🚀 Wildcard excluding and secure API access
For everyone as lazy as me, @M1scer added the option to exclude more services with one line; you can now use wildcards (. and *) in the list of services to exclude.
If you're looking for more security, TraLa now supports basic authentication on the Traefik API thanks to @PhilipJonasFranz . This way you can make sure the API exposing your stack is only accessible by TraLa.
How it works
The full instructions are added to the README. In short:
Add basic auth to the Traefik API by inserting a basic auth middleware into the router that exposes the API.
Enable basic auth in the configuration file or environment variables. I'd recommend using the config file and docker secrets, but more options are possible.
Docker compose:
services:
traefik:
# ... your existing Traefik configuration ...
labels:
# Define the basic auth username and hashed password
- "traefik.http.middlewares.traefik-api-auth.basicauth.users=<REPLACE_ME>"
# API
# ...
- "traefik.http.routers.traefik-api.middlewares=traefik-api-auth"
trala:
# ... your existing TraLa configuration ...
secrets:
- basic_auth_password
secrets:
basic_auth_password:
file: ./basic_auth_password.txtTraLa Configuration:
environment:
traefik:
basic_auth:
username: <USERNAME>
password_file: /run/secrets/basic_auth_passwordWhat's Changed
- chore(config): migrate renovate config by @renovate[bot] in #41
- feat(exclude): add wildcard support and log invalid patterns by @M1scer in #44
- Feature/traefik api authentication by @PhilipJonasFranz in #42
- Secure traefik api access - documentation and extension by @dannybouwers in #47
- feat: enhance router name processing by removing entrypoint prefix by @dannybouwers in #48
New Contributors
Full Changelog: v0.7.0...v0.8.0