Traefik基本路径
我试图密码保护应用程序的特定路径,但我似乎遗漏了一些东西,而traefik文档并没有帮助:
从码头粘贴-合成:
traefik:
command:
- "--log.level=INFO"
- "--providers.docker=true"
- "--providers.docker.exposedbydefault=false"
- "--entrypoints.web.address=:80"
- "--entrypoints.websecure.address=:443"
- "--entrypoints.web.http.redirections.entryPoint.to=websecure"
- "--entrypoints.web.http.redirections.entryPoint.scheme=https"
- "--certificatesresolvers.letsencrypt.acme.httpchallenge=true"
- "--certificatesresolvers.letsencrypt.acme.httpchallenge.entrypoint=web"
- "--certificatesresolvers.letsencrypt.acme.email=email@email.com"
- "--certificatesresolvers.letsencrypt.acme.storage=/etc/traefik/acme.json"服务:
labels:
- "traefik.enable=true"
- "traefik.http.routers.service.middlewares=service"
- "traefik.http.routers.service.rule=Host(`domain.example.com`)"
- "traefik.http.middlewares.service.headers.stsSeconds=31536000"
- "traefik.http.middlewares.service.headers.forceSTSHeader=true"
- "traefik.http.middlewares.service.headers.stsIncludeSubdomains=true"
- "traefik.http.middlewares.service.headers.stsPreload=true"
- "traefik.http.middlewares.service.headers.referrerPolicy=no-referrer"
- "traefik.http.middlewares.service.headers.browserXssFilter=true"
- "traefik.http.middlewares.service.headers.customRequestHeaders.X-Forwarded-Proto=https"
- "traefik.http.routers.service.tls.certresolver=letsencrypt"如果我添加了以下标签,则basic auth正在工作,但它在整个网站上都启用了:
- "traefik.http.middlewares.service-auth.basicauth.usersfile=/etc/traefik/auth"
- "traefik.http.routers.service.middlewares=service,服务-auth“
”
我尝试添加第二个路由器,但这似乎不起作用:
- "traefik.http.routers.service-admin.rule=Host(
domain.example.com) && PathPrefix(/somepath)" - "traefik.http.middlewares.service-auth.basicauth.usersfile=/etc/traefik/auth"
- "traefik.http.routers.service-admin.middlewares=service-auth"
我遗漏了什么?
回答 3
Stack Overflow用户
发布于 2020-06-14 16:26:05
我设法用一些“受过教育”的猜测弄明白了这一点。似乎标签的顺序和它们之间的间隔起着至关重要的作用。添加第二个路由器(没有服务)确实是实现这一目标的正确方法,但分离路由器和中间件代码块非常重要:
- "traefik.enable=true"
- "traefik.http.routers.service.rule=Host(`example.example.com`)"
- "traefik.http.routers.service-admin.rule=Host(`example.example.com`) && PathPrefix(`/somepath`)"
- "traefik.http.routers.service.tls.certresolver=letsencrypt"
- "traefik.http.routers.service-admin.tls.certresolver=letsencrypt"
- "traefik.http.routers.service.middlewares=service"
- "traefik.http.routers.service-admin.middlewares=service-admin"
- "traefik.http.middlewares.service.headers.stsSeconds=31536000"
- "traefik.http.middlewares.service.headers.forceSTSHeader=true"
- "traefik.http.middlewares.service.headers.stsIncludeSubdomains=true"
- "traefik.http.middlewares.service.headers.stsPreload=true"
- "traefik.http.middlewares.service.headers.referrerPolicy=no-referrer"
- "traefik.http.middlewares.service.headers.browserXssFilter=true"
- "traefik.http.middlewares.service.headers.customRequestHeaders.X-Forwarded-Proto=https"
- "traefik.http.middlewares.service-admin.basicauth.usersfile=/etc/traefik/auth"注:所使用的traefik版本为2.2.1。
Stack Overflow用户
发布于 2020-06-14 09:35:33
我认为你错配置了第二个路由器,试着这样做
"traefik.http.routers.service-admin.rule=Host(domain.example.com) && PathPrefix(/somepath)"
"traefik.http.middlewares.service-admin.basicauth.usersfile=/etc/traefik/auth"
"traefik.http.routers.service-admin.middlewares=service-admin"
"traefik.http.routers.service-admin.service=$yourservice"Stack Overflow用户
发布于 2022-05-20 08:19:35
我只是遇到了同样的问题,解决方案似乎与给出的路由priority有关,参见https://doc.traefik.io/traefik/routing/routers/#priority。
要考虑的routes是由priority通过traefik命令的。默认情况下,priority是由路由的rule长度决定的。这就是为什么被接受的答案奏效的原因。管理路径的规则更长。
我建议手动设置这种情况的高度优先级,因为如果在原始路由中添加更多的主机或其他表达式,traefik基本上会忽略管理路由,因为它有一个短的rule。
https://stackoverflow.com/questions/62367624
复制相似问题
腾讯云开发者
Copyright © 2013 - 2026 Tencent Cloud. All Rights Reserved. 腾讯云 版权所有
深圳市腾讯计算机系统有限公司 ICP备案/许可证号:粤B2-20090059 
粤公网安备44030502008569号
腾讯云计算(北京)有限责任公司 京ICP证150476号 | 京ICP备11018762号