DevFW-CICD/ingress-nginx-helm
12
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
4790 commits 4 branches 217 tags 166 MiB
Commit graph

310 commits

Author SHA1 Message Date
Manuel Alejandro de Brito Fontes
a3bcbeb3d2
Add support for redirect https to https when from-to-www-redirect is defined 2019-01-10 20:59:49 -03:00
Manuel Alejandro de Brito Fontes
916b6a06d2 Empty access_by_lua_block breaks satisfy any 2019-01-10 10:27:23 -03:00
Shai Katz
edd87fbae3 add limit connection status code 
add default conn status code

add missing colon

add limit connection status code
 2019-01-09 19:31:10 +02:00
Kubernetes Prow Robot
71cc6df74f
Merge pull request #3174 from Shopify/rewrite-regex 
Generalize Rewrite Block Creation and Deprecate AddBaseUrl (not backwards compatible)
 2019-01-02 12:30:18 -08:00
Manuel Alejandro de Brito Fontes
a73dac2c0b
Fix proxy_host variable configuration 2019-01-02 15:31:27 -03:00
ramnes
bf7b5ebd81 Add an option to automatically set worker_connections based on worker_rlimit_nofile 2018-12-27 18:36:19 +01:00
Anish Ramasekar
382049a0bf Adds support for HTTP2 Push Preload annotation 
update test for backendprotocols

Adds support for HTTP2 Push Preload annotation

Signed-off-by: Ricardo Pchevuzinske Katz <ricardo.katz@serpro.gov.br>

Adds support for HTTP2 Push Preload annotation

Signed-off-by: Ricardo Pchevuzinske Katz <ricardo.katz@serpro.gov.br>

Adds support for HTTP2 Push Preload annotation

Signed-off-by: Ricardo Pchevuzinske Katz <ricardo.katz@serpro.gov.br>

Adds support for HTTP2 Push Preload annotation

Signed-off-by: Ricardo Pchevuzinske Katz <ricardo.katz@serpro.gov.br>

Adds support for HTTP2 Push Preload annotation

Adds support for HTTP2 Push Preload annotation
 2018-12-24 17:13:25 -02:00
Elvin Efendi
4896b064ca lua randomseed per worker 2018-12-20 17:09:29 +04:00
Zenara Daley
67654a6fd5 Generalize Rewrite Block Creation 2018-12-13 13:02:05 -05:00
Manuel Alejandro de Brito Fontes
06d33c16b5
Allow to disable NGINX metrics 2018-12-05 10:14:35 -03:00
Elvin Efendi
4eabd535f9 be consistent with what Nginx supports 2018-12-02 22:20:56 +04:00
Andre Marianiello
b80b19902a Use opentracing_grpc_propagate_context when necessary 2018-12-01 16:31:10 -05:00
Manuel Alejandro de Brito Fontes
35b8023dc8 Match body buffer to max upload size 2018-11-20 15:06:03 -03:00
k8s-ci-robot
bf7ad0daca
Merge pull request #3374 from aledbf/restore-tcp-udp 
Revert removal of support for TCP and UDP services
 2018-11-18 08:33:29 -08:00
k8s-ci-robot
34598e71e0
Merge pull request #3428 from aledbf/set-variables 
Set proxy_host variable to avoid using default value from proxy_pass
 2018-11-18 02:17:49 -08:00
k8s-ci-robot
442b01e5e8
Merge pull request #3400 from diazjf/more-modsecurity 
Add Snippet for ModSecurity
 2018-11-17 03:35:53 -08:00
Manuel Alejandro de Brito Fontes
a2d50c2cd6
Set proxy_host variable to avoid using default value from proxy_pass 2018-11-16 14:55:53 -03:00
Manuel Alejandro de Brito Fontes
168f30d1ec Revert removal of support for TCP and UDP services 2018-11-16 13:48:47 -03:00
Fernando Diaz
95b3042b6e Add a Snippet for ModSecurity 
Allows for the configuration of Mod Security rules via
a Snippet.
 2018-11-14 23:31:27 -06:00
Maxime Ginters
20b095f444 Fix X-Forwarded-Proto typo 2018-11-14 10:19:31 -05:00
Maxime Ginters
0f3e2b9bf0 Convert isValidClientBodyBufferSize to something more generic and use it for client_max_body_size 2018-11-13 10:11:40 -05:00
Maxime Ginters
e1720d62f4 Prevent X-Forwarded-Proto forward during external auth subrequest 2018-11-12 09:13:48 -05:00
Fernando Diaz
5195600841 Allows ModSecurity to be configured per location 
The following annotations will be added:

