Update 'README.md'

2020-03-22 11:51:41 +00:00 · 2020-03-22 11:51:41 +00:00 · 635b96c72e
commit 635b96c72e
parent 69bb1368cb
1 changed files with 26 additions and 26 deletions
--- a/README.md
+++ b/README.md
@ -10,41 +10,41 @@ Forward Authentication for use with proxies (caddy, nginx, traefik, etc)
 - Create a new website (within any php-capable webserver) and make sure that the documentroot points to the `public` folder  
 - Check if you are able to browse to `https://<fqdn>/lucidAuth.login.php` (where `<fqdn>` is the actual domain -or IP address- your webserver is listening on)  
 - Edit your proxy's configuration to use the new website as forward proxy:  
-  - #### ~~in Caddy/nginx~~    <small>(planned for a later stage)</small>
+  #### ~~in Caddy/nginx~~    <small>(planned for a later stage)</small>

-  - #### in Traefik  
+  #### in Traefik  
  Add the following lines (change to reflect your existing configuration):  
-#####   1.7  
+  ##### 1.7  
  ```
  [frontends.server1]
-          entrypoints = ["https"]
-          backend = "server1"
-          [frontends.server1.auth.forward]
-            address = "https://<fqdn>/lucidAuth.validateRequest.php"
-          [frontends.server1.routes]
-            [frontends.server1.routes.ext]
-              rule = "Host:<fqdn>"
+    entrypoints = ["https"]
+    backend = "server1"
+    [frontends.server1.auth.forward]
+      address = "https://<fqdn>/lucidAuth.validateRequest.php"
+    [frontends.server1.routes]
+      [frontends.server1.routes.ext]
+        rule = "Host:<fqdn>"
  ```
-#####   2.0  
+  ##### 2.0  
  Either whitelist IP's which should be trusted to send `HTTP_X-Forwarded-*` headers, ór enable insecure-mode in your static configuration:  
  ```
  entryPoints:
-          https:
-            address: :443
-            forwardedHeaders:
-              trustedIPs:
-                - "127.0.0.1/32"
-                - "192.168.1.0/24"
-        #      insecure: true
+    https:
+      address: :443
+      forwardedHeaders:
+        trustedIPs:
+          - "127.0.0.1/32"
+          - "192.168.1.0/24"
+  #      insecure: true
  ```
  Define a middleware that tells Traefik to forward requests for authentication in your dynamic file provider:  
  ```
  https:
-          middlewares:
-            ldap-authentication:
-              forwardAuth:
-                address: "https://<fqdn>/lucidAuth.validateRequest.php"
-                trustForwardHeader: true
+    middlewares:
+      ldap-authentication:
+        forwardAuth:
+          address: "https://<fqdn>/lucidAuth.validateRequest.php"
+          trustForwardHeader: true
  ```
  And finally add the new middleware to your service (different methods; this depends on your configuration):  
  ```
@ -52,9 +52,9 @@ Forward Authentication for use with proxies (caddy, nginx, traefik, etc)
  traefik.http.routers.router1.middlewares: "ldap-authentication@file"
  # as yaml (when using file provider)
  routers:
-          router1:
-            middlewares:
-              - "ldap-authentication"
+    router1:
+      middlewares:
+        - "ldap-authentication"
  ```

 - #### Important!