fix: doc requirements

README.md

@@ -9,7 +9,7 @@
 [![](https://images.microbadger.com/badges/image/traefik.svg)](https://microbadger.com/images/traefik)
 [![License](https://img.shields.io/badge/license-MIT-blue.svg)](https://github.com/containous/traefik/blob/master/LICENSE.md)
 [![Join the chat at https://traefik.herokuapp.com](https://img.shields.io/badge/style-register-green.svg?style=social&label=Slack)](https://traefik.herokuapp.com)
-[![Twitter](https://img.shields.io/twitter/follow/traefikproxy.svg?style=social)](https://twitter.com/intent/follow?screen_name=traefikproxy)
+[![Twitter](https://img.shields.io/twitter/follow/traefik.svg?style=social)](https://twitter.com/intent/follow?screen_name=traefik)
 
 
 Træfik is a modern HTTP reverse proxy and load balancer that makes deploying microservices easy.
@@ -164,12 +164,10 @@ Each version is supported until the next one is released (e.g. 1.1.x will be sup
 
 We use [Semantic Versioning](http://semver.org/)
 
-## Plumbing
+## Mailing lists
 
-- [Oxy](https://github.com/vulcand/oxy): an awesome proxy library made by Mailgun folks
-- [Gorilla mux](https://github.com/gorilla/mux): famous request router
-- [Negroni](https://github.com/urfave/negroni): web middlewares made simple
-- [Lego](https://github.com/xenolf/lego): the best [Let's Encrypt](https://letsencrypt.org) library in go
+- General announcements, new releases: mail at news+subscribe@traefik.io or on [the online viewer](https://groups.google.com/a/traefik.io/forum/#!forum/news)
+- Security announcements: mail at security+subscribe@traefik.io or on [the online viewer](https://groups.google.com/a/traefik.io/forum/#!forum/security).
 
