k8s_traefik_api/

middlewares.rs

// WARNING: generated by kopium - manual changes will be overwritten
// kopium command: kopium middlewares.traefik.io -A -b --derive=Default --derive=PartialEq --smart-derive-elision
// kopium version: 0.21.2

#[allow(unused_imports)]
mod prelude {
    pub use kube::CustomResource;
    pub use typed_builder::TypedBuilder;
    pub use schemars::JsonSchema;
    pub use serde::{Serialize, Deserialize};
    pub use std::collections::BTreeMap;
    pub use k8s_openapi::apimachinery::pkg::util::intstr::IntOrString;
}
use self::prelude::*;

/// MiddlewareSpec defines the desired state of a Middleware.
#[derive(CustomResource, Serialize, Deserialize, Clone, Debug, TypedBuilder, Default, PartialEq, JsonSchema)]
#[kube(group = "traefik.io", version = "v1alpha1", kind = "Middleware", plural = "middlewares")]
#[kube(namespaced)]
#[kube(derive="Default")]
#[kube(derive="PartialEq")]
pub struct MiddlewareSpec {
    /// AddPrefix holds the add prefix middleware configuration.
    /// This middleware updates the path of a request before forwarding it.
    /// More info: https://doc.traefik.io/traefik/v3.3/middlewares/http/addprefix/
    #[serde(default, skip_serializing_if = "Option::is_none", rename = "addPrefix")]
    #[builder(default, setter(strip_option))]
    pub add_prefix: Option<MiddlewareAddPrefix>,
    /// BasicAuth holds the basic auth middleware configuration.
    /// This middleware restricts access to your services to known users.
    /// More info: https://doc.traefik.io/traefik/v3.3/middlewares/http/basicauth/
    #[serde(default, skip_serializing_if = "Option::is_none", rename = "basicAuth")]
    #[builder(default, setter(strip_option))]
    pub basic_auth: Option<MiddlewareBasicAuth>,
    /// Buffering holds the buffering middleware configuration.
    /// This middleware retries or limits the size of requests that can be forwarded to backends.
    /// More info: https://doc.traefik.io/traefik/v3.3/middlewares/http/buffering/#maxrequestbodybytes
    #[serde(default, skip_serializing_if = "Option::is_none")]
    #[builder(default, setter(strip_option))]
    pub buffering: Option<MiddlewareBuffering>,
    /// Chain holds the configuration of the chain middleware.
    /// This middleware enables to define reusable combinations of other pieces of middleware.
    /// More info: https://doc.traefik.io/traefik/v3.3/middlewares/http/chain/
    #[serde(default, skip_serializing_if = "Option::is_none")]
    #[builder(default, setter(strip_option))]
    pub chain: Option<MiddlewareChain>,
    /// CircuitBreaker holds the circuit breaker configuration.
    #[serde(default, skip_serializing_if = "Option::is_none", rename = "circuitBreaker")]
    #[builder(default, setter(strip_option))]
    pub circuit_breaker: Option<MiddlewareCircuitBreaker>,
    /// Compress holds the compress middleware configuration.
    /// This middleware compresses responses before sending them to the client, using gzip, brotli, or zstd compression.
    /// More info: https://doc.traefik.io/traefik/v3.3/middlewares/http/compress/
    #[serde(default, skip_serializing_if = "Option::is_none")]
    #[builder(default, setter(strip_option))]
    pub compress: Option<MiddlewareCompress>,
    /// ContentType holds the content-type middleware configuration.
    /// This middleware exists to enable the correct behavior until at least the default one can be changed in a future version.
    #[serde(default, skip_serializing_if = "Option::is_none", rename = "contentType")]
    #[builder(default, setter(strip_option))]
    pub content_type: Option<MiddlewareContentType>,
    /// DigestAuth holds the digest auth middleware configuration.
    /// This middleware restricts access to your services to known users.
    /// More info: https://doc.traefik.io/traefik/v3.3/middlewares/http/digestauth/
    #[serde(default, skip_serializing_if = "Option::is_none", rename = "digestAuth")]
    #[builder(default, setter(strip_option))]
    pub digest_auth: Option<MiddlewareDigestAuth>,
    /// ErrorPage holds the custom error middleware configuration.
    /// This middleware returns a custom page in lieu of the default, according to configured ranges of HTTP Status codes.
    /// More info: https://doc.traefik.io/traefik/v3.3/middlewares/http/errorpages/
    #[serde(default, skip_serializing_if = "Option::is_none")]
    #[builder(default, setter(strip_option))]
    pub errors: Option<MiddlewareErrors>,
    /// ForwardAuth holds the forward auth middleware configuration.
    /// This middleware delegates the request authentication to a Service.
    /// More info: https://doc.traefik.io/traefik/v3.3/middlewares/http/forwardauth/
    #[serde(default, skip_serializing_if = "Option::is_none", rename = "forwardAuth")]
    #[builder(default, setter(strip_option))]
    pub forward_auth: Option<MiddlewareForwardAuth>,
    /// GrpcWeb holds the gRPC web middleware configuration.
    /// This middleware converts a gRPC web request to an HTTP/2 gRPC request.
    #[serde(default, skip_serializing_if = "Option::is_none", rename = "grpcWeb")]
    #[builder(default, setter(strip_option))]
    pub grpc_web: Option<MiddlewareGrpcWeb>,
    /// Headers holds the headers middleware configuration.
    /// This middleware manages the requests and responses headers.
    /// More info: https://doc.traefik.io/traefik/v3.3/middlewares/http/headers/#customrequestheaders
    #[serde(default, skip_serializing_if = "Option::is_none")]
    #[builder(default, setter(strip_option))]
    pub headers: Option<MiddlewareHeaders>,
    /// InFlightReq holds the in-flight request middleware configuration.
    /// This middleware limits the number of requests being processed and served concurrently.
    /// More info: https://doc.traefik.io/traefik/v3.3/middlewares/http/inflightreq/
    #[serde(default, skip_serializing_if = "Option::is_none", rename = "inFlightReq")]
    #[builder(default, setter(strip_option))]
    pub in_flight_req: Option<MiddlewareInFlightReq>,
    /// IPAllowList holds the IP allowlist middleware configuration.
    /// This middleware limits allowed requests based on the client IP.
    /// More info: https://doc.traefik.io/traefik/v3.3/middlewares/http/ipallowlist/
    #[serde(default, skip_serializing_if = "Option::is_none", rename = "ipAllowList")]
    #[builder(default, setter(strip_option))]
    pub ip_allow_list: Option<MiddlewareIpAllowList>,
    /// Deprecated: please use IPAllowList instead.
    #[serde(default, skip_serializing_if = "Option::is_none", rename = "ipWhiteList")]
    #[builder(default, setter(strip_option))]
    pub ip_white_list: Option<MiddlewareIpWhiteList>,
    /// PassTLSClientCert holds the pass TLS client cert middleware configuration.
    /// This middleware adds the selected data from the passed client TLS certificate to a header.
    /// More info: https://doc.traefik.io/traefik/v3.3/middlewares/http/passtlsclientcert/
    #[serde(default, skip_serializing_if = "Option::is_none", rename = "passTLSClientCert")]
    #[builder(default, setter(strip_option))]
    pub pass_tls_client_cert: Option<MiddlewarePassTlsClientCert>,
    /// Plugin defines the middleware plugin configuration.
    /// More info: https://doc.traefik.io/traefik/plugins/
    #[serde(default, skip_serializing_if = "Option::is_none")]
    #[builder(default, setter(strip_option))]
    pub plugin: Option<BTreeMap<String, serde_json::Value>>,
    /// RateLimit holds the rate limit configuration.
    /// This middleware ensures that services will receive a fair amount of requests, and allows one to define what fair is.
    /// More info: https://doc.traefik.io/traefik/v3.3/middlewares/http/ratelimit/
    #[serde(default, skip_serializing_if = "Option::is_none", rename = "rateLimit")]
    #[builder(default, setter(strip_option))]
    pub rate_limit: Option<MiddlewareRateLimit>,
    /// RedirectRegex holds the redirect regex middleware configuration.
    /// This middleware redirects a request using regex matching and replacement.
    /// More info: https://doc.traefik.io/traefik/v3.3/middlewares/http/redirectregex/#regex
    #[serde(default, skip_serializing_if = "Option::is_none", rename = "redirectRegex")]
    #[builder(default, setter(strip_option))]
    pub redirect_regex: Option<MiddlewareRedirectRegex>,
    /// RedirectScheme holds the redirect scheme middleware configuration.
    /// This middleware redirects requests from a scheme/port to another.
    /// More info: https://doc.traefik.io/traefik/v3.3/middlewares/http/redirectscheme/
    #[serde(default, skip_serializing_if = "Option::is_none", rename = "redirectScheme")]
    #[builder(default, setter(strip_option))]
    pub redirect_scheme: Option<MiddlewareRedirectScheme>,
    /// ReplacePath holds the replace path middleware configuration.
    /// This middleware replaces the path of the request URL and store the original path in an X-Replaced-Path header.
    /// More info: https://doc.traefik.io/traefik/v3.3/middlewares/http/replacepath/
    #[serde(default, skip_serializing_if = "Option::is_none", rename = "replacePath")]
    #[builder(default, setter(strip_option))]
    pub replace_path: Option<MiddlewareReplacePath>,
    /// ReplacePathRegex holds the replace path regex middleware configuration.
    /// This middleware replaces the path of a URL using regex matching and replacement.
    /// More info: https://doc.traefik.io/traefik/v3.3/middlewares/http/replacepathregex/
    #[serde(default, skip_serializing_if = "Option::is_none", rename = "replacePathRegex")]
    #[builder(default, setter(strip_option))]
    pub replace_path_regex: Option<MiddlewareReplacePathRegex>,
    /// Retry holds the retry middleware configuration.
    /// This middleware reissues requests a given number of times to a backend server if that server does not reply.
    /// As soon as the server answers, the middleware stops retrying, regardless of the response status.
    /// More info: https://doc.traefik.io/traefik/v3.3/middlewares/http/retry/
    #[serde(default, skip_serializing_if = "Option::is_none")]
    #[builder(default, setter(strip_option))]
    pub retry: Option<MiddlewareRetry>,
    /// StripPrefix holds the strip prefix middleware configuration.
    /// This middleware removes the specified prefixes from the URL path.
    /// More info: https://doc.traefik.io/traefik/v3.3/middlewares/http/stripprefix/
    #[serde(default, skip_serializing_if = "Option::is_none", rename = "stripPrefix")]
    #[builder(default, setter(strip_option))]
    pub strip_prefix: Option<MiddlewareStripPrefix>,
    /// StripPrefixRegex holds the strip prefix regex middleware configuration.
    /// This middleware removes the matching prefixes from the URL path.
    /// More info: https://doc.traefik.io/traefik/v3.3/middlewares/http/stripprefixregex/
    #[serde(default, skip_serializing_if = "Option::is_none", rename = "stripPrefixRegex")]
    #[builder(default, setter(strip_option))]
    pub strip_prefix_regex: Option<MiddlewareStripPrefixRegex>,
}

