240 lines
8.7 KiB
Cheetah
240 lines
8.7 KiB
Cheetah
[backends]
|
|
{{range $backendName, $backend := .Backends }}
|
|
|
|
[backends."{{ $backendName }}"]
|
|
|
|
{{if $backend.CircuitBreaker }}
|
|
[backends."{{ $backendName }}".circuitBreaker]
|
|
expression = "{{ $backend.CircuitBreaker.Expression }}"
|
|
{{end}}
|
|
|
|
{{if $backend.ResponseForwarding }}
|
|
[backends."{{ $backendName }}".responseForwarding]
|
|
flushInterval = "{{ $backend.responseForwarding.FlushInterval }}"
|
|
{{end}}
|
|
|
|
[backends."{{ $backendName }}".loadBalancer]
|
|
method = "{{ $backend.LoadBalancer.Method }}"
|
|
{{if $backend.LoadBalancer.Stickiness }}
|
|
[backends."{{ $backendName }}".loadBalancer.stickiness]
|
|
cookieName = "{{ $backend.LoadBalancer.Stickiness.CookieName }}"
|
|
{{end}}
|
|
|
|
{{if $backend.MaxConn }}
|
|
[backends."{{ $backendName }}".maxConn]
|
|
amount = {{ $backend.MaxConn.Amount }}
|
|
extractorFunc = "{{ $backend.MaxConn.ExtractorFunc }}"
|
|
{{end}}
|
|
|
|
{{if $backend.Buffering }}
|
|
[backends."{{ $backendName }}".buffering]
|
|
maxRequestBodyBytes = {{ $backend.Buffering.MaxRequestBodyBytes }}
|
|
memRequestBodyBytes = {{ $backend.Buffering.MemRequestBodyBytes }}
|
|
maxResponseBodyBytes = {{ $backend.Buffering.MaxResponseBodyBytes }}
|
|
memResponseBodyBytes = {{ $backend.Buffering.MemResponseBodyBytes }}
|
|
retryExpression = "{{ $backend.Buffering.RetryExpression }}"
|
|
{{end}}
|
|
|
|
{{range $serverName, $server := $backend.Servers }}
|
|
[backends."{{ $backendName }}".servers."{{ $serverName }}"]
|
|
url = "{{ $server.URL }}"
|
|
weight = {{ $server.Weight }}
|
|
{{end}}
|
|
|
|
{{end}}
|
|
|
|
[frontends]
|
|
{{range $frontendName, $frontend := .Frontends }}
|
|
|
|
[frontends."{{ $frontendName }}"]
|
|
backend = "{{ $frontend.Backend }}"
|
|
priority = {{ $frontend.Priority }}
|
|
passHostHeader = {{ $frontend.PassHostHeader }}
|
|
passTLSCert = {{ $frontend.PassTLSCert }}
|
|
|
|
entryPoints = [{{range $frontend.EntryPoints }}
|
|
"{{.}}",
|
|
{{end}}]
|
|
|
|
{{if $frontend.Auth }}
|
|
[frontends."{{ $frontendName }}".auth]
|
|
headerField = "X-WebAuth-User"
|
|
|
|
{{if $frontend.Auth.Basic }}
|
|
[frontends."{{ $frontendName }}".auth.basic]
|
|
removeHeader = {{$frontend.Auth.Basic.RemoveHeader}}
|
|
users = [{{range $frontend.Auth.Basic.Users }}
|
|
"{{.}}",
|
|
{{end}}]
|
|
{{end}}
|
|
|
|
{{if $frontend.Auth.Digest }}
|
|
[frontends."{{ $frontendName }}".auth.digest]
|
|
removeHeader = {{$frontend.Auth.Digest.RemoveHeader}}
|
|
users = [{{range $frontend.Auth.Digest.Users }}
|
|
"{{.}}",
|
|
{{end}}]
|
|
{{end}}
|
|
|
|
{{if $frontend.Auth.Forward }}
|
|
[frontends."{{ $frontendName }}".auth.forward]
|
|
address = "{{ $frontend.Auth.Forward.Address }}"
|
|
authResponseHeaders = [{{range $frontend.Auth.Forward.AuthResponseHeaders }}
|
|
"{{.}}",
|
|
{{end}}]
|
|
trustForwardHeader = {{ $frontend.Auth.Forward.TrustForwardHeader }}
|
|
{{if $frontend.Auth.Forward.TLS }}
|
|
[frontends."{{ $frontendName }}".auth.forward.tls]
|
|
cert = """{{ $frontend.Auth.Forward.TLS.Cert }}"""
|
|
key = """{{ $frontend.Auth.Forward.TLS.Key }}"""
|
|
insecureSkipVerify = {{ $frontend.Auth.Forward.TLS.InsecureSkipVerify }}
|
|
{{end}}
|
|
{{end}}
|
|
|
|
{{end}}
|
|
|
|
{{if $frontend.WhiteList }}
|
|
[frontends."{{ $frontendName }}".whiteList]
|
|
sourceRange = [{{range $frontend.Whitelist.SourceRange }}
|
|
"{{.}}",
|
|
{{end}}]
|
|
{{if $frontend.Whitelist.IPStrategy }}
|
|
[frontends."{{ $frontendName }}".whiteList.IPStrategy]
|
|
depth = {{ $frontend.Whitelist.IPStrategy.Depth }}
|
|
excludedIPs = [{{range $frontend.Whitelist.IPStrategy.ExcludedIPs }}
|
|
"{{.}}",
|
|
{{end}}]
|
|
{{end}}
|
|
{{end}}
|
|
|
|
{{if $frontend.Redirect }}
|
|
[frontends."{{ $frontendName }}".redirect]
|
|
entryPoint = "{{ $frontend.Redirect.EntryPoint }}"
|
|
regex = "{{ $frontend.Redirect.Regex }}"
|
|
replacement = "{{ $frontend.Redirect.Replacement }}"
|
|
permanent = {{ $frontend.Redirect.Permanent }}
|
|
{{end}}
|
|
|
|
{{if $frontend.Errors }}
|
|
[frontends."{{ $frontendName }}".errors]
|
|
{{range $pageName, $page := $frontend.Errors }}
|
|
[frontends."{{ $frontendName }}".errors."{{ $pageName }}"]
|
|
status = [{{range $page.Status }}
|
|
"{{.}}",
|
|
{{end}}]
|
|
backend = "{{ $page.Backend }}"
|
|
query = "{{ $page.Query }}"
|
|
{{end}}
|
|
{{end}}
|
|
|
|
{{if $frontend.RateLimit }}
|
|
[frontends."{{ $frontendName }}".rateLimit]
|
|
extractorFunc = "{{ $frontend.RateLimit.ExtractorFunc }}"
|
|
[frontends."{{ $frontendName }}".rateLimit.rateSet]
|
|
{{range $limitName, $limit := $frontend.RateLimit.RateSet }}
|
|
[frontends."{{ $frontendName }}".rateLimit.rateSet."{{ $limitName }}"]
|
|
period = "{{ $limit.Period }}"
|
|
average = {{ $limit.Average }}
|
|
burst = {{ $limit.Burst }}
|
|
{{end}}
|
|
{{end}}
|
|
|
|
{{if $frontend.PassTLSClientCert }}
|
|
[frontends."{{ $frontendName }}".passTLSClientCert]
|
|
pem = {{ $frontend.PassTLSClientCert.PEM }}
|
|
{{ $infos := $frontend.PassTLSClientCert.Infos }}
|
|
{{if $infos }}
|
|
[frontends."{{ $frontendName }}".passTLSClientCert.infos]
|
|
notAfter = {{ $infos.NotAfter }}
|
|
notBefore = {{ $infos.NotBefore }}
|
|
sans = {{ $infos.Sans }}
|
|
{{ $subject := $infos.Subject }}
|
|
{{if $subject }}
|
|
[frontends."{{ $frontendName }}".passTLSClientCert.infos.subject]
|
|
country = {{ $subject.Country }}
|
|
province = {{ $subject.Province }}
|
|
locality = {{ $subject.Locality }}
|
|
organization = {{ $subject.Organization }}
|
|
commonName = {{ $subject.CommonName }}
|
|
serialNumber = {{ $subject.SerialNumber }}
|
|
domainComponent = {{ $subject.DomainComponent }}
|
|
{{end}}
|
|
{{ $issuer := $infos.Subject }}
|
|
{{if $issuer }}
|
|
[frontends."{{ $frontendName }}".passTLSClientCert.infos.issuer]
|
|
