1package dynamic 2 3import ( 4 "time" 5 6 ptypes "github.com/traefik/paerser/types" 7 "github.com/traefik/traefik/v2/pkg/ip" 8 "github.com/traefik/traefik/v2/pkg/types" 9) 10 11// +k8s:deepcopy-gen=true 12 13// Middleware holds the Middleware configuration. 14type Middleware struct { 15 AddPrefix *AddPrefix `json:"addPrefix,omitempty" toml:"addPrefix,omitempty" yaml:"addPrefix,omitempty" export:"true"` 16 StripPrefix *StripPrefix `json:"stripPrefix,omitempty" toml:"stripPrefix,omitempty" yaml:"stripPrefix,omitempty" export:"true"` 17 StripPrefixRegex *StripPrefixRegex `json:"stripPrefixRegex,omitempty" toml:"stripPrefixRegex,omitempty" yaml:"stripPrefixRegex,omitempty" export:"true"` 18 ReplacePath *ReplacePath `json:"replacePath,omitempty" toml:"replacePath,omitempty" yaml:"replacePath,omitempty" export:"true"` 19 ReplacePathRegex *ReplacePathRegex `json:"replacePathRegex,omitempty" toml:"replacePathRegex,omitempty" yaml:"replacePathRegex,omitempty" export:"true"` 20 Chain *Chain `json:"chain,omitempty" toml:"chain,omitempty" yaml:"chain,omitempty" export:"true"` 21 IPWhiteList *IPWhiteList `json:"ipWhiteList,omitempty" toml:"ipWhiteList,omitempty" yaml:"ipWhiteList,omitempty" export:"true"` 22 Headers *Headers `json:"headers,omitempty" toml:"headers,omitempty" yaml:"headers,omitempty" export:"true"` 23 Errors *ErrorPage `json:"errors,omitempty" toml:"errors,omitempty" yaml:"errors,omitempty" export:"true"` 24 RateLimit *RateLimit `json:"rateLimit,omitempty" toml:"rateLimit,omitempty" yaml:"rateLimit,omitempty" export:"true"` 25 RedirectRegex *RedirectRegex `json:"redirectRegex,omitempty" toml:"redirectRegex,omitempty" yaml:"redirectRegex,omitempty" export:"true"` 26 RedirectScheme *RedirectScheme `json:"redirectScheme,omitempty" toml:"redirectScheme,omitempty" yaml:"redirectScheme,omitempty" export:"true"` 27 BasicAuth *BasicAuth `json:"basicAuth,omitempty" toml:"basicAuth,omitempty" yaml:"basicAuth,omitempty" export:"true"` 28 DigestAuth *DigestAuth `json:"digestAuth,omitempty" toml:"digestAuth,omitempty" yaml:"digestAuth,omitempty" export:"true"` 29 ForwardAuth *ForwardAuth `json:"forwardAuth,omitempty" toml:"forwardAuth,omitempty" yaml:"forwardAuth,omitempty" export:"true"` 30 InFlightReq *InFlightReq `json:"inFlightReq,omitempty" toml:"inFlightReq,omitempty" yaml:"inFlightReq,omitempty" export:"true"` 31 Buffering *Buffering `json:"buffering,omitempty" toml:"buffering,omitempty" yaml:"buffering,omitempty" export:"true"` 32 CircuitBreaker *CircuitBreaker `json:"circuitBreaker,omitempty" toml:"circuitBreaker,omitempty" yaml:"circuitBreaker,omitempty" export:"true"` 33 Compress *Compress `json:"compress,omitempty" toml:"compress,omitempty" yaml:"compress,omitempty" label:"allowEmpty" file:"allowEmpty" export:"true"` 34 PassTLSClientCert *PassTLSClientCert `json:"passTLSClientCert,omitempty" toml:"passTLSClientCert,omitempty" yaml:"passTLSClientCert,omitempty" export:"true"` 35 Retry *Retry `json:"retry,omitempty" toml:"retry,omitempty" yaml:"retry,omitempty" export:"true"` 36 ContentType *ContentType `json:"contentType,omitempty" toml:"contentType,omitempty" yaml:"contentType,omitempty" export:"true"` 37 38 Plugin map[string]PluginConf `json:"plugin,omitempty" toml:"plugin,omitempty" yaml:"plugin,omitempty" export:"true"` 39} 40 41// +k8s:deepcopy-gen=true 42 43// ContentType middleware - or rather its unique `autoDetect` option - 44// specifies whether to let the `Content-Type` header, 45// if it has not been set by the backend, 46// be automatically set to a value derived from the contents of the response. 