2513 lines
85 KiB
Go
2513 lines
85 KiB
Go
// Code generated by go-bindata.
|
|
// sources:
|
|
// templates/consul_catalog.tmpl
|
|
// templates/docker.tmpl
|
|
// templates/ecs.tmpl
|
|
// templates/eureka.tmpl
|
|
// templates/kubernetes.tmpl
|
|
// templates/kv.tmpl
|
|
// templates/marathon.tmpl
|
|
// templates/mesos.tmpl
|
|
// templates/notFound.tmpl
|
|
// templates/rancher.tmpl
|
|
// DO NOT EDIT!
|
|
|
|
package gentemplates
|
|
|
|
import (
|
|
"fmt"
|
|
"io/ioutil"
|
|
"os"
|
|
"path/filepath"
|
|
"strings"
|
|
"time"
|
|
)
|
|
|
|
type asset struct {
|
|
bytes []byte
|
|
info os.FileInfo
|
|
}
|
|
|
|
type bindataFileInfo struct {
|
|
name string
|
|
size int64
|
|
mode os.FileMode
|
|
modTime time.Time
|
|
}
|
|
|
|
func (fi bindataFileInfo) Name() string {
|
|
return fi.name
|
|
}
|
|
func (fi bindataFileInfo) Size() int64 {
|
|
return fi.size
|
|
}
|
|
func (fi bindataFileInfo) Mode() os.FileMode {
|
|
return fi.mode
|
|
}
|
|
func (fi bindataFileInfo) ModTime() time.Time {
|
|
return fi.modTime
|
|
}
|
|
func (fi bindataFileInfo) IsDir() bool {
|
|
return false
|
|
}
|
|
func (fi bindataFileInfo) Sys() interface{} {
|
|
return nil
|
|
}
|
|
|
|
var _templatesConsul_catalogTmpl = []byte(`[backends]
|
|
{{range $service := .Services}}
|
|
{{ $backendName := getServiceBackendName $service }}
|
|
|
|
{{ $circuitBreaker := getCircuitBreaker $service.TraefikLabels }}
|
|
{{if $circuitBreaker }}
|
|
[backends."backend-{{ $backendName }}".circuitBreaker]
|
|
expression = "{{ $circuitBreaker.Expression }}"
|
|
{{end}}
|
|
|
|
{{ $responseForwarding := getResponseForwarding $service.TraefikLabels }}
|
|
{{if $responseForwarding }}
|
|
[backends."backend-{{ $backendName }}".responseForwarding]
|
|
flushInterval = "{{ $responseForwarding.FlushInterval }}"
|
|
{{end}}
|
|
|
|
|
|
|
|
{{ $loadBalancer := getLoadBalancer $service.TraefikLabels }}
|
|
{{if $loadBalancer }}
|
|
[backends."backend-{{ $backendName }}".loadBalancer]
|
|
method = "{{ $loadBalancer.Method }}"
|
|
{{if $loadBalancer.Stickiness }}
|
|
[backends."backend-{{ $backendName }}".loadBalancer.stickiness]
|
|
cookieName = "{{ $loadBalancer.Stickiness.CookieName }}"
|
|
{{end}}
|
|
{{end}}
|
|
|
|
{{ $maxConn := getMaxConn $service.TraefikLabels }}
|
|
{{if $maxConn }}
|
|
[backends."backend-{{ $backendName }}".maxConn]
|
|
extractorFunc = "{{ $maxConn.ExtractorFunc }}"
|
|
amount = {{ $maxConn.Amount }}
|
|
{{end}}
|
|
|
|
{{ $healthCheck := getHealthCheck $service.TraefikLabels }}
|
|
{{if $healthCheck }}
|
|
[backends."backend-{{ $backendName }}".healthCheck]
|
|
scheme = "{{ $healthCheck.Scheme }}"
|
|
path = "{{ $healthCheck.Path }}"
|
|
port = {{ $healthCheck.Port }}
|
|
interval = "{{ $healthCheck.Interval }}"
|
|
timeout = "{{ $healthCheck.Timeout }}"
|
|
hostname = "{{ $healthCheck.Hostname }}"
|
|
{{if $healthCheck.Headers }}
|
|
[backends."backend-{{ $backendName }}".healthCheck.headers]
|
|
{{range $k, $v := $healthCheck.Headers }}
|
|
{{$k}} = "{{$v}}"
|
|
{{end}}
|
|
{{end}}
|
|
{{end}}
|
|
|
|
{{ $buffering := getBuffering $service.TraefikLabels }}
|
|
{{if $buffering }}
|
|
[backends."backend-{{ $backendName }}".buffering]
|
|
maxRequestBodyBytes = {{ $buffering.MaxRequestBodyBytes }}
|
|
memRequestBodyBytes = {{ $buffering.MemRequestBodyBytes }}
|
|
maxResponseBodyBytes = {{ $buffering.MaxResponseBodyBytes }}
|
|
memResponseBodyBytes = {{ $buffering.MemResponseBodyBytes }}
|
|
retryExpression = "{{ $buffering.RetryExpression }}"
|
|
{{end}}
|
|
|
|
{{end}}
|
|
{{range $index, $node := .Nodes}}
|
|
{{ $server := getServer $node }}
|
|
[backends."backend-{{ getNodeBackendName $node }}".servers."{{ getServerName $node $index }}"]
|
|
url = "{{ $server.URL }}"
|
|
weight = {{ $server.Weight }}
|
|
|
|
{{end}}
|
|
|
|
[frontends]
|
|
{{range $service := .Services}}
|
|
|
|
[frontends."frontend-{{ $service.ServiceName }}"]
|
|
backend = "backend-{{ getServiceBackendName $service }}"
|
|
priority = {{ getPriority $service.TraefikLabels }}
|
|
passHostHeader = {{ getPassHostHeader $service.TraefikLabels }}
|
|
passTLSCert = {{ getPassTLSCert $service.TraefikLabels }}
|
|
|
|
entryPoints = [{{range getFrontEndEntryPoints $service.TraefikLabels }}
|
|
"{{.}}",
|
|
{{end}}]
|
|
|
|
{{ $tlsClientCert := getPassTLSClientCert $service.TraefikLabels }}
|
|
{{if $tlsClientCert }}
|
|
[frontends."frontend-{{ $service.ServiceName }}".passTLSClientCert]
|
|
pem = {{ $tlsClientCert.PEM }}
|
|
{{ $infos := $tlsClientCert.Infos }}
|
|
{{if $infos }}
|
|
[frontends."frontend-{{ $service.ServiceName }}".passTLSClientCert.infos]
|
|
notAfter = {{ $infos.NotAfter }}
|
|
notBefore = {{ $infos.NotBefore }}
|
|
sans = {{ $infos.Sans }}
|
|
{{ $subject := $infos.Subject }}
|
|
{{if $subject }}
|
|
[frontends."frontend-{{ $service.ServiceName }}".passTLSClientCert.infos.subject]
|
|
country = {{ $subject.Country }}
|
|
province = {{ $subject.Province }}
|
|
locality = {{ $subject.Locality }}
|
|
organization = {{ $subject.Organization }}
|
|
commonName = {{ $subject.CommonName }}
|
|
serialNumber = {{ $subject.SerialNumber }}
|
|
{{end}}
|
|
{{end}}
|
|
{{end}}
|
|
|
|
{{ $auth := getAuth $service.TraefikLabels }}
|
|
{{if $auth }}
|
|
[frontends."frontend-{{ $service.ServiceName }}".auth]
|
|
headerField = "{{ $auth.HeaderField }}"
|
|
|
|
{{if $auth.Forward }}
|
|
[frontends."frontend-{{ $service.ServiceName }}".auth.forward]
|
|
address = "{{ $auth.Forward.Address }}"
|
|
trustForwardHeader = {{ $auth.Forward.TrustForwardHeader }}
|
|
{{if $auth.Forward.AuthResponseHeaders }}
|
|
authResponseHeaders = [{{range $auth.Forward.AuthResponseHeaders }}
|
|
"{{.}}",
|
|
{{end}}]
|
|
{{end}}
|
|
|
|
{{if $auth.Forward.TLS }}
|
|
[frontends."frontend-{{ $service.ServiceName }}".auth.forward.tls]
|
|
ca = "{{ $auth.Forward.TLS.CA }}"
|
|
caOptional = {{ $auth.Forward.TLS.CAOptional }}
|
|
cert = """{{ $auth.Forward.TLS.Cert }}"""
|
|
key = """{{ $auth.Forward.TLS.Key }}"""
|
|
insecureSkipVerify = {{ $auth.Forward.TLS.InsecureSkipVerify }}
|
|
{{end}}
|
|
{{end}}
|
|
|
|
{{if $auth.Basic }}
|
|
[frontends."frontend-{{ $service.ServiceName }}".auth.basic]
|
|
removeHeader = {{ $auth.Basic.RemoveHeader }}
|
|
{{if $auth.Basic.Users }}
|
|
users = [{{range $auth.Basic.Users }}
|
|
"{{.}}",
|
|
{{end}}]
|
|
{{end}}
|
|
usersFile = "{{ $auth.Basic.UsersFile }}"
|
|
{{end}}
|
|
|
|
{{if $auth.Digest }}
|
|
[frontends."frontend-{{ $service.ServiceName }}".auth.digest]
|
|
removeHeader = {{ $auth.Digest.RemoveHeader }}
|
|
{{if $auth.Digest.Users }}
|
|
users = [{{range $auth.Digest.Users }}
|
|
"{{.}}",
|
|
{{end}}]
|
|
{{end}}
|
|
usersFile = "{{ $auth.Digest.UsersFile }}"
|
|
{{end}}
|
|
{{end}}
|
|
|
|
{{ $whitelist := getWhiteList $service.TraefikLabels }}
|
|
{{if $whitelist }}
|
|
[frontends."frontend-{{ $service.ServiceName }}".whiteList]
|
|
sourceRange = [{{range $whitelist.SourceRange }}
|
|
"{{.}}",
|
|
{{end}}]
|
|
{{if $whitelist.IPStrategy }}
|
|
[frontends."frontend-{{ $service.ServiceName }}".whiteList.IPStrategy]
|
|
depth = {{ $whitelist.IPStrategy.Depth }}
|
|
excludedIPs = [{{range $whitelist.IPStrategy.ExcludedIPs }}
|
|
"{{.}}",
|
|
{{end}}]
|
|
{{end}}
|
|
{{end}}
|
|
|
|
{{ $redirect := getRedirect $service.TraefikLabels }}
|
|
{{if $redirect }}
|
|
[frontends."frontend-{{ $service.ServiceName }}".redirect]
|
|
entryPoint = "{{ $redirect.EntryPoint }}"
|
|
regex = "{{ $redirect.Regex }}"
|
|
replacement = "{{ $redirect.Replacement }}"
|
|
permanent = {{ $redirect.Permanent }}
|
|
{{end}}
|
|
|
|
{{ $errorPages := getErrorPages $service.TraefikLabels }}
|
|
{{if $errorPages }}
|
|
[frontends."frontend-{{ $service.ServiceName }}".errors]
|
|
{{range $pageName, $page := $errorPages }}
|
|
[frontends."frontend-{{ $service.ServiceName }}".errors."{{ $pageName }}"]
|
|
status = [{{range $page.Status }}
|
|
"{{.}}",
|
|
{{end}}]
|
|
backend = "backend-{{ $page.Backend }}"
|
|
query = "{{ $page.Query }}"
|
|
{{end}}
|
|
{{end}}
|
|
|
|
{{ $rateLimit := getRateLimit $service.TraefikLabels }}
|
|
{{if $rateLimit }}
|
|
[frontends."frontend-{{ $service.ServiceName }}".rateLimit]
|
|
extractorFunc = "{{ $rateLimit.ExtractorFunc }}"
|
|
[frontends."frontend-{{ $service.ServiceName }}".rateLimit.rateSet]
|
|
{{ range $limitName, $limit := $rateLimit.RateSet }}
|
|
[frontends."frontend-{{ $service.ServiceName }}".rateLimit.rateSet."{{ $limitName }}"]
|
|
period = "{{ $limit.Period }}"
|
|
average = {{ $limit.Average }}
|
|
burst = {{ $limit.Burst }}
|
|
{{end}}
|
|
{{end}}
|
|
|
|
{{ $headers := getHeaders $service.TraefikLabels }}
|
|
{{if $headers }}
|
|
[frontends."frontend-{{ $service.ServiceName }}".headers]
|
|
SSLRedirect = {{ $headers.SSLRedirect }}
|
|
SSLTemporaryRedirect = {{ $headers.SSLTemporaryRedirect }}
|
|
SSLHost = "{{ $headers.SSLHost }}"
|
|
SSLForceHost = {{ $headers.SSLForceHost }}
|
|
STSSeconds = {{ $headers.STSSeconds }}
|
|
STSIncludeSubdomains = {{ $headers.STSIncludeSubdomains }}
|
|
STSPreload = {{ $headers.STSPreload }}
|
|
ForceSTSHeader = {{ $headers.ForceSTSHeader }}
|
|
FrameDeny = {{ $headers.FrameDeny }}
|
|
CustomFrameOptionsValue = "{{ $headers.CustomFrameOptionsValue }}"
|
|
ContentTypeNosniff = {{ $headers.ContentTypeNosniff }}
|
|
BrowserXSSFilter = {{ $headers.BrowserXSSFilter }}
|
|
CustomBrowserXSSValue = "{{ $headers.CustomBrowserXSSValue }}"
|
|
ContentSecurityPolicy = "{{ $headers.ContentSecurityPolicy }}"
|
|
PublicKey = "{{ $headers.PublicKey }}"
|
|
ReferrerPolicy = "{{ $headers.ReferrerPolicy }}"
|
|
IsDevelopment = {{ $headers.IsDevelopment }}
|
|
|
|
{{if $headers.AllowedHosts }}
|
|
AllowedHosts = [{{range $headers.AllowedHosts }}
|
|
"{{.}}",
|
|
{{end}}]
|
|
{{end}}
|
|
|
|
{{if $headers.HostsProxyHeaders }}
|
|
HostsProxyHeaders = [{{range $headers.HostsProxyHeaders }}
|
|
"{{.}}",
|
|
{{end}}]
|
|
{{end}}
|
|
|
|
{{if $headers.CustomRequestHeaders }}
|
|
[frontends."frontend-{{ $service.ServiceName }}".headers.customRequestHeaders]
|
|
{{range $k, $v := $headers.CustomRequestHeaders }}
|
|
{{$k}} = "{{$v}}"
|
|
{{end}}
|
|
{{end}}
|
|
|
|
{{if $headers.CustomResponseHeaders }}
|
|
[frontends."frontend-{{ $service.ServiceName }}".headers.customResponseHeaders]
|
|
{{range $k, $v := $headers.CustomResponseHeaders }}
|
|
{{$k}} = "{{$v}}"
|
|
{{end}}
|
|
{{end}}
|
|
|
|
{{if $headers.SSLProxyHeaders }}
|
|
[frontends."frontend-{{ $service.ServiceName }}".headers.SSLProxyHeaders]
|
|
{{range $k, $v := $headers.SSLProxyHeaders}}
|
|
{{$k}} = "{{$v}}"
|
|
{{end}}
|
|
{{end}}
|
|
{{end}}
|
|
|
|
[frontends."frontend-{{ $service.ServiceName }}".routes."route-host-{{ $service.ServiceName }}"]
|
|
rule = "{{ getFrontendRule $service }}"
|
|
|
|
{{end}}
|
|
`)
|
|
|
|