- enable-modsecurity
- enable-owasp-core-rules
- modsecurity-transaction-id

Fixes #3167
 2018-11-06 22:24:31 -06:00
k8s-ci-robot
265f96bf14
Merge pull request #3344 from ecosia/jg-customerrors-per-ingress 
Adds CustomHTTPErrors ingress annotation and test
 2018-11-06 09:21:49 -08:00
jasongwartz
0ebf0354cb Adds CustomHTTPErrors ingress annotation and test 
Adds per-server/location error-catch functionality to nginx template

Adds documentation

Reduces template duplication with helper function for CUSTOM_ERRORS data

Updates documentation

Adds e2e test for customerrors

Removes AllCustomHTTPErrors, replaces with template function with deduplication and adds e2e test of deduplication

Fixes copy-paste error in test, adds additional test cases

Reverts noop change in controller.go (unused now)
 2018-11-06 16:47:52 +01:00
Adnan Baruni
b511333130 add support for auth-snippet annotation 
add test for new auth-snippet annotation

document auth-snippet annotation

add e2e test for auth-snippet annotation

add log warning and update documentation
 2018-11-05 16:02:29 -06:00
Manuel Alejandro de Brito Fontes
36aceded32
Avoid reloads when endpoints are not available 2018-11-01 10:00:49 -03:00
Manuel Alejandro de Brito Fontes
71ebe1cba5 Code linting 2018-10-30 20:46:48 -03:00
Maximilian Bode
c27c57dc8b Add configuration for geoip2 module 
Based on closed PRs #2551, #2755
 2018-10-29 21:25:23 +01:00
k8s-ci-robot
063f652711
Merge pull request #3187 from DesmondHoLLM/feature/annotations-resty-lua 
UPT: annotation enhancement for resty-lua-waf
 2018-10-25 00:06:03 -07:00
Desmond Ho
bf03046a80 UPT: updated e2e test and default true for process-multipart-body annotation 2018-10-25 14:17:38 +08:00
Elvin Efendi
5cc116fa10 fix bug with balancer.lua configuration 2018-10-24 22:42:40 +04:00
Desmond Ho
bab521e81a UPT: align waf options 2018-10-20 12:46:39 +08:00
Desmond Ho
04a89ce234 UPT: annotation enhancement for resty-lua-waf 2018-10-20 12:09:38 +08:00
Fernando Diaz
12955a4a1b Allow Ability to Configure Upstream Keepalive 
Allows Upstream Keepalive values like keepalive_timeout and
keepalive_requests to be configured via ConfigMap.

