Skip to content

Commit

Permalink
Add some more directives
Browse files Browse the repository at this point in the history
  • Loading branch information
@rikatz
rikatz committed Sep 26, 2024
1 parent 1236108 commit 00f7bfb
Show file tree
Hide file tree
Showing 2 changed files with 25 additions and 11 deletions.
14 changes: 14 additions & 0 deletions internal/ingress/controller/template/crossplane/location.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -328,8 +328,22 @@ func (c *Template) buildAllowedLocation(server *ingress.Server, location *ingres
fmt.Sprintf("$http_%s", strings.ToLower(strings.ReplaceAll(c.tplConfig.Cfg.ForwardedForHeader, "-", "_")))),
buildDirectiveWithComment(proxySetHeader,
"mitigate HTTProxy Vulnerability - https://www.nginx.com/blog/mitigating-the-httpoxy-vulnerability-with-nginx/", "Proxy", ""),
buildDirective("proxy_connect_timeout", seconds(location.Proxy.ConnectTimeout)),
buildDirective("proxy_read_timeout", seconds(location.Proxy.ReadTimeout)),
buildDirective("proxy_send_timeout", seconds(location.Proxy.SendTimeout)),
buildDirective("proxy_buffering", location.Proxy.ProxyBuffering),
buildDirective("proxy_buffer_size", location.Proxy.BufferSize),
buildDirective("proxy_buffers", location.Proxy.BuffersNumber, location.Proxy.BufferSize),
buildDirective("proxy_request_buffering", location.Proxy.RequestBuffering),
buildDirective("proxy_http_version", location.Proxy.ProxyHTTPVersion),
buildDirective("proxy_cookie_domain", location.Proxy.CookieDomain),
buildDirective("proxy_cookie_path", location.Proxy.CookiePath),
)

if isValidByteSize(location.Proxy.ProxyMaxTempFileSize, true) {
dir = append(dir, buildDirective("proxy_max_temp_file_size", location.Proxy.ProxyMaxTempFileSize))
}

if c.tplConfig.Cfg.UseForwardedHeaders && c.tplConfig.Cfg.ComputeFullForwardedFor {
dir = append(dir, buildDirective(proxySetHeader, "X-Forwarded-For", "$full_x_forwarded_for"))
} else {
Expand Down
22 changes: 11 additions & 11 deletions internal/ingress/controller/template/crossplane/testdata/nginx-new.tmpl
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1121,21 +1121,21 @@ http {
{{ $proxySetHeader }} {{ $k }} {{ $v | quote }}; # OK
{{ end }} # 1

proxy_connect_timeout {{ $location.Proxy.ConnectTimeout }}s;
proxy_send_timeout {{ $location.Proxy.SendTimeout }}s;
proxy_read_timeout {{ $location.Proxy.ReadTimeout }}s;
proxy_connect_timeout {{ $location.Proxy.ConnectTimeout }}s; OK
proxy_send_timeout {{ $location.Proxy.SendTimeout }}s; # OK
proxy_read_timeout {{ $location.Proxy.ReadTimeout }}s; # OK

proxy_buffering {{ $location.Proxy.ProxyBuffering }};
proxy_buffer_size {{ $location.Proxy.BufferSize }};
proxy_buffers {{ $location.Proxy.BuffersNumber }} {{ $location.Proxy.BufferSize }};
proxy_buffering {{ $location.Proxy.ProxyBuffering }}; # OK
proxy_buffer_size {{ $location.Proxy.BufferSize }}; # OK
proxy_buffers {{ $location.Proxy.BuffersNumber }} {{ $location.Proxy.BufferSize }}; # OK
{{ if isValidByteSize $location.Proxy.ProxyMaxTempFileSize true }}
proxy_max_temp_file_size {{ $location.Proxy.ProxyMaxTempFileSize }};
proxy_max_temp_file_size {{ $location.Proxy.ProxyMaxTempFileSize }}; # OK
{{ end }}
proxy_request_buffering {{ $location.Proxy.RequestBuffering }};
proxy_http_version {{ $location.Proxy.ProxyHTTPVersion }};
proxy_request_buffering {{ $location.Proxy.RequestBuffering }}; # OK
proxy_http_version {{ $location.Proxy.ProxyHTTPVersion }}; # OK

proxy_cookie_domain {{ $location.Proxy.CookieDomain }};
proxy_cookie_path {{ $location.Proxy.CookiePath }};
proxy_cookie_domain {{ $location.Proxy.CookieDomain }}; # OK
proxy_cookie_path {{ $location.Proxy.CookiePath }}; # OK

# In case of errors try the next upstream server before returning an error
proxy_next_upstream {{ buildNextUpstream $location.Proxy.NextUpstream $all.Cfg.RetryNonIdempotent }};
Expand Down

0 comments on commit 00f7bfb

Please sign in to comment.