baalajimaestro/traefik
1
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity

Update the middleware documentation

Browse source
This commit is contained in:
Jean-Baptiste Doumenjou 2019-04-08 17:14:08 +02:00 committed by Traefiker Bot
parent 6ab991ebf4
commit 2e20394af4
24 changed files with 488 additions and 70 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
docs/content/contributing/building-testing.md
View file

@ -58,7 +58,7 @@ PRE_TARGET= make test-unit
### Method 2: Using `go`
You need `go` v1.9+.
You need `go` v1.12+.
!!! tip "Source Directory"

5
docs/content/getting-started/concepts.md
View file

@ -5,7 +5,8 @@ Everything You Need to Know
## Edge Router
Traefik is an _Edge Router_, it means that it's the door to your platform, and that it intercepts and routes every incoming request: it knows all the logic and every rule that determine which services handle which requests (based on the [path](../../routing/routers/#rule), the [host](../../routing/routers/#rule), [headers](../../routing/routers/#rule), [and so on](../../routing/routers/#rule) ...).
Traefik is an _Edge Router_, it means that it's the door to your platform, and that it intercepts and routes every incoming request:
it knows all the logic and every rule that determine which services handle which requests (based on the [path](../routing/routers/index.md#rule), the [host](../routing/routers/index.md#rule), [headers](../routing/routers/index.md#rule), [and so on](../routing/routers/index.md#rule) ...).
![The Door to Your Infrastructure](../assets/img/traefik-concepts-1.png)
@ -18,7 +19,7 @@ Deploying your services, you attach information that tell Traefik the characteri
![Decentralized Configuration](../assets/img/traefik-concepts-2.png)
It means that when a service is deployed, Traefik detects it immediately and updates the routing rules in real time.
The opposite is true: when you remove a service from your infrastructure, the route will disapear accordingly.
The opposite is true: when you remove a service from your infrastructure, the route will disappear accordingly.
You no longer need to create and synchronize configuration files cluttered with IP addresses or other rules.

2
docs/content/https-tls/acme.md
View file

@ -330,7 +330,7 @@ storage = "traefik/acme/account"
Because key-value stores have limited entry size, the certificates list is compressed _before_ it is saved.
For example, it is possible to store up to _approximately_ 100 ACME certificates in Consul.
## Fallbacks
## Fallback
If Let's Encrypt is not reachable, the following certificates will apply:

6
docs/content/middlewares/addprefix.md
View file

@ -26,6 +26,12 @@ spec:
prefix: /foo
```
```yaml tab="Rancher"
# Prefixing with /foo
labels:
- "traefik.http.middlewares.add-foo.addprefix.prefix=/foo"
```
```toml tab="File"
# Prefixing with /foo
[http.middlewares]

6
docs/content/middlewares/basicauth.md
View file

@ -28,6 +28,12 @@ spec:
- test2:$apr1$d9hr9HBB$4HxwgUir3HP4EsggP/QNo0
```
```yaml tab="Rancher"
# Declaring the user list
labels:
- "traefik.http.middlewares.test-auth.basicauth.users=test:$apr1$H6uskkkW$IgXLP6ewTrSuBkTrqE8wj/,test2:$apr1$d9hr9HBB$4HxwgUir3HP4EsggP/QNo0"
```
```toml tab="File"
# Declaring the user list
[http.middlewares]

6
docs/content/middlewares/buffering.md
View file

@ -30,6 +30,12 @@ spec:
maxRequestBodyBytes: 250000
```
```yaml tab="Rancher"
# Sets the maximum request body to 2Mb
labels:
- "traefik.http.middlewares.limit.buffering.maxRequestBodyBytes=250000"
```
```toml tab="File"
# Sets the maximum request body to 2Mb
[http.middlewares]