Fixes #3099
 2018-10-11 20:46:42 -05:00
k8s-ci-robot
3edf11b85f
Merge pull request #3198 from aledbf/only-dynamic 
Only support dynamic configuration
 2018-10-10 05:07:34 -07:00
Manuel Alejandro de Brito Fontes
74c2f93de6
Only support dynamic configuration 2018-10-09 22:05:45 -03:00
k8s-ci-robot
f56ab42cd2
Merge pull request #3194 from bshelton229/literal-dollar-character 
Make literal $ character work in set $location_path
 2018-10-09 15:52:39 -07:00
Bryan Shelton
3686e4f366 Move escapeLocationPathVar to escapeLiteralDollar 2018-10-09 12:58:50 -07:00
Elvin Efendi
78f12c25c5 delete upstream healthcheck annotation 2018-10-09 09:14:13 -04:00
k8s-ci-robot
3cf00b2fd8
Merge pull request #3197 from aledbf/remove-tcp-udp 
Remove support for TCP and UDP services
 2018-10-08 07:19:39 -07:00
k8s-ci-robot
182767b06b
Merge pull request #3170 from Globegitter/move-mainsnippet 
Move mainSnippet before events to fix load_module issue.
 2018-10-08 06:22:25 -07:00
Bryan Shelton
3dc131bd57 Make literal $ character work in set $location_path 2018-10-07 12:58:39 -07:00
Manuel Alejandro de Brito Fontes
44bdc7eb59 Remove support for TCP and UDP services 2018-10-07 10:53:37 -03:00
k8s-ci-robot
b46523a1f4
Merge pull request #3149 from diazjf/proxy-e2e-tests 
Add e2e Tests for Proxy Annotations
 2018-10-05 05:15:09 -07:00
Globegitter
8848c1864a Move mainSnippet before events. 2018-10-02 15:24:44 +02:00
Fernando Diaz
e5dca9353e Remove Unneeded Quotes from Nginx Directives 
Removes quotes from nginx directives which my cause issues with
their functionality

Fixes #3152
 2018-10-01 16:10:33 -05:00
k8s-ci-robot
d9f58144eb
Merge pull request #3145 from Shopify/regex-modifier 
Add "use-regex" Annotation to Toggle Regular Expression Location Modifier
 2018-10-01 11:31:43 -07:00
Zenara Daley
f29bdc3e8d Add 'use regex' annotation to toggle nginx regex location modifier 2018-10-01 13:54:11 -04:00
Markus Padourek
bf4be49c02 Fix incorrect .DisableLua access. (#3144) 
* Fix incorrect .DisableLua access.