/// AddPrefix holds the add prefix middleware configuration.
/// This middleware updates the path of a request before forwarding it.
/// More info: https://doc.traefik.io/traefik/v3.3/middlewares/http/addprefix/
#[derive(Serialize, Deserialize, Clone, Debug, TypedBuilder, Default, PartialEq, JsonSchema)]
pub struct MiddlewareAddPrefix {
    /// Prefix is the string to add before the current path in the requested URL.
    /// It should include a leading slash (/).
    #[serde(default, skip_serializing_if = "Option::is_none")]
    #[builder(default, setter(strip_option))]
    pub prefix: Option<String>,
}

/// BasicAuth holds the basic auth middleware configuration.
/// This middleware restricts access to your services to known users.
/// More info: https://doc.traefik.io/traefik/v3.3/middlewares/http/basicauth/
#[derive(Serialize, Deserialize, Clone, Debug, TypedBuilder, Default, PartialEq, JsonSchema)]
pub struct MiddlewareBasicAuth {
    /// HeaderField defines a header field to store the authenticated user.
    /// More info: https://doc.traefik.io/traefik/v3.3/middlewares/http/basicauth/#headerfield
    #[serde(default, skip_serializing_if = "Option::is_none", rename = "headerField")]
    #[builder(default, setter(strip_option))]
    pub header_field: Option<String>,
    /// Realm allows the protected resources on a server to be partitioned into a set of protection spaces, each with its own authentication scheme.
    /// Default: traefik.
    #[serde(default, skip_serializing_if = "Option::is_none")]
    #[builder(default, setter(strip_option))]
    pub realm: Option<String>,
    /// RemoveHeader sets the removeHeader option to true to remove the authorization header before forwarding the request to your service.
    /// Default: false.
    #[serde(default, skip_serializing_if = "Option::is_none", rename = "removeHeader")]
    #[builder(default, setter(strip_option))]
    pub remove_header: Option<bool>,
    /// Secret is the name of the referenced Kubernetes Secret containing user credentials.
    #[serde(default, skip_serializing_if = "Option::is_none")]
    #[builder(default, setter(strip_option))]
    pub secret: Option<String>,
}

/// Buffering holds the buffering middleware configuration.
/// This middleware retries or limits the size of requests that can be forwarded to backends.
/// More info: https://doc.traefik.io/traefik/v3.3/middlewares/http/buffering/#maxrequestbodybytes
#[derive(Serialize, Deserialize, Clone, Debug, TypedBuilder, Default, PartialEq, JsonSchema)]
pub struct MiddlewareBuffering {
    /// MaxRequestBodyBytes defines the maximum allowed body size for the request (in bytes).
    /// If the request exceeds the allowed size, it is not forwarded to the service, and the client gets a 413 (Request Entity Too Large) response.
    /// Default: 0 (no maximum).
    #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxRequestBodyBytes")]
    #[builder(default, setter(strip_option))]
    pub max_request_body_bytes: Option<i64>,
    /// MaxResponseBodyBytes defines the maximum allowed response size from the service (in bytes).
    /// If the response exceeds the allowed size, it is not forwarded to the client. The client gets a 500 (Internal Server Error) response instead.
    /// Default: 0 (no maximum).
    #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxResponseBodyBytes")]
    #[builder(default, setter(strip_option))]
    pub max_response_body_bytes: Option<i64>,
    /// MemRequestBodyBytes defines the threshold (in bytes) from which the request will be buffered on disk instead of in memory.
    /// Default: 1048576 (1Mi).
    #[serde(default, skip_serializing_if = "Option::is_none", rename = "memRequestBodyBytes")]
    #[builder(default, setter(strip_option))]
    pub mem_request_body_bytes: Option<i64>,
    /// MemResponseBodyBytes defines the threshold (in bytes) from which the response will be buffered on disk instead of in memory.
    /// Default: 1048576 (1Mi).
    #[serde(default, skip_serializing_if = "Option::is_none", rename = "memResponseBodyBytes")]
    #[builder(default, setter(strip_option))]
    pub mem_response_body_bytes: Option<i64>,
    /// RetryExpression defines the retry conditions.
    /// It is a logical combination of functions with operators AND (&&) and OR (||).
    /// More info: https://doc.traefik.io/traefik/v3.3/middlewares/http/buffering/#retryexpression
    #[serde(default, skip_serializing_if = "Option::is_none", rename = "retryExpression")]
    #[builder(default, setter(strip_option))]
    pub retry_expression: Option<String>,
}

/// Chain holds the configuration of the chain middleware.
/// This middleware enables to define reusable combinations of other pieces of middleware.
/// More info: https://doc.traefik.io/traefik/v3.3/middlewares/http/chain/
#[derive(Serialize, Deserialize, Clone, Debug, TypedBuilder, Default, PartialEq, JsonSchema)]
pub struct MiddlewareChain {
    /// Middlewares is the list of MiddlewareRef which composes the chain.
    #[serde(default, skip_serializing_if = "Option::is_none")]
    #[builder(default, setter(strip_option))]
    pub middlewares: Option<Vec<MiddlewareChainMiddlewares>>,
}

/// MiddlewareRef is a reference to a Middleware resource.
#[derive(Serialize, Deserialize, Clone, Debug, TypedBuilder, Default, PartialEq, JsonSchema)]
pub struct MiddlewareChainMiddlewares {
    /// Name defines the name of the referenced Middleware resource.
    pub name: String,
    /// Namespace defines the namespace of the referenced Middleware resource.
    #[serde(default, skip_serializing_if = "Option::is_none")]
    #[builder(default, setter(strip_option))]
    pub namespace: Option<String>,
}

/// CircuitBreaker holds the circuit breaker configuration.
#[derive(Serialize, Deserialize, Clone, Debug, TypedBuilder, Default, PartialEq, JsonSchema)]
pub struct MiddlewareCircuitBreaker {
    /// CheckPeriod is the interval between successive checks of the circuit breaker condition (when in standby state).
    #[serde(default, skip_serializing_if = "Option::is_none", rename = "checkPeriod")]
    #[builder(default, setter(strip_option))]
    pub check_period: Option<IntOrString>,
    /// Expression is the condition that triggers the tripped state.
    #[serde(default, skip_serializing_if = "Option::is_none")]
    #[builder(default, setter(strip_option))]
    pub expression: Option<String>,
    /// FallbackDuration is the duration for which the circuit breaker will wait before trying to recover (from a tripped state).
    #[serde(default, skip_serializing_if = "Option::is_none", rename = "fallbackDuration")]
    #[builder(default, setter(strip_option))]
    pub fallback_duration: Option<IntOrString>,
    /// RecoveryDuration is the duration for which the circuit breaker will try to recover (as soon as it is in recovering state).
    #[serde(default, skip_serializing_if = "Option::is_none", rename = "recoveryDuration")]
    #[builder(default, setter(strip_option))]
    pub recovery_duration: Option<IntOrString>,
    /// ResponseCode is the status code that the circuit breaker will return while it is in the open state.
    #[serde(default, skip_serializing_if = "Option::is_none", rename = "responseCode")]
    #[builder(default, setter(strip_option))]
    pub response_code: Option<i64>,
}