 ## Credits
 

docs.Dockerfile

@@ -1,4 +1,4 @@
-FROM alpine
+FROM alpine:3.14
 
 ENV PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/root/.local/bin
 

docs/configuration/api.md

@@ -33,7 +33,7 @@
   debug = true
 ```
 
-For more customization, see [entry points](/configuration/entrypoints/) documentation and [examples](/user-guide/examples/#ping-health-check).
+For more customization, see [entry points](/configuration/entrypoints/) documentation.
 
 ## Web UI
 

docs/index.md

@@ -7,7 +7,7 @@
 [![Go Report Card](https://goreportcard.com/badge/github.com/containous/traefik)](https://goreportcard.com/report/github.com/containous/traefik)
 [![License](https://img.shields.io/badge/license-MIT-blue.svg)](https://github.com/containous/traefik/blob/master/LICENSE.md)
 [![Join the chat at https://traefik.herokuapp.com](https://img.shields.io/badge/style-register-green.svg?style=social&label=Slack)](https://traefik.herokuapp.com)
-[![Twitter](https://img.shields.io/twitter/follow/traefikproxy.svg?style=social)](https://twitter.com/intent/follow?screen_name=traefikproxy)
+[![Twitter](https://img.shields.io/twitter/follow/traefik.svg?style=social)](https://twitter.com/intent/follow?screen_name=traefik)
 
 
 Træfik is a modern HTTP reverse proxy and load balancer that makes deploying microservices easy.
@@ -203,3 +203,19 @@ Using the tiny Docker image:
 ```shell
 docker run -d -p 8080:8080 -p 80:80 -v $PWD/traefik.toml:/etc/traefik/traefik.toml traefik
 ```
+ 
+## Security
+
+### Security Advisories
+
+We strongly advise you to join our mailing list to be aware of the latest announcements from our security team. You can subscribe sending a mail to security+subscribe@traefik.io or on [the online viewer](https://groups.google.com/a/traefik.io/forum/#!forum/security).
+
+### CVE
+
+Reported vulnerabilities can be found on 
+[cve.mitre.org](https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=traefik).
+
+### Report a Vulnerability
+
+We want to keep Træfik safe for everyone.
+If you've discovered a security vulnerability in Træfik, we appreciate your help in disclosing it to us in a responsible manner, using [this form](https://security.traefik.io).

docs/user-guide/docker-and-lets-encrypt.md

@@ -8,7 +8,7 @@ In addition, we want to use Let's Encrypt to automatically generate and renew SS
 
 ## Setting Up
 
-In order for this to work, you'll need a server with a public IP address, with Docker installed on it.
+In order for this to work, you'll need a server with a public IP address, with Docker and docker-compose installed on it.
 
 In this example, we're using the fictitious domain _my-awesome-app.org_.
 

mkdocs.yml

@@ -16,14 +16,11 @@ theme:
   include_sidebar: true
   favicon: img/traefik.icon.png
   logo: img/traefik.logo.png
-  palette:
-    primary: 'blue'
-    accent: 'light blue'
-  feature:
-    tabs: false
   palette:
     primary: 'cyan'
     accent: 'cyan'
+  feature:
+    tabs: false
   i18n:
     prev: 'Previous'
     next: 'Next'
@@ -45,7 +42,7 @@ google_analytics:
 #    - type: 'slack'
 #      link: 'https://traefik.herokuapp.com'
 #    - type: 'twitter'
-#      link: 'https://twitter.com/traefikproxy'
+#      link: 'https://twitter.com/traefik'
 
 extra_css:
   - theme/styles/extra.css

provider/acme/provider.go

@@ -181,7 +181,7 @@ func (p *Provider) watchNewDomains() {
 						}
 
 						if len(domains) == 0 {
-							log.Debugf("No domain parsed in rule %q", route.Rule)
+							log.Debugf("No domain parsed in rule %q in provider ACME", route.Rule)
 							continue
 						}
 

requirements.txt

@@ -2,3 +2,38 @@ mkdocs==0.17.5
 pymdown-extensions==4.12
 mkdocs-bootswatch==0.5.0
 mkdocs-material==2.9.4
+
+appdirs==1.4.4
+CacheControl==0.12.6
+certifi==2020.12.5
+chardet==4.0.0
+click==8.1.3
+colorama==0.4.4
+contextlib2==0.6.0
+distlib==0.3.1
+distro==1.5.0
+html5lib==1.1
+idna==3.2
+importlib-metadata==4.12.0
+Jinja2==3.1.2
+livereload==2.6.3
+lockfile==0.12.2
+Markdown==3.3.7
+MarkupSafe==2.1.1
+msgpack==1.0.2
+ordered-set==4.0.2
+packaging==20.9
+pep517==0.10.0
+progress==1.5
+Pygments==2.12.0
+pymdown-extensions==4.12
+pyparsing==2.4.7
+PyYAML==6.0
+requests==2.25.1
+retrying==1.3.3
+six==1.15.0
+toml==0.10.2
+tornado==4.5.3
+urllib3==1.26.5
+webencodings==0.5.1
+zipp==3.8.1

rules/rules.go

@@ -9,7 +9,6 @@ import (
 	"sort"
 	"strings"
 
-	"github.com/BurntSushi/ty/fun"
 	"github.com/containous/mux"
 	"github.com/containous/traefik/types"
 )
@@ -270,9 +269,11 @@ func (r *Rules) Parse(expression string) (*mux.Route, error) {
 // ParseDomains parses rules expressions and returns domains
 func (r *Rules) ParseDomains(expression string) ([]string, error) {
 	var domains []string
+	isHostRule := false
 
 	err := r.parseRules(expression, func(functionName string, function interface{}, arguments []string) error {
 		if functionName == "Host" {
+			isHostRule = true
 			domains = append(domains, arguments...)
 		}
 		return nil
@@ -281,5 +282,18 @@ func (r *Rules) ParseDomains(expression string) ([]string, error) {
 		return nil, fmt.Errorf("error parsing domains: %v", err)
 	}
 
-	return fun.Map(types.CanonicalDomain, domains).([]string), nil
+	var cleanDomains []string
+	for _, domain := range domains {
+		canonicalDomain := types.CanonicalDomain(domain)
+		if len(canonicalDomain) > 0 {
+			cleanDomains = append(cleanDomains, canonicalDomain)
+		}
+	}
+
+	// Return an error if an Host rule is detected but no domain are parsed
+	if isHostRule && len(cleanDomains) == 0 {
+		return nil, fmt.Errorf("unable to parse correctly the domains in the Host rule from %q", expression)
+	}
+
+	return cleanDomains, nil
 }

rules/rules_test.go

@@ -54,24 +54,38 @@ func TestParseDomains(t *testing.T) {
 	rules := &Rules{}
 
 	tests := []struct {
-		expression string
-		domain     []string
+		description   string
+		expression    string
+		domain        []string
+		errorExpected bool
 	}{
 		{
-			expression: "Host:foo.bar,test.bar",
-			domain:     []string{"foo.bar", "test.bar"},
+			description:   "Many host rules",
+			expression:    "Host:foo.bar,test.bar",
+			domain:        []string{"foo.bar", "test.bar"},
+			errorExpected: false,
 		},
 		{
-			expression: "Path:/test",
-			domain:     []string{},
+			description:   "No host rule",
+			expression:    "Path:/test",
+			errorExpected: false,
 		},
 		{
-			expression: "Host:foo.bar;Path:/test",
-			domain:     []string{"foo.bar"},
+			description:   "Host rule and another rule",
+			expression:    "Host:foo.bar;Path:/test",
+			domain:        []string{"foo.bar"},
+			errorExpected: false,
 		},
 		{
-			expression: "Host: Foo.Bar ;Path:/test",
-			domain:     []string{"foo.bar"},
+			description:   "Host rule to trim and another rule",
+			expression:    "Host: Foo.Bar ;Path:/test",
+			domain:        []string{"foo.bar"},
+			errorExpected: false,
+		},
+		{
+			description:   "Host rule with no domain",
+			expression:    "Host: ;Path:/test",
+			errorExpected: true,
 		},
 	}
 
@@ -81,7 +95,12 @@ func TestParseDomains(t *testing.T) {
 			t.Parallel()
 
 			domains, err := rules.ParseDomains(test.expression)
-			require.NoError(t, err, "%s: Error while parsing domain.", test.expression)
+
+			if test.errorExpected {
+				require.Errorf(t, err, "unable to parse correctly the domains in the Host rule from %q", test.expression)
+			} else {
+				require.NoError(t, err, "%s: Error while parsing domain.", test.expression)
+			}
 
 			assert.EqualValues(t, test.domain, domains, "%s: Error parsing domains from expression.", test.expression)
 		})

server/server.go

@@ -676,9 +676,15 @@ func (s *Server) postLoadConfiguration() {
 						domains, err := rules.ParseDomains(route.Rule)
 						if err != nil {
 							log.Errorf("Error parsing domains: %v", err)
-						} else {
-							s.globalConfiguration.ACME.LoadCertificateForDomains(domains)
+							continue
 						}
+
+						if len(domains) == 0 {
+							log.Debugf("No domain parsed in rule %q", route.Rule)
+							continue
+						}
+
+						s.globalConfiguration.ACME.LoadCertificateForDomains(domains)
 					}
 				}
 			}