func templatesConsul_catalogTmplBytes() ([]byte, error) {
|
|
return _templatesConsul_catalogTmpl, nil
|
|
}
|
|
|
|
func templatesConsul_catalogTmpl() (*asset, error) {
|
|
bytes, err := templatesConsul_catalogTmplBytes()
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
info := bindataFileInfo{name: "templates/consul_catalog.tmpl", size: 0, mode: os.FileMode(0), modTime: time.Unix(0, 0)}
|
|
a := &asset{bytes: bytes, info: info}
|
|
return a, nil
|
|
}
|
|
|
|
var _templatesDockerTmpl = []byte(`{{$backendServers := .Servers}}
|
|
[backends]
|
|
{{range $backendName, $servers := .Servers}}
|
|
{{ $backend := index $servers 0 }}
|
|
|
|
{{ $circuitBreaker := getCircuitBreaker $backend.SegmentLabels }}
|
|
{{if $circuitBreaker }}
|
|
[backends."backend-{{ $backendName }}".circuitBreaker]
|
|
expression = "{{ $circuitBreaker.Expression }}"
|
|
{{end}}
|
|
|
|
{{ $responseForwarding := getResponseForwarding $backend.SegmentLabels }}
|
|
{{if $responseForwarding }}
|
|
[backends."backend-{{ $backendName }}".responseForwarding]
|
|
flushInterval = "{{ $responseForwarding.FlushInterval }}"
|
|
{{end}}
|
|
|
|
{{ $loadBalancer := getLoadBalancer $backend.SegmentLabels }}
|
|
{{if $loadBalancer }}
|
|
[backends."backend-{{ $backendName }}".loadBalancer]
|
|
method = "{{ $loadBalancer.Method }}"
|
|
{{if $loadBalancer.Stickiness }}
|
|
[backends."backend-{{ $backendName }}".loadBalancer.stickiness]
|
|
cookieName = "{{ $loadBalancer.Stickiness.CookieName }}"
|
|
{{end}}
|
|
{{end}}
|
|
|
|
{{ $maxConn := getMaxConn $backend.SegmentLabels }}
|
|
{{if $maxConn }}
|
|
[backends."backend-{{ $backendName }}".maxConn]
|
|
extractorFunc = "{{ $maxConn.ExtractorFunc }}"
|
|
amount = {{ $maxConn.Amount }}
|
|
{{end}}
|
|
|
|
{{ $healthCheck := getHealthCheck $backend.SegmentLabels }}
|
|
{{if $healthCheck }}
|
|
[backends."backend-{{ $backendName }}".healthCheck]
|
|
scheme = "{{ $healthCheck.Scheme }}"
|
|
path = "{{ $healthCheck.Path }}"
|
|
port = {{ $healthCheck.Port }}
|
|
interval = "{{ $healthCheck.Interval }}"
|
|
timeout = "{{ $healthCheck.Timeout }}"
|
|
hostname = "{{ $healthCheck.Hostname }}"
|
|
{{if $healthCheck.Headers }}
|
|
[backends."backend-{{ $backendName }}".healthCheck.headers]
|
|
{{range $k, $v := $healthCheck.Headers }}
|
|
{{$k}} = "{{$v}}"
|
|
{{end}}
|
|
{{end}}
|
|
{{end}}
|
|
|
|
{{ $buffering := getBuffering $backend.SegmentLabels }}
|
|
{{if $buffering }}
|
|
[backends."backend-{{ $backendName }}".buffering]
|
|
maxRequestBodyBytes = {{ $buffering.MaxRequestBodyBytes }}
|
|
memRequestBodyBytes = {{ $buffering.MemRequestBodyBytes }}
|
|
maxResponseBodyBytes = {{ $buffering.MaxResponseBodyBytes }}
|
|
memResponseBodyBytes = {{ $buffering.MemResponseBodyBytes }}
|
|
retryExpression = "{{ $buffering.RetryExpression }}"
|
|
{{end}}
|
|
|
|
{{range $serverName, $server := getServers $servers }}
|
|
[backends."backend-{{ $backendName }}".servers."{{ $serverName }}"]
|
|
url = "{{ $server.URL }}"
|
|
weight = {{ $server.Weight }}
|
|
{{end}}
|
|
|
|
{{end}}
|
|
|
|
[frontends]
|
|
{{range $frontendName, $containers := .Frontends }}
|
|
{{ $container := index $containers 0 }}
|
|
|
|
[frontends."frontend-{{ $frontendName }}"]
|
|
backend = "backend-{{ getBackendName $container }}"
|
|
priority = {{ getPriority $container.SegmentLabels }}
|
|
passHostHeader = {{ getPassHostHeader $container.SegmentLabels }}
|
|
passTLSCert = {{ getPassTLSCert $container.SegmentLabels }}
|
|
|
|
entryPoints = [{{range getEntryPoints $container.SegmentLabels }}
|
|
"{{.}}",
|
|
{{end}}]
|
|
|
|
{{ $tlsClientCert := getPassTLSClientCert $container.SegmentLabels }}
|
|
{{if $tlsClientCert }}
|
|
[frontends."frontend-{{ $frontendName }}".passTLSClientCert]
|
|
pem = {{ $tlsClientCert.PEM }}
|
|
{{ $infos := $tlsClientCert.Infos }}
|
|
{{if $infos }}
|
|
[frontends."frontend-{{ $frontendName }}".passTLSClientCert.infos]
|
|
notAfter = {{ $infos.NotAfter }}
|
|
notBefore = {{ $infos.NotBefore }}
|
|
sans = {{ $infos.Sans }}
|
|
{{ $subject := $infos.Subject }}
|
|
{{if $subject }}
|
|
[frontends."frontend-{{ $frontendName }}".passTLSClientCert.infos.subject]
|
|
country = {{ $subject.Country }}
|
|
province = {{ $subject.Province }}
|
|
locality = {{ $subject.Locality }}
|
|
organization = {{ $subject.Organization }}
|
|
commonName = {{ $subject.CommonName }}
|
|
serialNumber = {{ $subject.SerialNumber }}
|
|
{{end}}
|
|
{{end}}
|
|
{{end}}
|
|
|
|
{{ $auth := getAuth $container.SegmentLabels }}
|
|
{{if $auth }}
|
|
[frontends."frontend-{{ $frontendName }}".auth]
|
|
headerField = "{{ $auth.HeaderField }}"
|
|
|
|
{{if $auth.Forward }}
|
|
[frontends."frontend-{{ $frontendName }}".auth.forward]
|
|
address = "{{ $auth.Forward.Address }}"
|
|
trustForwardHeader = {{ $auth.Forward.TrustForwardHeader }}
|
|
{{if $auth.Forward.AuthResponseHeaders }}
|
|
authResponseHeaders = [{{range $auth.Forward.AuthResponseHeaders }}
|
|
"{{.}}",
|
|
{{end}}]
|
|
{{end}}
|
|
|
|
{{if $auth.Forward.TLS }}
|
|
[frontends."frontend-{{ $frontendName }}".auth.forward.tls]
|
|
ca = "{{ $auth.Forward.TLS.CA }}"
|
|
caOptional = {{ $auth.Forward.TLS.CAOptional }}
|
|
cert = """{{ $auth.Forward.TLS.Cert }}"""
|
|
key = """{{ $auth.Forward.TLS.Key }}"""
|
|
insecureSkipVerify = {{ $auth.Forward.TLS.InsecureSkipVerify }}
|
|
{{end}}
|
|
{{end}}
|
|
|
|
{{if $auth.Basic }}
|
|
[frontends."frontend-{{ $frontendName }}".auth.basic]
|
|
realm = "{{ $auth.Basic.Realm }}"
|
|
removeHeader = {{ $auth.Basic.RemoveHeader }}
|
|
{{if $auth.Basic.Users }}
|
|
users = [{{range $auth.Basic.Users }}
|
|
"{{.}}",
|
|
{{end}}]
|
|
{{end}}
|
|
usersFile = "{{ $auth.Basic.UsersFile }}"
|
|
{{end}}
|
|
|
|
{{if $auth.Digest }}
|
|
[frontends."frontend-{{ $frontendName }}".auth.digest]
|
|
removeHeader = {{ $auth.Digest.RemoveHeader }}
|
|
{{if $auth.Digest.Users }}
|
|
users = [{{range $auth.Digest.Users }}
|
|
"{{.}}",
|
|
{{end}}]
|
|
{{end}}
|
|
usersFile = "{{ $auth.Digest.UsersFile }}"
|
|
{{end}}
|
|
{{end}}
|
|
|
|
{{ $whitelist := getWhiteList $container.SegmentLabels }}
|
|
{{if $whitelist }}
|
|
[frontends."frontend-{{ $frontendName }}".whiteList]
|
|
sourceRange = [{{range $whitelist.SourceRange }}
|
|
"{{.}}",
|
|
{{end}}]
|
|
{{if $whitelist.IPStrategy }}
|
|
[frontends."frontend-{{ $frontendName }}".whiteList.IPStrategy]
|
|
depth = {{ $whitelist.IPStrategy.Depth }}
|
|
excludedIPs = [{{range $whitelist.IPStrategy.ExcludedIPs }}
|
|
"{{.}}",
|
|
{{end}}]
|
|
{{end}}
|
|
{{end}}
|
|
|
|
{{ $redirect := getRedirect $container.SegmentLabels }}
|
|
{{if $redirect }}
|
|
[frontends."frontend-{{ $frontendName }}".redirect]
|
|
entryPoint = "{{ $redirect.EntryPoint }}"
|
|
regex = "{{ $redirect.Regex }}"
|
|
replacement = "{{ $redirect.Replacement }}"
|
|
permanent = {{ $redirect.Permanent }}
|
|
{{end}}
|
|
|
|
{{ $errorPages := getErrorPages $container.SegmentLabels }}
|
|
{{if $errorPages }}
|
|
[frontends."frontend-{{ $frontendName }}".errors]
|
|
{{range $pageName, $page := $errorPages }}
|
|
[frontends."frontend-{{ $frontendName }}".errors."{{ $pageName }}"]
|
|
status = [{{range $page.Status }}
|
|
"{{.}}",
|
|
{{end}}]
|
|
backend = "backend-{{ $page.Backend }}"
|
|
query = "{{ $page.Query }}"
|
|
{{end}}
|
|
{{end}}
|
|
|
|
{{ $rateLimit := getRateLimit $container.SegmentLabels }}
|
|
{{if $rateLimit }}
|
|
[frontends."frontend-{{ $frontendName }}".rateLimit]
|
|
extractorFunc = "{{ $rateLimit.ExtractorFunc }}"
|
|
[frontends."frontend-{{ $frontendName }}".rateLimit.rateSet]
|
|
{{ range $limitName, $limit := $rateLimit.RateSet }}
|
|
[frontends."frontend-{{ $frontendName }}".rateLimit.rateSet."{{ $limitName }}"]
|
|
period = "{{ $limit.Period }}"
|
|
average = {{ $limit.Average }}
|
|
burst = {{ $limit.Burst }}
|
|
{{end}}
|
|
{{end}}
|
|
|
|
{{ $headers := getHeaders $container.SegmentLabels }}
|
|
{{if $headers }}
|
|
[frontends."frontend-{{ $frontendName }}".headers]
|
|
SSLRedirect = {{ $headers.SSLRedirect }}
|
|
SSLTemporaryRedirect = {{ $headers.SSLTemporaryRedirect }}
|
|
SSLHost = "{{ $headers.SSLHost }}"
|
|
SSLForceHost = {{ $headers.SSLForceHost }}
|
|
STSSeconds = {{ $headers.STSSeconds }}
|
|
STSIncludeSubdomains = {{ $headers.STSIncludeSubdomains }}
|
|
STSPreload = {{ $headers.STSPreload }}
|
|
ForceSTSHeader = {{ $headers.ForceSTSHeader }}
|
|
FrameDeny = {{ $headers.FrameDeny }}
|
|
CustomFrameOptionsValue = "{{ $headers.CustomFrameOptionsValue }}"
|
|
ContentTypeNosniff = {{ $headers.ContentTypeNosniff }}
|
|
BrowserXSSFilter = {{ $headers.BrowserXSSFilter }}
|
|
ContentSecurityPolicy = "{{ $headers.ContentSecurityPolicy }}"
|
|
CustomBrowserXSSValue = "{{ $headers.CustomBrowserXSSValue }}"
|
|
PublicKey = "{{ $headers.PublicKey }}"
|
|
ReferrerPolicy = "{{ $headers.ReferrerPolicy }}"
|
|
IsDevelopment = {{ $headers.IsDevelopment }}
|
|
|
|
{{if $headers.AllowedHosts }}
|
|
AllowedHosts = [{{range $headers.AllowedHosts }}
|
|
"{{.}}",
|
|
{{end}}]
|
|
{{end}}
|
|
|
|
{{if $headers.HostsProxyHeaders }}
|
|
HostsProxyHeaders = [{{range $headers.HostsProxyHeaders }}
|
|
"{{.}}",
|
|
{{end}}]
|
|
{{end}}
|
|
|
|
{{if $headers.CustomRequestHeaders }}
|
|
[frontends."frontend-{{ $frontendName }}".headers.customRequestHeaders]
|
|
{{range $k, $v := $headers.CustomRequestHeaders }}
|
|
{{$k}} = "{{$v}}"
|
|
{{end}}
|
|
{{end}}
|
|
|
|
{{if $headers.CustomResponseHeaders }}
|
|
[frontends."frontend-{{ $frontendName }}".headers.customResponseHeaders]
|
|
{{range $k, $v := $headers.CustomResponseHeaders }}
|
|
{{$k}} = "{{$v}}"
|
|
{{end}}
|
|
{{end}}
|
|
|
|
{{if $headers.SSLProxyHeaders }}
|
|
[frontends."frontend-{{ $frontendName }}".headers.SSLProxyHeaders]
|
|
{{range $k, $v := $headers.SSLProxyHeaders }}
|
|
{{$k}} = "{{$v}}"
|
|
{{end}}
|
|
{{end}}
|
|
|
|
{{end}}
|
|
|
|
[frontends."frontend-{{ $frontendName }}".routes."route-frontend-{{ $frontendName }}"]
|
|
rule = "{{ getFrontendRule $container $container.SegmentLabels }}"
|
|
|
|
{{end}}
|
|
`)
|
|
|
|
func templatesDockerTmplBytes() ([]byte, error) {
|
|
return _templatesDockerTmpl, nil
|
|
}
|
|
|
|
func templatesDockerTmpl() (*asset, error) {
|
|
bytes, err := templatesDockerTmplBytes()
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
info := bindataFileInfo{name: "templates/docker.tmpl", size: 0, mode: os.FileMode(0), modTime: time.Unix(0, 0)}
|
|
a := &asset{bytes: bytes, info: info}
|
|
return a, nil
|
|
}
|
|
|
|
var _templatesEcsTmpl = []byte(`[backends]
|
|
{{range $serviceName, $instances := .Services }}
|
|
{{ $firstInstance := index $instances 0 }}
|
|
|
|
{{ $circuitBreaker := getCircuitBreaker $firstInstance.SegmentLabels }}
|
|
{{if $circuitBreaker }}
|
|
[backends."backend-{{ $serviceName }}".circuitBreaker]
|
|