/// Compress holds the compress middleware configuration.
/// This middleware compresses responses before sending them to the client, using gzip, brotli, or zstd compression.
/// More info: https://doc.traefik.io/traefik/v3.3/middlewares/http/compress/
#[derive(Serialize, Deserialize, Clone, Debug, TypedBuilder, Default, PartialEq, JsonSchema)]
pub struct MiddlewareCompress {
    /// DefaultEncoding specifies the default encoding if the `Accept-Encoding` header is not in the request or contains a wildcard (`*`).
    #[serde(default, skip_serializing_if = "Option::is_none", rename = "defaultEncoding")]
    #[builder(default, setter(strip_option))]
    pub default_encoding: Option<String>,
    /// Encodings defines the list of supported compression algorithms.
    #[serde(default, skip_serializing_if = "Option::is_none")]
    #[builder(default, setter(strip_option))]
    pub encodings: Option<Vec<String>>,
    /// ExcludedContentTypes defines the list of content types to compare the Content-Type header of the incoming requests and responses before compressing.
    /// `application/grpc` is always excluded.
    #[serde(default, skip_serializing_if = "Option::is_none", rename = "excludedContentTypes")]
    #[builder(default, setter(strip_option))]
    pub excluded_content_types: Option<Vec<String>>,
    /// IncludedContentTypes defines the list of content types to compare the Content-Type header of the responses before compressing.
    #[serde(default, skip_serializing_if = "Option::is_none", rename = "includedContentTypes")]
    #[builder(default, setter(strip_option))]
    pub included_content_types: Option<Vec<String>>,
    /// MinResponseBodyBytes defines the minimum amount of bytes a response body must have to be compressed.
    /// Default: 1024.
    #[serde(default, skip_serializing_if = "Option::is_none", rename = "minResponseBodyBytes")]
    #[builder(default, setter(strip_option))]
    pub min_response_body_bytes: Option<i64>,
}

/// ContentType holds the content-type middleware configuration.
/// This middleware exists to enable the correct behavior until at least the default one can be changed in a future version.
#[derive(Serialize, Deserialize, Clone, Debug, TypedBuilder, Default, PartialEq, JsonSchema)]
pub struct MiddlewareContentType {
    /// AutoDetect specifies whether to let the `Content-Type` header, if it has not been set by the backend,
    /// be automatically set to a value derived from the contents of the response.
    /// Deprecated: AutoDetect option is deprecated, Content-Type middleware is only meant to be used to enable the content-type detection, please remove any usage of this option.
    #[serde(default, skip_serializing_if = "Option::is_none", rename = "autoDetect")]
    #[builder(default, setter(strip_option))]
    pub auto_detect: Option<bool>,
}

/// DigestAuth holds the digest auth middleware configuration.
/// This middleware restricts access to your services to known users.
/// More info: https://doc.traefik.io/traefik/v3.3/middlewares/http/digestauth/
#[derive(Serialize, Deserialize, Clone, Debug, TypedBuilder, Default, PartialEq, JsonSchema)]
pub struct MiddlewareDigestAuth {
    /// HeaderField defines a header field to store the authenticated user.
    /// More info: https://doc.traefik.io/traefik/v3.3/middlewares/http/basicauth/#headerfield
    #[serde(default, skip_serializing_if = "Option::is_none", rename = "headerField")]
    #[builder(default, setter(strip_option))]
    pub header_field: Option<String>,
    /// Realm allows the protected resources on a server to be partitioned into a set of protection spaces, each with its own authentication scheme.
    /// Default: traefik.
    #[serde(default, skip_serializing_if = "Option::is_none")]
    #[builder(default, setter(strip_option))]
    pub realm: Option<String>,
    /// RemoveHeader defines whether to remove the authorization header before forwarding the request to the backend.
    #[serde(default, skip_serializing_if = "Option::is_none", rename = "removeHeader")]
    #[builder(default, setter(strip_option))]
    pub remove_header: Option<bool>,
    /// Secret is the name of the referenced Kubernetes Secret containing user credentials.
    #[serde(default, skip_serializing_if = "Option::is_none")]
    #[builder(default, setter(strip_option))]
    pub secret: Option<String>,
}

/// ErrorPage holds the custom error middleware configuration.
/// This middleware returns a custom page in lieu of the default, according to configured ranges of HTTP Status codes.
/// More info: https://doc.traefik.io/traefik/v3.3/middlewares/http/errorpages/
#[derive(Serialize, Deserialize, Clone, Debug, TypedBuilder, Default, PartialEq, JsonSchema)]
pub struct MiddlewareErrors {
    /// Query defines the URL for the error page (hosted by service).
    /// The {status} variable can be used in order to insert the status code in the URL.
    #[serde(default, skip_serializing_if = "Option::is_none")]
    #[builder(default, setter(strip_option))]
    pub query: Option<String>,
    /// Service defines the reference to a Kubernetes Service that will serve the error page.
    /// More info: https://doc.traefik.io/traefik/v3.3/middlewares/http/errorpages/#service
    #[serde(default, skip_serializing_if = "Option::is_none")]
    #[builder(default, setter(strip_option))]
    pub service: Option<MiddlewareErrorsService>,
    /// Status defines which status or range of statuses should result in an error page.
    /// It can be either a status code as a number (500),
    /// as multiple comma-separated numbers (500,502),
    /// as ranges by separating two codes with a dash (500-599),
    /// or a combination of the two (404,418,500-599).
    #[serde(default, skip_serializing_if = "Option::is_none")]
    #[builder(default, setter(strip_option))]
    pub status: Option<Vec<String>>,
}

/// Service defines the reference to a Kubernetes Service that will serve the error page.
/// More info: https://doc.traefik.io/traefik/v3.3/middlewares/http/errorpages/#service
#[derive(Serialize, Deserialize, Clone, Debug, TypedBuilder, Default, PartialEq, JsonSchema)]
pub struct MiddlewareErrorsService {
    /// Healthcheck defines health checks for ExternalName services.
    #[serde(default, skip_serializing_if = "Option::is_none", rename = "healthCheck")]
    #[builder(default, setter(strip_option))]
    pub health_check: Option<MiddlewareErrorsServiceHealthCheck>,
    /// Kind defines the kind of the Service.
    #[serde(default, skip_serializing_if = "Option::is_none")]
    #[builder(default, setter(strip_option))]
    pub kind: Option<MiddlewareErrorsServiceKind>,
    /// Name defines the name of the referenced Kubernetes Service or TraefikService.
    /// The differentiation between the two is specified in the Kind field.
    pub name: String,
    /// Namespace defines the namespace of the referenced Kubernetes Service or TraefikService.
    #[serde(default, skip_serializing_if = "Option::is_none")]
    #[builder(default, setter(strip_option))]
    pub namespace: Option<String>,
    /// NativeLB controls, when creating the load-balancer,
    /// whether the LB's children are directly the pods IPs or if the only child is the Kubernetes Service clusterIP.
    /// The Kubernetes Service itself does load-balance to the pods.
    /// By default, NativeLB is false.
    #[serde(default, skip_serializing_if = "Option::is_none", rename = "nativeLB")]
    #[builder(default, setter(strip_option))]
    pub native_lb: Option<bool>,
    /// NodePortLB controls, when creating the load-balancer,
    /// whether the LB's children are directly the nodes internal IPs using the nodePort when the service type is NodePort.
    /// It allows services to be reachable when Traefik runs externally from the Kubernetes cluster but within the same network of the nodes.
    /// By default, NodePortLB is false.
    #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodePortLB")]
    #[builder(default, setter(strip_option))]
    pub node_port_lb: Option<bool>,
    /// PassHostHeader defines whether the client Host header is forwarded to the upstream Kubernetes Service.
    /// By default, passHostHeader is true.
    #[serde(default, skip_serializing_if = "Option::is_none", rename = "passHostHeader")]
    #[builder(default, setter(strip_option))]
    pub pass_host_header: Option<bool>,
    /// Port defines the port of a Kubernetes Service.
    /// This can be a reference to a named port.
    #[serde(default, skip_serializing_if = "Option::is_none")]
    #[builder(default, setter(strip_option))]
    pub port: Option<IntOrString>,
    /// ResponseForwarding defines how Traefik forwards the response from the upstream Kubernetes Service to the client.
    #[serde(default, skip_serializing_if = "Option::is_none", rename = "responseForwarding")]
    #[builder(default, setter(strip_option))]
    pub response_forwarding: Option<MiddlewareErrorsServiceResponseForwarding>,
    /// Scheme defines the scheme to use for the request to the upstream Kubernetes Service.
    /// It defaults to https when Kubernetes Service port is 443, http otherwise.
    #[serde(default, skip_serializing_if = "Option::is_none")]
    #[builder(default, setter(strip_option))]
    pub scheme: Option<String>,
    /// ServersTransport defines the name of ServersTransport resource to use.
    /// It allows to configure the transport between Traefik and your servers.
    /// Can only be used on a Kubernetes Service.
    #[serde(default, skip_serializing_if = "Option::is_none", rename = "serversTransport")]
    #[builder(default, setter(strip_option))]
    pub servers_transport: Option<String>,
    /// Sticky defines the sticky sessions configuration.
    /// More info: https://doc.traefik.io/traefik/v3.3/routing/services/#sticky-sessions
    #[serde(default, skip_serializing_if = "Option::is_none")]
    #[builder(default, setter(strip_option))]
    pub sticky: Option<MiddlewareErrorsServiceSticky>,
    /// Strategy defines the load balancing strategy between the servers.
    /// RoundRobin is the only supported value at the moment.
    #[serde(default, skip_serializing_if = "Option::is_none")]
    #[builder(default, setter(strip_option))]
    pub strategy: Option<String>,
    /// Weight defines the weight and should only be specified when Name references a TraefikService object
    /// (and to be precise, one that embeds a Weighted Round Robin).
    #[serde(default, skip_serializing_if = "Option::is_none")]
    #[builder(default, setter(strip_option))]
    pub weight: Option<i64>,
}

