] sourceRange = [{{range $whitelist.SourceRange }} "{{.}}", {{end}}] {{if $whitelist.IPStrategy }} [frontends."{{ $frontendName }}".whiteList.IPStrategy] depth = {{ $whitelist.IPStrategy.Depth }} excludedIPs = [{{range $whitelist.IPStrategy.ExcludedIPs }} "{{.}}", {{end}}] {{end}} {{end}} {{ $redirect := getRedirect $app.SegmentLabels }} {{if $redirect }} [frontends."{{ $frontendName }}".redirect] entryPoint = "{{ $redirect.EntryPoint }}" regex = "{{ $redirect.Regex }}" replacement = "{{ $redirect.Replacement }}" permanent = {{ $redirect.Permanent }} {{end}} {{ $errorPages := getErrorPages $app.SegmentLabels }} {{if $errorPages }} [frontends."{{ $frontendName }}".errors] {{range $pageName, $page := $errorPages }} [frontends."{{ $frontendName }}".errors."{{ $pageName }}"] status = [{{range $page.Status }} "{{.}}", {{end}}] backend = "backend{{ $page.Backend }}" query = "{{ $page.Query }}" {{end}} {{end}} {{ $rateLimit := getRateLimit $app.SegmentLabels }} {{if $rateLimit }} [frontends."{{ $frontendName }}".rateLimit] extractorFunc = "{{ $rateLimit.ExtractorFunc }}" [frontends."{{ $frontendName }}".rateLimit.rateSet] {{ range $limitName, $limit := $rateLimit.RateSet }} [frontends."{{ $frontendName }}".rateLimit.rateSet."{{ $limitName }}"] period = "{{ $limit.Period }}" average = {{ $limit.Average }} burst = {{ $limit.Burst }} {{end}} {{end}} {{ $headers := getHeaders $app.SegmentLabels }} {{if $headers }} [frontends."{{ $frontendName }}".headers] SSLRedirect = {{ $headers.SSLRedirect }} SSLTemporaryRedirect = {{ $headers.SSLTemporaryRedirect }} SSLHost = "{{ $headers.SSLHost }}" SSLForceHost = {{ $headers.SSLForceHost }} STSSeconds = {{ $headers.STSSeconds }} STSIncludeSubdomains = {{ $headers.STSIncludeSubdomains }} STSPreload = {{ $headers.STSPreload }} ForceSTSHeader = {{ $headers.ForceSTSHeader }} FrameDeny = {{ $headers.FrameDeny }} CustomFrameOptionsValue = "{{ $headers.CustomFrameOptionsValue }}" ContentTypeNosniff = {{ $headers.ContentTypeNosniff }} BrowserXSSFilter = {{ $headers.BrowserXSSFilter }} CustomBrowserXSSValue = "{{ $headers.CustomBrowserXSSValue }}" ContentSecurityPolicy = "{{ $headers.ContentSecurityPolicy }}" PublicKey = "{{ $headers.PublicKey }}" ReferrerPolicy = "{{ $headers.ReferrerPolicy }}" IsDevelopment = {{ $headers.IsDevelopment }} {{if $headers.AllowedHosts }} AllowedHosts = [{{range $headers.AllowedHosts }} "{{.}}", {{end}}] {{end}} {{if $headers.HostsProxyHeaders }} HostsProxyHeaders = [{{range $headers.HostsProxyHeaders }} "{{.}}", {{end}}] {{end}} {{if $headers.CustomRequestHeaders }} [frontends."{{ $frontendName }}".headers.customRequestHeaders] {{range $k, $v := $headers.CustomRequestHeaders }} {{$k}} = "{{$v}}" {{end}} {{end}} {{if $headers.CustomResponseHeaders }} [frontends."{{ $frontendName }}".headers.customResponseHeaders] {{range $k, $v := $headers.CustomResponseHeaders }} {{$k}} = "{{$v}}" {{end}} {{end}} {{if $headers.SSLProxyHeaders }} [frontends."{{ $frontendName }}".headers.SSLProxyHeaders] {{range $k, $v := $headers.SSLProxyHeaders }} {{$k}} = "{{$v}}" {{end}} {{end}} {{end}} [frontends."{{ $frontendName }}".routes."route-host{{ $app.ID | replace "/" "-" }}{{ getSegmentNameSuffix $app.SegmentName }}"] rule = "{{ getFrontendRule $app }}" {{end}}