expression = "{{ $circuitBreaker.Expression }}"
|
|
{{end}}
|
|
|
|
{{ $responseForwarding := getResponseForwarding $firstInstance.SegmentLabels }}
|
|
{{if $responseForwarding }}
|
|
[backends."backend-{{ $serviceName }}".responseForwarding]
|
|
flushInterval = "{{ $responseForwarding.FlushInterval }}"
|
|
{{end}}
|
|
|
|
{{ $loadBalancer := getLoadBalancer $firstInstance.SegmentLabels }}
|
|
{{if $loadBalancer }}
|
|
[backends."backend-{{ $serviceName }}".loadBalancer]
|
|
method = "{{ $loadBalancer.Method }}"
|
|
{{if $loadBalancer.Stickiness }}
|
|
[backends."backend-{{ $serviceName }}".loadBalancer.stickiness]
|
|
cookieName = "{{ $loadBalancer.Stickiness.CookieName }}"
|
|
{{end}}
|
|
{{end}}
|
|
|
|
{{ $maxConn := getMaxConn $firstInstance.SegmentLabels }}
|
|
{{if $maxConn }}
|
|
[backends."backend-{{ $serviceName }}".maxConn]
|
|
extractorFunc = "{{ $maxConn.ExtractorFunc }}"
|
|
amount = {{ $maxConn.Amount }}
|
|
{{end}}
|
|
|
|
{{ $healthCheck := getHealthCheck $firstInstance.SegmentLabels }}
|
|
{{if $healthCheck }}
|
|
[backends."backend-{{ $serviceName }}".healthCheck]
|
|
scheme = "{{ $healthCheck.Scheme }}"
|
|
path = "{{ $healthCheck.Path }}"
|
|
port = {{ $healthCheck.Port }}
|
|
interval = "{{ $healthCheck.Interval }}"
|
|
timeout = "{{ $healthCheck.Timeout }}"
|
|
hostname = "{{ $healthCheck.Hostname }}"
|
|
{{if $healthCheck.Headers }}
|
|
[backends."backend-{{ $serviceName }}".healthCheck.headers]
|
|
{{range $k, $v := $healthCheck.Headers }}
|
|
{{$k}} = "{{$v}}"
|
|
{{end}}
|
|
{{end}}
|
|
{{end}}
|
|
|
|
{{ $buffering := getBuffering $firstInstance.SegmentLabels }}
|
|
{{if $buffering }}
|
|
[backends."backend-{{ $serviceName }}".buffering]
|
|
maxRequestBodyBytes = {{ $buffering.MaxRequestBodyBytes }}
|
|
memRequestBodyBytes = {{ $buffering.MemRequestBodyBytes }}
|
|
maxResponseBodyBytes = {{ $buffering.MaxResponseBodyBytes }}
|
|
memResponseBodyBytes = {{ $buffering.MemResponseBodyBytes }}
|
|
retryExpression = "{{ $buffering.RetryExpression }}"
|
|
{{end}}
|
|
|
|
{{range $serverName, $server := getServers $instances }}
|
|
[backends."backend-{{ $serviceName }}".servers."{{ $serverName }}"]
|
|
url = "{{ $server.URL }}"
|
|
weight = {{ $server.Weight }}
|
|
{{end}}
|
|
|
|
{{end}}
|
|
|
|
[frontends]
|
|
{{range $serviceName, $instances := .Services }}
|
|
{{range $instance := filterFrontends $instances }}
|
|
|
|
{{ $frontendName := getFrontendName $instance }}
|
|
|
|
[frontends."frontend-{{ $frontendName }}"]
|
|
backend = "backend-{{ $serviceName }}"
|
|
priority = {{ getPriority $instance.SegmentLabels }}
|
|
passHostHeader = {{ getPassHostHeader $instance.SegmentLabels }}
|
|
passTLSCert = {{ getPassTLSCert $instance.SegmentLabels }}
|
|
|
|
entryPoints = [{{range getEntryPoints $instance.SegmentLabels }}
|
|
"{{.}}",
|
|
{{end}}]
|
|
|
|
{{ $tlsClientCert := getPassTLSClientCert $instance.SegmentLabels }}
|
|
{{if $tlsClientCert }}
|
|
[frontends."frontend-{{ $frontendName }}".passTLSClientCert]
|
|
pem = {{ $tlsClientCert.PEM }}
|
|
{{ $infos := $tlsClientCert.Infos }}
|
|
{{if $infos }}
|
|
[frontends."frontend-{{ $frontendName }}".passTLSClientCert.infos]
|
|
notAfter = {{ $infos.NotAfter }}
|
|
notBefore = {{ $infos.NotBefore }}
|
|
sans = {{ $infos.Sans }}
|
|
{{ $subject := $infos.Subject }}
|
|
{{if $subject }}
|
|
[frontends."frontend-{{ $frontendName }}".passTLSClientCert.infos.subject]
|
|
country = {{ $subject.Country }}
|
|
province = {{ $subject.Province }}
|
|
locality = {{ $subject.Locality }}
|
|
organization = {{ $subject.Organization }}
|
|
commonName = {{ $subject.CommonName }}
|
|
serialNumber = {{ $subject.SerialNumber }}
|
|
{{end}}
|
|
{{end}}
|
|
{{end}}
|
|
|
|
{{ $auth := getAuth $instance.SegmentLabels }}
|
|
{{if $auth }}
|
|
[frontends."frontend-{{ $frontendName }}".auth]
|
|
headerField = "{{ $auth.HeaderField }}"
|
|
|
|
{{if $auth.Forward }}
|
|
[frontends."frontend-{{ $frontendName }}".auth.forward]
|
|
address = "{{ $auth.Forward.Address }}"
|
|
trustForwardHeader = {{ $auth.Forward.TrustForwardHeader }}
|
|
{{if $auth.Forward.AuthResponseHeaders }}
|
|
authResponseHeaders = [{{range $auth.Forward.AuthResponseHeaders }}
|
|
"{{.}}",
|
|
{{end}}]
|
|
{{end}}
|
|
|
|
{{if $auth.Forward.TLS }}
|
|
[frontends."frontend-{{ $frontendName }}".auth.forward.tls]
|
|
ca = "{{ $auth.Forward.TLS.CA }}"
|
|
caOptional = {{ $auth.Forward.TLS.CAOptional }}
|
|
cert = """{{ $auth.Forward.TLS.Cert }}"""
|
|
key = """{{ $auth.Forward.TLS.Key }}"""
|
|
insecureSkipVerify = {{ $auth.Forward.TLS.InsecureSkipVerify }}
|
|
{{end}}
|
|
{{end}}
|
|
|
|
{{if $auth.Basic }}
|
|
[frontends."frontend-{{ $frontendName }}".auth.basic]
|
|
removeHeader = {{ $auth.Basic.RemoveHeader }}
|
|
{{if $auth.Basic.Users }}
|
|
users = [{{range $auth.Basic.Users }}
|
|
"{{.}}",
|
|
{{end}}]
|
|
{{end}}
|
|
usersFile = "{{ $auth.Basic.UsersFile }}"
|
|
{{end}}
|
|
|
|
{{if $auth.Digest }}
|
|
[frontends."frontend-{{ $frontendName }}".auth.digest]
|
|
removeHeader = {{ $auth.Digest.RemoveHeader }}
|
|
{{if $auth.Digest.Users }}
|
|
users = [{{range $auth.Digest.Users }}
|
|
"{{.}}",
|
|
{{end}}]
|
|
{{end}}
|
|
usersFile = "{{ $auth.Digest.UsersFile }}"
|
|
{{end}}
|
|
{{end}}
|
|
|
|
{{ $whitelist := getWhiteList $instance.SegmentLabels }}
|
|
{{if $whitelist }}
|
|
[frontends."frontend-{{ $frontendName }}".whiteList]
|
|
sourceRange = [{{range $whitelist.SourceRange }}
|
|
"{{.}}",
|
|
{{end}}]
|
|
{{if $whitelist.IPStrategy }}
|
|
[frontends."frontend-{{ $frontendName }}".whiteList.IPStrategy]
|
|
depth = {{ $whitelist.IPStrategy.Depth }}
|
|
excludedIPs = [{{range $whitelist.IPStrategy.ExcludedIPs }}
|
|
"{{.}}",
|
|
{{end}}]
|
|
{{end}}
|
|
{{end}}
|
|
|
|
{{ $redirect := getRedirect $instance.SegmentLabels }}
|
|
{{if $redirect }}
|
|
[frontends."frontend-{{ $frontendName }}".redirect]
|
|
entryPoint = "{{ $redirect.EntryPoint }}"
|
|
regex = "{{ $redirect.Regex }}"
|
|
replacement = "{{ $redirect.Replacement }}"
|
|
permanent = {{ $redirect.Permanent }}
|
|
{{end}}
|
|
|
|
{{ $errorPages := getErrorPages $instance.SegmentLabels }}
|
|
{{if $errorPages }}
|
|
[frontends."frontend-{{ $frontendName }}".errors]
|
|
{{range $pageName, $page := $errorPages }}
|
|
[frontends."frontend-{{ $frontendName }}".errors."{{ $pageName }}"]
|
|
status = [{{range $page.Status }}
|
|
"{{.}}",
|
|
{{end}}]
|
|
backend = "backend-{{ $page.Backend }}"
|
|
query = "{{ $page.Query }}"
|
|
{{end}}
|
|
{{end}}
|
|
|
|
{{ $rateLimit := getRateLimit $instance.SegmentLabels }}
|
|
{{if $rateLimit }}
|
|
[frontends."frontend-{{ $frontendName }}".rateLimit]
|
|
extractorFunc = "{{ $rateLimit.ExtractorFunc }}"
|
|
[frontends."frontend-{{ $frontendName }}".rateLimit.rateSet]
|
|
{{ range $limitName, $limit := $rateLimit.RateSet }}
|
|
[frontends."frontend-{{ $frontendName }}".rateLimit.rateSet."{{ $limitName }}"]
|
|
period = "{{ $limit.Period }}"
|
|
average = {{ $limit.Average }}
|
|
burst = {{ $limit.Burst }}
|
|
{{end}}
|
|
{{end}}
|
|
|
|
{{ $headers := getHeaders $instance.SegmentLabels }}
|
|
{{if $headers }}
|
|
[frontends."frontend-{{ $frontendName }}".headers]
|
|
SSLRedirect = {{ $headers.SSLRedirect }}
|
|
SSLTemporaryRedirect = {{ $headers.SSLTemporaryRedirect }}
|
|
SSLHost = "{{ $headers.SSLHost }}"
|
|
SSLForceHost = {{ $headers.SSLForceHost }}
|
|
STSSeconds = {{ $headers.STSSeconds }}
|
|
STSIncludeSubdomains = {{ $headers.STSIncludeSubdomains }}
|
|
STSPreload = {{ $headers.STSPreload }}
|
|
ForceSTSHeader = {{ $headers.ForceSTSHeader }}
|
|
FrameDeny = {{ $headers.FrameDeny }}
|
|
CustomFrameOptionsValue = "{{ $headers.CustomFrameOptionsValue }}"
|
|
ContentTypeNosniff = {{ $headers.ContentTypeNosniff }}
|
|
BrowserXSSFilter = {{ $headers.BrowserXSSFilter }}
|
|
CustomBrowserXSSValue = "{{ $headers.CustomBrowserXSSValue }}"
|
|
ContentSecurityPolicy = "{{ $headers.ContentSecurityPolicy }}"
|
|
PublicKey = "{{ $headers.PublicKey }}"
|
|
ReferrerPolicy = "{{ $headers.ReferrerPolicy }}"
|
|
IsDevelopment = {{ $headers.IsDevelopment }}
|
|
|
|
{{if $headers.AllowedHosts }}
|
|
AllowedHosts = [{{range $headers.AllowedHosts }}
|
|
"{{.}}",
|
|
{{end}}]
|
|
{{end}}
|
|
|
|
{{if $headers.HostsProxyHeaders }}
|
|
HostsProxyHeaders = [{{range $headers.HostsProxyHeaders }}
|
|
"{{.}}",
|
|
{{end}}]
|
|
{{end}}
|
|
|
|
{{if $headers.CustomRequestHeaders }}
|
|
[frontends."frontend-{{ $frontendName }}".headers.customRequestHeaders]
|
|
{{range $k, $v := $headers.CustomRequestHeaders }}
|
|
{{$k}} = "{{$v}}"
|
|
{{end}}
|
|
{{end}}
|
|
|
|
{{if $headers.CustomResponseHeaders }}
|
|
[frontends."frontend-{{ $frontendName }}".headers.customResponseHeaders]
|
|
{{range $k, $v := $headers.CustomResponseHeaders }}
|
|
{{$k}} = "{{$v}}"
|
|
{{end}}
|
|
{{end}}
|
|
|
|
{{if $headers.SSLProxyHeaders }}
|
|
[frontends."frontend-{{ $frontendName }}".headers.SSLProxyHeaders]
|
|
{{range $k, $v := $headers.SSLProxyHeaders }}
|
|
{{$k}} = "{{$v}}"
|
|
{{end}}
|
|
{{end}}
|
|
{{end}}
|
|
|
|
[frontends."frontend-{{ $frontendName }}".routes."route-frontend-{{ $frontendName }}"]
|
|
rule = "{{ getFrontendRule $instance }}"
|
|
|
|
{{end}}
|
|
{{end}}`)
|
|
|
|
func templatesEcsTmplBytes() ([]byte, error) {
|
|
return _templatesEcsTmpl, nil
|
|
}
|
|
|
|
func templatesEcsTmpl() (*asset, error) {
|
|
bytes, err := templatesEcsTmplBytes()
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
info := bindataFileInfo{name: "templates/ecs.tmpl", size: 0, mode: os.FileMode(0), modTime: time.Unix(0, 0)}
|
|
a := &asset{bytes: bytes, info: info}
|
|
return a, nil
|
|
}
|
|
|
|
var _templatesEurekaTmpl = []byte(`[backends]
|
|
{{range $app := .Applications }}
|
|
|
|
[backends.backend-{{ $app.Name }}]
|
|
|
|
{{range $instance := .Instances }}
|
|
[backends."backend-{{ $app.Name }}".servers."server-{{ getInstanceID $instance }}"]
|
|
url = "{{ getProtocol $instance }}://{{ .IpAddr }}:{{ getPort $instance }}"
|
|
weight = {{ getWeight $instance }}
|
|
{{end}}
|
|
|
|
{{end}}
|
|
|
|
[frontends]
|
|
{{range $app := .Applications }}
|
|
|
|
[frontends."frontend-{{ $app.Name }}"]
|
|
backend = "backend-{{ $app.Name }}"
|
|
entryPoints = ["http"]
|
|
|
|
[frontends."frontend-{{ $app.Name }}".routes."route-host{{ $app.Name }}"]
|
|
rule = "Host:{{ $app.Name | tolower }}"
|
|
|
|
{{end}}
|
|
`)
|
|
|
|
func templatesEurekaTmplBytes() ([]byte, error) {
|
|
return _templatesEurekaTmpl, nil
|
|
}
|
|
|
|
func templatesEurekaTmpl() (*asset, error) {
|
|
bytes, err := templatesEurekaTmplBytes()
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
info := bindataFileInfo{name: "templates/eureka.tmpl", size: 0, mode: os.FileMode(0), modTime: time.Unix(0, 0)}
|
|
a := &asset{bytes: bytes, info: info}
|
|
return a, nil
|
|
}
|
|
|