47// As a proxy, the default behavior should be to leave the header alone, 48// regardless of what the backend did with it. 49// However, the historic default was to always auto-detect and set the header if it was nil, 50// and it is going to be kept that way in order to support users currently relying on it. 51// This middleware exists to enable the correct behavior until at least the default one can be changed in a future version. 52type ContentType struct { 53 AutoDetect bool `json:"autoDetect,omitempty" toml:"autoDetect,omitempty" yaml:"autoDetect,omitempty" export:"true"` 54} 55 56// +k8s:deepcopy-gen=true 57 58// AddPrefix holds the AddPrefix configuration. 59type AddPrefix struct { 60 Prefix string `json:"prefix,omitempty" toml:"prefix,omitempty" yaml:"prefix,omitempty" export:"true"` 61} 62 63// +k8s:deepcopy-gen=true 64 65// BasicAuth holds the HTTP basic authentication configuration. 66type BasicAuth struct { 67 Users Users `json:"users,omitempty" toml:"users,omitempty" yaml:"users,omitempty" loggable:"false"` 68 UsersFile string `json:"usersFile,omitempty" toml:"usersFile,omitempty" yaml:"usersFile,omitempty"` 69 Realm string `json:"realm,omitempty" toml:"realm,omitempty" yaml:"realm,omitempty"` 70 RemoveHeader bool `json:"removeHeader,omitempty" toml:"removeHeader,omitempty" yaml:"removeHeader,omitempty" export:"true"` 71 HeaderField string `json:"headerField,omitempty" toml:"headerField,omitempty" yaml:"headerField,omitempty" export:"true"` 72} 73 74// +k8s:deepcopy-gen=true 75 76// Buffering holds the request/response buffering configuration. 77type Buffering struct { 78 MaxRequestBodyBytes int64 `json:"maxRequestBodyBytes,omitempty" toml:"maxRequestBodyBytes,omitempty" yaml:"maxRequestBodyBytes,omitempty" export:"true"` 79 MemRequestBodyBytes int64 `json:"memRequestBodyBytes,omitempty" toml:"memRequestBodyBytes,omitempty" yaml:"memRequestBodyBytes,omitempty" export:"true"` 80 MaxResponseBodyBytes int64 `json:"maxResponseBodyBytes,omitempty" toml:"maxResponseBodyBytes,omitempty" yaml:"maxResponseBodyBytes,omitempty" export:"true"` 81 MemResponseBodyBytes int64 `json:"memResponseBodyBytes,omitempty" toml:"memResponseBodyBytes,omitempty" yaml:"memResponseBodyBytes,omitempty" export:"true"` 82 RetryExpression string `json:"retryExpression,omitempty" toml:"retryExpression,omitempty" yaml:"retryExpression,omitempty" export:"true"` 83} 84 85// +k8s:deepcopy-gen=true 86 87// Chain holds a chain of middlewares. 88type Chain struct { 89 Middlewares []string `json:"middlewares,omitempty" toml:"middlewares,omitempty" yaml:"middlewares,omitempty" export:"true"` 90} 91 92// +k8s:deepcopy-gen=true 93 94// CircuitBreaker holds the circuit breaker configuration. 95type CircuitBreaker struct { 96 Expression string `json:"expression,omitempty" toml:"expression,omitempty" yaml:"expression,omitempty" export:"true"` 97} 98 99// +k8s:deepcopy-gen=true 100 101// Compress holds the compress configuration. 