0

I use a IP whitelist middleware to filter the access of my web application to some IPS only and it works.

But, I want to unprotect a specific path to make it public (the path is /api/transaction).

For now, I have (in my docker-comose.yml) :

varnish:
  labels:
    - "traefik.http.routers.api_varnish.rule=Host(`api.local`, `api`)"
    - "traefik.http.routers.api_varnish.tls=true"
    - "traefik.http.routers.api_varnish.middlewares=https-redirect@file"
    - "traefik.http.routers.api_varnish.middlewares=https-whitelist@file"
    - "traefik.http.services.api_varnish.loadbalancer.server.port=80"

This part works, then I added:

    # Open middleware for payment IPN calls
   - "traefik.http.routers.api_varnish_transaction.rule=(Host(`api.local`, `api`) && PathPrefix(`/api/transaction`))"
   - "traefik.http.routers.api_varnish_transaction.tls=true"
   - "traefik.http.routers.api_varnish_transaction.priority=2"
   - "traefik.http.routers.api_varnish_transaction.middlewares=https-redirect@file"

I duplicated the lines, but I didn't apply the middleware https-whitelist@file to the new host.

It doesn't work, I can't find the correct syntax or be sure if I can do it ? documentation is pretty poor.

Any idea?

Vincent Decaux
  • 9,857
  • 6
  • 56
  • 84

1 Answers1

2

Have 2 routers, 1 for /api/transaction and another one for /* and give the first router a higher priority (set a higher number) e.g.

# ...
    labels:
        - traefik.http.routers.router_1.priority=2

Now requests to /api/transaction will only hit router_1

https://doc.traefik.io/traefik/routing/routers/#priority

Mohamed Sohail
  • 1,659
  • 12
  • 23