|
var _templatesKubernetesTmpl = []byte(`[backends]
|
|
{{range $backendName, $backend := .Backends }}
|
|
|
|
[backends."{{ $backendName }}"]
|
|
|
|
{{if $backend.CircuitBreaker }}
|
|
[backends."{{ $backendName }}".circuitBreaker]
|
|
expression = "{{ $backend.CircuitBreaker.Expression }}"
|
|
{{end}}
|
|
|
|
{{if $backend.ResponseForwarding }}
|
|
[backends."{{ $backendName }}".responseForwarding]
|
|
flushInterval = "{{ $backend.responseForwarding.FlushInterval }}"
|
|
{{end}}
|
|
|
|
[backends."{{ $backendName }}".loadBalancer]
|
|
method = "{{ $backend.LoadBalancer.Method }}"
|
|
{{if $backend.LoadBalancer.Stickiness }}
|
|
[backends."{{ $backendName }}".loadBalancer.stickiness]
|
|
cookieName = "{{ $backend.LoadBalancer.Stickiness.CookieName }}"
|
|
{{end}}
|
|
|
|
{{if $backend.MaxConn }}
|
|
[backends."{{ $backendName }}".maxConn]
|
|
amount = {{ $backend.MaxConn.Amount }}
|
|
extractorFunc = "{{ $backend.MaxConn.ExtractorFunc }}"
|
|
{{end}}
|
|
|
|
{{if $backend.Buffering }}
|
|
[backends."{{ $backendName }}".buffering]
|
|
maxRequestBodyBytes = {{ $backend.Buffering.MaxRequestBodyBytes }}
|
|
memRequestBodyBytes = {{ $backend.Buffering.MemRequestBodyBytes }}
|
|
maxResponseBodyBytes = {{ $backend.Buffering.MaxResponseBodyBytes }}
|
|
memResponseBodyBytes = {{ $backend.Buffering.MemResponseBodyBytes }}
|
|
retryExpression = "{{ $backend.Buffering.RetryExpression }}"
|
|
{{end}}
|
|
|
|
{{range $serverName, $server := $backend.Servers }}
|
|
[backends."{{ $backendName }}".servers."{{ $serverName }}"]
|
|
url = "{{ $server.URL }}"
|
|
weight = {{ $server.Weight }}
|
|
{{end}}
|
|
|
|
{{end}}
|
|
|
|
[frontends]
|
|
{{range $frontendName, $frontend := .Frontends }}
|
|
|
|
[frontends."{{ $frontendName }}"]
|
|
backend = "{{ $frontend.Backend }}"
|
|
priority = {{ $frontend.Priority }}
|
|
passHostHeader = {{ $frontend.PassHostHeader }}
|
|
passTLSCert = {{ $frontend.PassTLSCert }}
|
|
|
|
entryPoints = [{{range $frontend.EntryPoints }}
|
|
"{{.}}",
|
|
{{end}}]
|
|
|
|
{{if $frontend.Auth }}
|
|
[frontends."{{ $frontendName }}".auth]
|
|
headerField = "X-WebAuth-User"
|
|
|
|
{{if $frontend.Auth.Basic }}
|
|
[frontends."{{ $frontendName }}".auth.basic]
|
|
removeHeader = {{$frontend.Auth.Basic.RemoveHeader}}
|
|
users = [{{range $frontend.Auth.Basic.Users }}
|
|
"{{.}}",
|
|
{{end}}]
|
|
{{end}}
|
|
|
|
{{if $frontend.Auth.Digest }}
|
|
[frontends."{{ $frontendName }}".auth.digest]
|
|
removeHeader = {{$frontend.Auth.Digest.RemoveHeader}}
|
|
users = [{{range $frontend.Auth.Digest.Users }}
|
|
"{{.}}",
|
|
{{end}}]
|
|
{{end}}
|
|
|
|
{{if $frontend.Auth.Forward }}
|
|
[frontends."{{ $frontendName }}".auth.forward]
|
|
address = "{{ $frontend.Auth.Forward.Address }}"
|
|
authResponseHeaders = [{{range $frontend.Auth.Forward.AuthResponseHeaders }}
|
|
"{{.}}",
|
|
{{end}}]
|
|
trustForwardHeader = {{ $frontend.Auth.Forward.TrustForwardHeader }}
|
|
{{if $frontend.Auth.Forward.TLS }}
|
|
[frontends."{{ $frontendName }}".auth.forward.tls]
|
|
cert = """{{ $frontend.Auth.Forward.TLS.Cert }}"""
|
|
key = """{{ $frontend.Auth.Forward.TLS.Key }}"""
|
|
insecureSkipVerify = {{ $frontend.Auth.Forward.TLS.InsecureSkipVerify }}
|
|
{{end}}
|
|
{{end}}
|
|
|
|
{{end}}
|
|
|
|
{{if $frontend.WhiteList }}
|
|
[frontends."{{ $frontendName }}".whiteList]
|
|
sourceRange = [{{range $frontend.Whitelist.SourceRange }}
|
|
"{{.}}",
|
|
{{end}}]
|
|
{{if $frontend.Whitelist.IPStrategy }}
|
|
[frontends."{{ $frontendName }}".whiteList.IPStrategy]
|
|
depth = {{ $frontend.Whitelist.IPStrategy.Depth }}
|
|
excludedIPs = [{{range $frontend.Whitelist.IPStrategy.ExcludedIPs }}
|
|
"{{.}}",
|
|
{{end}}]
|
|
{{end}}
|
|
{{end}}
|
|
|
|
{{if $frontend.Redirect }}
|
|
[frontends."{{ $frontendName }}".redirect]
|
|
entryPoint = "{{ $frontend.Redirect.EntryPoint }}"
|
|
regex = "{{ $frontend.Redirect.Regex }}"
|
|
replacement = "{{ $frontend.Redirect.Replacement }}"
|
|
permanent = {{ $frontend.Redirect.Permanent }}
|
|
{{end}}
|
|
|
|
{{if $frontend.Errors }}
|
|
[frontends."{{ $frontendName }}".errors]
|
|
{{range $pageName, $page := $frontend.Errors }}
|
|
[frontends."{{ $frontendName }}".errors."{{ $pageName }}"]
|
|
status = [{{range $page.Status }}
|
|
"{{.}}",
|
|
{{end}}]
|
|
backend = "{{ $page.Backend }}"
|
|
query = "{{ $page.Query }}"
|
|
{{end}}
|
|
{{end}}
|
|
|
|
{{if $frontend.RateLimit }}
|
|
[frontends."{{ $frontendName }}".rateLimit]
|
|
extractorFunc = "{{ $frontend.RateLimit.ExtractorFunc }}"
|
|
[frontends."{{ $frontendName }}".rateLimit.rateSet]
|
|
{{range $limitName, $limit := $frontend.RateLimit.RateSet }}
|
|
[frontends."{{ $frontendName }}".rateLimit.rateSet."{{ $limitName }}"]
|
|
period = "{{ $limit.Period }}"
|
|
average = {{ $limit.Average }}
|
|
burst = {{ $limit.Burst }}
|
|
{{end}}
|
|
{{end}}
|
|
|
|
{{if $frontend.PassTLSClientCert }}
|
|
[frontends."{{ $frontendName }}".passTLSClientCert]
|
|
pem = {{ $frontend.PassTLSClientCert.PEM }}
|
|
{{ $infos := $frontend.PassTLSClientCert.Infos }}
|
|
{{if $infos }}
|
|
[frontends."{{ $frontendName }}".passTLSClientCert.infos]
|
|
notAfter = {{ $infos.NotAfter }}
|
|
notBefore = {{ $infos.NotBefore }}
|
|
sans = {{ $infos.Sans }}
|
|
{{ $subject := $infos.Subject }}
|
|
{{if $subject }}
|
|
[frontends."{{ $frontendName }}".passTLSClientCert.infos.subject]
|
|
country = {{ $subject.Country }}
|
|
province = {{ $subject.Province }}
|
|
locality = {{ $subject.Locality }}
|
|
organization = {{ $subject.Organization }}
|
|
commonName = {{ $subject.CommonName }}
|
|
serialNumber = {{ $subject.SerialNumber }}
|
|
{{end}}
|
|
{{end}}
|
|
{{end}}
|
|
|
|
{{if $frontend.Headers }}
|
|
[frontends."{{ $frontendName }}".headers]
|
|
SSLRedirect = {{ $frontend.Headers.SSLRedirect }}
|
|
SSLTemporaryRedirect = {{ $frontend.Headers.SSLTemporaryRedirect }}
|
|
SSLHost = "{{ $frontend.Headers.SSLHost }}"
|
|
SSLForceHost = {{ $frontend.Headers.SSLForceHost }}
|
|
STSSeconds = {{ $frontend.Headers.STSSeconds }}
|
|
STSIncludeSubdomains = {{ $frontend.Headers.STSIncludeSubdomains }}
|
|
STSPreload = {{ $frontend.Headers.STSPreload }}
|
|
ForceSTSHeader = {{ $frontend.Headers.ForceSTSHeader }}
|
|
FrameDeny = {{ $frontend.Headers.FrameDeny }}
|
|
CustomFrameOptionsValue = "{{ $frontend.Headers.CustomFrameOptionsValue }}"
|
|
ContentTypeNosniff = {{ $frontend.Headers.ContentTypeNosniff }}
|
|
BrowserXSSFilter = {{ $frontend.Headers.BrowserXSSFilter }}
|
|
CustomBrowserXSSValue = "{{ $frontend.Headers.CustomBrowserXSSValue }}"
|
|
ContentSecurityPolicy = "{{ $frontend.Headers.ContentSecurityPolicy }}"
|
|
PublicKey = "{{ $frontend.Headers.PublicKey }}"
|
|
ReferrerPolicy = "{{ $frontend.Headers.ReferrerPolicy }}"
|
|
IsDevelopment = {{ $frontend.Headers.IsDevelopment }}
|
|
{{if $frontend.Headers.AllowedHosts }}
|
|
AllowedHosts = [{{range $frontend.Headers.AllowedHosts }}
|
|
"{{.}}",
|
|
{{end}}]
|
|
{{end}}
|
|
{{if $frontend.Headers.HostsProxyHeaders }}
|
|
HostsProxyHeaders = [{{range $frontend.Headers.HostsProxyHeaders }}
|
|
"{{.}}",
|
|
{{end}}]
|
|
{{end}}
|
|
{{if $frontend.Headers.CustomRequestHeaders }}
|
|
[frontends."{{ $frontendName }}".headers.customRequestHeaders]
|
|
{{range $k, $v := $frontend.Headers.CustomRequestHeaders }}
|
|
{{ $k }} = "{{ $v }}"
|
|
{{end}}
|
|
{{end}}
|
|
{{if $frontend.Headers.CustomResponseHeaders }}
|
|
[frontends."{{ $frontendName }}".headers.customResponseHeaders]
|
|
{{range $k, $v := $frontend.Headers.CustomResponseHeaders }}
|
|
{{ $k }} = "{{ $v }}"
|
|
{{end}}
|
|
{{end}}
|
|
{{if $frontend.Headers.SSLProxyHeaders }}
|
|
[frontends."{{ $frontendName }}".headers.SSLProxyHeaders]
|
|
{{range $k, $v := $frontend.Headers.SSLProxyHeaders }}
|
|
{{ $k }} = "{{ $v }}"
|
|
{{end}}
|
|
{{end}}
|
|
{{end}}
|
|
|
|
{{range $routeName, $route := $frontend.Routes }}
|
|
[frontends."{{ $frontendName }}".routes."{{ $routeName }}"]
|
|
rule = "{{ $route.Rule }}"
|
|
{{end}}
|
|
|
|
{{end}}
|
|
|
|
{{range $tls := .TLS }}
|
|
[[tls]]
|
|
entryPoints = [{{range $tls.EntryPoints }}
|
|
"{{.}}",
|
|
{{end}}]
|
|
[tls.certificate]
|
|
certFile = """{{ $tls.Certificate.CertFile }}"""
|
|
keyFile = """{{ $tls.Certificate.KeyFile }}"""
|
|
{{end}}
|
|
`)
|
|
|
|
func templatesKubernetesTmplBytes() ([]byte, error) {
|
|
return _templatesKubernetesTmpl, nil
|
|
}
|
|
|
|
func templatesKubernetesTmpl() (*asset, error) {
|
|
bytes, err := templatesKubernetesTmplBytes()
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
info := bindataFileInfo{name: "templates/kubernetes.tmpl", size: 0, mode: os.FileMode(0), modTime: time.Unix(0, 0)}
|
|
a := &asset{bytes: bytes, info: info}
|
|
return a, nil
|
|
}
|
|
|
|
var _templatesKvTmpl = []byte(`[backends]
|
|
{{range $backend := List .Prefix "/backends/" }}
|
|
{{ $backendName := Last $backend }}
|
|
|
|
{{ $circuitBreaker := getCircuitBreaker $backend }}
|
|
{{if $circuitBreaker }}
|
|
[backends."{{ $backendName }}".circuitBreaker]
|
|
expression = "{{ $circuitBreaker.Expression }}"
|
|
{{end}}
|
|
|
|
{{ $responseForwarding := getResponseForwarding $backend }}
|
|
{{if $responseForwarding }}
|
|
[backends."{{ $backendName }}".responseForwarding]
|
|
flushInterval = "{{ $responseForwarding.flushInterval }}"
|
|
{{end}}
|
|
|
|
{{ $loadBalancer := getLoadBalancer $backend }}
|
|
{{if $loadBalancer }}
|
|
[backends."{{ $backendName }}".loadBalancer]
|
|
method = "{{ $loadBalancer.Method }}"
|
|
{{if $loadBalancer.Stickiness }}
|
|
[backends."{{ $backendName }}".loadBalancer.stickiness]
|
|
cookieName = "{{ $loadBalancer.Stickiness.CookieName }}"
|
|
{{end}}
|
|
{{end}}
|
|
|
|
{{ $maxConn := getMaxConn $backend }}
|
|
{{if $maxConn }}
|
|
[backends."{{ $backendName }}".maxConn]
|
|
extractorFunc = "{{ $maxConn.ExtractorFunc }}"
|
|
amount = {{ $maxConn.Amount }}
|
|
{{end}}
|
|
|
|
{{ $healthCheck := getHealthCheck $backend }}
|
|
{{if $healthCheck }}
|
|
[backends."{{ $backendName }}".healthCheck]
|
|
scheme = "{{ $healthCheck.Scheme }}"
|
|
path = "{{ $healthCheck.Path }}"
|
|
port = {{ $healthCheck.Port }}
|
|
interval = "{{ $healthCheck.Interval }}"
|
|
timeout = "{{ $healthCheck.Timeout }}"
|
|
hostname = "{{ $healthCheck.Hostname }}"
|
|
{{if $healthCheck.Headers }}
|
|
[backends."{{ $backendName }}".healthCheck.headers]
|
|
{{range $k, $v := $healthCheck.Headers }}
|
|
{{$k}} = "{{$v}}"
|
|
{{end}}
|
|
{{end}}
|
|
{{end}}
|
|
|
|
{{ $buffering := getBuffering $backend }}
|
|
{{if $buffering }}
|
|
[backends."{{ $backendName }}".buffering]
|
|
maxRequestBodyBytes = {{ $buffering.MaxRequestBodyBytes }}
|
|
memRequestBodyBytes = {{ $buffering.MemRequestBodyBytes }}
|
|
maxResponseBodyBytes = {{ $buffering.MaxResponseBodyBytes }}
|
|
memResponseBodyBytes = {{ $buffering.MemResponseBodyBytes }}