12
docs/content/middlewares/chain.md
View file

@ -83,6 +83,18 @@ spec:
- 127.0.0.1/32
```
```yaml tab="Rancher"
labels:
- "traefik.http.routers.router1.service=service1"
- "traefik.http.routers.router1.middlewares=secured"
- "traefik.http.routers.router1.rule=Host(`mydomain`)"
- "traefik.http.middlewares.secured.chain.middlewares=https-only,known-ips,auth-users"
- "traefik.http.middlewares.auth-users.basicauth.users=test:$apr1$H6uskkkW$IgXLP6ewTrSuBkTrqE8wj/"
- "traefik.http.middlewares.https-only.schemeredirect.scheme=https"
- "traefik.http.middlewares.known-ips.ipwhitelist.sourceRange=192.168.1.7,127.0.0.1/32"
- "http.services.service1.loadbalancer.server.port=80"
```
```toml tab="File"
# ...
[http.routers]

6
docs/content/middlewares/circuitbreaker.md
View file

@ -40,6 +40,12 @@ spec:
expression: LatencyAtQuantileMS(50.0) > 100
```
```yaml tab="Rancher"
# Latency Check
labels:
- "traefik.http.middlewares.latency-check.circuitbreaker.expression=LatencyAtQuantileMS(50.0) > 100"
```
```toml tab="File"
# Latency Check
[http.middlewares]

6
docs/content/middlewares/compress.md
View file

@ -15,6 +15,12 @@ labels:
- "traefik.http.middlewares.test-compress.compress=true"
```
```yaml tab="Rancher"
# Enable gzip compression
labels:
- "traefik.http.middlewares.test-compress.compress=true"
```
```toml tab="File"
# Enable gzip compression
[http.middlewares]

10
docs/content/middlewares/digestauth.md
View file

@ -27,6 +27,11 @@ spec:
- test2:traefik:518845800f9e2bfb1f1f740ec24f074e
```
```yaml tab="Rancher"
labels:
- "traefik.http.middlewares.test-auth.digestauth.users=test:traefik:a2688e031edb4be6a3797f3882655c05,test2:traefik:518845800f9e2bfb1f1f740ec24f074e"
```
```toml tab="File"
[http.middlewares]
[http.middlewares.test-auth.digestAuth]
@ -93,6 +98,11 @@ spec:
headerField: X-WebAuth-User
```
```yaml tab="Rancher"
labels:
- "traefik.http.middlewares.my-auth.digestauth.headerField=X-WebAuth-User"
```
```toml tab="File"
[http.middlewares.my-auth.digestAuth]
# ...

8
docs/content/middlewares/errorpages.md
View file

@ -33,6 +33,14 @@ spec:
query: /{status}.html
```
```yaml tab="Rancher"
# Dynamic Custom Error Page for 5XX Status Code
labels:
- "traefik.http.middlewares.test-errorpage.errors.status=500-599"
- "traefik.http.middlewares.test-errorpage.errors.service=serviceError"
- "traefik.http.middlewares.test-errorpage.errors.query=/{status}.html"
```
```toml tab="File"
# Custom Error Page for 5XX
[http.middlewares]

13
docs/content/middlewares/forwardauth.md
View file

@ -43,6 +43,19 @@ spec:
key: path/to/foo.key
```
```yaml tab="Rancher"
# Forward authentication to authserver.com
labels:
- "traefik.http.middlewares.test-auth.ForwardAuth.Address=https://authserver.com/auth"
- "traefik.http.middlewares.test-auth.ForwardAuth.AuthResponseHeaders=X-Auth-User, X-Secret"
- "traefik.http.middlewares.test-auth.ForwardAuth.TLS.CA=path/to/local.crt"
- "traefik.http.middlewares.test-auth.ForwardAuth.TLS.CAOptional=true"
- "traefik.http.middlewares.test-auth.ForwardAuth.TLS.Cert=path/to/foo.cert"
- "traefik.http.middlewares.test-auth.ForwardAuth.TLS.InsecureSkipVerify=true"
- "traefik.http.middlewares.test-auth.ForwardAuth.TLS.Key=path/to/foo.key"
- "traefik.http.middlewares.test-auth.ForwardAuth.TrustForwardHeader=true"
```
```toml tab="File"
# Forward authentication to authserver.com
[http.middlewares]