102type Compress struct { 103 ExcludedContentTypes []string `json:"excludedContentTypes,omitempty" toml:"excludedContentTypes,omitempty" yaml:"excludedContentTypes,omitempty" export:"true"` 104 MinResponseBodyBytes int `json:"minResponseBodyBytes,omitempty" toml:"minResponseBodyBytes,omitempty" yaml:"minResponseBodyBytes,omitempty" export:"true"` 105} 106 107// +k8s:deepcopy-gen=true 108 109// DigestAuth holds the Digest HTTP authentication configuration. 110type DigestAuth struct { 111 Users Users `json:"users,omitempty" toml:"users,omitempty" yaml:"users,omitempty" loggable:"false"` 112 UsersFile string `json:"usersFile,omitempty" toml:"usersFile,omitempty" yaml:"usersFile,omitempty"` 113 RemoveHeader bool `json:"removeHeader,omitempty" toml:"removeHeader,omitempty" yaml:"removeHeader,omitempty" export:"true"` 114 Realm string `json:"realm,omitempty" toml:"realm,omitempty" yaml:"realm,omitempty"` 115 HeaderField string `json:"headerField,omitempty" toml:"headerField,omitempty" yaml:"headerField,omitempty" export:"true"` 116} 117 118// +k8s:deepcopy-gen=true 119 120// ErrorPage holds the custom error page configuration. 121type ErrorPage struct { 122 Status []string `json:"status,omitempty" toml:"status,omitempty" yaml:"status,omitempty" export:"true"` 123 Service string `json:"service,omitempty" toml:"service,omitempty" yaml:"service,omitempty" export:"true"` 124 Query string `json:"query,omitempty" toml:"query,omitempty" yaml:"query,omitempty" export:"true"` 125} 126 127// +k8s:deepcopy-gen=true 128 129// ForwardAuth holds the http forward authentication configuration. 130type ForwardAuth struct { 131 Address string `json:"address,omitempty" toml:"address,omitempty" yaml:"address,omitempty"` 132 TLS *types.ClientTLS `json:"tls,omitempty" toml:"tls,omitempty" yaml:"tls,omitempty" export:"true"` 133 TrustForwardHeader bool `json:"trustForwardHeader,omitempty" toml:"trustForwardHeader,omitempty" yaml:"trustForwardHeader,omitempty" export:"true"` 134 AuthResponseHeaders []string `json:"authResponseHeaders,omitempty" toml:"authResponseHeaders,omitempty" yaml:"authResponseHeaders,omitempty" export:"true"` 135 AuthResponseHeadersRegex string `json:"authResponseHeadersRegex,omitempty" toml:"authResponseHeadersRegex,omitempty" yaml:"authResponseHeadersRegex,omitempty" export:"true"` 136 AuthRequestHeaders []string `json:"authRequestHeaders,omitempty" toml:"authRequestHeaders,omitempty" yaml:"authRequestHeaders,omitempty" export:"true"` 137} 138 139// +k8s:deepcopy-gen=true 140 141// Headers holds the custom header configuration. 142type Headers struct { 143 CustomRequestHeaders map[string]string `json:"customRequestHeaders,omitempty" toml:"customRequestHeaders,omitempty" yaml:"customRequestHeaders,omitempty" export:"true"` 144 CustomResponseHeaders map[string]string `json:"customResponseHeaders,omitempty" toml:"customResponseHeaders,omitempty" yaml:"customResponseHeaders,omitempty" export:"true"` 145 146 // AccessControlAllowCredentials is only valid if true. false is ignored. 147 AccessControlAllowCredentials bool `json:"accessControlAllowCredentials,omitempty" toml:"accessControlAllowCredentials,omitempty" yaml:"accessControlAllowCredentials,omitempty" export:"true"` 148 // AccessControlAllowHeaders must be used in response to a preflight request with Access-Control-Request-Headers set. 149 AccessControlAllowHeaders []string `json:"accessControlAllowHeaders,omitempty" toml:"accessControlAllowHeaders,omitempty" yaml:"accessControlAllowHeaders,omitempty" export:"true"` 150 // AccessControlAllowMethods must be used in response to a preflight request with Access-Control-Request-Method set. 151 AccessControlAllowMethods []string `json:"accessControlAllowMethods,omitempty" toml:"accessControlAllowMethods,omitempty" yaml:"accessControlAllowMethods,omitempty" export:"true"` 152 // AccessControlAllowOriginList is a list of allowable origins. Can also be a wildcard origin "*". 