|
|
retryExpression = "{{ $buffering.RetryExpression }}"
|
|
{{end}}
|
|
|
|
{{range $serverName, $server := getServers $backend}}
|
|
[backends."{{ $backendName }}".servers."{{ $serverName }}"]
|
|
url = "{{ $server.URL }}"
|
|
weight = {{ $server.Weight }}
|
|
{{end}}
|
|
|
|
{{end}}
|
|
|
|
[frontends]
|
|
{{range $frontend := List .Prefix "/frontends/" }}
|
|
{{ $frontendName := Last $frontend }}
|
|
|
|
[frontends."{{ $frontendName }}"]
|
|
backend = "{{ getBackendName $frontend }}"
|
|
priority = {{ getPriority $frontend }}
|
|
passHostHeader = {{ getPassHostHeader $frontend }}
|
|
passTLSCert = {{ getPassTLSCert $frontend }}
|
|
|
|
entryPoints = [{{range getEntryPoints $frontend }}
|
|
"{{.}}",
|
|
{{end}}]
|
|
|
|
{{ $tlsClientCert := getPassTLSClientCert $frontend }}
|
|
{{if $tlsClientCert }}
|
|
[frontends."{{ $frontendName }}".passTLSClientCert]
|
|
pem = {{ $tlsClientCert.PEM }}
|
|
{{ $infos := $tlsClientCert.Infos }}
|
|
{{if $infos }}
|
|
[frontends."{{ $frontendName }}".passTLSClientCert.infos]
|
|
notAfter = {{ $infos.NotAfter }}
|
|
notBefore = {{ $infos.NotBefore }}
|
|
sans = {{ $infos.Sans }}
|
|
{{ $subject := $infos.Subject }}
|
|
{{if $subject }}
|
|
[frontends."{{ $frontendName }}".passTLSClientCert.infos.subject]
|
|
country = {{ $subject.Country }}
|
|
province = {{ $subject.Province }}
|
|
locality = {{ $subject.Locality }}
|
|
organization = {{ $subject.Organization }}
|
|
commonName = {{ $subject.CommonName }}
|
|
serialNumber = {{ $subject.SerialNumber }}
|
|
{{end}}
|
|
{{end}}
|
|
{{end}}
|
|
|
|
{{ $auth := getAuth $frontend }}
|
|
{{if $auth }}
|
|
[frontends."{{ $frontendName }}".auth]
|
|
headerField = "{{ $auth.HeaderField }}"
|
|
|
|
{{if $auth.Forward }}
|
|
[frontends."{{ $frontendName }}".auth.forward]
|
|
address = "{{ $auth.Forward.Address }}"
|
|
trustForwardHeader = {{ $auth.Forward.TrustForwardHeader }}
|
|
{{if $auth.Forward.AuthResponseHeaders }}
|
|
authResponseHeaders = [{{range $auth.Forward.AuthResponseHeaders }}
|
|
"{{.}}",
|
|
{{end}}]
|
|
{{end}}
|
|
|
|
{{if $auth.Forward.TLS }}
|
|
[frontends."{{ $frontendName }}".auth.forward.tls]
|
|
ca = "{{ $auth.Forward.TLS.CA }}"
|
|
caOptional = {{ $auth.Forward.TLS.CAOptional }}
|
|
cert = """{{ $auth.Forward.TLS.Cert }}"""
|
|
key = """{{ $auth.Forward.TLS.Key }}"""
|
|
insecureSkipVerify = {{ $auth.Forward.TLS.InsecureSkipVerify }}
|
|
{{end}}
|
|
{{end}}
|
|
|
|
{{if $auth.Basic }}
|
|
[frontends."{{ $frontendName }}".auth.basic]
|
|
removeHeader = {{ $auth.Basic.RemoveHeader }}
|
|
{{if $auth.Basic.Users }}
|
|
users = [{{range $auth.Basic.Users }}
|
|
"{{.}}",
|
|
{{end}}]
|
|
{{end}}
|
|
usersFile = "{{ $auth.Basic.UsersFile }}"
|
|
{{end}}
|
|
|
|
{{if $auth.Digest }}
|
|
[frontends."{{ $frontendName }}".auth.digest]
|
|
removeHeader = {{ $auth.Digest.RemoveHeader }}
|
|
{{if $auth.Digest.Users }}
|
|
users = [{{range $auth.Digest.Users }}
|
|
"{{.}}",
|
|
{{end}}]
|
|
{{end}}
|
|
usersFile = "{{ $auth.Digest.UsersFile }}"
|
|
{{end}}
|
|
{{end}}
|
|
|
|
{{ $whitelist := getWhiteList $frontend }}
|
|
{{if $whitelist }}
|
|
[frontends."{{ $frontendName }}".whiteList]
|
|
sourceRange = [{{range $whitelist.SourceRange }}
|
|
"{{.}}",
|
|
{{end}}]
|
|
{{if $whitelist.IPStrategy }}
|
|
[frontends."{{ $frontendName }}".whiteList.IPStrategy]
|
|
depth = {{ $whitelist.IPStrategy.Depth }}
|
|
excludedIPs = [{{range $whitelist.IPStrategy.ExcludedIPs }}
|
|
"{{.}}",
|
|
{{end}}]
|
|
{{end}}
|
|
{{end}}
|
|
|
|
{{ $redirect := getRedirect $frontend }}
|
|
{{if $redirect }}
|
|
[frontends."{{ $frontendName }}".redirect]
|
|
entryPoint = "{{ $redirect.EntryPoint }}"
|
|
regex = "{{ $redirect.Regex }}"
|
|
replacement = "{{ $redirect.Replacement }}"
|
|
permanent = {{ $redirect.Permanent }}
|
|
{{end}}
|
|
|
|
{{ $errorPages := getErrorPages $frontend }}
|
|
{{if $errorPages }}
|
|
[frontends."{{ $frontendName }}".errors]
|
|
{{range $pageName, $page := $errorPages }}
|
|
[frontends."{{$frontendName}}".errors."{{ $pageName }}"]
|
|
status = [{{range $page.Status }}
|
|
"{{.}}",
|
|
{{end}}]
|
|
backend = "{{$page.Backend}}"
|
|
query = "{{$page.Query}}"
|
|
{{end}}
|
|
{{end}}
|
|
|
|
{{ $rateLimit := getRateLimit $frontend }}
|
|
{{if $rateLimit }}
|
|
[frontends."{{ $frontendName }}".rateLimit]
|
|
extractorFunc = "{{ $rateLimit.ExtractorFunc }}"
|
|
[frontends."{{ $frontendName }}".rateLimit.rateSet]
|
|
{{range $limitName, $rateLimit := $rateLimit.RateSet }}
|
|
[frontends."{{ $frontendName }}".rateLimit.rateSet."{{ $limitName }}"]
|
|
period = "{{ $rateLimit.Period }}"
|
|
average = {{ $rateLimit.Average }}
|
|
burst = {{ $rateLimit.Burst }}
|
|
{{end}}
|
|
{{end}}
|
|
|
|
{{ $headers := getHeaders $frontend }}
|
|
{{if $headers }}
|
|
[frontends."{{ $frontendName }}".headers]
|
|
SSLRedirect = {{ $headers.SSLRedirect }}
|
|
SSLTemporaryRedirect = {{ $headers.SSLTemporaryRedirect }}
|
|
SSLHost = "{{ $headers.SSLHost }}"
|
|
SSLForceHost = {{ $headers.SSLForceHost }}
|
|
STSSeconds = {{ $headers.STSSeconds }}
|
|
STSIncludeSubdomains = {{ $headers.STSIncludeSubdomains }}
|
|
STSPreload = {{ $headers.STSPreload }}
|
|
ForceSTSHeader = {{ $headers.ForceSTSHeader }}
|
|
FrameDeny = {{ $headers.FrameDeny }}
|
|
CustomFrameOptionsValue = "{{ $headers.CustomFrameOptionsValue }}"
|
|
ContentTypeNosniff = {{ $headers.ContentTypeNosniff }}
|
|
BrowserXSSFilter = {{ $headers.BrowserXSSFilter }}
|
|
CustomBrowserXSSValue = "{{ $headers.CustomBrowserXSSValue }}"
|
|
ContentSecurityPolicy = "{{ $headers.ContentSecurityPolicy }}"
|
|
PublicKey = "{{ $headers.PublicKey }}"
|
|
ReferrerPolicy = "{{ $headers.ReferrerPolicy }}"
|
|
IsDevelopment = {{ $headers.IsDevelopment }}
|
|
|
|
{{if $headers.AllowedHosts }}
|
|
AllowedHosts = [{{range $headers.AllowedHosts }}
|
|
"{{.}}",
|
|
{{end}}]
|
|
{{end}}
|
|
|
|
{{if $headers.HostsProxyHeaders }}
|
|
HostsProxyHeaders = [{{range $headers.HostsProxyHeaders }}
|
|
"{{.}}",
|
|
{{end}}]
|
|
{{end}}
|
|
|
|
{{if $headers.CustomRequestHeaders }}
|
|
[frontends."{{ $frontendName }}".headers.customRequestHeaders]
|
|
{{range $k, $v := $headers.CustomRequestHeaders }}
|
|
{{$k}} = "{{$v}}"
|
|
{{end}}
|
|
{{end}}
|
|
|
|
{{if $headers.CustomResponseHeaders }}
|
|
[frontends."{{ $frontendName }}".headers.customResponseHeaders]
|
|
{{range $k, $v := $headers.CustomResponseHeaders }}
|
|
{{$k}} = "{{$v}}"
|
|
{{end}}
|
|
{{end}}
|
|
|
|
{{if $headers.SSLProxyHeaders }}
|
|
[frontends."{{ $frontendName }}".headers.SSLProxyHeaders]
|
|
{{range $k, $v := $headers.SSLProxyHeaders}}
|
|
{{$k}} = "{{$v}}"
|
|
{{end}}
|
|
{{end}}
|
|
{{end}}
|
|
|
|
{{range $routeName, $route := getRoutes $frontend }}
|
|
[frontends."{{ $frontendName }}".routes."{{ $routeName }}"]
|
|
rule = "{{ $route.Rule }}"
|
|
{{end}}
|
|
|
|
{{end}}
|
|
|
|
{{range $tls := getTLSSection .Prefix }}
|
|
[[tls]]
|
|
|
|
entryPoints = [{{range $tls.EntryPoints }}
|
|
"{{.}}",
|
|
{{end}}]
|
|
|
|
[tls.certificate]
|
|
certFile = """{{ $tls.Certificate.CertFile }}"""
|
|
keyFile = """{{ $tls.Certificate.KeyFile }}"""
|
|
|
|
{{end}}
|
|
`)
|
|
|
|
func templatesKvTmplBytes() ([]byte, error) {
|
|
return _templatesKvTmpl, nil
|
|
}
|
|
|
|
func templatesKvTmpl() (*asset, error) {
|
|
bytes, err := templatesKvTmplBytes()
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
info := bindataFileInfo{name: "templates/kv.tmpl", size: 0, mode: os.FileMode(0), modTime: time.Unix(0, 0)}
|
|
a := &asset{bytes: bytes, info: info}
|
|
return a, nil
|
|
}
|
|
|
|
var _templatesMarathonTmpl = []byte(`{{ $apps := .Applications }}
|
|
|
|
[backends]
|
|
{{range $backendName, $app := $apps }}
|
|
|
|
[backends."{{ $backendName }}"]
|
|
|
|
{{ $circuitBreaker := getCircuitBreaker $app.SegmentLabels }}
|
|
{{if $circuitBreaker }}
|
|
[backends."{{ $backendName }}".circuitBreaker]
|
|
expression = "{{ $circuitBreaker.Expression }}"
|
|
{{end}}
|
|
|
|
{{ $responseForwarding := getResponseForwarding $app.SegmentLabels }}
|
|
{{if $responseForwarding }}
|
|
[backends."{{ $backendName }}".responseForwarding]
|
|
flushInterval = "{{ $responseForwarding.FlushInterval }}"
|
|
{{end}}
|
|
|
|
{{ $loadBalancer := getLoadBalancer $app.SegmentLabels }}
|
|
{{if $loadBalancer }}
|
|
[backends."{{ $backendName }}".loadBalancer]
|
|
method = "{{ $loadBalancer.Method }}"
|
|
{{if $loadBalancer.Stickiness }}
|
|
[backends."{{ $backendName }}".loadBalancer.stickiness]
|
|
cookieName = "{{ $loadBalancer.Stickiness.CookieName }}"
|
|
{{end}}
|
|
{{end}}
|
|
|
|
{{ $maxConn := getMaxConn $app.SegmentLabels }}
|
|
{{if $maxConn }}
|
|
[backends."{{ $backendName }}".maxConn]
|
|
extractorFunc = "{{ $maxConn.ExtractorFunc }}"
|
|
amount = {{ $maxConn.Amount }}
|
|
{{end}}
|
|
|
|
{{ $healthCheck := getHealthCheck $app.SegmentLabels }}
|
|
{{if $healthCheck }}
|
|
[backends."{{ $backendName }}".healthCheck]
|
|
scheme = "{{ $healthCheck.Scheme }}"
|
|
path = "{{ $healthCheck.Path }}"
|
|
port = {{ $healthCheck.Port }}
|
|
interval = "{{ $healthCheck.Interval }}"
|
|
timeout = "{{ $healthCheck.Timeout }}"
|
|
hostname = "{{ $healthCheck.Hostname }}"
|
|
{{if $healthCheck.Headers }}
|
|
[backends.{{ $backendName }}.healthCheck.headers]
|
|
{{range $k, $v := $healthCheck.Headers }}
|
|
{{$k}} = "{{$v}}"
|
|
{{end}}
|
|
{{end}}
|
|
{{end}}
|
|
|
|
{{ $buffering := getBuffering $app.SegmentLabels }}
|
|
{{if $buffering }}
|
|
[backends."{{ $backendName }}".buffering]
|
|
maxRequestBodyBytes = {{ $buffering.MaxRequestBodyBytes }}
|
|
memRequestBodyBytes = {{ $buffering.MemRequestBodyBytes }}
|
|
maxResponseBodyBytes = {{ $buffering.MaxResponseBodyBytes }}
|
|
memResponseBodyBytes = {{ $buffering.MemResponseBodyBytes }}
|
|
retryExpression = "{{ $buffering.RetryExpression }}"
|
|
{{end}}
|
|
|
|
{{range $serverName, $server := getServers $app }}
|
|
[backends."{{ $backendName }}".servers."{{ $serverName }}"]
|
|
url = "{{ $server.URL }}"
|
|
weight = {{ $server.Weight }}
|
|
{{end}}
|
|
|
|
{{end}}
|
|
|
|
[frontends]
|
|
{{range $backendName, $app := $apps }}
|
|
{{ $frontendName := getFrontendName $app }}
|
|
|
|
[frontends."{{ $frontendName }}"]
|
|
backend = "{{ $backendName }}"
|
|
priority = {{ getPriority $app.SegmentLabels }}
|
|
passHostHeader = {{ getPassHostHeader $app.SegmentLabels }}
|
|
passTLSCert = {{ getPassTLSCert $app.SegmentLabels }}
|
|
|
|
entryPoints = [{{range getEntryPoints $app.SegmentLabels }}
|
|
"{{.}}",
|
|
{{end}}]
|
|
|
|
{{ $tlsClientCert := getPassTLSClientCert $app.SegmentLabels }}
|
|
{{if $tlsClientCert }}
|
|
[frontends."{{ $frontendName }}".passTLSClientCert]
|
|
pem = {{ $tlsClientCert.PEM }}
|
|
{{ $infos := $tlsClientCert.Infos }}
|
|
{{if $infos }}
|
|
