Allow traffic to default server _

2016-04-02 17:41:41 -03:00 · 2016-04-02 17:41:41 -03:00 · 0c2e199833
commit 0c2e199833
parent b658ba8cac
2 changed files with 25 additions and 23 deletions
--- a/controllers/nginx/controller.go
+++ b/controllers/nginx/controller.go
@ -42,6 +42,7 @@ import (
 const (
 	defUpstreamName = "upstream-default-backend"
 	defServerName   = "_"
 )
 var (
@ -435,10 +436,19 @@ func (lbc *loadBalancerController) getDefaultUpstream() *nginx.Upstream {
 func (lbc *loadBalancerController) getUpstreamServers(data []interface{}) ([]*nginx.Upstream, []*nginx.Server) {
 	upstreams := lbc.createUpstreams(data)
 	servers := lbc.createServers(data)
 	upstreams[defUpstreamName] = lbc.getDefaultUpstream()
 	servers := lbc.createServers(data)
 	// default server - no servername.
 	servers[defServerName] = &nginx.Server{
 		Name: defServerName,
 		Locations: []*nginx.Location{&nginx.Location{
 			Path:     "/",
 			Upstream: *lbc.getDefaultUpstream(),
 		},
 		},
 	}
 	for _, ingIf := range data {
 		ing := ingIf.(*extensions.Ingress)
@ -521,7 +531,6 @@ func (lbc *loadBalancerController) getUpstreamServers(data []interface{}) ([]*ng
 func (lbc *loadBalancerController) createUpstreams(data []interface{}) map[string]*nginx.Upstream {
 	upstreams := make(map[string]*nginx.Upstream)
 	upstreams[defUpstreamName] = nginx.NewUpstream(defUpstreamName)
 	for _, ingIf := range data {
 		ing := ingIf.(*extensions.Ingress)
@ -603,6 +612,17 @@ func (lbc *loadBalancerController) getPemsFromIngress(data []interface{}) map[st
 				continue
 			}
 			if len(tls.Hosts) == 0 {
 				if _, ok := pems["_"]; ok {
 					glog.Warningf("It is not possible to use %v secret for default SSL certificate because there is one already defined", secretName)
 					continue
 				}
 				pems["_"] = pemFileName
 				glog.Infof("Using the secret %v as source for the default SSL certificate", secretName)
 				continue
 			}
 			for _, host := range tls.Hosts {
 				if isHostValid(host, cn) {
 					pems[host] = pemFileName
--- a/controllers/nginx/nginx.tmpl
+++ b/controllers/nginx/nginx.tmpl
@ -40,7 +40,7 @@ http {
    server_names_hash_bucket_size {{ $cfg.serverNameHashBucketSize }};
    include /etc/nginx/mime.types;
-    default_type application/octet-stream;
+    default_type text/html;
    {{ if $cfg.useGzip }}
    gzip on;
    gzip_comp_level 5;
@ -143,24 +143,6 @@ http {
    # In case of errors try the next upstream server before returning an error
    proxy_next_upstream                     error timeout invalid_header http_502 http_503 http_504 {{ if $cfg.retryNonIdempotent }}non_idempotent{{ end }};
    server {
        listen 80 default_server{{ if $cfg.useProxyProtocol }} proxy_protocol{{ end }};
        location / {
            return 200;
        }
        location /nginx_status {
            allow 127.0.0.1;
            deny all;
            access_log off;
            stub_status on;
        }
        {{ template "CUSTOM_ERRORS" $cfg }}
    }
    {{range $name, $upstream := .upstreams}}
    upstream {{$upstream.Name}} {
        least_conn;
@ -186,6 +168,7 @@ http {
            return 301 https://$host$request_uri;
        }
        {{ end }}
        {{ range $location := $server.Locations }}
        location {{ $location.Path }} {
            proxy_set_header Host                   $host;
@ -199,7 +182,6 @@ http {
            proxy_set_header X-Forwarded-For        $proxy_add_x_forwarded_for;
            proxy_set_header X-Forwarded-Host       $host;
            proxy_set_header X-Forwarded-Server     $host;
            proxy_set_header X-Forwarded-Proto      $pass_access_scheme;
            proxy_connect_timeout                   {{ $cfg.proxyConnectTimeout }}s;