153 AccessControlAllowOriginList []string `json:"accessControlAllowOriginList,omitempty" toml:"accessControlAllowOriginList,omitempty" yaml:"accessControlAllowOriginList,omitempty"` 154 // AccessControlAllowOriginListRegex is a list of allowable origins written following the Regular Expression syntax (https://golang.org/pkg/regexp/). 155 AccessControlAllowOriginListRegex []string `json:"accessControlAllowOriginListRegex,omitempty" toml:"accessControlAllowOriginListRegex,omitempty" yaml:"accessControlAllowOriginListRegex,omitempty"` 156 // AccessControlExposeHeaders sets valid headers for the response. 157 AccessControlExposeHeaders []string `json:"accessControlExposeHeaders,omitempty" toml:"accessControlExposeHeaders,omitempty" yaml:"accessControlExposeHeaders,omitempty" export:"true"` 158 // AccessControlMaxAge sets the time that a preflight request may be cached. 159 AccessControlMaxAge int64 `json:"accessControlMaxAge,omitempty" toml:"accessControlMaxAge,omitempty" yaml:"accessControlMaxAge,omitempty" export:"true"` 160 // AddVaryHeader controls if the Vary header is automatically added/updated when the AccessControlAllowOriginList is set. 161 AddVaryHeader bool `json:"addVaryHeader,omitempty" toml:"addVaryHeader,omitempty" yaml:"addVaryHeader,omitempty" export:"true"` 162 163 AllowedHosts []string `json:"allowedHosts,omitempty" toml:"allowedHosts,omitempty" yaml:"allowedHosts,omitempty"` 164 HostsProxyHeaders []string `json:"hostsProxyHeaders,omitempty" toml:"hostsProxyHeaders,omitempty" yaml:"hostsProxyHeaders,omitempty" export:"true"` 165 // Deprecated: use EntryPoint redirection or RedirectScheme instead. 166 SSLRedirect bool `json:"sslRedirect,omitempty" toml:"sslRedirect,omitempty" yaml:"sslRedirect,omitempty" export:"true"` 167 // Deprecated: use EntryPoint redirection or RedirectScheme instead. 168 SSLTemporaryRedirect bool `json:"sslTemporaryRedirect,omitempty" toml:"sslTemporaryRedirect,omitempty" yaml:"sslTemporaryRedirect,omitempty" export:"true"` 169 // Deprecated: use RedirectRegex instead. 170 SSLHost string `json:"sslHost,omitempty" toml:"sslHost,omitempty" yaml:"sslHost,omitempty"` 171 SSLProxyHeaders map[string]string `json:"sslProxyHeaders,omitempty" toml:"sslProxyHeaders,omitempty" yaml:"sslProxyHeaders,omitempty"` 172 // Deprecated: use RedirectRegex instead. 173 SSLForceHost bool `json:"sslForceHost,omitempty" toml:"sslForceHost,omitempty" yaml:"sslForceHost,omitempty" export:"true"` 174 STSSeconds int64 `json:"stsSeconds,omitempty" toml:"stsSeconds,omitempty" yaml:"stsSeconds,omitempty" export:"true"` 175 STSIncludeSubdomains bool `json:"stsIncludeSubdomains,omitempty" toml:"stsIncludeSubdomains,omitempty" yaml:"stsIncludeSubdomains,omitempty" export:"true"` 176 STSPreload bool `json:"stsPreload,omitempty" toml:"stsPreload,omitempty" yaml:"stsPreload,omitempty" export:"true"` 177 ForceSTSHeader bool `json:"forceSTSHeader,omitempty" toml:"forceSTSHeader,omitempty" yaml:"forceSTSHeader,omitempty" export:"true"` 178 FrameDeny bool `json:"frameDeny,omitempty" toml:"frameDeny,omitempty" yaml:"frameDeny,omitempty" export:"true"` 179 CustomFrameOptionsValue string `json:"customFrameOptionsValue,omitempty" toml:"customFrameOptionsValue,omitempty" yaml:"customFrameOptionsValue,omitempty"` 180 ContentTypeNosniff bool `json:"contentTypeNosniff,omitempty" toml:"contentTypeNosniff,omitempty" yaml:"contentTypeNosniff,omitempty" export:"true"` 181 BrowserXSSFilter bool `json:"browserXssFilter,omitempty" toml:"browserXssFilter,omitempty" yaml:"browserXssFilter,omitempty" export:"true"` 182 CustomBrowserXSSValue string `json:"customBrowserXSSValue,omitempty" toml:"customBrowserXSSValue,omitempty" yaml:"customBrowserXSSValue,omitempty"` 183 ContentSecurityPolicy string `json:"contentSecurityPolicy,omitempty" toml:"contentSecurityPolicy,omitempty" yaml:"contentSecurityPolicy,omitempty"` 184 PublicKey string `json:"publicKey,omitempty" toml:"publicKey,omitempty" yaml:"publicKey,omitempty"` 185 ReferrerPolicy string `json:"referrerPolicy,omitempty" toml:"referrerPolicy,omitempty" yaml:"referrerPolicy,omitempty" export:"true"` 186 // Deprecated: use PermissionsPolicy instead. 187 FeaturePolicy string `json:"featurePolicy,omitempty" toml:"featurePolicy,omitempty" yaml:"featurePolicy,omitempty" export:"true"` 188 PermissionsPolicy string `json:"permissionsPolicy,omitempty" toml:"permissionsPolicy,omitempty" yaml:"permissionsPolicy,omitempty" export:"true"` 189 IsDevelopment bool `json:"isDevelopment,omitempty" toml:"isDevelopment,omitempty" yaml:"isDevelopment,omitempty" export:"true"` 190} 191 192// HasCustomHeadersDefined checks to see if any of the custom header elements have been set. 193func (h *Headers) HasCustomHeadersDefined() bool { 194 return h != nil && (len(h.CustomResponseHeaders) != 0 || 195 len(h.CustomRequestHeaders) != 0) 196} 197 198// HasCorsHeadersDefined checks to see if any of the cors header elements have been set. 199func (h *Headers) HasCorsHeadersDefined() bool { 200 return h != nil && (h.AccessControlAllowCredentials || 201 len(h.AccessControlAllowHeaders) != 0 || 202 len(h.AccessControlAllowMethods) != 0 || 203 len(h.AccessControlAllowOriginList) != 0 || 204 len(h.AccessControlAllowOriginListRegex) != 0 || 205 len(h.AccessControlExposeHeaders) != 0 || 206 h.AccessControlMaxAge != 0 || 207 h.AddVaryHeader) 208} 209 210// HasSecureHeadersDefined checks to see if any of the secure header elements have been set. 211func (h *Headers) HasSecureHeadersDefined() bool { 212 return h != nil && (len(h.AllowedHosts) != 0 || 213 len(h.HostsProxyHeaders) != 0 || 214 h.SSLRedirect || 215 h.SSLTemporaryRedirect || 216 h.SSLForceHost || 217 h.SSLHost != "" || 218 len(h.SSLProxyHeaders) != 0 || 219 h.STSSeconds != 0 || 220 h.STSIncludeSubdomains || 221 h.STSPreload || 222 h.ForceSTSHeader || 223 h.FrameDeny || 224 h.CustomFrameOptionsValue != "" || 225 h.ContentTypeNosniff || 226 h.BrowserXSSFilter || 227 h.CustomBrowserXSSValue != "" || 228 h.ContentSecurityPolicy != "" || 229 h.PublicKey != "" || 230 h.ReferrerPolicy != "" || 231 h.FeaturePolicy != "" || 232 h.PermissionsPolicy != "" || 233 h.IsDevelopment) 234} 235 236// +k8s:deepcopy-gen=true 237 238// IPStrategy holds the ip strategy configuration. 