[frontends."{{ $frontendName }}".passTLSClientCert.infos]
|
|
notAfter = {{ $infos.NotAfter }}
|
|
notBefore = {{ $infos.NotBefore }}
|
|
sans = {{ $infos.Sans }}
|
|
{{ $subject := $infos.Subject }}
|
|
{{if $subject }}
|
|
[frontends."{{ $frontendName }}".passTLSClientCert.infos.subject]
|
|
country = {{ $subject.Country }}
|
|
province = {{ $subject.Province }}
|
|
locality = {{ $subject.Locality }}
|
|
organization = {{ $subject.Organization }}
|
|
commonName = {{ $subject.CommonName }}
|
|
serialNumber = {{ $subject.SerialNumber }}
|
|
{{end}}
|
|
{{end}}
|
|
{{end}}
|
|
|
|
{{ $auth := getAuth $app.SegmentLabels }}
|
|
{{if $auth }}
|
|
[frontends."{{ $frontendName }}".auth]
|
|
headerField = "{{ $auth.HeaderField }}"
|
|
|
|
{{if $auth.Forward }}
|
|
[frontends."{{ $frontendName }}".auth.forward]
|
|
address = "{{ $auth.Forward.Address }}"
|
|
trustForwardHeader = {{ $auth.Forward.TrustForwardHeader }}
|
|
{{if $auth.Forward.AuthResponseHeaders }}
|
|
authResponseHeaders = [{{range $auth.Forward.AuthResponseHeaders }}
|
|
"{{.}}",
|
|
{{end}}]
|
|
{{end}}
|
|
|
|
{{if $auth.Forward.TLS }}
|
|
[frontends."{{ $frontendName }}".auth.forward.tls]
|
|
ca = "{{ $auth.Forward.TLS.CA }}"
|
|
caOptional = {{ $auth.Forward.TLS.CAOptional }}
|
|
cert = """{{ $auth.Forward.TLS.Cert }}"""
|
|
key = """{{ $auth.Forward.TLS.Key }}"""
|
|
insecureSkipVerify = {{ $auth.Forward.TLS.InsecureSkipVerify }}
|
|
{{end}}
|
|
{{end}}
|
|
|
|
{{if $auth.Basic }}
|
|
[frontends."{{ $frontendName }}".auth.basic]
|
|
removeHeader = {{ $auth.Basic.RemoveHeader }}
|
|
{{if $auth.Basic.Users }}
|
|
users = [{{range $auth.Basic.Users }}
|
|
"{{.}}",
|
|
{{end}}]
|
|
{{end}}
|
|
usersFile = "{{ $auth.Basic.UsersFile }}"
|
|
{{end}}
|
|
|
|
{{if $auth.Digest }}
|
|
[frontends."{{ $frontendName }}".auth.digest]
|
|
removeHeader = {{ $auth.Digest.RemoveHeader }}
|
|
{{if $auth.Digest.Users }}
|
|
users = [{{range $auth.Digest.Users }}
|
|
"{{.}}",
|
|
{{end}}]
|
|
{{end}}
|
|
usersFile = "{{ $auth.Digest.UsersFile }}"
|
|
{{end}}
|
|
{{end}}
|
|
|
|
{{ $whitelist := getWhiteList $app.SegmentLabels }}
|
|
{{if $whitelist }}
|
|
[frontends."{{ $frontendName }}".whiteList]
|
|
sourceRange = [{{range $whitelist.SourceRange }}
|
|
"{{.}}",
|
|
{{end}}]
|
|
{{if $whitelist.IPStrategy }}
|
|
[frontends."{{ $frontendName }}".whiteList.IPStrategy]
|
|
depth = {{ $whitelist.IPStrategy.Depth }}
|
|
excludedIPs = [{{range $whitelist.IPStrategy.ExcludedIPs }}
|
|
"{{.}}",
|
|
{{end}}]
|
|
{{end}}
|
|
{{end}}
|
|
|
|
{{ $redirect := getRedirect $app.SegmentLabels }}
|
|
{{if $redirect }}
|
|
[frontends."{{ $frontendName }}".redirect]
|
|
entryPoint = "{{ $redirect.EntryPoint }}"
|
|
regex = "{{ $redirect.Regex }}"
|
|
replacement = "{{ $redirect.Replacement }}"
|
|
permanent = {{ $redirect.Permanent }}
|
|
{{end}}
|
|
|
|
{{ $errorPages := getErrorPages $app.SegmentLabels }}
|
|
{{if $errorPages }}
|
|
[frontends."{{ $frontendName }}".errors]
|
|
{{range $pageName, $page := $errorPages }}
|
|
[frontends."{{ $frontendName }}".errors."{{ $pageName }}"]
|
|
status = [{{range $page.Status }}
|
|
"{{.}}",
|
|
{{end}}]
|
|
backend = "backend{{ $page.Backend }}"
|
|
query = "{{ $page.Query }}"
|
|
{{end}}
|
|
{{end}}
|
|
|
|
{{ $rateLimit := getRateLimit $app.SegmentLabels }}
|
|
{{if $rateLimit }}
|
|
[frontends."{{ $frontendName }}".rateLimit]
|
|
extractorFunc = "{{ $rateLimit.ExtractorFunc }}"
|
|
[frontends."{{ $frontendName }}".rateLimit.rateSet]
|
|
{{ range $limitName, $limit := $rateLimit.RateSet }}
|
|
[frontends."{{ $frontendName }}".rateLimit.rateSet."{{ $limitName }}"]
|
|
period = "{{ $limit.Period }}"
|
|
average = {{ $limit.Average }}
|
|
burst = {{ $limit.Burst }}
|
|
{{end}}
|
|
{{end}}
|
|
|
|
{{ $headers := getHeaders $app.SegmentLabels }}
|
|
{{if $headers }}
|
|
[frontends."{{ $frontendName }}".headers]
|
|
SSLRedirect = {{ $headers.SSLRedirect }}
|
|
SSLTemporaryRedirect = {{ $headers.SSLTemporaryRedirect }}
|
|
SSLHost = "{{ $headers.SSLHost }}"
|
|
SSLForceHost = {{ $headers.SSLForceHost }}
|
|
STSSeconds = {{ $headers.STSSeconds }}
|
|
STSIncludeSubdomains = {{ $headers.STSIncludeSubdomains }}
|
|
STSPreload = {{ $headers.STSPreload }}
|
|
ForceSTSHeader = {{ $headers.ForceSTSHeader }}
|
|
FrameDeny = {{ $headers.FrameDeny }}
|
|
CustomFrameOptionsValue = "{{ $headers.CustomFrameOptionsValue }}"
|
|
ContentTypeNosniff = {{ $headers.ContentTypeNosniff }}
|
|
BrowserXSSFilter = {{ $headers.BrowserXSSFilter }}
|
|
CustomBrowserXSSValue = "{{ $headers.CustomBrowserXSSValue }}"
|
|
ContentSecurityPolicy = "{{ $headers.ContentSecurityPolicy }}"
|
|
PublicKey = "{{ $headers.PublicKey }}"
|
|
ReferrerPolicy = "{{ $headers.ReferrerPolicy }}"
|
|
IsDevelopment = {{ $headers.IsDevelopment }}
|
|
|
|
{{if $headers.AllowedHosts }}
|
|
AllowedHosts = [{{range $headers.AllowedHosts }}
|
|
"{{.}}",
|
|
{{end}}]
|
|
{{end}}
|
|
|
|
{{if $headers.HostsProxyHeaders }}
|
|
HostsProxyHeaders = [{{range $headers.HostsProxyHeaders }}
|
|
"{{.}}",
|
|
{{end}}]
|
|
{{end}}
|
|
|
|
{{if $headers.CustomRequestHeaders }}
|
|
[frontends."{{ $frontendName }}".headers.customRequestHeaders]
|
|
{{range $k, $v := $headers.CustomRequestHeaders }}
|
|
{{$k}} = "{{$v}}"
|
|
{{end}}
|
|
{{end}}
|
|
|
|
{{if $headers.CustomResponseHeaders }}
|
|
[frontends."{{ $frontendName }}".headers.customResponseHeaders]
|
|
{{range $k, $v := $headers.CustomResponseHeaders }}
|
|
{{$k}} = "{{$v}}"
|
|
{{end}}
|
|
{{end}}
|
|
|
|
{{if $headers.SSLProxyHeaders }}
|
|
[frontends."{{ $frontendName }}".headers.SSLProxyHeaders]
|
|
{{range $k, $v := $headers.SSLProxyHeaders }}
|
|
{{$k}} = "{{$v}}"
|
|
{{end}}
|
|
{{end}}
|
|
{{end}}
|
|
|
|
[frontends."{{ $frontendName }}".routes."route-host{{ $app.ID | replace "/" "-" }}{{ getSegmentNameSuffix $app.SegmentName }}"]
|
|
rule = "{{ getFrontendRule $app }}"
|
|
|
|
{{end}}
|
|
`)
|
|
|
|
func templatesMarathonTmplBytes() ([]byte, error) {
|
|
return _templatesMarathonTmpl, nil
|
|
}
|
|
|
|
func templatesMarathonTmpl() (*asset, error) {
|
|
bytes, err := templatesMarathonTmplBytes()
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
info := bindataFileInfo{name: "templates/marathon.tmpl", size: 0, mode: os.FileMode(0), modTime: time.Unix(0, 0)}
|
|
a := &asset{bytes: bytes, info: info}
|
|
return a, nil
|
|
}
|
|
|
|
var _templatesMesosTmpl = []byte(`[backends]
|
|
{{range $applicationName, $tasks := .ApplicationsTasks }}
|
|
{{ $app := index $tasks 0 }}
|
|
{{ $backendName := getBackendName $app }}
|
|
|
|
[backends."backend-{{ $backendName }}"]
|
|
|
|
{{ $circuitBreaker := getCircuitBreaker $app.TraefikLabels }}
|
|
{{if $circuitBreaker }}
|
|
[backends."backend-{{ $backendName }}".circuitBreaker]
|
|
expression = "{{ $circuitBreaker.Expression }}"
|
|
{{end}}
|
|
|
|
{{ $responseForwarding := getResponseForwarding $app.TraefikLabels }}
|
|
{{if $responseForwarding }}
|
|
[backends."backend-{{ $backendName }}".responseForwarding]
|
|
flushInterval = "{{ $responseForwarding.FlushInterval }}"
|
|
{{end}}
|
|
|
|
{{ $loadBalancer := getLoadBalancer $app.TraefikLabels }}
|
|
{{if $loadBalancer }}
|
|
[backends."backend-{{ $backendName }}".loadBalancer]
|
|
method = "{{ $loadBalancer.Method }}"
|
|
{{if $loadBalancer.Stickiness }}
|
|
[backends."backend-{{ $backendName }}".loadBalancer.stickiness]
|
|
cookieName = "{{ $loadBalancer.Stickiness.CookieName }}"
|
|
{{end}}
|
|
{{end}}
|
|
|
|
{{ $maxConn := getMaxConn $app.TraefikLabels }}
|
|
{{if $maxConn }}
|
|
[backends."backend-{{ $backendName }}".maxConn]
|
|
extractorFunc = "{{ $maxConn.ExtractorFunc }}"
|
|
amount = {{ $maxConn.Amount }}
|
|
{{end}}
|
|
|
|
{{ $healthCheck := getHealthCheck $app.TraefikLabels }}
|
|
{{if $healthCheck }}
|
|
[backends."backend-{{ $backendName }}".healthCheck]
|
|
scheme = "{{ $healthCheck.Scheme }}"
|
|
path = "{{ $healthCheck.Path }}"
|
|
port = {{ $healthCheck.Port }}
|
|
interval = "{{ $healthCheck.Interval }}"
|
|
timeout = "{{ $healthCheck.Timeout }}"
|
|
hostname = "{{ $healthCheck.Hostname }}"
|
|
{{if $healthCheck.Headers }}
|
|
[backends."backend-{{ $backendName }}".healthCheck.headers]
|
|
{{range $k, $v := $healthCheck.Headers }}
|
|
{{$k}} = "{{$v}}"
|
|
{{end}}
|
|
{{end}}
|
|
{{end}}
|
|
|
|
{{ $buffering := getBuffering $app.TraefikLabels }}
|
|
{{if $buffering }}
|
|
[backends."backend-{{ $backendName }}".buffering]
|
|
maxRequestBodyBytes = {{ $buffering.MaxRequestBodyBytes }}
|
|
memRequestBodyBytes = {{ $buffering.MemRequestBodyBytes }}
|
|
maxResponseBodyBytes = {{ $buffering.MaxResponseBodyBytes }}
|
|
memResponseBodyBytes = {{ $buffering.MemResponseBodyBytes }}
|
|
retryExpression = "{{ $buffering.RetryExpression }}"
|
|
{{end}}
|
|
|
|
{{range $serverName, $server := getServers $tasks }}
|
|
[backends."backend-{{ $backendName }}".servers."{{ $serverName }}"]
|
|
url = "{{ $server.URL }}"
|
|
weight = {{ $server.Weight }}
|
|
{{end}}
|
|
{{end}}
|
|
|
|
[frontends]
|
|
{{range $applicationName, $tasks := .ApplicationsTasks }}
|
|
{{ $app := index $tasks 0 }}
|
|
{{ $frontendName := getFrontEndName $app }}
|
|
|
|
[frontends."frontend-{{ $frontendName }}"]
|
|
backend = "backend-{{ getBackendName $app }}"
|
|
priority = {{ getPriority $app.TraefikLabels }}
|
|
passHostHeader = {{ getPassHostHeader $app.TraefikLabels }}
|
|
passTLSCert = {{ getPassTLSCert $app.TraefikLabels }}
|
|
|
|
entryPoints = [{{range getEntryPoints $app.TraefikLabels }}
|
|
"{{.}}",
|
|
{{end}}]
|
|
|
|
{{ $tlsClientCert := getPassTLSClientCert $app.TraefikLabels }}
|
|
{{if $tlsClientCert }}
|
|
[frontends."frontend-{{ $frontendName }}".passTLSClientCert]
|
|
pem = {{ $tlsClientCert.PEM }}
|
|
{{ $infos := $tlsClientCert.Infos }}
|
|
{{if $infos }}
|
|
[frontends."frontend-{{ $frontendName }}".passTLSClientCert.infos]
|
|
notAfter = {{ $infos.NotAfter }}
|
|
notBefore = {{ $infos.NotBefore }}
|
|
sans = {{ $infos.Sans }}
|
|
{{ $subject := $infos.Subject }}
|
|
{{if $subject }}
|
|
[frontends."frontend-{{ $frontendName }}".passTLSClientCert.infos.subject]
|
|
country = {{ $subject.Country }}
|
|
province = {{ $subject.Province }}
|
|
locality = {{ $subject.Locality }}
|
|
organization = {{ $subject.Organization }}
|
|
commonName = {{ $subject.CommonName }}
|
|
serialNumber = {{ $subject.SerialNumber }}
|
|
{{end}}
|
|
{{end}}
|
|
{{end}}
|
|
|
|
{{ $auth := getAuth $app.TraefikLabels }}
|
|
{{if $auth }}
|
|
[frontends."frontend-{{ $frontendName }}".auth]
|
|
headerField = "{{ $auth.HeaderField }}"
|
|
|
|
{{if $auth.Forward }}
|
|
[frontends."frontend-{{ $frontendName }}".auth.forward]
|
|
address = "{{ $auth.Forward.Address }}"
|
|
trustForwardHeader = {{ $auth.Forward.TrustForwardHeader }}
|
|
{{if $auth.Forward.AuthResponseHeaders }}
|
|
