223 lines
7.8 KiB
Cheetah
223 lines
7.8 KiB
Cheetah
{{ $backendServers := .Backends }}
|
|
[backends]
|
|
{{range $backendName, $backend := .Backends }}
|
|
|
|
[backends."backend-{{ $backendName }}"]
|
|
|
|
{{ $circuitBreaker := getCircuitBreaker $backend.SegmentLabels }}
|
|
{{if $circuitBreaker }}
|
|
[backends."backend-{{ $backendName }}".circuitBreaker]
|
|
expression = "{{ $circuitBreaker.Expression }}"
|
|
{{end}}
|
|
|
|
{{ $loadBalancer := getLoadBalancer $backend.SegmentLabels }}
|
|
{{if $loadBalancer }}
|
|
[backends."backend-{{ $backendName }}".loadBalancer]
|
|
method = "{{ $loadBalancer.Method }}"
|
|
sticky = {{ $loadBalancer.Sticky }}
|
|
{{if $loadBalancer.Stickiness }}
|
|
[backends."backend-{{ $backendName }}".loadBalancer.stickiness]
|
|
cookieName = "{{ $loadBalancer.Stickiness.CookieName }}"
|
|
{{end}}
|
|
{{end}}
|
|
|
|
{{ $maxConn := getMaxConn $backend.SegmentLabels }}
|
|
{{if $maxConn }}
|
|
[backends."backend-{{ $backendName }}".maxConn]
|
|
extractorFunc = "{{ $maxConn.ExtractorFunc }}"
|
|
amount = {{ $maxConn.Amount }}
|
|
{{end}}
|
|
|
|
{{ $healthCheck := getHealthCheck $backend.SegmentLabels }}
|
|
{{if $healthCheck }}
|
|
[backends."backend-{{ $backendName }}".healthCheck]
|
|
scheme = "{{ $healthCheck.Scheme }}"
|
|
path = "{{ $healthCheck.Path }}"
|
|
port = {{ $healthCheck.Port }}
|
|
interval = "{{ $healthCheck.Interval }}"
|
|
hostname = "{{ $healthCheck.Hostname }}"
|
|
{{if $healthCheck.Headers }}
|
|
[backends."backend-{{ $backendName }}".healthCheck.headers]
|
|
{{range $k, $v := $healthCheck.Headers }}
|
|
{{$k}} = "{{$v}}"
|
|
{{end}}
|
|
{{end}}
|
|
{{end}}
|
|
|
|
{{ $buffering := getBuffering $backend.SegmentLabels }}
|
|
{{if $buffering }}
|
|
[backends."backend-{{ $backendName }}".buffering]
|
|
maxRequestBodyBytes = {{ $buffering.MaxRequestBodyBytes }}
|
|
memRequestBodyBytes = {{ $buffering.MemRequestBodyBytes }}
|
|
maxResponseBodyBytes = {{ $buffering.MaxResponseBodyBytes }}
|
|
memResponseBodyBytes = {{ $buffering.MemResponseBodyBytes }}
|
|
retryExpression = "{{ $buffering.RetryExpression }}"
|
|
{{end}}
|
|
|
|
{{range $serverName, $server := getServers $backend}}
|
|
[backends."backend-{{ $backendName }}".servers."{{ $serverName }}"]
|
|
url = "{{ $server.URL }}"
|
|
weight = {{ $server.Weight }}
|
|
{{end}}
|
|
|
|
{{end}}
|
|
|
|
[frontends]
|
|
{{range $frontendName, $service := .Frontends }}
|
|
|
|
[frontends."frontend-{{ $frontendName }}"]
|
|
backend = "backend-{{ getBackendName $service }}"
|
|
priority = {{ getPriority $service.SegmentLabels }}
|
|
passHostHeader = {{ getPassHostHeader $service.SegmentLabels }}
