-
-
Notifications
You must be signed in to change notification settings - Fork 178
Migrate Traefik Configuration To Environment Variables#813
Migrate Traefik Configuration To Environment Variables#813SamJUK wants to merge 1 commit intowardenenv:mainfrom
Conversation
Currently overriding / extending the traefik.yml configuration is difficult. This PR proposes migrating the Traefik configuration from the .yml file to environment variables. This should improve both the extendability and maintainability of attempting to extend the Traefik config. Such as, but not limited to configuring plugins or certificate resolvers.
I've found there are 2 main pain points to the current approach.
- You have to overwrite and maintain the whole configuration file, even for a single value change.
- You have to edit the source file, since the
svc upcommand replaces any modifications under$HOME/.warden/etc/traefik/traefik.ymlSee Here
Note: May be considered a breaking change. Since any custom changes to the traefik.yml by users would have to be reimplemented via the ENV approach. Due to Traefik static config approaches being mutually exclusive.
Example Use Case
Say you want to enable debug logging for Traefik. With the environment variable approach you can create a docker compose file in the warden home directory with the following contents.
services:
traefik:
environment:
TRAEFIK_LOG_LEVEL: DEBUG
Or if you want to define a certificate resolver such as LetsEncrypt to sign your certs. It can again be defined in the users home directory with the following docker compose file. See this issue of someone attempting a similar thing and having to override the source file
services:
traefik:
volumes:
- acmedata:/acme
environment:
CF_DNS_API_TOKEN: xxx
CF_ZONE_API_TOKEN: xxx
TRAEFIK_CERTIFICATESRESOLVERS_LETSENCRYPT: true
TRAEFIK_CERTIFICATESRESOLVERS_LETSENCRYPT_ACME_EMAIL: admin@example.com
TRAEFIK_CERTIFICATESRESOLVERS_LETSENCRYPT_ACME_STORAGE: /acme/acme.json
TRAEFIK_CERTIFICATESRESOLVERS_LETSENCRYPT_ACME_CASERVER: https://acme-staging-v02.api.letsencrypt.org/directory
TRAEFIK_CERTIFICATESRESOLVERS_LETSENCRYPT_ACME_DNSCHALLENGE: true
TRAEFIK_CERTIFICATESRESOLVERS_LETSENCRYPT_ACME_DNSCHALLENGE_PROVIDER: cloudflare
volumes:
acmedata:
|
Thank you for the work on this @SamJUK !! I see no issues with this PR. If we didn't want to wait until Warden 1.0 (or 0.15) to push this change we could add a Warden flag that is Thoughts @navarr ? |
bap14
left a comment
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The only improvement we could make is in the deprecation instead of immediate cessation of static config.
|
I believe there is a happy path to an alternative with similar functionality which would not cause breaking change. This could be achieved by creating a method which appends a partial from the home If this suggestion is ignored and this PR moves forward so be it, but it should be a complete PR including the following:
|