239type IPStrategy struct { 240 Depth int `json:"depth,omitempty" toml:"depth,omitempty" yaml:"depth,omitempty" export:"true"` 241 ExcludedIPs []string `json:"excludedIPs,omitempty" toml:"excludedIPs,omitempty" yaml:"excludedIPs,omitempty"` 242 // TODO(mpl): I think we should make RemoteAddr an explicit field. For one thing, it would yield better documentation. 243} 244 245// Get an IP selection strategy. 246// If nil return the RemoteAddr strategy 247// else return a strategy based on the configuration using the X-Forwarded-For Header. 248// Depth override the ExcludedIPs. 249func (s *IPStrategy) Get() (ip.Strategy, error) { 250 if s == nil { 251 return &ip.RemoteAddrStrategy{}, nil 252 } 253 254 if s.Depth > 0 { 255 return &ip.DepthStrategy{ 256 Depth: s.Depth, 257 }, nil 258 } 259 260 if len(s.ExcludedIPs) > 0 { 261 checker, err := ip.NewChecker(s.ExcludedIPs) 262 if err != nil { 263 return nil, err 264 } 265 return &ip.PoolStrategy{ 266 Checker: checker, 267 }, nil 268 } 269 270 return &ip.RemoteAddrStrategy{}, nil 271} 272 273// +k8s:deepcopy-gen=true 274 275// IPWhiteList holds the ip white list configuration. 276type IPWhiteList struct { 277 SourceRange []string `json:"sourceRange,omitempty" toml:"sourceRange,omitempty" yaml:"sourceRange,omitempty"` 278 IPStrategy *IPStrategy `json:"ipStrategy,omitempty" toml:"ipStrategy,omitempty" yaml:"ipStrategy,omitempty" label:"allowEmpty" file:"allowEmpty" export:"true"` 279} 280 281// +k8s:deepcopy-gen=true 282 283// InFlightReq limits the number of requests being processed and served concurrently. 284type InFlightReq struct { 285 Amount int64 `json:"amount,omitempty" toml:"amount,omitempty" yaml:"amount,omitempty" export:"true"` 286 SourceCriterion *SourceCriterion `json:"sourceCriterion,omitempty" toml:"sourceCriterion,omitempty" yaml:"sourceCriterion,omitempty" export:"true"` 287} 288 289// +k8s:deepcopy-gen=true 290 291// PassTLSClientCert holds the TLS client cert headers configuration. 292type PassTLSClientCert struct { 293 PEM bool `json:"pem,omitempty" toml:"pem,omitempty" yaml:"pem,omitempty" export:"true"` 294 Info *TLSClientCertificateInfo `json:"info,omitempty" toml:"info,omitempty" yaml:"info,omitempty" export:"true"` 295} 296 297// +k8s:deepcopy-gen=true 298 299// SourceCriterion defines what criterion is used to group requests as originating from a common source. 300// If none are set, the default is to use the request's remote address field. 301// All fields are mutually exclusive. 302type SourceCriterion struct { 303 IPStrategy *IPStrategy `json:"ipStrategy,omitempty" toml:"ipStrategy,omitempty" yaml:"ipStrategy,omitempty" export:"true"` 304 RequestHeaderName string `json:"requestHeaderName,omitempty" toml:"requestHeaderName,omitempty" yaml:"requestHeaderName,omitempty" export:"true"` 305 RequestHost bool `json:"requestHost,omitempty" toml:"requestHost,omitempty" yaml:"requestHost,omitempty" export:"true"` 306} 307 308// +k8s:deepcopy-gen=true 309 310// RateLimit holds the rate limiting configuration for a given router. 311type RateLimit struct { 312 // Average is the maximum rate, by default in requests/s, allowed for the given source. 313 // It defaults to 0, which means no rate limiting. 314 // The rate is actually defined by dividing Average by Period. So for a rate below 1req/s, 315 // one needs to define a Period larger than a second. 316 Average int64 `json:"average,omitempty" toml:"average,omitempty" yaml:"average,omitempty" export:"true"` 317 318 // Period, in combination with Average, defines the actual maximum rate, such as: 319 // r = Average / Period. It defaults to a second. 