/// Healthcheck defines health checks for ExternalName services.
#[derive(Serialize, Deserialize, Clone, Debug, TypedBuilder, Default, PartialEq, JsonSchema)]
pub struct MiddlewareErrorsServiceHealthCheck {
    /// FollowRedirects defines whether redirects should be followed during the health check calls.
    /// Default: true
    #[serde(default, skip_serializing_if = "Option::is_none", rename = "followRedirects")]
    #[builder(default, setter(strip_option))]
    pub follow_redirects: Option<bool>,
    /// Headers defines custom headers to be sent to the health check endpoint.
    #[serde(default, skip_serializing_if = "Option::is_none")]
    #[builder(default, setter(strip_option))]
    pub headers: Option<BTreeMap<String, String>>,
    /// Hostname defines the value of hostname in the Host header of the health check request.
    #[serde(default, skip_serializing_if = "Option::is_none")]
    #[builder(default, setter(strip_option))]
    pub hostname: Option<String>,
    /// Interval defines the frequency of the health check calls.
    /// Default: 30s
    #[serde(default, skip_serializing_if = "Option::is_none")]
    #[builder(default, setter(strip_option))]
    pub interval: Option<IntOrString>,
    /// Method defines the healthcheck method.
    #[serde(default, skip_serializing_if = "Option::is_none")]
    #[builder(default, setter(strip_option))]
    pub method: Option<String>,
    /// Mode defines the health check mode.
    /// If defined to grpc, will use the gRPC health check protocol to probe the server.
    /// Default: http
    #[serde(default, skip_serializing_if = "Option::is_none")]
    #[builder(default, setter(strip_option))]
    pub mode: Option<String>,
    /// Path defines the server URL path for the health check endpoint.
    #[serde(default, skip_serializing_if = "Option::is_none")]
    #[builder(default, setter(strip_option))]
    pub path: Option<String>,
    /// Port defines the server URL port for the health check endpoint.
    #[serde(default, skip_serializing_if = "Option::is_none")]
    #[builder(default, setter(strip_option))]
    pub port: Option<i64>,
    /// Scheme replaces the server URL scheme for the health check endpoint.
    #[serde(default, skip_serializing_if = "Option::is_none")]
    #[builder(default, setter(strip_option))]
    pub scheme: Option<String>,
    /// Status defines the expected HTTP status code of the response to the health check request.
    #[serde(default, skip_serializing_if = "Option::is_none")]
    #[builder(default, setter(strip_option))]
    pub status: Option<i64>,
    /// Timeout defines the maximum duration Traefik will wait for a health check request before considering the server unhealthy.
    /// Default: 5s
    #[serde(default, skip_serializing_if = "Option::is_none")]
    #[builder(default, setter(strip_option))]
    pub timeout: Option<IntOrString>,
}

/// Service defines the reference to a Kubernetes Service that will serve the error page.
/// More info: https://doc.traefik.io/traefik/v3.3/middlewares/http/errorpages/#service
#[derive(Serialize, Deserialize, Clone, Debug, PartialEq, JsonSchema)]
pub enum MiddlewareErrorsServiceKind {
    Service,
    TraefikService,
}

/// ResponseForwarding defines how Traefik forwards the response from the upstream Kubernetes Service to the client.
#[derive(Serialize, Deserialize, Clone, Debug, TypedBuilder, Default, PartialEq, JsonSchema)]
pub struct MiddlewareErrorsServiceResponseForwarding {
    /// FlushInterval defines the interval, in milliseconds, in between flushes to the client while copying the response body.
    /// A negative value means to flush immediately after each write to the client.
    /// This configuration is ignored when ReverseProxy recognizes a response as a streaming response;
    /// for such responses, writes are flushed to the client immediately.
    /// Default: 100ms
    #[serde(default, skip_serializing_if = "Option::is_none", rename = "flushInterval")]
    #[builder(default, setter(strip_option))]
    pub flush_interval: Option<String>,
}

/// Sticky defines the sticky sessions configuration.
/// More info: https://doc.traefik.io/traefik/v3.3/routing/services/#sticky-sessions
#[derive(Serialize, Deserialize, Clone, Debug, TypedBuilder, Default, PartialEq, JsonSchema)]
pub struct MiddlewareErrorsServiceSticky {
    /// Cookie defines the sticky cookie configuration.
    #[serde(default, skip_serializing_if = "Option::is_none")]
    #[builder(default, setter(strip_option))]
    pub cookie: Option<MiddlewareErrorsServiceStickyCookie>,
}

/// Cookie defines the sticky cookie configuration.
#[derive(Serialize, Deserialize, Clone, Debug, TypedBuilder, Default, PartialEq, JsonSchema)]
pub struct MiddlewareErrorsServiceStickyCookie {
    /// HTTPOnly defines whether the cookie can be accessed by client-side APIs, such as JavaScript.
    #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpOnly")]
    #[builder(default, setter(strip_option))]
    pub http_only: Option<bool>,
    /// MaxAge defines the number of seconds until the cookie expires.
    /// When set to a negative number, the cookie expires immediately.
    /// When set to zero, the cookie never expires.
    #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxAge")]
    #[builder(default, setter(strip_option))]
    pub max_age: Option<i64>,
    /// Name defines the Cookie name.
    #[serde(default, skip_serializing_if = "Option::is_none")]
    #[builder(default, setter(strip_option))]
    pub name: Option<String>,
    /// Path defines the path that must exist in the requested URL for the browser to send the Cookie header.
    /// When not provided the cookie will be sent on every request to the domain.
    /// More info: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie#pathpath-value
    #[serde(default, skip_serializing_if = "Option::is_none")]
    #[builder(default, setter(strip_option))]
    pub path: Option<String>,
    /// SameSite defines the same site policy.
    /// More info: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite
    #[serde(default, skip_serializing_if = "Option::is_none", rename = "sameSite")]
    #[builder(default, setter(strip_option))]
    pub same_site: Option<String>,
    /// Secure defines whether the cookie can only be transmitted over an encrypted connection (i.e. HTTPS).
    #[serde(default, skip_serializing_if = "Option::is_none")]
    #[builder(default, setter(strip_option))]
    pub secure: Option<bool>,
}

/// ForwardAuth holds the forward auth middleware configuration.
/// This middleware delegates the request authentication to a Service.
/// More info: https://doc.traefik.io/traefik/v3.3/middlewares/http/forwardauth/
#[derive(Serialize, Deserialize, Clone, Debug, TypedBuilder, Default, PartialEq, JsonSchema)]
pub struct MiddlewareForwardAuth {
    /// AddAuthCookiesToResponse defines the list of cookies to copy from the authentication server response to the response.
    #[serde(default, skip_serializing_if = "Option::is_none", rename = "addAuthCookiesToResponse")]
    #[builder(default, setter(strip_option))]
    pub add_auth_cookies_to_response: Option<Vec<String>>,
    /// Address defines the authentication server address.
    #[serde(default, skip_serializing_if = "Option::is_none")]
    #[builder(default, setter(strip_option))]
    pub address: Option<String>,
    /// AuthRequestHeaders defines the list of the headers to copy from the request to the authentication server.
    /// If not set or empty then all request headers are passed.
    #[serde(default, skip_serializing_if = "Option::is_none", rename = "authRequestHeaders")]
    #[builder(default, setter(strip_option))]
    pub auth_request_headers: Option<Vec<String>>,
    /// AuthResponseHeaders defines the list of headers to copy from the authentication server response and set on forwarded request, replacing any existing conflicting headers.
    #[serde(default, skip_serializing_if = "Option::is_none", rename = "authResponseHeaders")]
    #[builder(default, setter(strip_option))]
    pub auth_response_headers: Option<Vec<String>>,
    /// AuthResponseHeadersRegex defines the regex to match headers to copy from the authentication server response and set on forwarded request, after stripping all headers that match the regex.
    /// More info: https://doc.traefik.io/traefik/v3.3/middlewares/http/forwardauth/#authresponseheadersregex
    #[serde(default, skip_serializing_if = "Option::is_none", rename = "authResponseHeadersRegex")]
    #[builder(default, setter(strip_option))]
    pub auth_response_headers_regex: Option<String>,
    /// ForwardBody defines whether to send the request body to the authentication server.
    #[serde(default, skip_serializing_if = "Option::is_none", rename = "forwardBody")]
    #[builder(default, setter(strip_option))]
    pub forward_body: Option<bool>,
    /// MaxBodySize defines the maximum body size in bytes allowed to be forwarded to the authentication server.
    #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxBodySize")]
    #[builder(default, setter(strip_option))]
    pub max_body_size: Option<i64>,
    /// PreserveLocationHeader defines whether to forward the Location header to the client as is or prefix it with the domain name of the authentication server.
    #[serde(default, skip_serializing_if = "Option::is_none", rename = "preserveLocationHeader")]
    #[builder(default, setter(strip_option))]
    pub preserve_location_header: Option<bool>,
    /// TLS defines the configuration used to secure the connection to the authentication server.
    #[serde(default, skip_serializing_if = "Option::is_none")]
    #[builder(default, setter(strip_option))]
    pub tls: Option<MiddlewareForwardAuthTls>,
    /// TrustForwardHeader defines whether to trust (ie: forward) all X-Forwarded-* headers.
    #[serde(default, skip_serializing_if = "Option::is_none", rename = "trustForwardHeader")]
    #[builder(default, setter(strip_option))]
    pub trust_forward_header: Option<bool>,
}