authResponseHeaders = [{{range $auth.Forward.AuthResponseHeaders }}
|
|
"{{.}}",
|
|
{{end}}]
|
|
{{end}}
|
|
|
|
{{if $auth.Forward.TLS }}
|
|
[frontends."frontend-{{ $frontendName }}".auth.forward.tls]
|
|
ca = "{{ $auth.Forward.TLS.CA }}"
|
|
caOptional = {{ $auth.Forward.TLS.CAOptional }}
|
|
cert = """{{ $auth.Forward.TLS.Cert }}"""
|
|
key = """{{ $auth.Forward.TLS.Key }}"""
|
|
insecureSkipVerify = {{ $auth.Forward.TLS.InsecureSkipVerify }}
|
|
{{end}}
|
|
{{end}}
|
|
|
|
{{if $auth.Basic }}
|
|
[frontends."frontend-{{ $frontendName }}".auth.basic]
|
|
removeHeader = {{ $auth.Basic.RemoveHeader}}
|
|
{{if $auth.Basic.Users }}
|
|
users = [{{range $auth.Basic.Users }}
|
|
"{{.}}",
|
|
{{end}}]
|
|
{{end}}
|
|
usersFile = "{{ $auth.Basic.UsersFile }}"
|
|
{{end}}
|
|
|
|
{{if $auth.Digest }}
|
|
[frontends."frontend-{{ $frontendName }}".auth.digest]
|
|
removeHeader = {{ $auth.Digest.RemoveHeader}}
|
|
{{if $auth.Digest.Users }}
|
|
users = [{{range $auth.Digest.Users }}
|
|
"{{.}}",
|
|
{{end}}]
|
|
{{end}}
|
|
usersFile = "{{ $auth.Digest.UsersFile }}"
|
|
{{end}}
|
|
{{end}}
|
|
|
|
{{ $whitelist := getWhiteList $app.TraefikLabels }}
|
|
{{if $whitelist }}
|
|
[frontends."frontend-{{ $frontendName }}".whiteList]
|
|
sourceRange = [{{range $whitelist.SourceRange }}
|
|
"{{.}}",
|
|
{{end}}]
|
|
{{if $whitelist.IPStrategy }}
|
|
[frontends."frontend-{{ $frontendName }}".whiteList.IPStrategy]
|
|
depth = {{ $whitelist.IPStrategy.Depth }}
|
|
excludedIPs = [{{range $whitelist.IPStrategy.ExcludedIPs }}
|
|
"{{.}}",
|
|
{{end}}]
|
|
{{end}}
|
|
{{end}}
|
|
|
|
{{ $redirect := getRedirect $app.TraefikLabels }}
|
|
{{if $redirect }}
|
|
[frontends."frontend-{{ $frontendName }}".redirect]
|
|
entryPoint = "{{ $redirect.EntryPoint }}"
|
|
regex = "{{ $redirect.Regex }}"
|
|
replacement = "{{ $redirect.Replacement }}"
|
|
permanent = {{ $redirect.Permanent }}
|
|
{{end}}
|
|
|
|
{{ $errorPages := getErrorPages $app.TraefikLabels }}
|
|
{{if $errorPages }}
|
|
[frontends."frontend-{{ $frontendName }}".errors]
|
|
{{range $pageName, $page := $errorPages }}
|
|
[frontends."frontend-{{ $frontendName }}".errors."{{ $pageName }}"]
|
|
status = [{{range $page.Status }}
|
|
"{{.}}",
|
|
{{end}}]
|
|
backend = "backend-{{ $page.Backend }}"
|
|
query = "{{ $page.Query }}"
|
|
{{end}}
|
|
{{end}}
|
|
|
|
{{ $rateLimit := getRateLimit $app.TraefikLabels }}
|
|
{{if $rateLimit }}
|
|
[frontends."frontend-{{ $frontendName }}".rateLimit]
|
|
extractorFunc = "{{ $rateLimit.ExtractorFunc }}"
|
|
[frontends."frontend-{{ $frontendName }}".rateLimit.rateSet]
|
|
{{ range $limitName, $limit := $rateLimit.RateSet }}
|
|
[frontends."frontend-{{ $frontendName }}".rateLimit.rateSet."{{ $limitName }}"]
|
|
period = "{{ $limit.Period }}"
|
|
average = {{ $limit.Average }}
|
|
burst = {{ $limit.Burst }}
|
|
{{end}}
|
|
{{end}}
|
|
|
|
{{ $headers := getHeaders $app.TraefikLabels }}
|
|
{{if $headers }}
|
|
[frontends."frontend-{{ $frontendName }}".headers]
|
|
SSLRedirect = {{ $headers.SSLRedirect }}
|
|
SSLTemporaryRedirect = {{ $headers.SSLTemporaryRedirect }}
|
|
SSLHost = "{{ $headers.SSLHost }}"
|
|
SSLForceHost = {{ $headers.SSLForceHost }}
|
|
STSSeconds = {{ $headers.STSSeconds }}
|
|
STSIncludeSubdomains = {{ $headers.STSIncludeSubdomains }}
|
|
STSPreload = {{ $headers.STSPreload }}
|
|
ForceSTSHeader = {{ $headers.ForceSTSHeader }}
|
|
FrameDeny = {{ $headers.FrameDeny }}
|
|
CustomFrameOptionsValue = "{{ $headers.CustomFrameOptionsValue }}"
|
|
ContentTypeNosniff = {{ $headers.ContentTypeNosniff }}
|
|
BrowserXSSFilter = {{ $headers.BrowserXSSFilter }}
|
|
CustomBrowserXSSValue = "{{ $headers.CustomBrowserXSSValue }}"
|
|
ContentSecurityPolicy = "{{ $headers.ContentSecurityPolicy }}"
|
|
PublicKey = "{{ $headers.PublicKey }}"
|
|
ReferrerPolicy = "{{ $headers.ReferrerPolicy }}"
|
|
IsDevelopment = {{ $headers.IsDevelopment }}
|
|
|
|
{{if $headers.AllowedHosts }}
|
|
AllowedHosts = [{{range $headers.AllowedHosts }}
|
|
"{{.}}",
|
|
{{end}}]
|
|
{{end}}
|
|
|
|
{{if $headers.HostsProxyHeaders }}
|
|
HostsProxyHeaders = [{{range $headers.HostsProxyHeaders }}
|
|
"{{.}}",
|
|
{{end}}]
|
|
{{end}}
|
|
|
|
{{if $headers.CustomRequestHeaders }}
|
|
[frontends."frontend-{{ $frontendName }}".headers.customRequestHeaders]
|
|
{{range $k, $v := $headers.CustomRequestHeaders }}
|
|
{{$k}} = "{{$v}}"
|
|
{{end}}
|
|
{{end}}
|
|
|
|
{{if $headers.CustomResponseHeaders }}
|
|
[frontends."frontend-{{ $frontendName }}".headers.customResponseHeaders]
|
|
{{range $k, $v := $headers.CustomResponseHeaders }}
|
|
{{$k}} = "{{$v}}"
|
|
{{end}}
|
|
{{end}}
|
|
|
|
{{if $headers.SSLProxyHeaders }}
|
|
[frontends."frontend-{{ $frontendName }}".headers.SSLProxyHeaders]
|
|
{{range $k, $v := $headers.SSLProxyHeaders }}
|
|
{{$k}} = "{{$v}}"
|
|
{{end}}
|
|
{{end}}
|
|
{{end}}
|
|
|
|
[frontends."frontend-{{ $frontendName }}".routes."route-host-{{ $frontendName }}"]
|
|
rule = "{{ getFrontendRule $app }}"
|
|
|
|
{{end}}`)
|
|
|
|
func templatesMesosTmplBytes() ([]byte, error) {
|
|
return _templatesMesosTmpl, nil
|
|
}
|
|
|
|
func templatesMesosTmpl() (*asset, error) {
|
|
bytes, err := templatesMesosTmplBytes()
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
info := bindataFileInfo{name: "templates/mesos.tmpl", size: 0, mode: os.FileMode(0), modTime: time.Unix(0, 0)}
|
|
a := &asset{bytes: bytes, info: info}
|
|
return a, nil
|
|
}
|
|
|
|
var _templatesNotfoundTmpl = []byte(`<!DOCTYPE html>
|
|
<html>
|
|
<head>
|
|
<title>Traefik</title>
|
|
</head>
|
|
<body>
|
|
Ohhhh man, this is bad...
|
|
</body>
|
|
</html>`)
|
|
|
|
func templatesNotfoundTmplBytes() ([]byte, error) {
|
|
return _templatesNotfoundTmpl, nil
|
|
}
|
|
|
|
func templatesNotfoundTmpl() (*asset, error) {
|
|
bytes, err := templatesNotfoundTmplBytes()
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
info := bindataFileInfo{name: "templates/notFound.tmpl", size: 0, mode: os.FileMode(0), modTime: time.Unix(0, 0)}
|
|
a := &asset{bytes: bytes, info: info}
|
|
return a, nil
|
|
}
|
|
|
|
var _templatesRancherTmpl = []byte(`{{ $backendServers := .Backends }}
|
|
[backends]
|
|
{{range $backendName, $backend := .Backends }}
|
|
|
|
[backends."backend-{{ $backendName }}"]
|
|
|
|
{{ $circuitBreaker := getCircuitBreaker $backend.SegmentLabels }}
|
|
{{if $circuitBreaker }}
|
|
[backends."backend-{{ $backendName }}".circuitBreaker]
|
|
expression = "{{ $circuitBreaker.Expression }}"
|
|
{{end}}
|
|
|
|
{{ $responseForwarding := getResponseForwarding $backend.SegmentLabels }}
|
|
{{if $responseForwarding }}
|
|
[backends."backend-{{ $backendName }}".responseForwarding]
|
|
flushInterval = "{{ $responseForwarding.FlushInterval }}"
|
|
{{end}}
|
|
|
|
{{ $loadBalancer := getLoadBalancer $backend.SegmentLabels }}
|
|
{{if $loadBalancer }}
|
|
[backends."backend-{{ $backendName }}".loadBalancer]
|
|
method = "{{ $loadBalancer.Method }}"
|
|
{{if $loadBalancer.Stickiness }}
|
|
[backends."backend-{{ $backendName }}".loadBalancer.stickiness]
|
|
cookieName = "{{ $loadBalancer.Stickiness.CookieName }}"
|
|
{{end}}
|
|
{{end}}
|
|
|
|
{{ $maxConn := getMaxConn $backend.SegmentLabels }}
|
|
{{if $maxConn }}
|
|
[backends."backend-{{ $backendName }}".maxConn]
|
|
extractorFunc = "{{ $maxConn.ExtractorFunc }}"
|
|
amount = {{ $maxConn.Amount }}
|
|
{{end}}
|
|
|
|
{{ $healthCheck := getHealthCheck $backend.SegmentLabels }}
|
|
{{if $healthCheck }}
|
|
[backends."backend-{{ $backendName }}".healthCheck]
|
|
scheme = "{{ $healthCheck.Scheme }}"
|
|
path = "{{ $healthCheck.Path }}"
|
|
port = {{ $healthCheck.Port }}
|
|
interval = "{{ $healthCheck.Interval }}"
|
|
timeout = "{{ $healthCheck.Timeout }}"
|
|
hostname = "{{ $healthCheck.Hostname }}"
|
|
{{if $healthCheck.Headers }}
|
|
[backends."backend-{{ $backendName }}".healthCheck.headers]
|
|
{{range $k, $v := $healthCheck.Headers }}
|
|
{{$k}} = "{{$v}}"
|
|
{{end}}
|
|
{{end}}
|
|
{{end}}
|
|
|
|
{{ $buffering := getBuffering $backend.SegmentLabels }}
|
|
{{if $buffering }}
|
|
[backends."backend-{{ $backendName }}".buffering]
|
|
maxRequestBodyBytes = {{ $buffering.MaxRequestBodyBytes }}
|
|
memRequestBodyBytes = {{ $buffering.MemRequestBodyBytes }}
|
|
maxResponseBodyBytes = {{ $buffering.MaxResponseBodyBytes }}
|
|
memResponseBodyBytes = {{ $buffering.MemResponseBodyBytes }}
|
|
retryExpression = "{{ $buffering.RetryExpression }}"
|
|
{{end}}
|
|
|
|
{{range $serverName, $server := getServers $backend}}
|
|
[backends."backend-{{ $backendName }}".servers."{{ $serverName }}"]
|
|
url = "{{ $server.URL }}"
|
|
weight = {{ $server.Weight }}
|
|
{{end}}
|
|
|
|
{{end}}
|
|
|
|
[frontends]
|
|
{{range $frontendName, $service := .Frontends }}
|
|
|
|
[frontends."frontend-{{ $frontendName }}"]
|
|
backend = "backend-{{ getBackendName $service }}"
|
|
priority = {{ getPriority $service.SegmentLabels }}
|
|
passHostHeader = {{ getPassHostHeader $service.SegmentLabels }}
|
|
passTLSCert = {{ getPassTLSCert $service.SegmentLabels }}
|
|
|
|
entryPoints = [{{range getEntryPoints $service.SegmentLabels }}
|
|
"{{.}}",
|
|
{{end}}]
|
|
|
|
{{ $tlsClientCert := getPassTLSClientCert $service.SegmentLabels }}
|
|
{{if $tlsClientCert }}
|
|
[frontends."frontend-{{ $frontendName }}".passTLSClientCert]
|
|
pem = {{ $tlsClientCert.PEM }}
|
|
{{ $infos := $tlsClientCert.Infos }}
|
|
{{if $infos }}
|
|
[frontends."frontend-{{ $frontendName }}".passTLSClientCert.infos]
|
|
notAfter = {{ $infos.NotAfter }}
|
|
notBefore = {{ $infos.NotBefore }}
|
|
sans = {{ $infos.Sans }}
|
|
{{ $subject := $infos.Subject }}
|
|
{{if $subject }}
|
|
[frontends."frontend-{{ $frontendName }}".passTLSClientCert.infos.subject]
|
|
country = {{ $subject.Country }}
|
|
province = {{ $subject.Province }}
|
|
locality = {{ $subject.Locality }}
|
|
organization = {{ $subject.Organization }}
|
|
commonName = {{ $subject.CommonName }}
|
|
serialNumber = {{ $subject.SerialNumber }}
|
|
{{end}}
|
|
{{end}}
|
|
{{end}}
|
|
|
|
{{ $auth := getAuth $service.SegmentLabels }}
|
|
{{if $auth }}
|
|
[frontends."frontend-{{ $frontendName }}".auth]
|
|
headerField = "{{ $auth.HeaderField }}"
|
|
|
|
{{if $auth.Forward }}
|
|
[frontends."frontend-{{ $frontendName }}".auth.forward]
|
|
address = "{{ $auth.Forward.Address }}"
|
|
trustForwardHeader = {{ $auth.Forward.TrustForwardHeader }}
|
|
{{if $auth.Forward.AuthResponseHeaders }}
|
|
authResponseHeaders = [{{range $auth.Forward.AuthResponseHeaders }}
|
|
"{{.}}",
|
|
{{end}}]
|
|
{{end}}
|
|
|
|
{{if $auth.Forward.TLS }}
|
|
[frontends."frontend-{{ $frontendName }}".auth.forward.tls]
|
|
ca = "{{ $auth.Forward.TLS.CA }}"
|
|
caOptional = {{ $auth.Forward.TLS.CAOptional }}
|
|
cert = """{{ $auth.Forward.TLS.Cert }}"""
