Update 'README.md'

2019-12-09 09:27:59 +00:00 · 2019-12-09 09:27:59 +00:00 · 5c2ae98afb
commit 5c2ae98afb
parent 018b74e140
1 changed files with 20 additions and 6 deletions
--- a/README.md
+++ b/README.md
@ -26,7 +26,18 @@ Forward Authentication for use with proxies (caddy, nginx, traefik, etc)
              rule = "Host:<fqdn>"
  ```
 #####   2.0  
-  In your dynamic file provider:  
+  Either whitelist IP's which should be trusted to send `HTTP_X-Forwarded-*` headers, ór enable insecure-mode in your static configuration:  
+  ```
+  entryPoints:
+          https:
+            address: :443
+            forwardedHeaders:
+              trustedIPs:
+                - "127.0.0.1/32"
+                - "192.168.1.0/24"
+        #      insecure: true
+  ```
+  Define a middleware that tells Traefik to forward requests for authentication in your dynamic file provider:  
  ```
  https:
          middlewares:
@ -35,12 +46,15 @@ Forward Authentication for use with proxies (caddy, nginx, traefik, etc)
                address: "https://<fqdn>/lucidAuth.validateRequest.php"
                trustForwardHeader: true
  ```
-  In your static configuration:  
+  And finally add the new middleware to your service (different methods; this depends on your configuration):  
  ```
-  entryPoints:
-          https:
-            address: :443
-            insecure: true
+  # as a label (when using Docker provider)
+  traefik.http.routers.router1.middlewares: "ldap-authentication@file"
+  # as yaml (when using file provider)
+  routers:
+          router1:
+            middlewares:
+              - "ldap-authentication"
  ```

 - #### Important!