320 Period ptypes.Duration `json:"period,omitempty" toml:"period,omitempty" yaml:"period,omitempty" export:"true"` 321 322 // Burst is the maximum number of requests allowed to arrive in the same arbitrarily small period of time. 323 // It defaults to 1. 324 Burst int64 `json:"burst,omitempty" toml:"burst,omitempty" yaml:"burst,omitempty" export:"true"` 325 326 SourceCriterion *SourceCriterion `json:"sourceCriterion,omitempty" toml:"sourceCriterion,omitempty" yaml:"sourceCriterion,omitempty" export:"true"` 327} 328 329// SetDefaults sets the default values on a RateLimit. 330func (r *RateLimit) SetDefaults() { 331 r.Burst = 1 332 r.Period = ptypes.Duration(time.Second) 333} 334 335// +k8s:deepcopy-gen=true 336 337// RedirectRegex holds the redirection configuration. 338type RedirectRegex struct { 339 Regex string `json:"regex,omitempty" toml:"regex,omitempty" yaml:"regex,omitempty"` 340 Replacement string `json:"replacement,omitempty" toml:"replacement,omitempty" yaml:"replacement,omitempty"` 341 Permanent bool `json:"permanent,omitempty" toml:"permanent,omitempty" yaml:"permanent,omitempty" export:"true"` 342} 343 344// +k8s:deepcopy-gen=true 345 346// RedirectScheme holds the scheme redirection configuration. 347type RedirectScheme struct { 348 Scheme string `json:"scheme,omitempty" toml:"scheme,omitempty" yaml:"scheme,omitempty" export:"true"` 349 Port string `json:"port,omitempty" toml:"port,omitempty" yaml:"port,omitempty" export:"true"` 350 Permanent bool `json:"permanent,omitempty" toml:"permanent,omitempty" yaml:"permanent,omitempty" export:"true"` 351} 352 353// +k8s:deepcopy-gen=true 354 355// ReplacePath holds the ReplacePath configuration. 356type ReplacePath struct { 357 Path string `json:"path,omitempty" toml:"path,omitempty" yaml:"path,omitempty" export:"true"` 358} 359 360// +k8s:deepcopy-gen=true 361 362// ReplacePathRegex holds the ReplacePathRegex configuration. 363type ReplacePathRegex struct { 364 Regex string `json:"regex,omitempty" toml:"regex,omitempty" yaml:"regex,omitempty" export:"true"` 365 Replacement string `json:"replacement,omitempty" toml:"replacement,omitempty" yaml:"replacement,omitempty" export:"true"` 366} 367 368// +k8s:deepcopy-gen=true 369 370// Retry holds the retry configuration. 371type Retry struct { 372 Attempts int `json:"attempts,omitempty" toml:"attempts,omitempty" yaml:"attempts,omitempty" export:"true"` 373 InitialInterval ptypes.Duration `json:"initialInterval,omitempty" toml:"initialInterval,omitempty" yaml:"initialInterval,omitempty" export:"true"` 374} 375 376// +k8s:deepcopy-gen=true 377 378// StripPrefix holds the StripPrefix configuration. 379type StripPrefix struct { 380 Prefixes []string `json:"prefixes,omitempty" toml:"prefixes,omitempty" yaml:"prefixes,omitempty" export:"true"` 381 ForceSlash bool `json:"forceSlash,omitempty" toml:"forceSlash,omitempty" yaml:"forceSlash,omitempty" export:"true"` // Deprecated 382} 383 384// SetDefaults Default values for a StripPrefix. 385func (s *StripPrefix) SetDefaults() { 386 s.ForceSlash = true 387} 388 389// +k8s:deepcopy-gen=true 390 391// StripPrefixRegex holds the StripPrefixRegex configuration. 