* Address comment.
 2018-09-26 14:05:05 -03:00
Globegitter
a2ccd1f224 Fix usage for $all. 2018-09-26 16:38:16 +02:00
Markus Padourek
fe219db231
Ensure monitoring for custom error pages 
Fixes #3140
 2018-09-26 16:26:38 +02:00
Elvin Efendi
b3a22f7fc0 do not require --default-backend-service 2018-09-25 21:14:28 -04:00
k8s-ci-robot
c4a562dded
Merge pull request #3130 from alanbover/fix/newlines_location_denied 
fix newlines location denied
 2018-09-25 07:04:50 -07:00
Alan Bover
6454608c6c fix newlines location denied 2018-09-25 15:36:23 +02:00
k8s-ci-robot
6393ca6aaf
Merge pull request #2997 from StarOfService/global-block-ip-ua-ref 
Provide possibility to block IPs, User-Agents and Referers globally
 2018-09-25 05:51:56 -07:00
Pavel Sinkevych
7212d0081b Provide possibility to block CIDRs, User-Agents and Referers globally 2018-09-25 14:16:20 +03:00
k8s-ci-robot
6ed5c95562
Merge pull request #3098 from ElvinEfendi/make-keepalive-work 
make upstream keepalive work for http
 2018-09-15 07:36:27 -07:00
Elvin Efendi
6511fa9f58 make upstream keepalive work for http 2018-09-14 19:40:54 -04:00
Zenara Daley
0e6f0bb88d enforce ^~ location modifier when rewrite-target annotation is set 2018-09-13 10:39:52 -04:00
k8s-ci-robot
0a9db37e0f
Merge pull request #3062 from lahsivjar/issue-fix-host-header 
Pass Host header for custom errors
 2018-09-09 09:51:13 -07:00
Vishal Raj
4e14b809df Pass Host header for custom errors 2018-09-09 19:39:10 +08:00
Derek Perkins
9099f3b4db add support for http2-max-requests in configmap 2018-09-02 23:53:30 -06:00
k8s-ci-robot
b0b575db33
Merge pull request #2965 from Shopify/dynamic-certificates-nginx 
Add Lua module to serve SSL Certificates dynamically
 2018-08-23 20:27:55 -07:00
Henry Tran
cbf041fc3e Add Lua module to serve SSL Certificates dynamically 2018-08-23 22:15:54 -04:00
Manuel de Brito Fontes
f6905ae0ff Pass real source IP address to auth request 2018-08-23 10:37:33 -03:00
Elvin Efendi
2207d7694d batch metrics and flush periodically 2018-08-18 13:17:21 -04:00
Dario Nieuwenhuis
b5bcb93a4b
Merge branch 'master' into xff 2018-08-16 18:15:14 +02:00
Elvin Efendi
bc37ba14e8 dont restrict status page to localhost only 2018-08-08 12:46:12 -04:00
Manuel Alejandro de Brito Fontes
a68820808a
Fix documentation (#2902) 2018-08-05 22:30:46 -04:00
k8s-ci-robot
7f7f59df79
Merge pull request #2894 from aledbf/authbind 
Use authbind to bind privileged ports
 2018-08-05 08:43:43 -07:00
Manuel de Brito Fontes
b148f113ae
Use authbind to bind privileged ports 2018-08-05 11:18:50 -04:00
k8s-ci-robot
060704c624
Merge pull request #2682 from aledbf/listen-localhost 
Use localhost to expose status server
 2018-08-04 17:16:56 -07:00
Manuel de Brito Fontes
6b2c7e08db Use localhost to expose status server 2018-08-04 18:57:56 -04:00
Tom Reznik
b7bcf92480 support configuring multi_accept directive via configmap 2018-08-04 19:20:01 +03:00
Tom Reznik
1bacf1655e support custom configuration to main context of nginx config 2018-08-04 00:53:06 +03:00
Elvin Efendi
ed19dc3bc6 fix custom-error-pages functionality in dynamic mode 2018-07-26 13:36:09 -04:00
Elvin Efendi
d4faf68416 add support for ExternalName service type in dynamic mode 2018-07-25 09:05:47 -04:00
takonomura
587c2a8765 Escape $request_uri for external auth 2018-07-19 15:22:05 +09:00
k8s-ci-robot
29ecae5b64
Merge pull request #2752 from dongqi1990/master 
use format "range v := iterative object" and "range k, v := iterative object" when the type of iterative object is slice and map in the file nginx.tmpl
 2018-07-18 04:34:20 -07:00
dongqi1990
50084b1167 use format "range v := iterative object" and "range k, v := iterative 
object" when the type of iterative object is slice and map in the file nginx.tmpl
 2018-07-18 15:02:55 +08:00
Jason Stangroome
8e06afbb45 Allow gzip compress level to be controlled via ConfigMap 2018-07-09 10:30:59 +10:00
Brian Findlay
3b25f3438f Replace more_set_headers directive with more_clear_headers 2018-06-23 10:01:33 -04:00
k8s-ci-robot
700a2275d1
Merge pull request #2678 from hnrytrn/refactor-cert 
Refactor server type to include SSLCert
 2018-06-22 12:34:04 -07:00
Manuel Alejandro de Brito Fontes
df76d4b481
Update opentracing configuration (#2676) 2018-06-21 18:15:18 -04:00
Henry Tran
86def984a3 Merge remote-tracking branch 'origin' into refactor-cert 2018-06-21 11:43:47 -04:00
Henry Tran
2751cbf06d Refactor to add SSLCert as a field in server type 2018-06-21 11:34:29 -04:00
Manuel Alejandro de Brito Fontes
aec40c171f
Improve configuration change detection (#2656) 
* Use information about the configuration configmap to determine changes