/// TLS defines the configuration used to secure the connection to the authentication server.
#[derive(Serialize, Deserialize, Clone, Debug, TypedBuilder, Default, PartialEq, JsonSchema)]
pub struct MiddlewareForwardAuthTls {
    /// Deprecated: TLS client authentication is a server side option (see https://github.com/golang/go/blob/740a490f71d026bb7d2d13cb8fa2d6d6e0572b70/src/crypto/tls/common.go#L634).
    #[serde(default, skip_serializing_if = "Option::is_none", rename = "caOptional")]
    #[builder(default, setter(strip_option))]
    pub ca_optional: Option<bool>,
    /// CASecret is the name of the referenced Kubernetes Secret containing the CA to validate the server certificate.
    /// The CA certificate is extracted from key `tls.ca` or `ca.crt`.
    #[serde(default, skip_serializing_if = "Option::is_none", rename = "caSecret")]
    #[builder(default, setter(strip_option))]
    pub ca_secret: Option<String>,
    /// CertSecret is the name of the referenced Kubernetes Secret containing the client certificate.
    /// The client certificate is extracted from the keys `tls.crt` and `tls.key`.
    #[serde(default, skip_serializing_if = "Option::is_none", rename = "certSecret")]
    #[builder(default, setter(strip_option))]
    pub cert_secret: Option<String>,
    /// InsecureSkipVerify defines whether the server certificates should be validated.
    #[serde(default, skip_serializing_if = "Option::is_none", rename = "insecureSkipVerify")]
    #[builder(default, setter(strip_option))]
    pub insecure_skip_verify: Option<bool>,
}

/// GrpcWeb holds the gRPC web middleware configuration.
/// This middleware converts a gRPC web request to an HTTP/2 gRPC request.
#[derive(Serialize, Deserialize, Clone, Debug, TypedBuilder, Default, PartialEq, JsonSchema)]
pub struct MiddlewareGrpcWeb {
    /// AllowOrigins is a list of allowable origins.
    /// Can also be a wildcard origin "*".
    #[serde(default, skip_serializing_if = "Option::is_none", rename = "allowOrigins")]
    #[builder(default, setter(strip_option))]
    pub allow_origins: Option<Vec<String>>,
}

/// Headers holds the headers middleware configuration.
/// This middleware manages the requests and responses headers.
/// More info: https://doc.traefik.io/traefik/v3.3/middlewares/http/headers/#customrequestheaders
#[derive(Serialize, Deserialize, Clone, Debug, TypedBuilder, Default, PartialEq, JsonSchema)]
pub struct MiddlewareHeaders {
    /// AccessControlAllowCredentials defines whether the request can include user credentials.
    #[serde(default, skip_serializing_if = "Option::is_none", rename = "accessControlAllowCredentials")]
    #[builder(default, setter(strip_option))]
    pub access_control_allow_credentials: Option<bool>,
    /// AccessControlAllowHeaders defines the Access-Control-Request-Headers values sent in preflight response.
    #[serde(default, skip_serializing_if = "Option::is_none", rename = "accessControlAllowHeaders")]
    #[builder(default, setter(strip_option))]
    pub access_control_allow_headers: Option<Vec<String>>,
    /// AccessControlAllowMethods defines the Access-Control-Request-Method values sent in preflight response.
    #[serde(default, skip_serializing_if = "Option::is_none", rename = "accessControlAllowMethods")]
    #[builder(default, setter(strip_option))]
    pub access_control_allow_methods: Option<Vec<String>>,
    /// AccessControlAllowOriginList is a list of allowable origins. Can also be a wildcard origin "*".
    #[serde(default, skip_serializing_if = "Option::is_none", rename = "accessControlAllowOriginList")]
    #[builder(default, setter(strip_option))]
    pub access_control_allow_origin_list: Option<Vec<String>>,
    /// AccessControlAllowOriginListRegex is a list of allowable origins written following the Regular Expression syntax (https://golang.org/pkg/regexp/).
    #[serde(default, skip_serializing_if = "Option::is_none", rename = "accessControlAllowOriginListRegex")]
    #[builder(default, setter(strip_option))]
    pub access_control_allow_origin_list_regex: Option<Vec<String>>,
    /// AccessControlExposeHeaders defines the Access-Control-Expose-Headers values sent in preflight response.
    #[serde(default, skip_serializing_if = "Option::is_none", rename = "accessControlExposeHeaders")]
    #[builder(default, setter(strip_option))]
    pub access_control_expose_headers: Option<Vec<String>>,
    /// AccessControlMaxAge defines the time that a preflight request may be cached.
    #[serde(default, skip_serializing_if = "Option::is_none", rename = "accessControlMaxAge")]
    #[builder(default, setter(strip_option))]
    pub access_control_max_age: Option<i64>,
    /// AddVaryHeader defines whether the Vary header is automatically added/updated when the AccessControlAllowOriginList is set.
    #[serde(default, skip_serializing_if = "Option::is_none", rename = "addVaryHeader")]
    #[builder(default, setter(strip_option))]
    pub add_vary_header: Option<bool>,
    /// AllowedHosts defines the fully qualified list of allowed domain names.
    #[serde(default, skip_serializing_if = "Option::is_none", rename = "allowedHosts")]
    #[builder(default, setter(strip_option))]
    pub allowed_hosts: Option<Vec<String>>,
    /// BrowserXSSFilter defines whether to add the X-XSS-Protection header with the value 1; mode=block.
    #[serde(default, skip_serializing_if = "Option::is_none", rename = "browserXssFilter")]
    #[builder(default, setter(strip_option))]
    pub browser_xss_filter: Option<bool>,
    /// ContentSecurityPolicy defines the Content-Security-Policy header value.
    #[serde(default, skip_serializing_if = "Option::is_none", rename = "contentSecurityPolicy")]
    #[builder(default, setter(strip_option))]
    pub content_security_policy: Option<String>,
    /// ContentSecurityPolicyReportOnly defines the Content-Security-Policy-Report-Only header value.
    #[serde(default, skip_serializing_if = "Option::is_none", rename = "contentSecurityPolicyReportOnly")]
    #[builder(default, setter(strip_option))]
    pub content_security_policy_report_only: Option<String>,
    /// ContentTypeNosniff defines whether to add the X-Content-Type-Options header with the nosniff value.
    #[serde(default, skip_serializing_if = "Option::is_none", rename = "contentTypeNosniff")]
    #[builder(default, setter(strip_option))]
    pub content_type_nosniff: Option<bool>,
    /// CustomBrowserXSSValue defines the X-XSS-Protection header value.
    /// This overrides the BrowserXssFilter option.
    #[serde(default, skip_serializing_if = "Option::is_none", rename = "customBrowserXSSValue")]
    #[builder(default, setter(strip_option))]
    pub custom_browser_xss_value: Option<String>,
    /// CustomFrameOptionsValue defines the X-Frame-Options header value.
    /// This overrides the FrameDeny option.
    #[serde(default, skip_serializing_if = "Option::is_none", rename = "customFrameOptionsValue")]
    #[builder(default, setter(strip_option))]
    pub custom_frame_options_value: Option<String>,
    /// CustomRequestHeaders defines the header names and values to apply to the request.
    #[serde(default, skip_serializing_if = "Option::is_none", rename = "customRequestHeaders")]
    #[builder(default, setter(strip_option))]
    pub custom_request_headers: Option<BTreeMap<String, String>>,
    /// CustomResponseHeaders defines the header names and values to apply to the response.
    #[serde(default, skip_serializing_if = "Option::is_none", rename = "customResponseHeaders")]
    #[builder(default, setter(strip_option))]
    pub custom_response_headers: Option<BTreeMap<String, String>>,
    /// Deprecated: FeaturePolicy option is deprecated, please use PermissionsPolicy instead.
    #[serde(default, skip_serializing_if = "Option::is_none", rename = "featurePolicy")]
    #[builder(default, setter(strip_option))]
    pub feature_policy: Option<String>,
    /// ForceSTSHeader defines whether to add the STS header even when the connection is HTTP.
    #[serde(default, skip_serializing_if = "Option::is_none", rename = "forceSTSHeader")]
    #[builder(default, setter(strip_option))]
    pub force_sts_header: Option<bool>,
    /// FrameDeny defines whether to add the X-Frame-Options header with the DENY value.
    #[serde(default, skip_serializing_if = "Option::is_none", rename = "frameDeny")]
    #[builder(default, setter(strip_option))]
    pub frame_deny: Option<bool>,
    /// HostsProxyHeaders defines the header keys that may hold a proxied hostname value for the request.
    #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostsProxyHeaders")]
    #[builder(default, setter(strip_option))]
    pub hosts_proxy_headers: Option<Vec<String>>,
    /// IsDevelopment defines whether to mitigate the unwanted effects of the AllowedHosts, SSL, and STS options when developing.
    /// Usually testing takes place using HTTP, not HTTPS, and on localhost, not your production domain.
    /// If you would like your development environment to mimic production with complete Host blocking, SSL redirects,
    /// and STS headers, leave this as false.
    #[serde(default, skip_serializing_if = "Option::is_none", rename = "isDevelopment")]
    #[builder(default, setter(strip_option))]
    pub is_development: Option<bool>,
    /// PermissionsPolicy defines the Permissions-Policy header value.
    /// This allows sites to control browser features.
    #[serde(default, skip_serializing_if = "Option::is_none", rename = "permissionsPolicy")]
    #[builder(default, setter(strip_option))]
    pub permissions_policy: Option<String>,
    /// PublicKey is the public key that implements HPKP to prevent MITM attacks with forged certificates.
    #[serde(default, skip_serializing_if = "Option::is_none", rename = "publicKey")]
    #[builder(default, setter(strip_option))]
    pub public_key: Option<String>,
    /// ReferrerPolicy defines the Referrer-Policy header value.
    /// This allows sites to control whether browsers forward the Referer header to other sites.
    #[serde(default, skip_serializing_if = "Option::is_none", rename = "referrerPolicy")]
    #[builder(default, setter(strip_option))]
    pub referrer_policy: Option<String>,
    /// Deprecated: SSLForceHost option is deprecated, please use RedirectRegex instead.
    #[serde(default, skip_serializing_if = "Option::is_none", rename = "sslForceHost")]
    #[builder(default, setter(strip_option))]
    pub ssl_force_host: Option<bool>,
    /// Deprecated: SSLHost option is deprecated, please use RedirectRegex instead.
    #[serde(default, skip_serializing_if = "Option::is_none", rename = "sslHost")]
    #[builder(default, setter(strip_option))]
    pub ssl_host: Option<String>,
    /// SSLProxyHeaders defines the header keys with associated values that would indicate a valid HTTPS request.
    /// It can be useful when using other proxies (example: "X-Forwarded-Proto": "https").
    #[serde(default, skip_serializing_if = "Option::is_none", rename = "sslProxyHeaders")]
    #[builder(default, setter(strip_option))]
    pub ssl_proxy_headers: Option<BTreeMap<String, String>>,
    /// Deprecated: SSLRedirect option is deprecated, please use EntryPoint redirection or RedirectScheme instead.
    #[serde(default, skip_serializing_if = "Option::is_none", rename = "sslRedirect")]
    #[builder(default, setter(strip_option))]
    pub ssl_redirect: Option<bool>,
    /// Deprecated: SSLTemporaryRedirect option is deprecated, please use EntryPoint redirection or RedirectScheme instead.
    #[serde(default, skip_serializing_if = "Option::is_none", rename = "sslTemporaryRedirect")]
    #[builder(default, setter(strip_option))]
    pub ssl_temporary_redirect: Option<bool>,
    /// STSIncludeSubdomains defines whether the includeSubDomains directive is appended to the Strict-Transport-Security header.
    #[serde(default, skip_serializing_if = "Option::is_none", rename = "stsIncludeSubdomains")]
    #[builder(default, setter(strip_option))]
    pub sts_include_subdomains: Option<bool>,
    /// STSPreload defines whether the preload flag is appended to the Strict-Transport-Security header.
    #[serde(default, skip_serializing_if = "Option::is_none", rename = "stsPreload")]
    #[builder(default, setter(strip_option))]
    pub sts_preload: Option<bool>,
    /// STSSeconds defines the max-age of the Strict-Transport-Security header.
    /// If set to 0, the header is not set.
    #[serde(default, skip_serializing_if = "Option::is_none", rename = "stsSeconds")]
    #[builder(default, setter(strip_option))]
    pub sts_seconds: Option<i64>,
}

