DevFW-CICD/ingress-nginx-helm
12
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
1266 commits 4 branches 217 tags 166 MiB
Commit graph

121 commits

Author SHA1 Message Date
Manuel Alejandro de Brito Fontes
3c9ac43058 Merge pull request #919 from Collaborne/pr/redirect-per-location 
Apply the 'ssl-redirect' annotation per-location
 2017-06-28 13:43:44 -04:00
Andreas Kohn
04346a8ec2
Apply the 'ssl-redirect' redirect per-location 
This is needed to avoid ingress definitions with different settings for SSL
redirection conflicting with each other.

NB: This was discussed in the review of #427, but ultimately not addressed.
 2017-06-28 11:18:06 +02:00
Manuel Alejandro de Brito Fontes
005ed5243f Merge pull request #907 from glerchundi/master 
nginx/proxy: allow specifying next upstream behaviour
 2017-06-27 19:24:16 -04:00
Gorka Lerchundi Osa
5503e8d0e9 nginx/proxy: allow specifying next upstream behaviour 2017-06-27 23:30:43 +02:00
Manuel de Brito Fontes
5f02858623 Improve X-Forwarded-Host support 2017-06-27 10:08:14 -04:00
Manuel de Brito Fontes
83d03a19a6 Add feature to allow sticky sessions per location 2017-06-22 14:12:57 -04:00
Manuel de Brito Fontes
6e2203594e Add upstream keepalive connections cache 2017-06-21 23:52:06 -04:00
Manuel de Brito Fontes
85e6d30844 Improve variable configuration for source IP address 2017-06-21 00:52:12 -04:00
Manuel de Brito Fontes
92e3b5ba78 Lint nginx code 2017-06-14 23:05:04 -04:00
Manuel de Brito Fontes
51b2e0f2cb Fix IPv6 UDP stream section 2017-06-13 08:45:30 -04:00
Giancarlo Rubio
fffddebdf8 add semicolon 2017-06-13 13:05:43 +02:00
Cory Klein
fa70e5e905 Make log format json escaping configurable 
This will allow json logging in nginx ingress controllers which greatly
improves ease of log indexing and searching via elasticsearch.

After this change is made, users could set the following property in the
ingress configmap to enable json logging:

log-format-upstream: '{"proxy_protocol_addr": "$proxy_protocol_addr", "proxy_add_x_forwarded_for": "$proxy_add_x_forwarded_for", "remote_user": "$remote_user", "time_iso8601": "$time_iso8601", "request": "$request", "status": "$status", "body_bytes_sent": "$body_bytes_sent", "http_referer": "$http_referer", "http_user_agent": "$http_user_agent", "request_length": "$request_length", "request_time": "$request_time", "proxy_upstream_name": "$proxy_upstream_name", "upstream_addr": "$upstream_addr", "upstream_response_length": "$upstream_response_length", "upstream_response_time": "$upstream_response_time", "upstream_status": "$upstream_status"}'
 2017-06-09 15:32:11 -06:00
Manuel Alejandro de Brito Fontes
dbb12afbb9 Merge pull request #829 from rlguarino/ross/2017-06-08T18-48-35-07-00 
feat(template): wrap IPv6 addresses in []
 2017-06-09 13:21:30 -04:00
Ross Guarino
54f6729dc8 feat(template): wrap IPv6 addresses in [] 
Add formatIP helper function which will wrap IPv6 addresses
in [] and print IPv4 addresses as is.

Closes #828
 2017-06-08 20:11:00 -07:00
Olve Sæther Hansen
d4600a87b5 Added client_max_body_size to authPath location 
Seems like nginx denies the request because it would be over the max body size,
event if `proxy_pass_request_body` is `off`.

This fixes 811
 2017-06-02 22:40:29 +02:00
Manuel Alejandro de Brito Fontes
66b4c2606b Merge pull request #809 from aledbf/fix-variables-map 
Fix dynamic variable name
 2017-06-02 11:59:32 -04:00
Manuel de Brito Fontes
b70e9ca078 Fix dynamic variable name 2017-06-02 11:12:02 -04:00
Arjan Schaaf
a854dc71b2 #789 removing duplicate X-Real-IP header introduced 4bd4bf3be6 2017-05-29 11:43:05 +02:00
Manuel Alejandro de Brito Fontes
32f24380ec Merge pull request #787 from aledbf/pass-server-header 
Add setting to allow returning the Server header from the backend
 2017-05-28 19:16:58 -04:00
Manuel de Brito Fontes
2f20c6bfcb Add setting to allow returning the Server header from the backend 2017-05-28 17:40:25 -04:00
Manuel de Brito Fontes
8837cf93e2 Allow customization of variables hash tables 2017-05-28 16:05:49 -04:00
Manuel de Brito Fontes
40cd78d0b8 Add support for IPv6 in TCP and UDP stream section 2017-05-26 12:19:54 -04:00
Manuel de Brito Fontes
30343c489a Fix bad variable assignment in template nginx 2017-05-24 00:25:42 -04:00
Manuel de Brito Fontes
07cdee5ca8 Refactoring whitelist source IP verification 2017-05-20 19:32:03 -04:00
Manuel Alejandro de Brito Fontes
c831359733 Merge pull request #709 from phekmat/patch-1 
Add config for X-Forwarded-For trust
 2017-05-17 07:45:49 -04:00
Vlad Gorodetsky
3bd2cb331f Add keepalive_requests and client_boxy_buffer_size options 2017-05-17 09:36:10 +03:00
Kwok-kuen Cheung
a83f17c716 Set $proxy_upstream_name before location directive 
When nginx performs ssl redirect, $proxy_upstream_name used in log
is not initialized because it is set after nginx matched a location directive,
which is not the case when performing a ssl redirect.