* Add hashstructure dependency

* Rename queue functions

* Add test for configmap checksum
 2018-06-21 10:50:57 -04:00
Elvin Efendi
cb4755835e refactor some lua code 2018-06-19 12:46:49 +04:00
Manuel Alejandro de Brito Fontes
fee8704b53
Add support for IPV6 in stream upstream servers (#2649) 2018-06-15 10:26:33 -04:00
k8s-ci-robot
3cbd2d66bf
Merge pull request #2643 from aledbf/remove-vts 
Remove VTS from the ingress controller
 2018-06-14 23:59:29 -07:00
k8s-ci-robot
dfca2a0d8d
Merge pull request #2451 from nusx/set-sticky-path-for-backend 
fix for #1930, make sessions sticky, for ingress with multiple rules …
 2018-06-14 20:47:28 -07:00
Manuel de Brito Fontes
63b38e1c21
Remove VTS from the ingress controller 2018-06-14 11:11:29 -04:00
Francisco Mejia
966e9f5e25 Add monitor lua module 2018-06-13 22:54:31 -04:00
Manuel de Brito Fontes
79199dd84c
Run as user dropping privileges 2018-06-12 10:18:36 -04:00
Stefan Schwärzler
1a320ae289 fix for #1930, make sessions sticky, for ingress with multiple rules and backends 
* for an ingress with session affinity cookie, set the location as path on the cookie when unique
* the previous behaviour ( cookie path=/ ) is preserved for ingresses with multiple rules for the same backend (locations not unique)

added e2e tests for session affinity, setting path on sticky config

added tests:
* it should set the path to /something on the generated cookie
* it should set the path to / on the generated cookie if there's more than one rule referring to the same backend
 2018-06-11 10:43:13 +02:00
Dario Nieuwenhuis
67b253a149 Add use-forwarded-headers configmap option. 2018-06-11 00:06:14 +02:00
Dmitry Stolyarov
02ff8244a2 Add $location_path variable 
When you define rules in ingress resource, you use path. So it would be
very useful to be able to use the same path in logs.
 2018-06-07 13:43:29 +03:00
Dmitry Stolyarov
59aac73785 Add $service_port variable 
According to TCP/IP (and common sense), $service_name is not enough to
uniquely identify service, we need $service_port for that.
 2018-06-07 13:43:20 +03:00
Dmitry Stolyarov
eafb1890d6 Move vars to the very beginning of the location 
To make it more clear, that you could use $namespace, $ingress_name and
$service_name variables anywhere in location (especialy in lua), move
their definition to the very begining of the location.
 2018-06-07 13:43:09 +03:00
Paul DeCarlo
3159384480 Use lua-platform-path symlink for all platforms 2018-06-04 18:15:59 -05:00
Elvin Efendi
d4e6c0dfd8 access_log should be off for internal /configuration endpoint 2018-05-31 16:01:54 -04:00
Elvin Efendi
da3a87646a make sure balancer gets deleted when ther is no backend 2018-05-28 15:51:58 -04:00
k8s-ci-robot
b8b5e5bc51
Merge pull request #2548 from Stono/master 
Implement generate-request-id
 2018-05-21 13:55:12 -07:00
Karl Stoney
206d32a2cd Implement generate-request-id 
Fixes https://github.com/kubernetes/ingress-nginx/issues/2546
 2018-05-21 08:32:50 +01:00
Lorenzo Fontana
d434583b53
InfluxDB configuration string template builder helper 
Signed-off-by: Lorenzo Fontana <lo@linux.com>
 2018-05-19 09:22:49 +02:00
Lorenzo Fontana
93be8db612
Annotations for the InfluxDB Module 
Signed-off-by: Lorenzo Fontana <lo@linux.com>
 2018-05-19 09:22:46 +02:00
Fernando Diaz
e224259e38 Resolves issue with proxy-redirect nginx configuration 
Resolves an issue where the proxy-redirect annotations were not generating the
correct configuration possibly because of user error. This is done by only
setting the proxy_redirect if both proxy-redirect-from and proxy-redirect-to
have valid values. Also adds the e2e tests.