26
docs/content/middlewares/headers.md
View file

@ -32,6 +32,12 @@ spec:
X-Custom-Response-Header: "True"
```
```yaml tab="Rancher"
labels:
- "traefik.http.middlewares.testHeader.Headers.CustomRequestHeaders.X-Script-Name=test"
- "traefik.http.middlewares.testHeader.Headers.CustomResponseHeaders.X-Custom-Response-Header=True"
```
```toml tab="File"
[http.middlewares]
[http.middlewares.testHeader.headers]
@ -62,6 +68,12 @@ spec:
X-Custom-Response-Header: "" # Removes
```
```yaml tab="Rancher"
labels:
- "traefik.http.middlewares.testHeader.Headers.CustomRequestHeaders.X-Script-Name=test"
- "traefik.http.middlewares.testHeader.Headers.CustomResponseHeaders.X-Custom-Response-Header=True"
```
```toml tab="File"
[http.middlewares]
[http.middlewares.testHeader.headers]
@ -94,6 +106,12 @@ spec:
SSLRedirect: "true"
```
```yaml tab="Rancher"
labels:
- "traefik.http.middlewares.testHeader.Headers.FrameDeny=true"
- "traefik.http.middlewares.testHeader.Headers.SSLRedirect=true"
```
```toml tab="File"
[http.middlewares]
[http.middlewares.testHeader.headers]
@ -130,6 +148,14 @@ spec:
AddVaryHeader: "true"
```
```yaml tab="Rancher"
labels:
- "traefik.http.middlewares.testHeader.Headers.AccessControlAllowMethods=GET,OPTIONS,PUT"
- "traefik.http.middlewares.testHeader.Headers.AccessControlAllowOrigin=origin-list-or-null"
- "traefik.http.middlewares.testHeader.Headers.AccessControlMaxAge=100"
- "traefik.http.middlewares.testHeader.Headers.AddVaryHeader=true"
```
```toml tab="File"
[http.middlewares]
[http.middlewares.testHeader.headers]

19
docs/content/middlewares/ipwhitelist.md
View file

@ -27,6 +27,12 @@ spec:
- 192.168.1.7
```
```yaml tab="Rancher"
# Accepts request from defined IP
labels:
- "traefik.http.middlewares.test-ipwhitelist.IPWhiteList.SourceRange=127.0.0.1/32, 192.168.1.7"
```
```toml tab="File"
# Accepts request from defined IP
[http.middlewares]
@ -82,6 +88,13 @@ The `depth` option tells Traefik to use the `X-Forwarded-For` header and take th
depth: 2
```
```yaml tab="Rancher"
# Whitelisting Based on `X-Forwarded-For` with `depth=2`
labels:
- "traefik.http.middlewares.testIPwhitelist.ipWhiteList.SourceRange=127.0.0.1/32, 192.168.1.7"
- "traefik.http.middlewares.testIPwhitelist.ipwhitelist.ipstrategy.depth=2"
```
```toml tab="File"
# Whitelisting Based on `X-Forwarded-For` with `depth=2`
[http.middlewares]
@ -133,6 +146,12 @@ spec:
- 192.168.1.7
```
```yaml tab="Rancher"
# Exclude from `X-Forwarded-For`
labels:
- "traefik.http.middlewares.test-ipwhitelist.ipwhitelist.ipstrategy.excludedIPs=127.0.0.1/32, 192.168.1.7"
```
```toml tab="File"
# Exclude from `X-Forwarded-For`
[http.middlewares]

6
docs/content/middlewares/maxconnection.md
View file

@ -25,6 +25,12 @@ spec:
prefix: /bar
```
```yaml tab="Rancher"
# Limiting to 10 simultaneous connections
labels:
- "traefik.http.middlewares.test-maxconn.maxconn.amount=10"
```
```toml tab="File"
# Limiting to 10 simultaneous connections
[http.middlewares]