/// InFlightReq holds the in-flight request middleware configuration.
/// This middleware limits the number of requests being processed and served concurrently.
/// More info: https://doc.traefik.io/traefik/v3.3/middlewares/http/inflightreq/
#[derive(Serialize, Deserialize, Clone, Debug, TypedBuilder, Default, PartialEq, JsonSchema)]
pub struct MiddlewareInFlightReq {
    /// Amount defines the maximum amount of allowed simultaneous in-flight request.
    /// The middleware responds with HTTP 429 Too Many Requests if there are already amount requests in progress (based on the same sourceCriterion strategy).
    #[serde(default, skip_serializing_if = "Option::is_none")]
    #[builder(default, setter(strip_option))]
    pub amount: Option<i64>,
    /// SourceCriterion defines what criterion is used to group requests as originating from a common source.
    /// If several strategies are defined at the same time, an error will be raised.
    /// If none are set, the default is to use the requestHost.
    /// More info: https://doc.traefik.io/traefik/v3.3/middlewares/http/inflightreq/#sourcecriterion
    #[serde(default, skip_serializing_if = "Option::is_none", rename = "sourceCriterion")]
    #[builder(default, setter(strip_option))]
    pub source_criterion: Option<MiddlewareInFlightReqSourceCriterion>,
}

/// SourceCriterion defines what criterion is used to group requests as originating from a common source.
/// If several strategies are defined at the same time, an error will be raised.
/// If none are set, the default is to use the requestHost.
/// More info: https://doc.traefik.io/traefik/v3.3/middlewares/http/inflightreq/#sourcecriterion
#[derive(Serialize, Deserialize, Clone, Debug, TypedBuilder, Default, PartialEq, JsonSchema)]
pub struct MiddlewareInFlightReqSourceCriterion {
    /// IPStrategy holds the IP strategy configuration used by Traefik to determine the client IP.
    /// More info: https://doc.traefik.io/traefik/v3.3/middlewares/http/ipallowlist/#ipstrategy
    #[serde(default, skip_serializing_if = "Option::is_none", rename = "ipStrategy")]
    #[builder(default, setter(strip_option))]
    pub ip_strategy: Option<MiddlewareInFlightReqSourceCriterionIpStrategy>,
    /// RequestHeaderName defines the name of the header used to group incoming requests.
    #[serde(default, skip_serializing_if = "Option::is_none", rename = "requestHeaderName")]
    #[builder(default, setter(strip_option))]
    pub request_header_name: Option<String>,
    /// RequestHost defines whether to consider the request Host as the source.
    #[serde(default, skip_serializing_if = "Option::is_none", rename = "requestHost")]
    #[builder(default, setter(strip_option))]
    pub request_host: Option<bool>,
}

/// IPStrategy holds the IP strategy configuration used by Traefik to determine the client IP.
/// More info: https://doc.traefik.io/traefik/v3.3/middlewares/http/ipallowlist/#ipstrategy
#[derive(Serialize, Deserialize, Clone, Debug, TypedBuilder, Default, PartialEq, JsonSchema)]
pub struct MiddlewareInFlightReqSourceCriterionIpStrategy {
    /// Depth tells Traefik to use the X-Forwarded-For header and take the IP located at the depth position (starting from the right).
    #[serde(default, skip_serializing_if = "Option::is_none")]
    #[builder(default, setter(strip_option))]
    pub depth: Option<i64>,
    /// ExcludedIPs configures Traefik to scan the X-Forwarded-For header and select the first IP not in the list.
    #[serde(default, skip_serializing_if = "Option::is_none", rename = "excludedIPs")]
    #[builder(default, setter(strip_option))]
    pub excluded_i_ps: Option<Vec<String>>,
    /// IPv6Subnet configures Traefik to consider all IPv6 addresses from the defined subnet as originating from the same IP. Applies to RemoteAddrStrategy and DepthStrategy.
    #[serde(default, skip_serializing_if = "Option::is_none", rename = "ipv6Subnet")]
    #[builder(default, setter(strip_option))]
    pub ipv6_subnet: Option<i64>,
}

/// IPAllowList holds the IP allowlist middleware configuration.
/// This middleware limits allowed requests based on the client IP.
/// More info: https://doc.traefik.io/traefik/v3.3/middlewares/http/ipallowlist/
#[derive(Serialize, Deserialize, Clone, Debug, TypedBuilder, Default, PartialEq, JsonSchema)]
pub struct MiddlewareIpAllowList {
    /// IPStrategy holds the IP strategy configuration used by Traefik to determine the client IP.
    /// More info: https://doc.traefik.io/traefik/v3.3/middlewares/http/ipallowlist/#ipstrategy
    #[serde(default, skip_serializing_if = "Option::is_none", rename = "ipStrategy")]
    #[builder(default, setter(strip_option))]
    pub ip_strategy: Option<MiddlewareIpAllowListIpStrategy>,
    /// RejectStatusCode defines the HTTP status code used for refused requests.
    /// If not set, the default is 403 (Forbidden).
    #[serde(default, skip_serializing_if = "Option::is_none", rename = "rejectStatusCode")]
    #[builder(default, setter(strip_option))]
    pub reject_status_code: Option<i64>,
    /// SourceRange defines the set of allowed IPs (or ranges of allowed IPs by using CIDR notation).
    #[serde(default, skip_serializing_if = "Option::is_none", rename = "sourceRange")]
    #[builder(default, setter(strip_option))]
    pub source_range: Option<Vec<String>>,
}

/// IPStrategy holds the IP strategy configuration used by Traefik to determine the client IP.
/// More info: https://doc.traefik.io/traefik/v3.3/middlewares/http/ipallowlist/#ipstrategy
#[derive(Serialize, Deserialize, Clone, Debug, TypedBuilder, Default, PartialEq, JsonSchema)]
pub struct MiddlewareIpAllowListIpStrategy {
    /// Depth tells Traefik to use the X-Forwarded-For header and take the IP located at the depth position (starting from the right).
    #[serde(default, skip_serializing_if = "Option::is_none")]
    #[builder(default, setter(strip_option))]
    pub depth: Option<i64>,
    /// ExcludedIPs configures Traefik to scan the X-Forwarded-For header and select the first IP not in the list.
    #[serde(default, skip_serializing_if = "Option::is_none", rename = "excludedIPs")]
    #[builder(default, setter(strip_option))]
    pub excluded_i_ps: Option<Vec<String>>,
    /// IPv6Subnet configures Traefik to consider all IPv6 addresses from the defined subnet as originating from the same IP. Applies to RemoteAddrStrategy and DepthStrategy.
    #[serde(default, skip_serializing_if = "Option::is_none", rename = "ipv6Subnet")]
    #[builder(default, setter(strip_option))]
    pub ipv6_subnet: Option<i64>,
}