Fixes #2074
 2018-05-17 11:22:31 -05:00
Manuel de Brito Fontes
ff3e182350 Add support for grpc_set_header 2018-05-17 08:35:11 -04:00
Elvin Efendi
51cf184c51 always use x-request-id 2018-04-28 00:31:23 -04:00
JordanP
c995031ffd Add annotation to enable rewrite logs in a location 2018-04-27 17:50:14 +02:00
Adam Netočný
8b6f043fd8 Add buffer configuration to external auth location config 2018-04-26 16:04:12 +02:00
Nick Novitski
8886b8a50e Add vts-sum-key config flag 2018-04-17 11:39:32 -07:00
Giancarlo Rubio
c60ed24f4b Detect if header injected request_id before creating one 2018-04-17 15:49:35 +02:00
Bastian Hofmann
1c17962ba0 Add proxy-add-original-uri-header config flag 
This makes it configurable if a location adds an X-Original-Uri header to the backend request. Default is "true", the current behaviour.
 2018-04-16 12:34:26 +02:00
Zenara Daley
4b11fe4d25 Fix nginx template 2018-04-12 15:43:13 -04:00
Zenara Daley
4b76ad14bb Fix buildupstream name to work with dynamic session affinity 2018-04-12 14:01:46 -04:00
oilbeater
1be1f658b4 disable lua for arch s390x and ppc64le 
LuaJIT is not available for s390x and ppc64le, disable the lua part in nginx.tmpl on these platform.
 2018-04-12 08:30:56 +08:00
Elvin Efendi
d6eb44376d run lua-resty-waf in different modes (#2317) 
* run lua-resty-waf in different modes

* update docs
 2018-04-09 09:19:13 -03:00
Elvin Efendi
bad8295a42 extra waf rules per ingress (#2315) 
* extra waf rules per ingress

* document annotation nginx.ingress.kubernetes.io/lua-resty-waf-extra-rules

* regenerate internal/file/bindata.go
 2018-04-09 07:14:30 -03:00
Elvin Efendi
16faf309ca annotation to ignore given list of WAF rulesets (#2314) 2018-04-08 22:55:23 -03:00
Elvin Efendi
a6fe800a47 lua-resty-waf controller (#2304) 2018-04-08 17:37:13 -03:00
Manuel Alejandro de Brito Fontes
b17ed7b6fd
Configure upload limits for setup of lua load balancer (#2309) 2018-04-08 15:47:49 -03:00
Manuel Alejandro de Brito Fontes
1c65320618
Add verification of lua load balancer to health check (#2308) 2018-04-08 15:24:37 -03:00
Manuel Alejandro de Brito Fontes
dd2bc91018
Fix HSTS without preload (#2294) 2018-04-04 23:17:51 -03:00
Alvaro Aleman
e7aa74b5d4 Add NoAuthLocations and default it to "/.well-known/acme-challenge" (#2243) 
* Add NoAuthLocations and default it to "/.well-known/acme-challenge"

* Add e2e tests for no-auth-location

* Improve wording of no-auth-location tests
 2018-04-01 21:02:34 -03:00
Elvin Efendi
931e541fb7 Fix bug when auth req is enabled(external authentication) (#2280) 
* set proxy_upstream_name correctly when auth_req module is used

* log a more meaningful message when backend is not found
 2018-03-30 14:19:33 -03:00
Manuel Alejandro de Brito Fontes
146db43794
Disable opentracing for nginx internal urls (#2272) 2018-03-29 13:47:13 -03:00
Oilbeater
c6c219a7d1 clean up tmpl (#2263) 
The nginx.conf generated now is too messy remove some section only useful when dynamic configure enabled and headers only useful for https.
 2018-03-29 09:36:00 -03:00
Sylvain Rabot
385368990c Managing a whitelist for _/nginx_status (#2187) 
Signed-off-by: Sylvain Rabot <s.rabot@lectra.com>
 2018-03-28 09:27:34 -03:00
Zenara Daley
6e099c5f57 Add EWMA as configurable load balancing algorithm (#2229) 2018-03-23 12:06:21 -03:00
Oilbeater
0b0a274a9a fix: cannot set $service_name if use rewrite (#2220) 
$path here is the regular expression formatted nginx location not the origin path in ingress rules. Fix https://github.com/kubernetes/ingress-nginx/issues/2131
 2018-03-22 09:43:45 -03:00
halfcrazy
b45ee8d85f Add missing configuration in #2235 (#2236) 2018-03-22 08:53:29 -03:00
maxlaverse
8575769781 Make proxy_next_upstream_tries configurable (#2232) 
* Make proxy_next_upstream_tries configurable

