DevFW-CICD/ingress-nginx-helm
16
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Merge f49e756d47 into e05ac9b4bd

Browse source
This commit is contained in:
Ricardo Katz 2017-09-07 21:26:32 +00:00 committed by GitHub
commit 23ad16acc7
1 changed files with 15 additions and 8 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

23
controllers/nginx/rootfs/etc/nginx/template/nginx.tmpl
View file

@ -28,14 +28,12 @@ http {
{{/* we use the value of the header X-Forwarded-For to be able to use the geo_ip module */}}
{{ if $cfg.UseProxyProtocol }}
real_ip_header proxy_protocol;
{{ else }}
real_ip_header X-Forwarded-For;
{{ end }}
real_ip_recursive on;
{{ range $trusted_ip := $cfg.ProxyRealIPCIDR }}
set_real_ip_from {{ $trusted_ip }};
{{ end }}
{{ end }}
{{/* databases used to determine the country depending on the client IP address */}}
{{/* http://nginx.org/en/docs/http/ngx_http_geoip_module.html */}}
@ -143,6 +141,7 @@ http {
'' close;
}
{{ if $cfg.UseProxyProtocol }}
# trust http_x_forwarded_proto headers correctly indicate ssl offloading
map $http_x_forwarded_proto $pass_access_scheme {
default $http_x_forwarded_proto;
@ -154,16 +153,24 @@ http {
'' $server_port;
}
{{ if $cfg.UseProxyProtocol }}
map $http_x_forwarded_for $the_real_ip {
default $http_x_forwarded_for;
'' $proxy_protocol_addr;
}
{{ else }}
map $http_x_forwarded_for $the_real_ip {
default $http_x_forwarded_for;
'' $realip_remote_addr;
map $http_x_forwarded_proto $pass_access_scheme {
default $scheme;
}
map $http_x_forwarded_port $pass_server_port {
default $server_port;
}
map $http_x_forwarded_for $the_real_ip {
default $remote_addr;
}
{{ end }}
{{ if $all.IsSSLPassthroughEnabled }}
@ -269,7 +276,7 @@ http {
{{ end }}
upstream {{ $upstream.Name }} {
# Load balance algorithm; empty for round robin, which is the default
{{/* Load balance algorithm; empty for round robin, which is the default */}}
{{ if ne $cfg.LoadBalanceAlgorithm "round_robin" }}
{{ $cfg.LoadBalanceAlgorithm }};
{{ end }}