DevFW-CICD/ingress-nginx-helm
15
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Merge pull request #919 from Collaborne/pr/redirect-per-location

Browse source 
Apply the 'ssl-redirect' annotation per-location
This commit is contained in:
Manuel Alejandro de Brito Fontes 2017-06-28 13:43:44 -04:00 committed by GitHub
commit 3c9ac43058
1 changed files with 8 additions and 7 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

15
controllers/nginx/rootfs/etc/nginx/template/nginx.tmpl
View file

@ -315,13 +315,6 @@ http {
ssl_verify_depth {{ $location.CertificateAuth.ValidationDepth }};
{{ end }}
{{ if (or $location.Redirect.ForceSSLRedirect (and (not (empty $server.SSLCertificate)) $location.Redirect.SSLRedirect)) }}
# enforce ssl on server side
if ($pass_access_scheme = http) {
return 301 https://$best_http_host$request_uri;
}
{{ end }}
{{ if not (empty $location.Redirect.AppRoot)}}
if ($uri = /) {
return 302 {{ $location.Redirect.AppRoot }};
@ -355,6 +348,14 @@ http {
location {{ $path }} {
set $proxy_upstream_name "{{ buildUpstreamName $server.Hostname $backends $location }}";
{{ if (or $location.Redirect.ForceSSLRedirect (and (not (empty $server.SSLCertificate)) $location.Redirect.SSLRedirect)) }}
# enforce ssl on server side
if ($pass_access_scheme = http) {
return 301 https://$best_http_host$request_uri;
}
{{ end }}
{{ if isLocationAllowed $location }}
{{ if gt (len $location.Whitelist.CIDR) 0 }}
if ({{ buildDenyVariable (print $server.Hostname "_" $path) }}) {