New logic: proxy-ssl parameters can be applied on locations only
Add: new parameter in the ConfigMap to control whether the proxy-ssl parameters of an Ingress should be applied on server and location levels, or only on location level Add: logic in the config handling to work according to the new ConfigMap parameter Add: unit test case
This commit is contained in:
Laszlo Janosi
parent
19e9e9d7ed
commit
ced67e53a1
3 changed files with 305 additions and 18 deletions
|
|
@ -644,6 +644,11 @@ type Configuration struct {
|
|||
// DefaultSSLCertificate holds the default SSL certificate to use in the configuration
|
||||
// It can be the fake certificate or the one behind the flag --default-ssl-certificate
|
||||
DefaultSSLCertificate *ingress.SSLCert `json:"-"`
|
||||
|
||||
// ProxySSLLocationOnly controls whether the proxy-ssl parameters defined in the
|
||||
// proxy-ssl-* annotations are applied on on location level only in the nginx.conf file
|
||||
// Default is that those are applied on server level, too
|
||||
ProxySSLLocationOnly bool `json:"proxy-ssl-location-only"`
|
||||
}
|
||||
|
||||
// NewDefault returns the default nginx configuration
|
||||
|
|
@ -786,6 +791,7 @@ func NewDefault() Configuration {
|
|||
NoTLSRedirectLocations: "/.well-known/acme-challenge",
|
||||
NoAuthLocations: "/.well-known/acme-challenge",
|
||||
GlobalExternalAuth: defGlobalExternalAuth,
|
||||
ProxySSLLocationOnly: false,
|
||||
}
|
||||
|
||||
if klog.V(5) {
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue