traefik/templates/kubernetes.tmpl
2019-01-08 14:32:04 +01:00

240 lines
8.7 KiB
Cheetah

[backends]
{{range $backendName, $backend := .Backends }}
[backends."{{ $backendName }}"]
{{if $backend.CircuitBreaker }}
[backends."{{ $backendName }}".circuitBreaker]
expression = "{{ $backend.CircuitBreaker.Expression }}"
{{end}}
{{if $backend.ResponseForwarding }}
[backends."{{ $backendName }}".responseForwarding]
flushInterval = "{{ $backend.responseForwarding.FlushInterval }}"
{{end}}
[backends."{{ $backendName }}".loadBalancer]
method = "{{ $backend.LoadBalancer.Method }}"
{{if $backend.LoadBalancer.Stickiness }}
[backends."{{ $backendName }}".loadBalancer.stickiness]
cookieName = "{{ $backend.LoadBalancer.Stickiness.CookieName }}"
{{end}}
{{if $backend.MaxConn }}
[backends."{{ $backendName }}".maxConn]
amount = {{ $backend.MaxConn.Amount }}
extractorFunc = "{{ $backend.MaxConn.ExtractorFunc }}"
{{end}}
{{if $backend.Buffering }}
[backends."{{ $backendName }}".buffering]
maxRequestBodyBytes = {{ $backend.Buffering.MaxRequestBodyBytes }}
memRequestBodyBytes = {{ $backend.Buffering.MemRequestBodyBytes }}
maxResponseBodyBytes = {{ $backend.Buffering.MaxResponseBodyBytes }}
memResponseBodyBytes = {{ $backend.Buffering.MemResponseBodyBytes }}
retryExpression = "{{ $backend.Buffering.RetryExpression }}"
{{end}}
{{range $serverName, $server := $backend.Servers }}
[backends."{{ $backendName }}".servers."{{ $serverName }}"]
url = "{{ $server.URL }}"
weight = {{ $server.Weight }}
{{end}}
{{end}}
[frontends]
{{range $frontendName, $frontend := .Frontends }}
[frontends."{{ $frontendName }}"]
backend = "{{ $frontend.Backend }}"
priority = {{ $frontend.Priority }}
passHostHeader = {{ $frontend.PassHostHeader }}
passTLSCert = {{ $frontend.PassTLSCert }}
entryPoints = [{{range $frontend.EntryPoints }}
"{{.}}",
{{end}}]
{{if $frontend.Auth }}
[frontends."{{ $frontendName }}".auth]
headerField = "X-WebAuth-User"
{{if $frontend.Auth.Basic }}
[frontends."{{ $frontendName }}".auth.basic]
removeHeader = {{$frontend.Auth.Basic.RemoveHeader}}
users = [{{range $frontend.Auth.Basic.Users }}
"{{.}}",
{{end}}]
{{end}}
{{if $frontend.Auth.Digest }}
[frontends."{{ $frontendName }}".auth.digest]
removeHeader = {{$frontend.Auth.Digest.RemoveHeader}}
users = [{{range $frontend.Auth.Digest.Users }}
"{{.}}",
{{end}}]
{{end}}
{{if $frontend.Auth.Forward }}
[frontends."{{ $frontendName }}".auth.forward]
address = "{{ $frontend.Auth.Forward.Address }}"
authResponseHeaders = [{{range $frontend.Auth.Forward.AuthResponseHeaders }}
"{{.}}",
{{end}}]
trustForwardHeader = {{ $frontend.Auth.Forward.TrustForwardHeader }}
{{if $frontend.Auth.Forward.TLS }}
[frontends."{{ $frontendName }}".auth.forward.tls]
cert = """{{ $frontend.Auth.Forward.TLS.Cert }}"""
key = """{{ $frontend.Auth.Forward.TLS.Key }}"""
insecureSkipVerify = {{ $frontend.Auth.Forward.TLS.InsecureSkipVerify }}
{{end}}
{{end}}
{{end}}
{{if $frontend.WhiteList }}
[frontends."{{ $frontendName }}".whiteList]
sourceRange = [{{range $frontend.Whitelist.SourceRange }}
"{{.}}",
{{end}}]
{{if $frontend.Whitelist.IPStrategy }}
[frontends."{{ $frontendName }}".whiteList.IPStrategy]
depth = {{ $frontend.Whitelist.IPStrategy.Depth }}
excludedIPs = [{{range $frontend.Whitelist.IPStrategy.ExcludedIPs }}
"{{.}}",
{{end}}]
{{end}}
{{end}}
{{if $frontend.Redirect }}
[frontends."{{ $frontendName }}".redirect]
entryPoint = "{{ $frontend.Redirect.EntryPoint }}"
regex = "{{ $frontend.Redirect.Regex }}"
replacement = "{{ $frontend.Redirect.Replacement }}"
permanent = {{ $frontend.Redirect.Permanent }}
{{end}}
{{if $frontend.Errors }}
[frontends."{{ $frontendName }}".errors]
{{range $pageName, $page := $frontend.Errors }}
[frontends."{{ $frontendName }}".errors."{{ $pageName }}"]
status = [{{range $page.Status }}
"{{.}}",
{{end}}]
backend = "{{ $page.Backend }}"
query = "{{ $page.Query }}"
{{end}}
{{end}}
{{if $frontend.RateLimit }}
[frontends."{{ $frontendName }}".rateLimit]
extractorFunc = "{{ $frontend.RateLimit.ExtractorFunc }}"
[frontends."{{ $frontendName }}".rateLimit.rateSet]
{{range $limitName, $limit := $frontend.RateLimit.RateSet }}
[frontends."{{ $frontendName }}".rateLimit.rateSet."{{ $limitName }}"]
period = "{{ $limit.Period }}"
average = {{ $limit.Average }}
burst = {{ $limit.Burst }}
{{end}}
{{end}}
{{if $frontend.PassTLSClientCert }}
[frontends."{{ $frontendName }}".passTLSClientCert]
pem = {{ $frontend.PassTLSClientCert.PEM }}
{{ $infos := $frontend.PassTLSClientCert.Infos }}
{{if $infos }}
[frontends."{{ $frontendName }}".passTLSClientCert.infos]
notAfter = {{ $infos.NotAfter }}
notBefore = {{ $infos.NotBefore }}
sans = {{ $infos.Sans }}
{{ $subject := $infos.Subject }}
{{if $subject }}
[frontends."{{ $frontendName }}".passTLSClientCert.infos.subject]
country = {{ $subject.Country }}
province = {{ $subject.Province }}
locality = {{ $subject.Locality }}
organization = {{ $subject.Organization }}
commonName = {{ $subject.CommonName }}
serialNumber = {{ $subject.SerialNumber }}
domainComponent = {{ $subject.DomainComponent }}
{{end}}
{{ $issuer := $infos.Subject }}
{{if $issuer }}
[frontends."{{ $frontendName }}".passTLSClientCert.infos.issuer]
country = {{ $issuer.Country }}
province = {{ $issuer.Province }}
locality = {{ $issuer.Locality }}
organization = {{ $issuer.Organization }}
commonName = {{ $issuer.CommonName }}
serialNumber = {{ $issuer.SerialNumber }}
domainComponent = {{ $issuer.DomainComponent }}
{{end}}
{{end}}
{{end}}
{{if $frontend.Headers }}
[frontends."{{ $frontendName }}".headers]
SSLRedirect = {{ $frontend.Headers.SSLRedirect }}
SSLTemporaryRedirect = {{ $frontend.Headers.SSLTemporaryRedirect }}
SSLHost = "{{ $frontend.Headers.SSLHost }}"
SSLForceHost = {{ $frontend.Headers.SSLForceHost }}
STSSeconds = {{ $frontend.Headers.STSSeconds }}
STSIncludeSubdomains = {{ $frontend.Headers.STSIncludeSubdomains }}
STSPreload = {{ $frontend.Headers.STSPreload }}
ForceSTSHeader = {{ $frontend.Headers.ForceSTSHeader }}
FrameDeny = {{ $frontend.Headers.FrameDeny }}
CustomFrameOptionsValue = "{{ $frontend.Headers.CustomFrameOptionsValue }}"
ContentTypeNosniff = {{ $frontend.Headers.ContentTypeNosniff }}
BrowserXSSFilter = {{ $frontend.Headers.BrowserXSSFilter }}
CustomBrowserXSSValue = "{{ $frontend.Headers.CustomBrowserXSSValue }}"
ContentSecurityPolicy = "{{ $frontend.Headers.ContentSecurityPolicy }}"
PublicKey = "{{ $frontend.Headers.PublicKey }}"
ReferrerPolicy = "{{ $frontend.Headers.ReferrerPolicy }}"
IsDevelopment = {{ $frontend.Headers.IsDevelopment }}
{{if $frontend.Headers.AllowedHosts }}
AllowedHosts = [{{range $frontend.Headers.AllowedHosts }}
"{{.}}",
{{end}}]
{{end}}
{{if $frontend.Headers.HostsProxyHeaders }}
HostsProxyHeaders = [{{range $frontend.Headers.HostsProxyHeaders }}
"{{.}}",
{{end}}]
{{end}}
{{if $frontend.Headers.CustomRequestHeaders }}
[frontends."{{ $frontendName }}".headers.customRequestHeaders]
{{range $k, $v := $frontend.Headers.CustomRequestHeaders }}
{{ $k }} = "{{ $v }}"
{{end}}
{{end}}
{{if $frontend.Headers.CustomResponseHeaders }}
[frontends."{{ $frontendName }}".headers.customResponseHeaders]
{{range $k, $v := $frontend.Headers.CustomResponseHeaders }}
{{ $k }} = "{{ $v }}"
{{end}}
{{end}}
{{if $frontend.Headers.SSLProxyHeaders }}
[frontends."{{ $frontendName }}".headers.SSLProxyHeaders]
{{range $k, $v := $frontend.Headers.SSLProxyHeaders }}
{{ $k }} = "{{ $v }}"
{{end}}
{{end}}
{{end}}
{{range $routeName, $route := $frontend.Routes }}
[frontends."{{ $frontendName }}".routes."{{ $routeName }}"]
rule = "{{ $route.Rule }}"
{{end}}
{{end}}
{{range $tls := .TLS }}
[[tls]]
entryPoints = [{{range $tls.EntryPoints }}
"{{.}}",
{{end}}]
[tls.certificate]
certFile = """{{ $tls.Certificate.CertFile }}"""
keyFile = """{{ $tls.Certificate.KeyFile }}"""
{{end}}