Traefik & File

Good Old Configuration File

The file provider lets you define the dynamic configuration in a TOML or YAML file. You can write one of these mutually exclusive configuration elements:

Info

The file provider is the default format used throughout the documentation to show samples of the configuration for many features.

Tip

The file provider can be a good location for common elements you'd like to re-use from other providers; e.g. declaring whitelist middlewares, basic authentication, ...

Configuration Examples

Declaring Routers, Middlewares & Services

Enabling the file provider:

[providers.file]
  directory = "/path/to/dynamic/conf"
providers:
  file:
    directory: "/path/to/dynamic/conf"
--providers.file.directory=/path/to/dynamic/conf

Declaring Routers, Middlewares & Services:

[http]
  # Add the router
  [http.routers]
    [http.routers.router0]
      entryPoints = ["web"]
      middlewares = ["my-basic-auth"]
      service = "service-foo"
      rule = "Path(`/foo`)"

    # Add the middleware
    [http.middlewares]    
      [http.middlewares.my-basic-auth.basicAuth]
        users = ["test:$apr1$H6uskkkW$IgXLP6ewTrSuBkTrqE8wj/", 
                  "test2:$apr1$d9hr9HBB$4HxwgUir3HP4EsggP/QNo0"]
        usersFile = "etc/traefik/.htpasswd"

    # Add the service
    [http.services]
      [http.services.service-foo]
        [http.services.service-foo.loadBalancer]
          [[http.services.service-foo.loadBalancer.servers]]
            url = "http://foo/"
          [[http.services.service-foo.loadBalancer.servers]]
            url = "http://bar/"
http:
  # Add the router
  routers:
    router0:
      entryPoints:
      - web
      middlewares:
      - my-basic-auth
      service: service-foo
      rule: Path(`/foo`)

  # Add the middleware
  middlewares:
    my-basic-auth:
      basicAuth:
        users:
        - test:$apr1$H6uskkkW$IgXLP6ewTrSuBkTrqE8wj/
        - test2:$apr1$d9hr9HBB$4HxwgUir3HP4EsggP/QNo0
        usersFile: etc/traefik/.htpasswd

  # Add the service
  services:
    service-foo:
      loadBalancer:
        servers:
        - url: http://foo/
        - url: http://bar/
        passHostHeader: false

Provider Configuration

If you're in a hurry, maybe you'd rather go through the dynamic configuration references and the static configuration.

Limitations

With the file provider, Traefik listens for file system notifications to update the dynamic configuration.

If you use a mounted/bound file system in your orchestrator (like docker or kubernetes), the way the files are linked may be a source of errors. If the link between the file systems is broken, when a source file/directory is changed/renamed, nothing will be reported to the linked file/directory, so the file system notifications will be neither triggered nor caught.

For example, in docker, if the host file is renamed, the link to the mounted file will be broken and the container's file will not be updated. To avoid this kind of issue, a good practice is to:

  • set the Traefik directory configuration with the parent directory
  • mount/bind the parent directory

As it is very difficult to listen to all file system notifications, Traefik use fsnotify. If using a directory with a mounted directory does not fix your issue, please check your file system compatibility with fsnotify.

filename

Defines the path of the configuration file.

[providers]
  [providers.file]
    filename = "dynamic_conf.toml"
providers:
  file:
    filename: dynamic_conf.yml
--providers.file.filename=dynamic_conf.toml

directory

Defines the directory that contains the configuration files.

[providers]
  [providers.file]
    directory = "/path/to/config"
providers:
  file:
    directory: /path/to/config
--providers.file.directory=/path/to/config

watch

Set the watch option to true to allow Traefik to automatically watch for file changes.
It works with both the filename and the directory options.

[providers]
  [providers.file]
    directory = "/path/to/dynamic/conf"
    watch = true
providers:
  file:
    directory: /path/to/dynamic/conf
    watch: true
--providers.file.directory=/my/path/to/dynamic/conf
--providers.file.watch=true

Go Templating

Warning

Go Templating only works along with dedicated dynamic configuration files. Templating does not work in the Traefik main static configuration file.

Traefik allows using Go templating.
Thus, it's possible to define easily lot of routers, services and TLS certificates as described in the file template-rules.toml :

Configuring Using Templating
# template-rules.toml
[http]

  [http.routers]
  {{ range $i, $e := until 100 }}
    [http.routers.router{{ $e }}]
    # ...
  {{ end }}  


  [http.services]
  {{ range $i, $e := until 100 }}
      [http.services.service{{ $e }}]
      # ...
  {{ end }}  

[tcp]

  [tcp.routers]
  {{ range $i, $e := until 100 }}
    [tcp.routers.router{{ $e }}]
    # ...
  {{ end }}  


  [tcp.services]
  {{ range $i, $e := until 100 }}
      [http.services.service{{ $e }}]
      # ...
  {{ end }}  

{{ range $i, $e := until 10 }}
[[tls.certificates]]
  certFile = "/etc/traefik/cert-{{ $e }}.pem"
  keyFile = "/etc/traefik/cert-{{ $e }}.key"
  store = ["my-store-foo-{{ $e }}", "my-store-bar-{{ $e }}"]
{{ end }}

[tls.config]
{{ range $i, $e := until 10 }}
  [tls.config.TLS{{ $e }}]
  # ...
{{ end }}
http:

{{range $i, $e := until 100 }}
  routers:
    router{{ $e }:
      # ...
{{end}}

{{range $i, $e := until 100 }}
  services:
    application{{ $e }}:
      # ...
{{end}}

tcp:

{{range $i, $e := until 100 }}
  routers:
    router{{ $e }:
      # ...
{{end}}

{{range $i, $e := until 100 }}
  services:
    service{{ $e }}:
      # ...
{{end}}

{{ range $i, $e := until 10 }}
tls:
  certificates:
  - certFile: "/etc/traefik/cert-{{ $e }}.pem"
    keyFile: "/etc/traefik/cert-{{ $e }}.key"
    store:
    - "my-store-foo-{{ $e }}"
    - "my-store-bar-{{ $e }}"
{{end}}