DevFW-CICD/ingress-nginx-helm
12
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
1176 commits 4 branches 217 tags 166 MiB
Commit graph

129 commits

Author SHA1 Message Date
Giancarlo Rubio
fffddebdf8 add semicolon 2017-06-13 13:05:43 +02:00
Manuel Alejandro de Brito Fontes
cdbf2aad37 Merge pull request #824 from aledbf/update-nginx-controller 
Update nginx-slim to 0.18
 2017-06-12 18:39:15 -04:00
Cory Klein
fa70e5e905 Make log format json escaping configurable 
This will allow json logging in nginx ingress controllers which greatly
improves ease of log indexing and searching via elasticsearch.

After this change is made, users could set the following property in the
ingress configmap to enable json logging:

log-format-upstream: '{"proxy_protocol_addr": "$proxy_protocol_addr", "proxy_add_x_forwarded_for": "$proxy_add_x_forwarded_for", "remote_user": "$remote_user", "time_iso8601": "$time_iso8601", "request": "$request", "status": "$status", "body_bytes_sent": "$body_bytes_sent", "http_referer": "$http_referer", "http_user_agent": "$http_user_agent", "request_length": "$request_length", "request_time": "$request_time", "proxy_upstream_name": "$proxy_upstream_name", "upstream_addr": "$upstream_addr", "upstream_response_length": "$upstream_response_length", "upstream_response_time": "$upstream_response_time", "upstream_status": "$upstream_status"}'
 2017-06-09 15:32:11 -06:00
Manuel Alejandro de Brito Fontes
dbb12afbb9 Merge pull request #829 from rlguarino/ross/2017-06-08T18-48-35-07-00 
feat(template): wrap IPv6 addresses in []
 2017-06-09 13:21:30 -04:00
Ross Guarino
54f6729dc8 feat(template): wrap IPv6 addresses in [] 
Add formatIP helper function which will wrap IPv6 addresses
in [] and print IPv4 addresses as is.

Closes #828
 2017-06-08 20:11:00 -07:00
Manuel de Brito Fontes
a4793eda8c Update nginx-slim to 0.18 2017-06-07 11:33:13 -04:00
Olve Sæther Hansen
d4600a87b5 Added client_max_body_size to authPath location 
Seems like nginx denies the request because it would be over the max body size,
event if `proxy_pass_request_body` is `off`.

This fixes 811
 2017-06-02 22:40:29 +02:00
Manuel Alejandro de Brito Fontes
66b4c2606b Merge pull request #809 from aledbf/fix-variables-map 
Fix dynamic variable name
 2017-06-02 11:59:32 -04:00
Manuel de Brito Fontes
b70e9ca078 Fix dynamic variable name 2017-06-02 11:12:02 -04:00
Arjan Schaaf
a854dc71b2 #789 removing duplicate X-Real-IP header introduced 4bd4bf3be6 2017-05-29 11:43:05 +02:00
Manuel Alejandro de Brito Fontes
32f24380ec Merge pull request #787 from aledbf/pass-server-header 
Add setting to allow returning the Server header from the backend
 2017-05-28 19:16:58 -04:00
Manuel de Brito Fontes
2f20c6bfcb Add setting to allow returning the Server header from the backend 2017-05-28 17:40:25 -04:00
Manuel de Brito Fontes
8837cf93e2 Allow customization of variables hash tables 2017-05-28 16:05:49 -04:00
Manuel de Brito Fontes
40cd78d0b8 Add support for IPv6 in TCP and UDP stream section 2017-05-26 12:19:54 -04:00
Manuel de Brito Fontes
30343c489a Fix bad variable assignment in template nginx 2017-05-24 00:25:42 -04:00
Manuel de Brito Fontes
07cdee5ca8 Refactoring whitelist source IP verification 2017-05-20 19:32:03 -04:00
Manuel de Brito Fontes
d742dcb55c Specify nginx image arch 2017-05-18 17:57:33 -04:00
Manuel de Brito Fontes
7ceb0a8025 Update nginx image 2017-05-17 14:54:27 -04:00
Manuel Alejandro de Brito Fontes
c831359733 Merge pull request #709 from phekmat/patch-1 
Add config for X-Forwarded-For trust
 2017-05-17 07:45:49 -04:00
Manuel Alejandro de Brito Fontes
b4032f0648 Merge pull request #722 from aledbf/remove-go-reaper 
Remove go-reap and use tini as process reaper
 2017-05-17 07:37:23 -04:00
Vlad Gorodetsky
3bd2cb331f Add keepalive_requests and client_boxy_buffer_size options 2017-05-17 09:36:10 +03:00
Manuel de Brito Fontes
22d63d0ad0 Auto stash before merge of "master" and "master/master" 
Remove go-reap and use tini as process reaper
 2017-05-16 16:06:33 -04:00
Kwok-kuen Cheung
a83f17c716 Set $proxy_upstream_name before location directive 
When nginx performs ssl redirect, $proxy_upstream_name used in log
is not initialized because it is set after nginx matched a location directive,
which is not the case when performing a ssl redirect.