43
docs/content/middlewares/passtlsclientcert.md
View file

@ -1,4 +1,4 @@
# TODO - PassTLSClientCert
# PassTLSClientCert
Adding Client Certificates in a Header
{: .subtitle }
@ -27,6 +27,12 @@ spec:
pem: true
```
```yaml tab="Rancher"
# Pass the escaped pem in the `X-Forwarded-Tls-Client-Cert` header.
labels:
- "traefik.http.middlewares.test-passtlsclientcert.passtlsclientcert.pem=true"
```
```toml tab="File"
# Pass the escaped pem in the `X-Forwarded-Tls-Client-Cert` header.
[http.middlewares]
@ -88,6 +94,28 @@ spec:
domainComponent: true
```
```yaml tab="Rancher"
# Pass all the available info in the `X-Forwarded-Tls-Client-Cert-Info` header
labels:
- "traefik.http.middlewares.test-passtlsclientcert.passtlsclientcert.info.notafter=true"
- "traefik.http.middlewares.test-passtlsclientcert.passtlsclientcert.info.notbefore=true"
- "traefik.http.middlewares.test-passtlsclientcert.passtlsclientcert.info.sans=true"
- "traefik.http.middlewares.test-passtlsclientcert.passtlsclientcert.info.subject.commonname=true"
- "traefik.http.middlewares.test-passtlsclientcert.passtlsclientcert.info.subject.country=true"
- "traefik.http.middlewares.test-passtlsclientcert.passtlsclientcert.info.subject.domaincomponent=true"
- "traefik.http.middlewares.test-passtlsclientcert.passtlsclientcert.info.subject.locality=true"
- "traefik.http.middlewares.test-passtlsclientcert.passtlsclientcert.info.subject.organization=true"
- "traefik.http.middlewares.test-passtlsclientcert.passtlsclientcert.info.subject.province=true"
- "traefik.http.middlewares.test-passtlsclientcert.passtlsclientcert.info.subject.serialnumber=true"
- "traefik.http.middlewares.test-passtlsclientcert.passtlsclientcert.info.issuer.commonname=true"
- "traefik.http.middlewares.test-passtlsclientcert.passtlsclientcert.info.issuer.country=true"
- "traefik.http.middlewares.test-passtlsclientcert.passtlsclientcert.info.issuer.domaincomponent=true"
- "traefik.http.middlewares.test-passtlsclientcert.passtlsclientcert.info.issuer.locality=true"
- "traefik.http.middlewares.test-passtlsclientcert.passtlsclientcert.info.issuer.organization=true"
- "traefik.http.middlewares.test-passtlsclientcert.passtlsclientcert.info.issuer.province=true"
- "traefik.http.middlewares.test-passtlsclientcert.passtlsclientcert.info.issuer.serialnumber=true"
```
```toml tab="File"
# Pass all the available info in the `X-Forwarded-Tls-Client-Cert-Info` header
[http.middlewares]
@ -120,8 +148,8 @@ spec:
PassTLSClientCert can add two headers to the request:
* `X-Forwarded-Tls-Client-Cert` that contains the escaped pem.
* `X-Forwarded-Tls-Client-Cert-Info` that contains all the selected certificate information in an escaped string.
- `X-Forwarded-Tls-Client-Cert` that contains the escaped pem.
- `X-Forwarded-Tls-Client-Cert-Info` that contains all the selected certificate information in an escaped string.
!!! note
The headers are filled with escaped string so it can be safely placed inside a URL query.
@ -235,6 +263,7 @@ In the following example, you can see a complete certificate. We will use each p
### `pem`
The `pem` option sets the `X-Forwarded-Tls-Client-Cert` header with the escape certificate.
In the example, it is the part between `-----BEGIN CERTIFICATE-----` and `-----END CERTIFICATE-----` delimiters :
??? example "The data used by the pem option"
@ -283,10 +312,16 @@ In the example, it is the part between `-----BEGIN CERTIFICATE-----` and `-----E