/// Deprecated: please use IPAllowList instead.
#[derive(Serialize, Deserialize, Clone, Debug, TypedBuilder, Default, PartialEq, JsonSchema)]
pub struct MiddlewareIpWhiteList {
    /// IPStrategy holds the IP strategy configuration used by Traefik to determine the client IP.
    /// More info: https://doc.traefik.io/traefik/v3.3/middlewares/http/ipallowlist/#ipstrategy
    #[serde(default, skip_serializing_if = "Option::is_none", rename = "ipStrategy")]
    #[builder(default, setter(strip_option))]
    pub ip_strategy: Option<MiddlewareIpWhiteListIpStrategy>,
    /// SourceRange defines the set of allowed IPs (or ranges of allowed IPs by using CIDR notation). Required.
    #[serde(default, skip_serializing_if = "Option::is_none", rename = "sourceRange")]
    #[builder(default, setter(strip_option))]
    pub source_range: Option<Vec<String>>,
}

/// IPStrategy holds the IP strategy configuration used by Traefik to determine the client IP.
/// More info: https://doc.traefik.io/traefik/v3.3/middlewares/http/ipallowlist/#ipstrategy
#[derive(Serialize, Deserialize, Clone, Debug, TypedBuilder, Default, PartialEq, JsonSchema)]
pub struct MiddlewareIpWhiteListIpStrategy {
    /// Depth tells Traefik to use the X-Forwarded-For header and take the IP located at the depth position (starting from the right).
    #[serde(default, skip_serializing_if = "Option::is_none")]
    #[builder(default, setter(strip_option))]
    pub depth: Option<i64>,
    /// ExcludedIPs configures Traefik to scan the X-Forwarded-For header and select the first IP not in the list.
    #[serde(default, skip_serializing_if = "Option::is_none", rename = "excludedIPs")]
    #[builder(default, setter(strip_option))]
    pub excluded_i_ps: Option<Vec<String>>,
    /// IPv6Subnet configures Traefik to consider all IPv6 addresses from the defined subnet as originating from the same IP. Applies to RemoteAddrStrategy and DepthStrategy.
    #[serde(default, skip_serializing_if = "Option::is_none", rename = "ipv6Subnet")]
    #[builder(default, setter(strip_option))]
    pub ipv6_subnet: Option<i64>,
}

/// PassTLSClientCert holds the pass TLS client cert middleware configuration.
/// This middleware adds the selected data from the passed client TLS certificate to a header.
/// More info: https://doc.traefik.io/traefik/v3.3/middlewares/http/passtlsclientcert/
#[derive(Serialize, Deserialize, Clone, Debug, TypedBuilder, Default, PartialEq, JsonSchema)]
pub struct MiddlewarePassTlsClientCert {
    /// Info selects the specific client certificate details you want to add to the X-Forwarded-Tls-Client-Cert-Info header.
    #[serde(default, skip_serializing_if = "Option::is_none")]
    #[builder(default, setter(strip_option))]
    pub info: Option<MiddlewarePassTlsClientCertInfo>,
    /// PEM sets the X-Forwarded-Tls-Client-Cert header with the certificate.
    #[serde(default, skip_serializing_if = "Option::is_none")]
    #[builder(default, setter(strip_option))]
    pub pem: Option<bool>,
}

/// Info selects the specific client certificate details you want to add to the X-Forwarded-Tls-Client-Cert-Info header.
#[derive(Serialize, Deserialize, Clone, Debug, TypedBuilder, Default, PartialEq, JsonSchema)]
pub struct MiddlewarePassTlsClientCertInfo {
    /// Issuer defines the client certificate issuer details to add to the X-Forwarded-Tls-Client-Cert-Info header.
    #[serde(default, skip_serializing_if = "Option::is_none")]
    #[builder(default, setter(strip_option))]
    pub issuer: Option<MiddlewarePassTlsClientCertInfoIssuer>,
    /// NotAfter defines whether to add the Not After information from the Validity part.
    #[serde(default, skip_serializing_if = "Option::is_none", rename = "notAfter")]
    #[builder(default, setter(strip_option))]
    pub not_after: Option<bool>,
    /// NotBefore defines whether to add the Not Before information from the Validity part.
    #[serde(default, skip_serializing_if = "Option::is_none", rename = "notBefore")]
    #[builder(default, setter(strip_option))]
    pub not_before: Option<bool>,
    /// Sans defines whether to add the Subject Alternative Name information from the Subject Alternative Name part.
    #[serde(default, skip_serializing_if = "Option::is_none")]
    #[builder(default, setter(strip_option))]
    pub sans: Option<bool>,
    /// SerialNumber defines whether to add the client serialNumber information.
    #[serde(default, skip_serializing_if = "Option::is_none", rename = "serialNumber")]
    #[builder(default, setter(strip_option))]
    pub serial_number: Option<bool>,
    /// Subject defines the client certificate subject details to add to the X-Forwarded-Tls-Client-Cert-Info header.
    #[serde(default, skip_serializing_if = "Option::is_none")]
    #[builder(default, setter(strip_option))]
    pub subject: Option<MiddlewarePassTlsClientCertInfoSubject>,
}

/// Issuer defines the client certificate issuer details to add to the X-Forwarded-Tls-Client-Cert-Info header.
#[derive(Serialize, Deserialize, Clone, Debug, TypedBuilder, Default, PartialEq, JsonSchema)]
pub struct MiddlewarePassTlsClientCertInfoIssuer {
    /// CommonName defines whether to add the organizationalUnit information into the issuer.
    #[serde(default, skip_serializing_if = "Option::is_none", rename = "commonName")]
    #[builder(default, setter(strip_option))]
    pub common_name: Option<bool>,
    /// Country defines whether to add the country information into the issuer.
    #[serde(default, skip_serializing_if = "Option::is_none")]
    #[builder(default, setter(strip_option))]
    pub country: Option<bool>,
    /// DomainComponent defines whether to add the domainComponent information into the issuer.
    #[serde(default, skip_serializing_if = "Option::is_none", rename = "domainComponent")]
    #[builder(default, setter(strip_option))]
    pub domain_component: Option<bool>,
    /// Locality defines whether to add the locality information into the issuer.
    #[serde(default, skip_serializing_if = "Option::is_none")]
    #[builder(default, setter(strip_option))]
    pub locality: Option<bool>,
    /// Organization defines whether to add the organization information into the issuer.
    #[serde(default, skip_serializing_if = "Option::is_none")]
    #[builder(default, setter(strip_option))]
    pub organization: Option<bool>,
    /// Province defines whether to add the province information into the issuer.
    #[serde(default, skip_serializing_if = "Option::is_none")]
    #[builder(default, setter(strip_option))]
    pub province: Option<bool>,
    /// SerialNumber defines whether to add the serialNumber information into the issuer.
    #[serde(default, skip_serializing_if = "Option::is_none", rename = "serialNumber")]
    #[builder(default, setter(strip_option))]
    pub serial_number: Option<bool>,
}

/// Subject defines the client certificate subject details to add to the X-Forwarded-Tls-Client-Cert-Info header.
#[derive(Serialize, Deserialize, Clone, Debug, TypedBuilder, Default, PartialEq, JsonSchema)]
pub struct MiddlewarePassTlsClientCertInfoSubject {
    /// CommonName defines whether to add the organizationalUnit information into the subject.
    #[serde(default, skip_serializing_if = "Option::is_none", rename = "commonName")]
    #[builder(default, setter(strip_option))]
    pub common_name: Option<bool>,
    /// Country defines whether to add the country information into the subject.
    #[serde(default, skip_serializing_if = "Option::is_none")]
    #[builder(default, setter(strip_option))]
    pub country: Option<bool>,
    /// DomainComponent defines whether to add the domainComponent information into the subject.
    #[serde(default, skip_serializing_if = "Option::is_none", rename = "domainComponent")]
    #[builder(default, setter(strip_option))]
    pub domain_component: Option<bool>,
    /// Locality defines whether to add the locality information into the subject.
    #[serde(default, skip_serializing_if = "Option::is_none")]
    #[builder(default, setter(strip_option))]
    pub locality: Option<bool>,
    /// Organization defines whether to add the organization information into the subject.
    #[serde(default, skip_serializing_if = "Option::is_none")]
    #[builder(default, setter(strip_option))]
    pub organization: Option<bool>,
    /// OrganizationalUnit defines whether to add the organizationalUnit information into the subject.
    #[serde(default, skip_serializing_if = "Option::is_none", rename = "organizationalUnit")]
    #[builder(default, setter(strip_option))]
    pub organizational_unit: Option<bool>,
    /// Province defines whether to add the province information into the subject.
    #[serde(default, skip_serializing_if = "Option::is_none")]
    #[builder(default, setter(strip_option))]
    pub province: Option<bool>,
    /// SerialNumber defines whether to add the serialNumber information into the subject.
    #[serde(default, skip_serializing_if = "Option::is_none", rename = "serialNumber")]
    #[builder(default, setter(strip_option))]
    pub serial_number: Option<bool>,
}

/// RateLimit holds the rate limit configuration.
/// This middleware ensures that services will receive a fair amount of requests, and allows one to define what fair is.
/// More info: https://doc.traefik.io/traefik/v3.3/middlewares/http/ratelimit/
#[derive(Serialize, Deserialize, Clone, Debug, TypedBuilder, Default, PartialEq, JsonSchema)]
pub struct MiddlewareRateLimit {
    /// Average is the maximum rate, by default in requests/s, allowed for the given source.
    /// It defaults to 0, which means no rate limiting.
    /// The rate is actually defined by dividing Average by Period. So for a rate below 1req/s,
    /// one needs to define a Period larger than a second.
    #[serde(default, skip_serializing_if = "Option::is_none")]
    #[builder(default, setter(strip_option))]
    pub average: Option<i64>,
    /// Burst is the maximum number of requests allowed to arrive in the same arbitrarily small period of time.
    /// It defaults to 1.
    #[serde(default, skip_serializing_if = "Option::is_none")]
    #[builder(default, setter(strip_option))]
    pub burst: Option<i64>,
    /// Period, in combination with Average, defines the actual maximum rate, such as:
    /// r = Average / Period. It defaults to a second.
    #[serde(default, skip_serializing_if = "Option::is_none")]
    #[builder(default, setter(strip_option))]
    pub period: Option<IntOrString>,
    /// SourceCriterion defines what criterion is used to group requests as originating from a common source.
    /// If several strategies are defined at the same time, an error will be raised.
    /// If none are set, the default is to use the request's remote address field (as an ipStrategy).
    #[serde(default, skip_serializing_if = "Option::is_none", rename = "sourceCriterion")]
    #[builder(default, setter(strip_option))]
    pub source_criterion: Option<MiddlewareRateLimitSourceCriterion>,
}

