Adding ipdenylist annotation (#8795)

* feat: Add support for IP Deny List * fixed gomod * Update package * go mod tidy * Revert "go mod tidy" This reverts commit e6a837e1e76d72115e8727a33d2f4c1cd7249f1f. * update ginko version * Updates e2e tests * fix test typo
2023-01-08 22:43:28 +00:00 · 2023-01-08 22:43:28 +00:00 · 8ed3a27e25
commit 8ed3a27e25
parent bbf7c79f96
15 changed files with 3568 additions and 0 deletions
--- a/docs/user-guide/nginx-configuration/configmap.md
+++ b/docs/user-guide/nginx-configuration/configmap.md
@ -176,6 +176,7 @@ The following table shows a configuration option's name, type, and the default v
 |[proxy-request-buffering](#proxy-request-buffering)|string|"on"|
 |[ssl-redirect](#ssl-redirect)|bool|"true"|
 |[force-ssl-redirect](#force-ssl-redirect)|bool|"false"|
+|[denylist-source-range](#denylist-source-range)|[]string|[]string{}|
 |[whitelist-source-range](#whitelist-source-range)|[]string|[]string{}|
 |[skip-access-log-urls](#skip-access-log-urls)|[]string|[]string{}|
 |[limit-rate](#limit-rate)|int|0|
@ -1096,6 +1097,11 @@ _**default:**_ "true"
 Sets the global value of redirects (308) to HTTPS if the server has a default TLS certificate (defined in extra-args).
 _**default:**_ "false"

+## denylist-source-range
+
+Sets the default denylisted IPs for each `server` block. This can be overwritten by an annotation on an Ingress rule.
+See [ngx_http_access_module](https://nginx.org/en/docs/http/ngx_http_access_module.html).
+
 ## whitelist-source-range

 Sets the default whitelisted IPs for each `server` block. This can be overwritten by an annotation on an Ingress rule.