The delimiters and `\n` will be removed.
If there are more than one certificate, they are separated by a "`;`".
!!! note "`X-Forwarded-Tls-Client-Cert` value could exceed the web server header size limit"
The header size limit of web servers is commonly between 4kb and 8kb.
You could change the server configuration to allow bigger header or use the `info` option with the needed field(s).
### `info`
The `info` option select the specific client certificate details you want to add to the `X-Forwarded-Tls-Client-Cert-Info` header.
The value of the header will be an escaped concatenation of all the selected certificate details.
The following example shows an unescaped result that uses all the available fields:
```text
@ -300,6 +335,7 @@ Subject="DC=org,DC=cheese,C=FR,C=US,ST=Cheese org state,ST=Cheese com state,L=TO
#### `info.notafter`
Set the `info.notafter` option to `true` to add the `Not After` information from the `Validity` part.
The data are taken from the following certificate part:
```text
@ -333,6 +369,7 @@ NB=1544094616
#### `info.sans`
Set the `info.sans` option to `true` to add the `Subject Alternative Name` information from the `Subject Alternative Name` part.
The data are taken from the following certificate part:
```text

95
docs/content/middlewares/ratelimit.md
View file

@ -1,4 +1,4 @@
# TODO -- RateLimit
# RateLimit
Protection from Too Many Calls
{: .subtitle }
@ -9,38 +9,71 @@ The RateLimit middleware ensures that services will receive a _fair_ number of r
## Configuration Example
??? example "Limit to 100 requests every 10 seconds (with a possible burst of 200)"
```toml
[http.middlewares]
[http.middlewares.fair-ratelimit.ratelimit]
extractorfunc = "client.ip"
[http.middlewares.fair-ratelimit.ratelimit.rateset1]
period = "10s"
average = 100
burst = 200
```
```yaml tab="Docker"
# Here, an average of 5 requests every 3 seconds is allowed and an average of 100 requests every 10 seconds.
# These can "burst" up to 10 and 200 in each period, respectively.
labels:
- "traefik.http.middlewares.test-ratelimit.ratelimit.extractorfunc=client.ip"
- "traefik.http.middlewares.test-ratelimit.ratelimit.rateset.rate0.period=10s"
- "traefik.http.middlewares.test-ratelimit.ratelimit.rateset.rate0.average=100"
- "traefik.http.middlewares.test-ratelimit.ratelimit.rateset.rate0.burst=200"
- "traefik.http.middlewares.test-ratelimit.ratelimit.rateset.rate1.period=3s"
- "traefik.http.middlewares.test-ratelimit.ratelimit.rateset.rate1.average=5"
- "traefik.http.middlewares.test-ratelimit.ratelimit.rateset.rate1.burst=10"
```
??? example "Combine multiple limits"
```yaml tab="Kubernetes"
# Here, an average of 5 requests every 3 seconds is allowed and an average of 100 requests every 10 seconds.
# These can "burst" up to 10 and 200 in each period, respectively.
apiVersion: traefik.containo.us/v1alpha1
kind: Middleware
metadata:
name: test-ratelimit
spec:
rateLimit:
extractorfunc = "client.ip"
rate0:
period = "10s"
average = 100
burst = 200
rate1:
period = "3s"
average = 5
burst = 10
```
```yaml tab="Rancher"
# Here, an average of 5 requests every 3 seconds is allowed and an average of 100 requests every 10 seconds.
# These can "burst" up to 10 and 200 in each period, respectively.
labels:
- "traefik.http.middlewares.test-ratelimit.ratelimit.extractorfunc=client.ip"