|
|
passTLSCert = {{ getPassTLSCert $service.SegmentLabels }}
|
|
|
|
entryPoints = [{{range getEntryPoints $service.SegmentLabels }}
|
|
"{{.}}",
|
|
{{end}}]
|
|
|
|
{{ $auth := getAuth $service.SegmentLabels }}
|
|
{{if $auth }}
|
|
[frontends."frontend-{{ $frontendName }}".auth]
|
|
headerField = "{{ $auth.HeaderField }}"
|
|
|
|
{{if $auth.Forward }}
|
|
[frontends."frontend-{{ $frontendName }}".auth.forward]
|
|
address = "{{ $auth.Forward.Address }}"
|
|
trustForwardHeader = {{ $auth.Forward.TrustForwardHeader }}
|
|
|
|
{{if $auth.Forward.TLS }}
|
|
[frontends."frontend-{{ $frontendName }}".auth.forward.tls]
|
|
ca = "{{ $auth.Forward.TLS.CA }}"
|
|
caOptional = {{ $auth.Forward.TLS.CAOptional }}
|
|
cert = "{{ $auth.Forward.TLS.Cert }}"
|
|
key = "{{ $auth.Forward.TLS.Key }}"
|
|
insecureSkipVerify = {{ $auth.Forward.TLS.InsecureSkipVerify }}
|
|
{{end}}
|
|
{{end}}
|
|
|
|
{{if $auth.Basic }}
|
|
[frontends."frontend-{{ $frontendName }}".auth.basic]
|
|
removeHeader = {{ $auth.Basic.RemoveHeader }}
|
|
{{if $auth.Basic.Users }}
|
|
users = [{{range $auth.Basic.Users }}
|
|
"{{.}}",
|
|
{{end}}]
|
|
{{end}}
|
|
usersFile = "{{ $auth.Basic.UsersFile }}"
|
|
{{end}}
|
|
|
|
{{if $auth.Digest }}
|
|
[frontends."frontend-{{ $frontendName }}".auth.digest]
|
|
removeHeader = {{ $auth.Digest.RemoveHeader }}
|
|
{{if $auth.Digest.Users }}
|
|
users = [{{range $auth.Digest.Users }}
|
|
"{{.}}",
|
|
{{end}}]
|
|
{{end}}
|
|
usersFile = "{{ $auth.Digest.UsersFile }}"
|
|
{{end}}
|
|
{{end}}
|
|
|
|
{{ $whitelist := getWhiteList $service.SegmentLabels }}
|
|
{{if $whitelist }}
|
|
[frontends."frontend-{{ $frontendName }}".whiteList]
|
|
sourceRange = [{{range $whitelist.SourceRange }}
|
|
"{{.}}",
|
|
{{end}}]
|
|
useXForwardedFor = {{ $whitelist.UseXForwardedFor }}
|
|
{{end}}
|
|
|
|
{{ $redirect := getRedirect $service.SegmentLabels }}
|
|
{{if $redirect }}
|
|
[frontends."frontend-{{ $frontendName }}".redirect]
|
|
entryPoint = "{{ $redirect.EntryPoint }}"
|
|
regex = "{{ $redirect.Regex }}"
|
|
replacement = "{{ $redirect.Replacement }}"
|
|
permanent = {{ $redirect.Permanent }}
|
|
{{end}}
|
|
|
|
{{ $errorPages := getErrorPages $service.SegmentLabels }}
|
|
{{if $errorPages }}
|
|
[frontends."frontend-{{ $frontendName }}".errors]
|
|
{{range $pageName, $page := $errorPages }}
|
|
[frontends."frontend-{{ $frontendName }}".errors."{{ $pageName }}"]
|
|
status = [{{range $page.Status }}
|
|
"{{.}}",
|
|
{{end}}]
|
|
backend = "backend-{{ $page.Backend }}"
|
|
query = "{{ $page.Query }}"
|
|
{{end}}
|
|
{{end}}
|
|
|
|
{{ $rateLimit := getRateLimit $service.SegmentLabels }}
