Traefik Proxy v3.0.0 Released
github.comMy biggest gripe with traefik is how inflexible the whole middleware concept is.
One would think that checking against an IPAllowList and if not on the list requiring auth (basic or ForwardAuth) would be trivial. There is middleware for IPAllowList there is one for authentication, but the only way you could combine those is to deny requests not on the allowlist and then ask all on the list for authentication.
Just define two separate IngressRoutes:
- one using a hostname match, low rule priority, requiring authentication
- the second one uses a hostname and ClientIp match, high rule priority, bypassing authentication