- "traefik.http.middlewares.test-ratelimit.ratelimit.rateset.rate0.period=10s"
- "traefik.http.middlewares.test-ratelimit.ratelimit.rateset.rate0.average=100"
- "traefik.http.middlewares.test-ratelimit.ratelimit.rateset.rate0.burst=200"
- "traefik.http.middlewares.test-ratelimit.ratelimit.rateset.rate1.period=3s"
- "traefik.http.middlewares.test-ratelimit.ratelimit.rateset.rate1.average=5"
- "traefik.http.middlewares.test-ratelimit.ratelimit.rateset.rate1.burst=10"
```
```toml tab="File"
# Here, an average of 5 requests every 3 seconds is allowed and an average of 100 requests every 10 seconds.
# These can "burst" up to 10 and 200 in each period, respectively.
[http.middlewares]
[http.middlewares.test-ratelimit.ratelimit]
extractorfunc = "client.ip"
```toml
[http.middlewares]
[http.middlewares.fair-ratelimit.ratelimit]
extractorfunc = "client.ip"
[http.middlewares.test-ratelimit.ratelimit.rate0]
period = "10s"
average = 100
burst = 200
[http.middlewares.fair-ratelimit.ratelimit.rateset1]
period = "10s"
average = 100
burst = 200
[http.middlewares.fair-ratelimit.ratelimit.rateset2]
period = "3s"
average = 5
burst = 10
```
Here, an average of 5 requests every 3 seconds is allowed and an average of 100 requests every 10 seconds. These can "burst" up to 10 and 200 in each period, respectively.
[http.middlewares.test-ratelimit.ratelimit.rate1]
period = "3s"
average = 5
burst = 10
```
## Configuration Options
@ -54,7 +87,7 @@ The possible values are:
- `client.ip` categorizes requests based on the client ip.
- `request.header.ANY_HEADER` categorizes requests based on the provided `ANY_HEADER` value.
### `ratelimit` (multiple values)
### `ratelimit`
You can combine multiple rate limits.
The rate limit will trigger with the first reached limit.

11
docs/content/middlewares/redirectregex.md
View file

@ -1,4 +1,4 @@
# TODO - RedirectRegex
# RedirectRegex
Redirecting the Client to a Different Location
{: .subtitle }
@ -28,6 +28,13 @@ spec:
replacement: http://mydomain/$1
```
```yaml tab="Rancher"
# Redirect with domain replacement
labels:
- "traefik.http.middlewares.test-redirectregex.redirectregex.regex=^http://localhost/(.*)"
- "traefik.http.middlewares.test-redirectregex.redirectregex.replacement=http://mydomain/$1"
```
```toml tab="File"
# Redirect with domain replacement
[http.middlewares]
@ -44,7 +51,7 @@ Set the `permanent` option to `true` to apply a permanent redirection.
### `regex`
The `Regex` option is the regular expression to match and capture elements form the request URL.
The `Regex` option is the regular expression to match and capture elements from the request URL.
!!! warning

8
docs/content/middlewares/redirectscheme.md
View file

@ -1,4 +1,4 @@
# TODO - RedirectScheme
# RedirectScheme
Redirecting the Client to a Different Scheme/Port
{: .subtitle }
@ -26,6 +26,12 @@ spec:
scheme: https
```
```yaml tab="Rancher"
# Redirect to https
labels:
- "traefik.http.middlewares.test-redirectscheme.redirectscheme.scheme=https"
```
```toml tab="File"
# Redirect to https
[http.middlewares]

12
docs/content/middlewares/replacepath.md
View file

@ -1,4 +1,4 @@
# TODO -- ReplacePath
# ReplacePath
Updating the Path Before Forwarding the Request
{: .subtitle }
@ -26,6 +26,12 @@ spec:
path: /foo
```
```yaml tab="Rancher"
# Replace the path by /foo
labels:
- "traefik.http.middlewares.test-replacepath.replacepath.path=/foo"
```
```toml tab="File"
# Replace the path by /foo
[http.middlewares]