|
|
{{if $rateLimit }}
|
|
[frontends."frontend-{{ $frontendName }}".rateLimit]
|
|
extractorFunc = "{{ $rateLimit.ExtractorFunc }}"
|
|
[frontends."frontend-{{ $frontendName }}".rateLimit.rateSet]
|
|
{{ range $limitName, $limit := $rateLimit.RateSet }}
|
|
[frontends."frontend-{{ $frontendName }}".rateLimit.rateSet."{{ $limitName }}"]
|
|
period = "{{ $limit.Period }}"
|
|
average = {{ $limit.Average }}
|
|
burst = {{ $limit.Burst }}
|
|
{{end}}
|
|
{{end}}
|
|
|
|
{{ $headers := getHeaders $service.SegmentLabels }}
|
|
{{if $headers }}
|
|
[frontends."frontend-{{ $frontendName }}".headers]
|
|
SSLRedirect = {{ $headers.SSLRedirect }}
|
|
SSLTemporaryRedirect = {{ $headers.SSLTemporaryRedirect }}
|
|
SSLHost = "{{ $headers.SSLHost }}"
|
|
SSLForceHost = {{ $headers.SSLForceHost }}
|
|
STSSeconds = {{ $headers.STSSeconds }}
|
|
STSIncludeSubdomains = {{ $headers.STSIncludeSubdomains }}
|
|
STSPreload = {{ $headers.STSPreload }}
|
|
ForceSTSHeader = {{ $headers.ForceSTSHeader }}
|
|
FrameDeny = {{ $headers.FrameDeny }}
|
|
CustomFrameOptionsValue = "{{ $headers.CustomFrameOptionsValue }}"
|
|
ContentTypeNosniff = {{ $headers.ContentTypeNosniff }}
|
|
BrowserXSSFilter = {{ $headers.BrowserXSSFilter }}
|
|
CustomBrowserXSSValue = "{{ $headers.CustomBrowserXSSValue }}"
|
|
ContentSecurityPolicy = "{{ $headers.ContentSecurityPolicy }}"
|
|
PublicKey = "{{ $headers.PublicKey }}"
|
|
ReferrerPolicy = "{{ $headers.ReferrerPolicy }}"
|
|
IsDevelopment = {{ $headers.IsDevelopment }}
|
|
|
|
{{if $headers.AllowedHosts }}
|
|
AllowedHosts = [{{range $headers.AllowedHosts }}
|
|
"{{.}}",
|
|
{{end}}]
|
|
{{end}}
|
|
|
|
{{if $headers.HostsProxyHeaders }}
|
|
HostsProxyHeaders = [{{range $headers.HostsProxyHeaders }}
|
|
"{{.}}",
|
|
{{end}}]
|
|
{{end}}
|
|
|
|
{{if $headers.CustomRequestHeaders }}
|
|
[frontends."frontend-{{ $frontendName }}".headers.customRequestHeaders]
|
|
{{range $k, $v := $headers.CustomRequestHeaders }}
|
|
{{$k}} = "{{$v}}"
|
|
{{end}}
|
|
{{end}}
|
|
|
|
{{if $headers.CustomResponseHeaders }}
|
|
[frontends."frontend-{{ $frontendName }}".headers.customResponseHeaders]
|
|
{{range $k, $v := $headers.CustomResponseHeaders }}
|
|
{{$k}} = "{{$v}}"
|
|
{{end}}
|
|
{{end}}
|
|
|
|
{{if $headers.SSLProxyHeaders }}
|
|
[frontends."frontend-{{ $frontendName }}".headers.SSLProxyHeaders]
|
|
{{range $k, $v := $headers.SSLProxyHeaders }}
|
|
{{$k}} = "{{$v}}"
|
|
{{end}}
|
|
{{end}}
|
|
{{end}}
|
|
|
|
[frontends."frontend-{{ $frontendName }}".routes."route-frontend-{{ $frontendName }}"]
|
|
rule = "{{ getFrontendRule $service.Name $service.SegmentLabels }}"
|
|
|
|
{{end}}
|