* Code generation
 2018-03-22 08:12:36 -03:00
halfcrazy
4f5fa47d27 add proxy header ssl-client-issuer-dn, fix #2178 (#2235) 2018-03-22 01:38:47 -03:00
Elvin Efendi
634959fd79 do not hardcode keepalive for upstream_balancer (#2227) 2018-03-21 00:42:22 -03:00
Elvin Efendi
08252e2eef allow ipv6 localhost when enabled (#2210) 2018-03-19 13:32:55 -03:00
Manuel Alejandro de Brito Fontes
6b7491f432
Fix dynamic configuration when custom errors are enabled (#2212) 2018-03-19 12:55:17 -03:00
turettn
de30e53d62 Expose SSL client cert data to external auth provider. (#2078) 2018-03-19 09:30:36 -03:00
Alvaro Aleman
94deb3a01a Add configoption to exclude routes from tls upgrading (#2203) 
* Add configoption to exclude routes from tls upgrading

* Add tests for IsLocationInLocationList

* Seperate elements in NoTLSRedirectLocations by comma

* Set NoTLSRedirectLocations to "/.well-known/acme-challenge/" by default

* Remove trailing slash from "/.well-known/acme-challenge" default
 2018-03-18 17:44:59 -03:00
Oilbeater
5c02d700cb Allow config to disable geoip (#2202) 
For a offline or private cloud environment, geoip is not needed.
Implementing https://github.com/kubernetes/ingress-nginx/issues/2179
 2018-03-18 13:30:05 -03:00
Elvin Efendi
c90a4e811e Live Nginx (re)configuration without reloading (#2174) 2018-03-18 10:13:41 -03:00
Oilbeater
41cefeb178 Add worker-cpu-affinity nginx option (#2201) 
worker_cpu_affinity is a common optimization method for improving nginx performance, adding this as a custom configuration. Also fix some format issues found during editing.
 2018-03-16 13:32:45 -03:00
Elvin Efendi
36cce00fdd configuring load balancing per ingress (#2167) 
* configure load balancing through a ingress annotation

* update docs
 2018-03-09 13:09:41 -08:00
Manuel Alejandro de Brito Fontes
3c67976969
In case of TLS errors do not allow traffic (#2146) 2018-02-25 17:20:14 -03:00
Manuel Alejandro de Brito Fontes
216fe01a07
Add option in the configuration configmap to enable remote logging (syslog) (#2145) 2018-02-25 12:47:14 -03:00
Manuel Alejandro de Brito Fontes
0dee303ac2
Add annotation to disable logs in a location (#2144) 2018-02-25 11:38:54 -03:00
Manuel Alejandro de Brito Fontes
edb3be64ea
Only add HSTS headers in HTTPS (#2143) 2018-02-25 11:18:42 -03:00
Manuel Alejandro de Brito Fontes
94a85c99f7
Cors header should always be returned (#2140) 2018-02-24 17:52:23 -03:00
Karl Stoney
d1b6f32981 Enabled the dynamic reload of GeoIP data (#2107) 
* Moved geoip data into its own folder so it can be volume mounted

* Added FS watches for the geoip data

* Fixed single quotes issue (interpolation)

* Fixed gofmt errors

* Updated to directory crawl
 2018-02-17 12:24:50 -08:00