Merge pull request #427 from rikatz/app-root-redirect

Adds support for root context redirection
2017-03-16 07:32:30 -03:00 · 2017-03-16 07:32:30 -03:00 · c25936df62
commit c25936df62
parent 3d681cda78 6f25329308
7 changed files with 168 additions and 73 deletions
--- a/controllers/nginx/configuration.md
+++ b/controllers/nginx/configuration.md
@ -40,6 +40,7 @@ The following annotations are supported:
 |Name                 |type|
 |---------------------------|------|
 |[ingress.kubernetes.io/add-base-url](#rewrite)|true or false|
+|[ingress.kubernetes.io/app-root](#rewrite)|string|
 |[ingress.kubernetes.io/affinity](#session-affinity)|true or false|
 |[ingress.kubernetes.io/auth-realm](#authentication)|string|
 |[ingress.kubernetes.io/auth-secret](#authentication)|string|
@ -174,7 +175,9 @@ Set the annotation `ingress.kubernetes.io/rewrite-target` to the path expected b

 If the application contains relative links it is possible to add an additional annotation `ingress.kubernetes.io/add-base-url` that will prepend a [`base` tag](https://developer.mozilla.org/en/docs/Web/HTML/Element/base) in the header of the returned HTML from the backend.

-Please check the [rewrite](examples/rewrite/README.md) example.
+If the Application Root is exposed in a different path and needs to be redirected, the annotation `ingress.kubernetes.io/app-root` might be used.
+
+Please check the [rewrite](/examples/rewrite/README.md) example.


 ### Rate limiting
--- a/controllers/nginx/rootfs/etc/nginx/template/nginx.tmpl
+++ b/controllers/nginx/rootfs/etc/nginx/template/nginx.tmpl
@ -236,7 +236,19 @@ http {
        ssl_verify_client on;
        ssl_verify_depth {{ $location.CertificateAuth.ValidationDepth }};
        {{ end }}
+        
+        {{ if (or $location.Redirect.ForceSSLRedirect (and (not (empty $server.SSLCertificate)) $location.Redirect.SSLRedirect)) }}
+        # enforce ssl on server side
+        if ($pass_access_scheme = http) {
+            return 301 https://$host$request_uri;
+        }
+        {{ end }}

+        {{ if not (empty $location.Redirect.AppRoot)}}
+        if ($uri = /) {
+            return 302 {{ $location.Redirect.AppRoot }};
+        }
+        {{ end }}
        {{ if not (empty $authPath) }}
        location = {{ $authPath }} {
            internal;
@ -279,12 +291,7 @@ http {
            error_page 401 = {{ $location.ExternalAuth.SigninURL }};
            {{ end }}

-            {{ if (or $location.Redirect.ForceSSLRedirect (and (not (empty $server.SSLCertificate)) $location.Redirect.SSLRedirect)) }}
-            # enforce ssl on server side
-            if ($pass_access_scheme = http) {
-                return 301 https://$host$request_uri;
-            }
-            {{ end }}
+
            {{/* if the location contains a rate limit annotation, create one */}}
            {{ $limits := buildRateLimit $location }}
            {{ range $limit := $limits }}