/// SourceCriterion defines what criterion is used to group requests as originating from a common source.
/// If several strategies are defined at the same time, an error will be raised.
/// If none are set, the default is to use the request's remote address field (as an ipStrategy).
#[derive(Serialize, Deserialize, Clone, Debug, TypedBuilder, Default, PartialEq, JsonSchema)]
pub struct MiddlewareRateLimitSourceCriterion {
    /// IPStrategy holds the IP strategy configuration used by Traefik to determine the client IP.
    /// More info: https://doc.traefik.io/traefik/v3.3/middlewares/http/ipallowlist/#ipstrategy
    #[serde(default, skip_serializing_if = "Option::is_none", rename = "ipStrategy")]
    #[builder(default, setter(strip_option))]
    pub ip_strategy: Option<MiddlewareRateLimitSourceCriterionIpStrategy>,
    /// RequestHeaderName defines the name of the header used to group incoming requests.
    #[serde(default, skip_serializing_if = "Option::is_none", rename = "requestHeaderName")]
    #[builder(default, setter(strip_option))]
    pub request_header_name: Option<String>,
    /// RequestHost defines whether to consider the request Host as the source.
    #[serde(default, skip_serializing_if = "Option::is_none", rename = "requestHost")]
    #[builder(default, setter(strip_option))]
    pub request_host: Option<bool>,
}

/// IPStrategy holds the IP strategy configuration used by Traefik to determine the client IP.
/// More info: https://doc.traefik.io/traefik/v3.3/middlewares/http/ipallowlist/#ipstrategy
#[derive(Serialize, Deserialize, Clone, Debug, TypedBuilder, Default, PartialEq, JsonSchema)]
pub struct MiddlewareRateLimitSourceCriterionIpStrategy {
    /// Depth tells Traefik to use the X-Forwarded-For header and take the IP located at the depth position (starting from the right).
    #[serde(default, skip_serializing_if = "Option::is_none")]
    #[builder(default, setter(strip_option))]
    pub depth: Option<i64>,
    /// ExcludedIPs configures Traefik to scan the X-Forwarded-For header and select the first IP not in the list.
    #[serde(default, skip_serializing_if = "Option::is_none", rename = "excludedIPs")]
    #[builder(default, setter(strip_option))]
    pub excluded_i_ps: Option<Vec<String>>,
    /// IPv6Subnet configures Traefik to consider all IPv6 addresses from the defined subnet as originating from the same IP. Applies to RemoteAddrStrategy and DepthStrategy.
    #[serde(default, skip_serializing_if = "Option::is_none", rename = "ipv6Subnet")]
    #[builder(default, setter(strip_option))]
    pub ipv6_subnet: Option<i64>,
}

/// RedirectRegex holds the redirect regex middleware configuration.
/// This middleware redirects a request using regex matching and replacement.
/// More info: https://doc.traefik.io/traefik/v3.3/middlewares/http/redirectregex/#regex
#[derive(Serialize, Deserialize, Clone, Debug, TypedBuilder, Default, PartialEq, JsonSchema)]
pub struct MiddlewareRedirectRegex {
    /// Permanent defines whether the redirection is permanent (301).
    #[serde(default, skip_serializing_if = "Option::is_none")]
    #[builder(default, setter(strip_option))]
    pub permanent: Option<bool>,
    /// Regex defines the regex used to match and capture elements from the request URL.
    #[serde(default, skip_serializing_if = "Option::is_none")]
    #[builder(default, setter(strip_option))]
    pub regex: Option<String>,
    /// Replacement defines how to modify the URL to have the new target URL.
    #[serde(default, skip_serializing_if = "Option::is_none")]
    #[builder(default, setter(strip_option))]
    pub replacement: Option<String>,
}

/// RedirectScheme holds the redirect scheme middleware configuration.
/// This middleware redirects requests from a scheme/port to another.
/// More info: https://doc.traefik.io/traefik/v3.3/middlewares/http/redirectscheme/
#[derive(Serialize, Deserialize, Clone, Debug, TypedBuilder, Default, PartialEq, JsonSchema)]
pub struct MiddlewareRedirectScheme {
    /// Permanent defines whether the redirection is permanent (301).
    #[serde(default, skip_serializing_if = "Option::is_none")]
    #[builder(default, setter(strip_option))]
    pub permanent: Option<bool>,
    /// Port defines the port of the new URL.
    #[serde(default, skip_serializing_if = "Option::is_none")]
    #[builder(default, setter(strip_option))]
    pub port: Option<String>,
    /// Scheme defines the scheme of the new URL.
    #[serde(default, skip_serializing_if = "Option::is_none")]
    #[builder(default, setter(strip_option))]
    pub scheme: Option<String>,
}

/// ReplacePath holds the replace path middleware configuration.
/// This middleware replaces the path of the request URL and store the original path in an X-Replaced-Path header.
/// More info: https://doc.traefik.io/traefik/v3.3/middlewares/http/replacepath/
#[derive(Serialize, Deserialize, Clone, Debug, TypedBuilder, Default, PartialEq, JsonSchema)]
pub struct MiddlewareReplacePath {
    /// Path defines the path to use as replacement in the request URL.
    #[serde(default, skip_serializing_if = "Option::is_none")]
    #[builder(default, setter(strip_option))]
    pub path: Option<String>,
}

/// ReplacePathRegex holds the replace path regex middleware configuration.
/// This middleware replaces the path of a URL using regex matching and replacement.
/// More info: https://doc.traefik.io/traefik/v3.3/middlewares/http/replacepathregex/
#[derive(Serialize, Deserialize, Clone, Debug, TypedBuilder, Default, PartialEq, JsonSchema)]
pub struct MiddlewareReplacePathRegex {
    /// Regex defines the regular expression used to match and capture the path from the request URL.
    #[serde(default, skip_serializing_if = "Option::is_none")]
    #[builder(default, setter(strip_option))]
    pub regex: Option<String>,
    /// Replacement defines the replacement path format, which can include captured variables.
    #[serde(default, skip_serializing_if = "Option::is_none")]
    #[builder(default, setter(strip_option))]
    pub replacement: Option<String>,
}

/// Retry holds the retry middleware configuration.
/// This middleware reissues requests a given number of times to a backend server if that server does not reply.
/// As soon as the server answers, the middleware stops retrying, regardless of the response status.
/// More info: https://doc.traefik.io/traefik/v3.3/middlewares/http/retry/
#[derive(Serialize, Deserialize, Clone, Debug, TypedBuilder, Default, PartialEq, JsonSchema)]
pub struct MiddlewareRetry {
    /// Attempts defines how many times the request should be retried.
    #[serde(default, skip_serializing_if = "Option::is_none")]
    #[builder(default, setter(strip_option))]
    pub attempts: Option<i64>,
    /// InitialInterval defines the first wait time in the exponential backoff series.
    /// The maximum interval is calculated as twice the initialInterval.
    /// If unspecified, requests will be retried immediately.
    /// The value of initialInterval should be provided in seconds or as a valid duration format,
    /// see https://pkg.go.dev/time#ParseDuration.
    #[serde(default, skip_serializing_if = "Option::is_none", rename = "initialInterval")]
    #[builder(default, setter(strip_option))]
    pub initial_interval: Option<IntOrString>,
}

/// StripPrefix holds the strip prefix middleware configuration.
/// This middleware removes the specified prefixes from the URL path.
/// More info: https://doc.traefik.io/traefik/v3.3/middlewares/http/stripprefix/
#[derive(Serialize, Deserialize, Clone, Debug, TypedBuilder, Default, PartialEq, JsonSchema)]
pub struct MiddlewareStripPrefix {
    /// Deprecated: ForceSlash option is deprecated, please remove any usage of this option.
    /// ForceSlash ensures that the resulting stripped path is not the empty string, by replacing it with / when necessary.
    /// Default: true.
    #[serde(default, skip_serializing_if = "Option::is_none", rename = "forceSlash")]
    #[builder(default, setter(strip_option))]
    pub force_slash: Option<bool>,
    /// Prefixes defines the prefixes to strip from the request URL.
    #[serde(default, skip_serializing_if = "Option::is_none")]
    #[builder(default, setter(strip_option))]
    pub prefixes: Option<Vec<String>>,
}

/// StripPrefixRegex holds the strip prefix regex middleware configuration.
/// This middleware removes the matching prefixes from the URL path.
/// More info: https://doc.traefik.io/traefik/v3.3/middlewares/http/stripprefixregex/
#[derive(Serialize, Deserialize, Clone, Debug, TypedBuilder, Default, PartialEq, JsonSchema)]
pub struct MiddlewareStripPrefixRegex {
    /// Regex defines the regular expression to match the path prefix from the request URL.
    #[serde(default, skip_serializing_if = "Option::is_none")]
    #[builder(default, setter(strip_option))]
    pub regex: Option<Vec<String>>,
}