diff options
author | Simon Krenger <skrenger@redhat.com> | 2020-01-17 12:40:33 +0300 |
---|---|---|
committer | Simon Krenger <skrenger@redhat.com> | 2020-01-17 12:40:33 +0300 |
commit | e135a307a4ada9b04faeac3f63c9222c2d69d87a (patch) | |
tree | b77a9bf09b3dc82d6bd923f42520266c0feb0ee4 | |
parent | 25652dfae0a4d82b6f3b2ce599fa9cd55bf7b01e (diff) |
Remove Traefik multi-type middlewares and add HSTS header
Traefik will fail to create multi-type middlewares, as Traefik will fail with
`cannot create middleware: multi-types middleware not supported` so had to
create multiple middlewares for the following tasks:
- Redirect to HTTPS
- Add HSTS header
Also added HSTS header for default secure router when HSTS is enabled.
Tested with Traefik 2.1.
-rw-r--r-- | src/templates/partials/traefik.hbs | 11 |
1 files changed, 7 insertions, 4 deletions
diff --git a/src/templates/partials/traefik.hbs b/src/templates/partials/traefik.hbs index 2861178..489569e 100644 --- a/src/templates/partials/traefik.hbs +++ b/src/templates/partials/traefik.hbs @@ -5,6 +5,9 @@ [http.routers.router-secure] rule = "Host(`foo.com`)" service = "service-id" + {{#if form.hsts}} + middlewares = ["hsts-header"] + {{/if}} [http.routers.router-secure.tls] options = "{{form.config}}" @@ -14,14 +17,14 @@ rule = "Host(`foo.com`)" service = "service-id" {{#if form.hsts}} - middlewares = ["redirect"] + middlewares = ["redirect-to-https", "hsts-header"] {{/if}} [http.middlewares] - [http.middlewares.redirect.redirectScheme] + [http.middlewares.redirect-to-https.redirectScheme] scheme = "https" - [http.middlewares.redirect.headers] - [http.middlewares.redirect.headers.customResponseHeaders] + [http.middlewares.hsts-header.headers] + [http.middlewares.hsts-header.headers.customResponseHeaders] Strict-Transport-Security = "max-age={{output.hstsMaxAge}}" {{/if}} |