Refactor X-Forwarded-* headers

controllers/nginx/pkg/config/config.go

@@ -23,6 +23,8 @@ import (
 
 	"github.com/golang/glog"
 
+	api "k8s.io/api/core/v1"
+
 	"k8s.io/ingress/core/pkg/ingress"
 	"k8s.io/ingress/core/pkg/ingress/defaults"
 )
@@ -259,6 +261,11 @@ type Configuration struct {
 	// https://nginx.org/en/docs/http/ngx_http_proxy_module.html#proxy_headers_hash_bucket_size
 	ProxyHeadersHashBucketSize int `json:"proxy-headers-hash-bucket-size,omitempty"`
 
+	// RealClientFrom defines the trusted source of the client source IP address
+	// The valid values are "auto", "http-proxy" and "tcp-proxy"
+	// Default: auto
+	RealClientFrom string `json:"real-client-from,omitempty"`
+
 	// Enables or disables emitting nginx version in error messages and in the “Server” response header field.
 	// http://nginx.org/en/docs/http/ngx_http_core_module.html#server_tokens
 	// Default: true
@@ -448,6 +455,7 @@ func NewDefault() Configuration {
 		LimitConnZoneVariable:        defaultLimitConnZoneVariable,
 		BindAddressIpv4:              defBindAddress,
 		BindAddressIpv6:              defBindAddress,
+		RealClientFrom:               "auto",
 	}
 
 	if glog.V(5) {
@@ -486,6 +494,7 @@ type TemplateConfig struct {
 	IsSSLPassthroughEnabled bool
 	RedirectServers         map[string]string
 	ListenPorts             *ListenPorts
+	PublishService          *api.Service
 }
 
 // ListenPorts describe the ports required to run the