DevFW-CICD/ingress-nginx-helm
6
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Add NoAuthLocations and default it to "/.well-known/acme-challenge" (#2243)

Browse source 
* Add NoAuthLocations and default it to "/.well-known/acme-challenge"

* Add e2e tests for no-auth-location

* Improve wording of no-auth-location tests
This commit is contained in:
Alvaro Aleman 2018-04-02 02:02:34 +02:00 committed by Manuel Alejandro de Brito Fontes
parent 9b4d7f28d0
commit e7aa74b5d4
6 changed files with 192 additions and 6 deletions
Download patch file Download diff file Expand all files Collapse all files

12
rootfs/etc/nginx/template/nginx.tmpl
View file

@ -845,6 +845,7 @@ stream {
}
{{ end }}
{{ if not (isLocationInLocationList $location $all.Cfg.NoAuthLocations) }}
{{ if $authPath }}
# this location requires authentication
auth_request {{ $authPath }};
@ -859,11 +860,6 @@ stream {
error_page 401 = {{ buildAuthSignURL $location.ExternalAuth.SigninURL }};
{{ end }}
{{/* if the location contains a rate limit annotation, create one */}}
{{ $limits := buildRateLimit $location }}
{{ range $limit := $limits }}
{{ $limit }}{{ end }}
{{ if $location.BasicDigestAuth.Secured }}
{{ if eq $location.BasicDigestAuth.Type "basic" }}
auth_basic "{{ $location.BasicDigestAuth.Realm }}";
@ -874,6 +870,12 @@ stream {
{{ end }}
proxy_set_header Authorization "";
{{ end }}
{{ end }}
{{/* if the location contains a rate limit annotation, create one */}}
{{ $limits := buildRateLimit $location }}
{{ range $limit := $limits }}
{{ $limit }}{{ end }}
{{ if $location.CorsConfig.CorsEnabled }}
{{ template "CORS" $location }}