@ -39,8 +45,8 @@ spec:
The ReplacePath middleware will:
* replace the actual path by the specified one.
* store the original path in a `X-Replaced-Path` header.
- replace the actual path by the specified one.
- store the original path in a `X-Replaced-Path` header.
### `path`

69
docs/content/middlewares/replacepathregex.md
View file

@ -1,4 +1,69 @@
# TODO -- ReplacePathRegex
# ReplacePathRegex
Updating the Path Before Forwarding the Request (Using a Regex)
{: .subtitle }
{: .subtitle }
`TODO: add schema`
The ReplaceRegex replace a path from an url to another with regex matching and replacement.
## Configuration Examples
```yaml tab="Docker"
# Replace path with regex
labels:
- "traefik.http.middlewares.test-replacepathregex.replacepathregex.regex=^/foo/(.*)"
- "traefik.http.middlewares.test-replacepathregex.replacepathregex.replacement=/bar/$1"
```
```yaml tab="Kubernetes"
# Replace path with regex
apiVersion: traefik.containo.us/v1alpha1
kind: Middleware
metadata:
name: test-replacepathregex
spec:
replacePathRegex:
regex: ^/foo/(.*)
replacement: /bar/$1
```
```yaml tab="Rancher"
# Replace path with regex
labels:
- "traefik.http.middlewares.test-replacepathregex.replacepathregex.regex=^/foo/(.*)"
- "traefik.http.middlewares.test-replacepathregex.replacepathregex.replacement=/bar/$1"
```
```toml tab="File"
# Redirect with domain replacement
[http.middlewares]
[http.middlewares.test-replacepathregex.replacePathRegex]
regex = "^/foo/(.*)"
replacement = "/bar/$1"
```
## Configuration Options
### General
The ReplacePathRegex middleware will:
- replace the matching path by the specified one.
- store the original path in a `X-Replaced-Path` header.
### `regex`
The `Regex` option is the regular expression to match and capture the path from the request URL.
!!! warning
Care should be taken when defining replacement expand variables: `$1x` is equivalent to `${1x}`, not `${1}x` (see [Regexp.Expand](https://golang.org/pkg/regexp/#Regexp.Expand)), so use `${1}` syntax.
!!! tip
Regular expressions and replacements can be tested using online tools such as [Go Playground](https://play.golang.org/p/mWU9p-wk2ru) or the [Regex101](https://regex101.com/r/58sIgx/2).
### `replacement`
The `replacement` option defines how to modify the path to have the new target path.

52
docs/content/middlewares/retry.md
View file

@ -1,20 +1,48 @@
# TODO -- Retry
# Retry
Retrying until it Succeeds
{: .subtitle }
## Old Content
`TODO: add schema`
## Retry Configuration
Retry to send request on attempt failure.
```toml
# Enable retry sending request if network error
[retry]
## Configuration Examples
# Number of attempts
#
# Optional
# Default: (number servers in backend) -1
#
# attempts = 3
```yaml tab="Docker"
# Retry to send request 4 times
labels:
- "traefik.http.middlewares.test-retry.retry.attempts=4"
```
```yaml tab="Kubernetes"
# Retry to send request 4 times
apiVersion: traefik.containo.us/v1alpha1
kind: Middleware
metadata:
name: test-retry
spec:
retry:
attempts: 4
```
```yaml tab="Rancher"
# Retry to send request 4 times
labels:
- "traefik.http.middlewares.test-retry.retry.attempts=4"
```
```toml tab="File"
# Retry to send request 4 times
[http.middlewares]
[http.middlewares.test-retry.Retry]
attempts = 4
```
## Configuration Options
### `attempts`
_mandatory_
The `attempts` option defines how many times to try sending the request.