|
|
key = """{{ $auth.Forward.TLS.Key }}"""
|
|
insecureSkipVerify = {{ $auth.Forward.TLS.InsecureSkipVerify }}
|
|
{{end}}
|
|
{{end}}
|
|
|
|
{{if $auth.Basic }}
|
|
[frontends."frontend-{{ $frontendName }}".auth.basic]
|
|
removeHeader = {{ $auth.Basic.RemoveHeader }}
|
|
{{if $auth.Basic.Users }}
|
|
users = [{{range $auth.Basic.Users }}
|
|
"{{.}}",
|
|
{{end}}]
|
|
{{end}}
|
|
usersFile = "{{ $auth.Basic.UsersFile }}"
|
|
{{end}}
|
|
|
|
{{if $auth.Digest }}
|
|
[frontends."frontend-{{ $frontendName }}".auth.digest]
|
|
removeHeader = {{ $auth.Digest.RemoveHeader }}
|
|
{{if $auth.Digest.Users }}
|
|
users = [{{range $auth.Digest.Users }}
|
|
"{{.}}",
|
|
{{end}}]
|
|
{{end}}
|
|
usersFile = "{{ $auth.Digest.UsersFile }}"
|
|
{{end}}
|
|
{{end}}
|
|
|
|
{{ $whitelist := getWhiteList $service.SegmentLabels }}
|
|
{{if $whitelist }}
|
|
[frontends."frontend-{{ $frontendName }}".whiteList]
|
|
sourceRange = [{{range $whitelist.SourceRange }}
|
|
"{{.}}",
|
|
{{end}}]
|
|
{{if $whitelist.IPStrategy }}
|
|
[frontends."frontend-{{ $frontendName }}".whiteList.IPStrategy]
|
|
depth = {{ $whitelist.IPStrategy.Depth }}
|
|
excludedIPs = [{{range $whitelist.IPStrategy.ExcludedIPs }}
|
|
"{{.}}",
|
|
{{end}}]
|
|
{{end}}
|
|
{{end}}
|
|
|
|
{{ $redirect := getRedirect $service.SegmentLabels }}
|
|
{{if $redirect }}
|
|
[frontends."frontend-{{ $frontendName }}".redirect]
|
|
entryPoint = "{{ $redirect.EntryPoint }}"
|
|
regex = "{{ $redirect.Regex }}"
|
|
replacement = "{{ $redirect.Replacement }}"
|
|
permanent = {{ $redirect.Permanent }}
|
|
{{end}}
|
|
|
|
{{ $errorPages := getErrorPages $service.SegmentLabels }}
|
|
{{if $errorPages }}
|
|
[frontends."frontend-{{ $frontendName }}".errors]
|
|
{{range $pageName, $page := $errorPages }}
|
|
[frontends."frontend-{{ $frontendName }}".errors."{{ $pageName }}"]
|
|
status = [{{range $page.Status }}
|
|
"{{.}}",
|
|
{{end}}]
|
|
backend = "backend-{{ $page.Backend }}"
|
|
query = "{{ $page.Query }}"
|
|
{{end}}
|
|
{{end}}
|
|
|
|
{{ $rateLimit := getRateLimit $service.SegmentLabels }}
|
|
{{if $rateLimit }}
|
|
[frontends."frontend-{{ $frontendName }}".rateLimit]
|
|
extractorFunc = "{{ $rateLimit.ExtractorFunc }}"
|
|
[frontends."frontend-{{ $frontendName }}".rateLimit.rateSet]
|
|
{{ range $limitName, $limit := $rateLimit.RateSet }}
|
|
[frontends."frontend-{{ $frontendName }}".rateLimit.rateSet."{{ $limitName }}"]
|
|
period = "{{ $limit.Period }}"
|
|
average = {{ $limit.Average }}
|
|
burst = {{ $limit.Burst }}
|
|
{{end}}
|
|
{{end}}
|
|
|
|
{{ $headers := getHeaders $service.SegmentLabels }}
|
|
{{if $headers }}
|
|
[frontends."frontend-{{ $frontendName }}".headers]
|
|
SSLRedirect = {{ $headers.SSLRedirect }}
|
|
SSLTemporaryRedirect = {{ $headers.SSLTemporaryRedirect }}
|
|
SSLHost = "{{ $headers.SSLHost }}"
|
|
SSLForceHost = {{ $headers.SSLForceHost }}
|
|
STSSeconds = {{ $headers.STSSeconds }}
|
|
STSIncludeSubdomains = {{ $headers.STSIncludeSubdomains }}
|
|
STSPreload = {{ $headers.STSPreload }}
|
|
ForceSTSHeader = {{ $headers.ForceSTSHeader }}
|
|
FrameDeny = {{ $headers.FrameDeny }}
|
|
CustomFrameOptionsValue = "{{ $headers.CustomFrameOptionsValue }}"
|
|
ContentTypeNosniff = {{ $headers.ContentTypeNosniff }}
|
|
BrowserXSSFilter = {{ $headers.BrowserXSSFilter }}
|
|
CustomBrowserXSSValue = "{{ $headers.CustomBrowserXSSValue }}"
|
|
ContentSecurityPolicy = "{{ $headers.ContentSecurityPolicy }}"
|
|
PublicKey = "{{ $headers.PublicKey }}"
|
|
ReferrerPolicy = "{{ $headers.ReferrerPolicy }}"
|
|
IsDevelopment = {{ $headers.IsDevelopment }}
|
|
|
|
{{if $headers.AllowedHosts }}
|
|
AllowedHosts = [{{range $headers.AllowedHosts }}
|
|
"{{.}}",
|
|
{{end}}]
|
|
{{end}}
|
|
|
|
{{if $headers.HostsProxyHeaders }}
|
|
HostsProxyHeaders = [{{range $headers.HostsProxyHeaders }}
|
|
"{{.}}",
|
|
{{end}}]
|
|
{{end}}
|
|
|
|
{{if $headers.CustomRequestHeaders }}
|
|
[frontends."frontend-{{ $frontendName }}".headers.customRequestHeaders]
|
|
{{range $k, $v := $headers.CustomRequestHeaders }}
|
|
{{$k}} = "{{$v}}"
|
|
{{end}}
|
|
{{end}}
|
|
|
|
{{if $headers.CustomResponseHeaders }}
|
|
[frontends."frontend-{{ $frontendName }}".headers.customResponseHeaders]
|
|
{{range $k, $v := $headers.CustomResponseHeaders }}
|
|
{{$k}} = "{{$v}}"
|
|
{{end}}
|
|
{{end}}
|
|
|
|
{{if $headers.SSLProxyHeaders }}
|
|
[frontends."frontend-{{ $frontendName }}".headers.SSLProxyHeaders]
|
|
{{range $k, $v := $headers.SSLProxyHeaders }}
|
|
{{$k}} = "{{$v}}"
|
|
{{end}}
|
|
{{end}}
|
|
{{end}}
|
|
|
|
[frontends."frontend-{{ $frontendName }}".routes."route-frontend-{{ $frontendName }}"]
|
|
rule = "{{ getFrontendRule $service.Name $service.SegmentLabels }}"
|
|
|
|
{{end}}
|
|
`)
|
|
|
|
func templatesRancherTmplBytes() ([]byte, error) {
|
|
return _templatesRancherTmpl, nil
|
|
}
|
|
|
|
func templatesRancherTmpl() (*asset, error) {
|
|
bytes, err := templatesRancherTmplBytes()
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
info := bindataFileInfo{name: "templates/rancher.tmpl", size: 0, mode: os.FileMode(0), modTime: time.Unix(0, 0)}
|
|
a := &asset{bytes: bytes, info: info}
|
|
return a, nil
|
|
}
|
|
|
|
// Asset loads and returns the asset for the given name.
|
|
// It returns an error if the asset could not be found or
|
|
// could not be loaded.
|
|
func Asset(name string) ([]byte, error) {
|
|
cannonicalName := strings.Replace(name, "\\", "/", -1)
|
|
if f, ok := _bindata[cannonicalName]; ok {
|
|
a, err := f()
|
|
if err != nil {
|
|
return nil, fmt.Errorf("Asset %s can't read by error: %v", name, err)
|
|
}
|
|
return a.bytes, nil
|
|
}
|
|
return nil, fmt.Errorf("Asset %s not found", name)
|
|
}
|
|
|
|
// MustAsset is like Asset but panics when Asset would return an error.
|
|
// It simplifies safe initialization of global variables.
|
|
func MustAsset(name string) []byte {
|
|
a, err := Asset(name)
|
|
if err != nil {
|
|
panic("asset: Asset(" + name + "): " + err.Error())
|
|
}
|
|
|
|
return a
|
|
}
|
|
|
|
// AssetInfo loads and returns the asset info for the given name.
|
|
// It returns an error if the asset could not be found or
|
|
// could not be loaded.
|
|
func AssetInfo(name string) (os.FileInfo, error) {
|
|
cannonicalName := strings.Replace(name, "\\", "/", -1)
|
|
if f, ok := _bindata[cannonicalName]; ok {
|
|
a, err := f()
|
|
if err != nil {
|
|
return nil, fmt.Errorf("AssetInfo %s can't read by error: %v", name, err)
|
|
}
|
|
return a.info, nil
|
|
}
|
|
return nil, fmt.Errorf("AssetInfo %s not found", name)
|
|
}
|
|
|
|
// AssetNames returns the names of the assets.
|
|
func AssetNames() []string {
|
|
names := make([]string, 0, len(_bindata))
|
|
for name := range _bindata {
|
|
names = append(names, name)
|
|
}
|
|
return names
|
|
}
|
|
|
|
// _bindata is a table, holding each asset generator, mapped to its name.
|
|
var _bindata = map[string]func() (*asset, error){
|
|
"templates/consul_catalog.tmpl": templatesConsul_catalogTmpl,
|
|
"templates/docker.tmpl": templatesDockerTmpl,
|
|
"templates/ecs.tmpl": templatesEcsTmpl,
|
|
"templates/eureka.tmpl": templatesEurekaTmpl,
|
|
"templates/kubernetes.tmpl": templatesKubernetesTmpl,
|
|
"templates/kv.tmpl": templatesKvTmpl,
|
|
"templates/marathon.tmpl": templatesMarathonTmpl,
|
|
"templates/mesos.tmpl": templatesMesosTmpl,
|
|
"templates/notFound.tmpl": templatesNotfoundTmpl,
|
|
"templates/rancher.tmpl": templatesRancherTmpl,
|
|
}
|
|
|
|
// AssetDir returns the file names below a certain
|
|
// directory embedded in the file by go-bindata.
|
|
// For example if you run go-bindata on data/... and data contains the
|
|
// following hierarchy:
|
|
// data/
|
|
// foo.txt
|
|
// img/
|
|
// a.png
|
|
// b.png
|
|
// then AssetDir("data") would return []string{"foo.txt", "img"}
|
|
// AssetDir("data/img") would return []string{"a.png", "b.png"}
|
|
// AssetDir("foo.txt") and AssetDir("notexist") would return an error
|
|
// AssetDir("") will return []string{"data"}.
|
|
func AssetDir(name string) ([]string, error) {
|
|
node := _bintree
|
|
if len(name) != 0 {
|
|
cannonicalName := strings.Replace(name, "\\", "/", -1)
|
|
pathList := strings.Split(cannonicalName, "/")
|
|
for _, p := range pathList {
|
|
node = node.Children[p]
|
|
if node == nil {
|
|
return nil, fmt.Errorf("Asset %s not found", name)
|
|
}
|
|
}
|
|
}
|
|
if node.Func != nil {
|
|
return nil, fmt.Errorf("Asset %s not found", name)
|
|
}
|
|
rv := make([]string, 0, len(node.Children))
|
|
for childName := range node.Children {
|
|
rv = append(rv, childName)
|
|
}
|
|
return rv, nil
|
|
}
|
|
|
|
type bintree struct {
|
|
Func func() (*asset, error)
|
|
Children map[string]*bintree
|
|
}
|
|
|
|
var _bintree = &bintree{nil, map[string]*bintree{
|
|
"templates": {nil, map[string]*bintree{
|
|
"consul_catalog.tmpl": {templatesConsul_catalogTmpl, map[string]*bintree{}},
|
|
"docker.tmpl": {templatesDockerTmpl, map[string]*bintree{}},
|
|
"ecs.tmpl": {templatesEcsTmpl, map[string]*bintree{}},
|
|
"eureka.tmpl": {templatesEurekaTmpl, map[string]*bintree{}},
|
|
"kubernetes.tmpl": {templatesKubernetesTmpl, map[string]*bintree{}},
|
|
"kv.tmpl": {templatesKvTmpl, map[string]*bintree{}},
|
|
"marathon.tmpl": {templatesMarathonTmpl, map[string]*bintree{}},
|
|
"mesos.tmpl": {templatesMesosTmpl, map[string]*bintree{}},
|
|
"notFound.tmpl": {templatesNotfoundTmpl, map[string]*bintree{}},
|
|
"rancher.tmpl": {templatesRancherTmpl, map[string]*bintree{}},
|
|
}},
|
|
}}
|
|
|
|
// RestoreAsset restores an asset under the given directory
|
|
func RestoreAsset(dir, name string) error {
|
|
data, err := Asset(name)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
info, err := AssetInfo(name)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
err = os.MkdirAll(_filePath(dir, filepath.Dir(name)), os.FileMode(0755))
|
|
if err != nil {
|
|
return err
|
|
}
|
|
err = ioutil.WriteFile(_filePath(dir, name), data, info.Mode())
|
|
if err != nil {
|
|
return err
|
|
}
|
|
err = os.Chtimes(_filePath(dir, name), info.ModTime(), info.ModTime())
|
|
if err != nil {
|
|
return err
|
|
}
|
|
return nil
|
|
}
|
|
|
|
// RestoreAssets restores an asset under the given directory recursively
|
|
func RestoreAssets(dir, name string) error {
|
|
children, err := AssetDir(name)
|
|
// File
|
|
if err != nil {
|
|
return RestoreAsset(dir, name)
|
|
}
|
|
// Dir
|
|
for _, child := range children {
|
|
err = RestoreAssets(dir, filepath.Join(name, child))
|
|
if err != nil {
|
|
return err
|
|
}
|
|
}
|
|
return nil
|
|
}
|
|
|
|
func _filePath(dir, name string) string {
|
|
cannonicalName := strings.Replace(name, "\\", "/", -1)
|
|
return filepath.Join(append([]string{dir}, strings.Split(cannonicalName, "/")...)...)
|
|
}
|