DevFW-CICD/ingress-nginx-helm
12
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Add support to disable server_tokens directive

Browse source
This commit is contained in:
Manuel de Brito Fontes 2016-12-29 12:37:37 -03:00
parent 567fa3b456
commit af9375aa96
2 changed files with 16 additions and 8 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

22
controllers/nginx/pkg/config/config.go
View file

@ -156,6 +156,11 @@ type Configuration struct {
// http://nginx.org/en/docs/http/ngx_http_core_module.html#server_names_hash_bucket_size // http://nginx.org/en/docs/http/ngx_http_core_module.html#server_names_hash_bucket_size
ServerNameHashBucketSize int `json:"server-name-hash-bucket-size,omitempty"` ServerNameHashBucketSize int `json:"server-name-hash-bucket-size,omitempty"`
// Enables or disables emitting nginx version in error messages and in the “Server” response header field.
// http://nginx.org/en/docs/http/ngx_http_core_module.html#server_tokens
// Default: true
ShowServerTokens bool `json:"server-tokens"`
// Enabled ciphers list to enabled. The ciphers are specified in the format understood by // Enabled ciphers list to enabled. The ciphers are specified in the format understood by
// the OpenSSL library // the OpenSSL library
// http://nginx.org/en/docs/http/ngx_http_ssl_module.html#ssl_ciphers // http://nginx.org/en/docs/http/ngx_http_ssl_module.html#ssl_ciphers
@ -234,6 +239,7 @@ func NewDefault() Configuration {
ProxyRealIPCIDR: defIPCIDR, ProxyRealIPCIDR: defIPCIDR,
ServerNameHashMaxSize: 512, ServerNameHashMaxSize: 512,
ServerNameHashBucketSize: 64, ServerNameHashBucketSize: 64,
ShowServerTokens: true,
SSLBufferSize: sslBufferSize, SSLBufferSize: sslBufferSize,
SSLCiphers: sslCiphers, SSLCiphers: sslCiphers,
SSLProtocols: sslProtocols, SSLProtocols: sslProtocols,
@ -266,13 +272,13 @@ func NewDefault() Configuration {
} }
type TemplateConfig struct { type TemplateConfig struct {
BacklogSize int BacklogSize int
Backends []*ingress.Backend Backends []*ingress.Backend
PassthroughBackends []*ingress.SSLPassthroughBackend PassthroughBackends []*ingress.SSLPassthroughBackend
Servers []*ingress.Server Servers []*ingress.Server
TCPBackends []*ingress.Location TCPBackends []*ingress.Location
UDPBackends []*ingress.Location UDPBackends []*ingress.Location
HealthzURI string HealthzURI string
CustomErrors bool CustomErrors bool
Cfg Configuration Cfg Configuration
} }

2
controllers/nginx/rootfs/etc/nginx/template/nginx.tmpl
View file

@ -68,6 +68,8 @@ http {
gzip_proxied any; gzip_proxied any;
{{ end }} {{ end }}
server_tokens {{ if $cfg.ShowServerTokens }}on{{ else }}off{{ end }};
client_max_body_size "{{ $cfg.BodySize }}"; client_max_body_size "{{ $cfg.BodySize }}";
log_format upstreaminfo '{{ if $cfg.UseProxyProtocol }}$proxy_protocol_addr{{ else }}$remote_addr{{ end }} - ' log_format upstreaminfo '{{ if $cfg.UseProxyProtocol }}$proxy_protocol_addr{{ else }}$remote_addr{{ end }} - '