refs #711
 2017-05-14 08:59:30 +08:00
Payam Hekmat
dd894f0f73 Add config for X-Forwarded-For trust 
Use the same config option for `set_real_ip_from` when not using proxy protocol. The default remains `0.0.0.0/0`, which is insecure if the ingress is publicly accessible. This at least provides a workaround for #200
 2017-05-11 21:55:35 -05:00
Manuel de Brito Fontes
4bd4bf3be6 Fix remote address in log when protocol is https 2017-05-11 15:04:19 -03:00
David Pratt
d56d8b7da1 Use proxy-protocol to pass through source IP to nginx 2017-05-10 16:22:48 -05:00
Matjaz Pancur
d402e16eb8 Fix error in generated nginx.conf hsts-preload 2017-05-04 11:29:32 +02:00
Jeff Pearce
a5d58cc521 Override load balancer alg view config map 2017-04-29 08:37:24 -07:00
Manuel de Brito Fontes
ab1f04b9c2 Add support for https in proxy request for external authentication 2017-04-24 22:14:38 -03:00
Manuel de Brito Fontes
12d4aadf74 Allow configuration of features underscores_in_headers and ignore_invalid_headers 2017-04-20 18:12:16 -03:00
Manuel de Brito Fontes
de14e2f4f1 Refactor ssl-passthroug using go to handle TLS hello 2017-04-19 01:39:14 -03:00
Jonas Kint
a7b09e71a1 Fixing wildcard in hostname for the upstream map 2017-04-13 17:27:20 +02:00
Manuel Alejandro de Brito Fontes
3810515663 Merge pull request #583 from stibi/patch-1 
fixed lua_package_path in nginx.tmpl
 2017-04-12 17:04:05 -03:00
Manuel de Brito Fontes
6038e17728 Remove Host header from auth_request proxy configuration 2017-04-12 09:37:03 -03:00
Martin Stiborsky
beb17f39ab fixed lua_package_path in nginx.tmpl 
I did my own build of the nginx-ingress-controller and its docker image, but I had troubles with the `error_page.lua` module, which couldn't be loaded, there was an error in the log, module was not found.

I think the lua package path is wrong, here is a fix.
 2017-04-11 09:43:33 +02:00
Manuel de Brito Fontes
25bb7e4311 Set different listeners per protocol version 2017-04-09 15:03:27 -03:00
Manuel de Brito Fontes
cbe4029597 Add option to disable hsts preload 2017-04-05 22:48:43 -03:00
Manuel Alejandro de Brito Fontes
02cd3ce885 Merge pull request #225 from electroma/nginx/extauth_headers 
Support for http header passing from external authentication service
 2017-04-01 20:40:29 -03:00
Manuel de Brito Fontes
8e41bdd3d4 Add setting to configure ecdh curve 2017-03-30 23:23:14 -03:00
Manuel Alejandro de Brito Fontes
f5211458ce Merge pull request #454 from danielqsj/master 
Pass request port to real server
 2017-03-26 08:01:11 -03:00
rsafronov
6d07d32003 Merge branch 'upstream' into nginx/extauth_headers 2017-03-24 20:25:18 -04:00
Canh Ngo
46a42a2905 Adds support for CORS with Authorization header 2017-03-23 16:17:47 +01:00
Canh Ngo
df76382055 Adds support for CORS on error responses 2017-03-23 16:17:37 +01:00
shijunqian
43469a8179 Pass request port to real server 2017-03-21 10:33:11 +08:00
Manuel Alejandro de Brito Fontes
c25936df62 Merge pull request #427 from rikatz/app-root-redirect 
Adds support for root context redirection
 2017-03-16 07:32:30 -03:00
Kirill Levin
23c45340be fix nginx-udp-and-udp on same port 2017-03-15 20:45:21 +03:00