refs #711
 2017-05-14 08:59:30 +08:00
Manuel Alejandro de Brito Fontes
12d2c4f689 Merge pull request #690 from aledbf/avoid-empty-secret 
Fix IP in logs for https traffic
 2017-05-12 10:44:20 -03:00
Payam Hekmat
dd894f0f73 Add config for X-Forwarded-For trust 
Use the same config option for `set_real_ip_from` when not using proxy protocol. The default remains `0.0.0.0/0`, which is insecure if the ingress is publicly accessible. This at least provides a workaround for #200
 2017-05-11 21:55:35 -05:00
Manuel de Brito Fontes
4bd4bf3be6 Fix remote address in log when protocol is https 2017-05-11 15:04:19 -03:00
Dan Cech
485098fd69 use nginx vts module version 0.1.14 2017-05-11 13:56:42 -04:00
David Pratt
d56d8b7da1 Use proxy-protocol to pass through source IP to nginx 2017-05-10 16:22:48 -05:00
Matjaz Pancur
d402e16eb8 Fix error in generated nginx.conf hsts-preload 2017-05-04 11:29:32 +02:00
Jeff Pearce
a5d58cc521 Override load balancer alg view config map 2017-04-29 08:37:24 -07:00
Manuel de Brito Fontes
ab1f04b9c2 Add support for https in proxy request for external authentication 2017-04-24 22:14:38 -03:00
Manuel de Brito Fontes
12d4aadf74 Allow configuration of features underscores_in_headers and ignore_invalid_headers 2017-04-20 18:12:16 -03:00
Manuel de Brito Fontes
de14e2f4f1 Refactor ssl-passthroug using go to handle TLS hello 2017-04-19 01:39:14 -03:00
Jonas Kint
a7b09e71a1 Fixing wildcard in hostname for the upstream map 2017-04-13 17:27:20 +02:00
Manuel Alejandro de Brito Fontes
3810515663 Merge pull request #583 from stibi/patch-1 
fixed lua_package_path in nginx.tmpl
 2017-04-12 17:04:05 -03:00
Manuel de Brito Fontes
6038e17728 Remove Host header from auth_request proxy configuration 2017-04-12 09:37:03 -03:00
Martin Stiborsky
beb17f39ab fixed lua_package_path in nginx.tmpl 
I did my own build of the nginx-ingress-controller and its docker image, but I had troubles with the `error_page.lua` module, which couldn't be loaded, there was an error in the log, module was not found.

I think the lua package path is wrong, here is a fix.
 2017-04-11 09:43:33 +02:00
Manuel de Brito Fontes
25bb7e4311 Set different listeners per protocol version 2017-04-09 15:03:27 -03:00
Manuel Alejandro de Brito Fontes
7ca7652ab2 Merge pull request #563 from aledbf/hsts-preload 
Add option to disable hsts preload
 2017-04-05 23:20:35 -03:00
Manuel de Brito Fontes
cbe4029597 Add option to disable hsts preload 2017-04-05 22:48:43 -03:00
Manuel de Brito Fontes
62c13fb7bc Update nginx version and remove dumb-init 2017-04-04 17:59:54 -03:00
Manuel de Brito Fontes
bc68f9eea3 Update nginx and vts module 2017-04-02 16:07:38 -03:00
Manuel Alejandro de Brito Fontes
02cd3ce885 Merge pull request #225 from electroma/nginx/extauth_headers 
Support for http header passing from external authentication service
 2017-04-01 20:40:29 -03:00
Manuel de Brito Fontes
8e41bdd3d4 Add setting to configure ecdh curve 2017-03-30 23:23:14 -03:00
Manuel Alejandro de Brito Fontes
f5211458ce Merge pull request #454 from danielqsj/master 
Pass request port to real server
 2017-03-26 08:01:11 -03:00
rsafronov
6d07d32003 Merge branch 'upstream' into nginx/extauth_headers 2017-03-24 20:25:18 -04:00
Canh Ngo
46a42a2905 Adds support for CORS with Authorization header 2017-03-23 16:17:47 +01:00
Canh Ngo
df76382055 Adds support for CORS on error responses 2017-03-23 16:17:37 +01:00
shijunqian
43469a8179 Pass request port to real server 2017-03-21 10:33:11 +08:00
Manuel Alejandro de Brito Fontes
c25936df62 Merge pull request #427 from rikatz/app-root-redirect 
Adds support for root context redirection
 2017-03-16 07:32:30 -03:00