67
docs/content/middlewares/stripprefix.md
View file

@ -1,13 +1,66 @@
# TODO -- StripPrefix
# StripPrefix
Removing Prefixes From the Path Before Forwarding the Request
{: .subtitle }
## OldContent
Use a `*Strip` matcher if your backend listens on the root path (`/`) but should be routeable on a specific prefix.
For instance, `PathPrefixStrip: /products` would match `/products` but also `/products/shoes` and `/products/shirts`.
Since the path is stripped prior to forwarding, your backend is expected to listen on `/`.
`TODO: add schema`
Remove the specified prefixes from the URL path.
## Configuration Examples
```yaml tab="Docker"
# Replace the path by /foo
labels:
- "traefik.http.middlewares.test-stripprefix.stripprefix.prefixes=foobar, fiibar"
```
```yaml tab="Kubernetes"
# Replace the path by /foo
apiVersion: traefik.containo.us/v1alpha1
kind: Middleware
metadata:
name: test-stripprefix
spec:
StripPrefix:
prefixes: "foobar, fiibar"
```
```yaml tab="Rancher"
# Replace the path by /foo
labels:
- "traefik.http.middlewares.test-stripprefix.stripprefix.prefixes=foobar, fiibar"
```
```toml tab="File"
# Replace the path by /foo
[http.middlewares]
[http.middlewares.test-stripprefix.StripPrefix]
prefixes: "foobar, fiibar"
```
## Configuration Options
### General
The StripPrefix middleware will:
- strip the matching path prefix.
- store the matching path prefix in a `X-Forwarded-Prefix` header.
!!! tip
Use a `StripPrefix` middleware if your backend listens on the root path (`/`) but should be routeable on a specific prefix.
### `prefixes`
The `prefixes` option defines the prefixes to strip from the request URL.
For instance, `/products` would match `/products` but also `/products/shoes` and `/products/shirts`.
Since the path is stripped prior to forwarding, your backend is expected to listen on `/`.
If your backend is serving assets (e.g., images or Javascript files), chances are it must return properly constructed relative URLs.
Continuing on the example, the backend should return `/products/shoes/image.png` (and not `/images.png` which Traefik would likely not be able to associate with the same backend).
The `X-Forwarded-Prefix` header (available since Traefik 1.3) can be queried to build such URLs dynamically.
The `X-Forwarded-Prefix` header can be queried to build such URLs dynamically.

68
docs/content/middlewares/stripprefixregex.md
View file

@ -1,13 +1,71 @@
# TODO -- StripPrefix
# StripPrefix
Removing Prefixes From the Path Before Forwarding the Request (Using a Regex)
{: .subtitle }
## OldContent
`TODO: add schema`
Remove the matching prefixes from the URL path.
## Configuration Examples
```yaml tab="Docker"
# Replace the path by /foo
labels:
- "traefik.http.middlewares.test-stripprefixregex.stripprefixregex.regex=^/foo/(.*)",
```
```yaml tab="Kubernetes"
# Replace the path by /foo
apiVersion: traefik.containo.us/v1alpha1
kind: Middleware
metadata:
name: test-stripprefixregex
spec:
StripPrefixRegex:
regex: "^/foo/(.*)"
```
```yaml tab="Rancher"
# Replace the path by /foo
labels:
- "traefik.http.middlewares.test-stripprefixregex.stripprefixregex.regex=^/foo/(.*)",
```
```toml tab="File"
# Replace the path by /foo
[http.middlewares]
[http.middlewares.test-stripprefixregex.StripPrefixRegex]
regex: "^/foo/(.*)"
```
## Configuration Options
### General
The StripPrefixRegex middleware will:
- strip the matching path prefix.
- store the matching path prefix in a `X-Forwarded-Prefix` header.
!!! tip
Use a `StripPrefixRegex` middleware if your backend listens on the root path (`/`) but should be routeable on a specific prefix.
### `regex`
The `regex` option is the regular expression to match the path prefix from the request URL.
!!! tip
Regular expressions can be tested using online tools such as [Go Playground](https://play.golang.org/p/mWU9p-wk2ru) or the [Regex101](https://regex101.com/r/58sIgx/2).
For instance, `/products` would match `/products` but also `/products/shoes` and `/products/shirts`.
Use a `*Strip` matcher if your backend listens on the root path (`/`) but should be routeable on a specific prefix.
For instance, `PathPrefixStrip: /products` would match `/products` but also `/products/shoes` and `/products/shirts`.
Since the path is stripped prior to forwarding, your backend is expected to listen on `/`.
If your backend is serving assets (e.g., images or Javascript files), chances are it must return properly constructed relative URLs.
Continuing on the example, the backend should return `/products/shoes/image.png` (and not `/images.png` which Traefik would likely not be able to associate with the same backend).
The `X-Forwarded-Prefix` header (available since Traefik 1.3) can be queried to build such URLs dynamically.
The `X-Forwarded-Prefix` header can be queried to build such URLs dynamically.