country = {{ $issuer.Country }}
|
|
province = {{ $issuer.Province }}
|
|
locality = {{ $issuer.Locality }}
|
|
organization = {{ $issuer.Organization }}
|
|
commonName = {{ $issuer.CommonName }}
|
|
serialNumber = {{ $issuer.SerialNumber }}
|
|
domainComponent = {{ $issuer.DomainComponent }}
|
|
{{end}}
|
|
{{end}}
|
|
{{end}}
|
|
|
|
{{if $frontend.Headers }}
|
|
[frontends."{{ $frontendName }}".headers]
|
|
SSLRedirect = {{ $frontend.Headers.SSLRedirect }}
|
|
SSLTemporaryRedirect = {{ $frontend.Headers.SSLTemporaryRedirect }}
|
|
SSLHost = "{{ $frontend.Headers.SSLHost }}"
|
|
SSLForceHost = {{ $frontend.Headers.SSLForceHost }}
|
|
STSSeconds = {{ $frontend.Headers.STSSeconds }}
|
|
STSIncludeSubdomains = {{ $frontend.Headers.STSIncludeSubdomains }}
|
|
STSPreload = {{ $frontend.Headers.STSPreload }}
|
|
ForceSTSHeader = {{ $frontend.Headers.ForceSTSHeader }}
|
|
FrameDeny = {{ $frontend.Headers.FrameDeny }}
|
|
CustomFrameOptionsValue = "{{ $frontend.Headers.CustomFrameOptionsValue }}"
|
|
ContentTypeNosniff = {{ $frontend.Headers.ContentTypeNosniff }}
|
|
BrowserXSSFilter = {{ $frontend.Headers.BrowserXSSFilter }}
|
|
CustomBrowserXSSValue = "{{ $frontend.Headers.CustomBrowserXSSValue }}"
|
|
ContentSecurityPolicy = "{{ $frontend.Headers.ContentSecurityPolicy }}"
|
|
PublicKey = "{{ $frontend.Headers.PublicKey }}"
|
|
ReferrerPolicy = "{{ $frontend.Headers.ReferrerPolicy }}"
|
|
IsDevelopment = {{ $frontend.Headers.IsDevelopment }}
|
|
{{if $frontend.Headers.AllowedHosts }}
|
|
AllowedHosts = [{{range $frontend.Headers.AllowedHosts }}
|
|
"{{.}}",
|
|
{{end}}]
|
|
{{end}}
|
|
{{if $frontend.Headers.HostsProxyHeaders }}
|
|
HostsProxyHeaders = [{{range $frontend.Headers.HostsProxyHeaders }}
|
|
"{{.}}",
|
|
{{end}}]
|
|
{{end}}
|
|
{{if $frontend.Headers.CustomRequestHeaders }}
|
|
[frontends."{{ $frontendName }}".headers.customRequestHeaders]
|
|
{{range $k, $v := $frontend.Headers.CustomRequestHeaders }}
|
|
{{ $k }} = "{{ $v }}"
|
|
{{end}}
|
|
{{end}}
|
|
{{if $frontend.Headers.CustomResponseHeaders }}
|
|
[frontends."{{ $frontendName }}".headers.customResponseHeaders]
|
|
{{range $k, $v := $frontend.Headers.CustomResponseHeaders }}
|
|
{{ $k }} = "{{ $v }}"
|
|
{{end}}
|
|
{{end}}
|
|
{{if $frontend.Headers.SSLProxyHeaders }}
|
|
[frontends."{{ $frontendName }}".headers.SSLProxyHeaders]
|
|
{{range $k, $v := $frontend.Headers.SSLProxyHeaders }}
|
|
{{ $k }} = "{{ $v }}"
|
|
{{end}}
|
|
{{end}}
|
|
{{end}}
|
|
|
|
{{range $routeName, $route := $frontend.Routes }}
|
|
[frontends."{{ $frontendName }}".routes."{{ $routeName }}"]
|
|
rule = "{{ $route.Rule }}"
|
|
{{end}}
|
|
|
|
{{end}}
|
|
|
|
{{range $tls := .TLS }}
|
|
[[tls]]
|
|
entryPoints = [{{range $tls.EntryPoints }}
|
|
"{{.}}",
|
|
{{end}}]
|
|
[tls.certificate]
|
|
certFile = """{{ $tls.Certificate.CertFile }}"""
|
|
keyFile = """{{ $tls.Certificate.KeyFile }}"""
|
|
{{end}}
|