19a7d22eef
Signed-off-by: Emile Vauge <emile@vauge.com>
140 lines
3.5 KiB
Markdown
140 lines
3.5 KiB
Markdown
|
|
# Examples
|
|
|
|
You will find here some configuration examples of Træfik.
|
|
|
|
## HTTP only
|
|
|
|
```
|
|
defaultEntryPoints = ["http"]
|
|
[entryPoints]
|
|
[entryPoints.http]
|
|
address = ":80"
|
|
```
|
|
|
|
## HTTP + HTTPS (with SNI)
|
|
|
|
```
|
|
defaultEntryPoints = ["http", "https"]
|
|
[entryPoints]
|
|
[entryPoints.http]
|
|
address = ":80"
|
|
[entryPoints.https]
|
|
address = ":443"
|
|
[entryPoints.https.tls]
|
|
[[entryPoints.https.tls.certificates]]
|
|
CertFile = "integration/fixtures/https/snitest.com.cert"
|
|
KeyFile = "integration/fixtures/https/snitest.com.key"
|
|
[[entryPoints.https.tls.certificates]]
|
|
CertFile = "integration/fixtures/https/snitest.org.cert"
|
|
KeyFile = "integration/fixtures/https/snitest.org.key"
|
|
```
|
|
Note that we can either give path to certificate file or directly the file content itself ([like in this TOML example](/user-guide/kv-config/#upload-the-configuration-in-the-key-value-store)).
|
|
|
|
## HTTP redirect on HTTPS
|
|
|
|
```
|
|
defaultEntryPoints = ["http", "https"]
|
|
[entryPoints]
|
|
[entryPoints.http]
|
|
address = ":80"
|
|
[entryPoints.http.redirect]
|
|
entryPoint = "https"
|
|
[entryPoints.https]
|
|
address = ":443"
|
|
[entryPoints.https.tls]
|
|
[[entryPoints.https.tls.certificates]]
|
|
certFile = "tests/traefik.crt"
|
|
keyFile = "tests/traefik.key"
|
|
```
|
|
|
|
## Let's Encrypt support
|
|
|
|
```
|
|
[entryPoints]
|
|
[entryPoints.https]
|
|
address = ":443"
|
|
[entryPoints.https.tls]
|
|
# certs used as default certs
|
|
[[entryPoints.https.tls.certificates]]
|
|
certFile = "tests/traefik.crt"
|
|
keyFile = "tests/traefik.key"
|
|
[acme]
|
|
email = "test@traefik.io"
|
|
storageFile = "acme.json"
|
|
onDemand = true
|
|
caServer = "http://172.18.0.1:4000/directory"
|
|
entryPoint = "https"
|
|
|
|
[[acme.domains]]
|
|
main = "local1.com"
|
|
sans = ["test1.local1.com", "test2.local1.com"]
|
|
[[acme.domains]]
|
|
main = "local2.com"
|
|
sans = ["test1.local2.com", "test2x.local2.com"]
|
|
[[acme.domains]]
|
|
main = "local3.com"
|
|
[[acme.domains]]
|
|
main = "local4.com"
|
|
```
|
|
|
|
## Override entrypoints in frontends
|
|
|
|
```
|
|
[frontends]
|
|
[frontends.frontend1]
|
|
backend = "backend2"
|
|
[frontends.frontend1.routes.test_1]
|
|
rule = "Host:test.localhost"
|
|
[frontends.frontend2]
|
|
backend = "backend1"
|
|
passHostHeader = true
|
|
entrypoints = ["https"] # overrides defaultEntryPoints
|
|
[frontends.frontend2.routes.test_1]
|
|
rule = "Host:{subdomain:[a-z]+}.localhost"
|
|
[frontends.frontend3]
|
|
entrypoints = ["http", "https"] # overrides defaultEntryPoints
|
|
backend = "backend2"
|
|
rule = "Path:/test"
|
|
```
|
|
|
|
## Enable Basic authentication in an entrypoint
|
|
|
|
With two user/pass:
|
|
|
|
- `test`:`test`
|
|
- `test2`:`test2`
|
|
|
|
Passwords are encoded in MD5: you can use htpasswd to generate those ones.
|
|
|
|
```
|
|
defaultEntryPoints = ["http"]
|
|
[entryPoints]
|
|
[entryPoints.http]
|
|
address = ":80"
|
|
[entryPoints.http.auth.basic]
|
|
users = ["test:$apr1$H6uskkkW$IgXLP6ewTrSuBkTrqE8wj/", "test2:$apr1$d9hr9HBB$4HxwgUir3HP4EsggP/QNo0"]
|
|
```
|
|
|
|
## Pass Authenticated user to application via headers
|
|
|
|
Providing an authentication method as described above, it is possible to pass the user to the application
|
|
via a configurable header value
|
|
|
|
```
|
|
defaultEntryPoints = ["http"]
|
|
[entryPoints]
|
|
[entryPoints.http]
|
|
address = ":80"
|
|
[entryPoints.http.auth]
|
|
headerField = "X-WebAuth-User"
|
|
[entryPoints.http.auth.basic]
|
|
users = ["test:$apr1$H6uskkkW$IgXLP6ewTrSuBkTrqE8wj/", "test2:$apr1$d9hr9HBB$4HxwgUir3HP4EsggP/QNo0"]
|
|
```
|
|
|
|
## Override the Traefik HTTP server IdleTimeout and/or throttle configurations from re-loading too quickly
|
|
|
|
```
|
|
IdleTimeout = "360s"
|
|
ProvidersThrottleDuration = "5s"
|
|
```
|