common/templates/traefik_tags

[[- /*
# vim: syntax=hcl
# This templates add commonly used Traefik tags
*/ -]]
[[- if .traefik.enabled ]]
  [[- $proto := regexp.Replace "^https$" "http" .traefik.proto ]]
  [[- $router := (.traefik.router | strings.HasPrefix .instance) | ternary .traefik.router (printf "%s-%s%s" .instance .traefik.router .consul.suffix) ]]
        "[[ .traefik.instance ]].enable=true",
  [[- /* There's no Consul Connect support for UDP */]]
  [[- if eq $proto "udp" ]]
        "[[ .traefik.instance ]].consulcatalog.connect=false",
  [[- else if has .traefik "connect" ]]
        "[[ .traefik.instance ]].consulcatalog.connect=[[ .traefik.connect ]]",
  [[- end ]]
        "[[ .traefik.instance ]].[[ $proto ]].routers.[[ $router ]].entrypoints=[[ join .traefik.entrypoints "," ]]",
  [[- if has .traefik "priority" ]]
        "[[ .traefik.instance ]].[[ $proto ]].routers.[[ $router ]].priority=[[ .traefik.priority ]]",
  [[- end ]]
  [[- if has .traefik "tls" ]]
    [[- if has .traefik.tls "enabled" ]]
        "[[ .traefik.instance ]].[[ $proto ]].routers.[[ $router ]].tls=[[ .traefik.tls.enabled ]]",
    [[- end ]]
    [[- if has .traefik.tls "options" ]]
        "[[ .traefik.instance ]].[[ $proto ]].routers.[[ $router ]].tls.options=[[ .traefik.tls.options ]]",
    [[- end ]]
  [[- end ]]

  [[- $middlewares := coll.Slice ]]
  [[- if eq $proto "http" ]]
    [[- if has .traefik "rule" ]]
        "[[ .traefik.instance ]].http.routers.[[ $router ]].rule=[[ .traefik.rule ]]",
    [[- else if and (has . "public_url") (.traefik.auto_rule) ]]
        "[[ .traefik.instance ]].http.routers.[[ $router ]].rule=Host(`[[ (urlParse .public_url).Hostname ]]`)
          [[- if not (regexp.Match "^/?$" (urlParse .public_url).Path) ]] && PathPrefix(`[[ (urlParse .public_url).Path | regexp.Replace "^//" "/" ]]`)[[ end ]]",
    [[- end ]]
    [[- if and (has .traefik "csp") (isKind "map" .traefik.csp) ]]
        "[[ .traefik.instance ]].http.middlewares.csp-[[ $router ]].headers.contentsecuritypolicy=[[ range $k, $v := .traefik.csp ]][[ $k ]] [[ $v ]];[[ end ]]",
      [[- $middlewares = prepend (printf "csp-%s" $router) $middlewares ]]
    [[- end ]]
    [[- if and (.traefik.strip_prefix) (has . "public_url") (not (regexp.Match "^/?$" (urlParse .public_url).Path)) ]]
        "[[ .traefik.instance ]].http.middlewares.stripprefix-[[ $router ]].stripprefix.prefixes=[[ (urlParse .public_url).Path ]]",
      [[- /* Put the stripprefix middleware at the end, so it wont' interfere with things like Lemonldap::NG (path in rules) */]]
      [[- $middlewares = append (printf "stripprefix-%s" $router) $middlewares ]]
    [[- end ]]
  [[- else if eq $proto "tcp" ]]
    [[- if has .traefik "rule" ]]
        "[[ .traefik.instance ]].[[ $proto ]].routers.[[ $router ]].rule=[[ .traefik.rule ]]",
    [[- else if .traefik.auto_rule ]]
        "[[ .traefik.instance ]].[[ $proto ]].routers.[[ $router ]].rule=HostSNI(`*`)",
    [[- end ]]
  [[- end ]]

  [[- /* TCP and UDP middlewares are different from http middlewares, so handle them in different settings */]]
  [[- $middlewares_list := .traefik.middlewares ]]
  [[- if eq $proto "tcp" ]]
    [[- $middlewares_list = .traefik.tcp_middlewares ]]
  [[- else if eq $proto "udp" ]]
    [[- $middlewares_list = .traefik.udp_middlewares ]]
  [[- end ]]

  [[- if isKind "map" $middlewares_list ]]
    [[- range $middleware, $def := $middlewares_list ]]
      [[- if isKind "slice" $def ]]
        [[- range $idx, $mid := $def ]]
        "[[ $.traefik.instance ]].[[ $proto ]].middlewares.[[ $router ]]-[[ $middleware ]][[ $.consul.suffix ]].[[ $mid ]]",
        [[- end ]]
        [[- $middlewares = prepend (printf "%s-%s%s" $router $middleware $.consul.suffix) $middlewares ]]
      [[- else if isKind "string" $def ]]
        [[- $middlewares = prepend $def $middlewares ]]
      [[- end ]]
    [[- end ]]
  [[- end ]]
  [[- if gt (len $middlewares) 0 ]]
        "[[ .traefik.instance ]].[[ $proto ]].routers.[[ $router ]].middlewares=[[ join $middlewares "," -]]",
  [[- end ]]
[[- end ]]