392type StripPrefixRegex struct { 393 Regex []string `json:"regex,omitempty" toml:"regex,omitempty" yaml:"regex,omitempty" export:"true"` 394} 395 396// +k8s:deepcopy-gen=true 397 398// TLSClientCertificateInfo holds the client TLS certificate info configuration. 399type TLSClientCertificateInfo struct { 400 NotAfter bool `json:"notAfter,omitempty" toml:"notAfter,omitempty" yaml:"notAfter,omitempty" export:"true"` 401 NotBefore bool `json:"notBefore,omitempty" toml:"notBefore,omitempty" yaml:"notBefore,omitempty" export:"true"` 402 Sans bool `json:"sans,omitempty" toml:"sans,omitempty" yaml:"sans,omitempty" export:"true"` 403 Subject *TLSClientCertificateSubjectDNInfo `json:"subject,omitempty" toml:"subject,omitempty" yaml:"subject,omitempty" export:"true"` 404 Issuer *TLSClientCertificateIssuerDNInfo `json:"issuer,omitempty" toml:"issuer,omitempty" yaml:"issuer,omitempty" export:"true"` 405 SerialNumber bool `json:"serialNumber,omitempty" toml:"serialNumber,omitempty" yaml:"serialNumber,omitempty" export:"true"` 406} 407 408// +k8s:deepcopy-gen=true 409 410// TLSClientCertificateIssuerDNInfo holds the client TLS certificate distinguished name info configuration. 411// cf https://tools.ietf.org/html/rfc3739 412type TLSClientCertificateIssuerDNInfo struct { 413 Country bool `json:"country,omitempty" toml:"country,omitempty" yaml:"country,omitempty" export:"true"` 414 Province bool `json:"province,omitempty" toml:"province,omitempty" yaml:"province,omitempty" export:"true"` 415 Locality bool `json:"locality,omitempty" toml:"locality,omitempty" yaml:"locality,omitempty" export:"true"` 416 Organization bool `json:"organization,omitempty" toml:"organization,omitempty" yaml:"organization,omitempty" export:"true"` 417 CommonName bool `json:"commonName,omitempty" toml:"commonName,omitempty" yaml:"commonName,omitempty" export:"true"` 418 SerialNumber bool `json:"serialNumber,omitempty" toml:"serialNumber,omitempty" yaml:"serialNumber,omitempty" export:"true"` 419 DomainComponent bool `json:"domainComponent,omitempty" toml:"domainComponent,omitempty" yaml:"domainComponent,omitempty" export:"true"` 420} 421 422// +k8s:deepcopy-gen=true 423 424// TLSClientCertificateSubjectDNInfo holds the client TLS certificate distinguished name info configuration. 425// cf https://tools.ietf.org/html/rfc3739 426type TLSClientCertificateSubjectDNInfo struct { 427 Country bool `json:"country,omitempty" toml:"country,omitempty" yaml:"country,omitempty" export:"true"` 428 Province bool `json:"province,omitempty" toml:"province,omitempty" yaml:"province,omitempty" export:"true"` 429 Locality bool `json:"locality,omitempty" toml:"locality,omitempty" yaml:"locality,omitempty" export:"true"` 430 Organization bool `json:"organization,omitempty" toml:"organization,omitempty" yaml:"organization,omitempty" export:"true"` 431 OrganizationalUnit bool `json:"organizationalUnit,omitempty" toml:"organizationalUnit,omitempty" yaml:"organizationalUnit,omitempty" export:"true"` 432 CommonName bool `json:"commonName,omitempty" toml:"commonName,omitempty" yaml:"commonName,omitempty" export:"true"` 433 SerialNumber bool `json:"serialNumber,omitempty" toml:"serialNumber,omitempty" yaml:"serialNumber,omitempty" export:"true"` 434 DomainComponent bool `json:"domainComponent,omitempty" toml:"domainComponent,omitempty" yaml:"domainComponent,omitempty" export:"true"` 435} 436 437// +k8s:deepcopy-gen=true 438 439// Users holds a list of users. 440type Users []string 441