Documentation
¶
Index ¶
- type AddHeader
- type BasicAuth
- type Distribution
- type Dos
- type EgressMTLS
- type ErrorPage
- type ErrorPageLocation
- type Header
- type HealthCheck
- type IngressMTLS
- type InternalRedirectLocation
- type JWTAuth
- type JwksURI
- type LimitReq
- type LimitReqOptions
- type LimitReqZone
- type Location
- type Map
- type Match
- type OIDC
- type Parameter
- type Queue
- type Return
- type ReturnLocation
- type SSL
- type Server
- type SessionCookie
- type SplitClient
- type StatusMatch
- type StreamHealthCheck
- type StreamSSL
- type StreamServer
- type StreamUpstream
- type StreamUpstreamBackupServer
- type StreamUpstreamServer
- type TLSPassthroughHostsConfig
- type TLSRedirect
- type TemplateExecutor
- func (te *TemplateExecutor) ExecuteTLSPassthroughHostsTemplate(cfg *TLSPassthroughHostsConfig) ([]byte, error)
- func (te *TemplateExecutor) ExecuteTransportServerTemplate(cfg *TransportServerConfig) ([]byte, error)
- func (te *TemplateExecutor) ExecuteVirtualServerTemplate(cfg *VirtualServerConfig) ([]byte, error)
- func (te *TemplateExecutor) UpdateVirtualServerTemplate(templateString *string) error
- type TransportServerConfig
- type Upstream
- type UpstreamLabels
- type UpstreamServer
- type VirtualServerConfig
- type WAF
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type AddHeader ¶
AddHeader defines a header to use with add_header directive with an optional Always field.
type Distribution ¶
Distribution maps weight to a value in a SplitClient.
type Dos ¶
type Dos struct {
Enable string
Name string
ApDosPolicy string
ApDosSecurityLogEnable bool
ApDosLogConf string
ApDosMonitorURI string
ApDosMonitorProtocol string
ApDosMonitorTimeout uint64
ApDosAccessLogDest string
}
Dos defines Dos configuration.
type EgressMTLS ¶
type EgressMTLS struct {
Certificate string
CertificateKey string
VerifyServer bool
VerifyDepth int
Ciphers string
Protocols string
TrustedCert string
SessionReuse bool
ServerName bool
SSLName string
}
EgressMTLS defines TLS configuration for a location.
type ErrorPageLocation ¶
ErrorPageLocation defines a named location for an error_page directive.
type HealthCheck ¶
type HealthCheck struct {
Name string
URI string
Interval string
Jitter string
Fails int
Passes int
Port int
ProxyPass string
ProxyConnectTimeout string
ProxyReadTimeout string
ProxySendTimeout string
Headers map[string]string
Match string
GRPCPass string
GRPCStatus *int
GRPCService string
Mandatory bool
Persistent bool
KeepaliveTime string
}
HealthCheck defines a HealthCheck for an upstream in a Server.
type IngressMTLS ¶
IngressMTLS defines TLS configuration for a server. This is a subset of TLS specifically for clients auth.
type InternalRedirectLocation ¶
InternalRedirectLocation defines a location for internally redirecting requests to named locations.
type JWTAuth ¶
type JWTAuth struct {
Key string
Secret string
Realm string
Token string
KeyCache string
JwksURI JwksURI
}
JWTAuth holds JWT authentication configuration.
type LimitReqOptions ¶
LimitReqOptions defines rate limit options.
func (LimitReqOptions) String ¶
func (rl LimitReqOptions) String() string
type LimitReqZone ¶
LimitReqZone defines a rate limit shared memory zone.
func (LimitReqZone) String ¶
func (rlz LimitReqZone) String() string
type Location ¶
type Location struct {
Path string
Internal bool
Snippets []string
ProxyConnectTimeout string
ProxyReadTimeout string
ProxySendTimeout string
ClientMaxBodySize string
ProxyMaxTempFileSize string
ProxyBuffering bool
ProxyBuffers string
ProxyBufferSize string
ProxyPass string
ProxyNextUpstream string
ProxyNextUpstreamTimeout string
ProxyNextUpstreamTries int
ProxyInterceptErrors bool
ProxyPassRequestHeaders bool
ProxySetHeaders []Header
ProxyHideHeaders []string
ProxyPassHeaders []string
ProxyIgnoreHeaders string
ProxyPassRewrite string
AddHeaders []AddHeader
Rewrites []string
HasKeepalive bool
ErrorPages []ErrorPage
ProxySSLName string
InternalProxyPass string
Allow []string
Deny []string
LimitReqOptions LimitReqOptions
LimitReqs []LimitReq
JWTAuth *JWTAuth
BasicAuth *BasicAuth
EgressMTLS *EgressMTLS
OIDC bool
WAF *WAF
Dos *Dos
PoliciesErrorReturn *Return
ServiceName string
IsVSR bool
VSRName string
VSRNamespace string
GRPCPass string
}
Location defines a location.
type OIDC ¶
type OIDC struct {
AuthEndpoint string
ClientID string
ClientSecret string
JwksURI string
Scope string
TokenEndpoint string
RedirectURI string
ZoneSyncLeeway int
AuthExtraArgs string
AccessTokenEnable bool
}
OIDC holds OIDC configuration data.
type ReturnLocation ¶
ReturnLocation defines a location for returning a fixed response.
type Server ¶
type Server struct {
ServerName string
StatusZone string
CustomListeners bool
HTTPPort int
HTTPSPort int
ProxyProtocol bool
SSL *SSL
ServerTokens string
RealIPHeader string
SetRealIPFrom []string
RealIPRecursive bool
Snippets []string
InternalRedirectLocations []InternalRedirectLocation
Locations []Location
ErrorPageLocations []ErrorPageLocation
ReturnLocations []ReturnLocation
HealthChecks []HealthCheck
TLSRedirect *TLSRedirect
TLSPassthrough bool
Allow []string
Deny []string
LimitReqOptions LimitReqOptions
LimitReqs []LimitReq
JWTAuth *JWTAuth
JWTAuthList map[string]*JWTAuth
JWKSAuthEnabled bool
BasicAuth *BasicAuth
IngressMTLS *IngressMTLS
EgressMTLS *EgressMTLS
OIDC *OIDC
WAF *WAF
Dos *Dos
PoliciesErrorReturn *Return
VSNamespace string
VSName string
DisableIPV6 bool
Gunzip bool
}
Server defines a server.
type SessionCookie ¶
type SessionCookie struct {
Enable bool
Name string
Path string
Expires string
Domain string
HTTPOnly bool
Secure bool
SameSite string
}
SessionCookie defines a session cookie for an upstream.
type SplitClient ¶
type SplitClient struct {
Source string
Variable string
Distributions []Distribution
}
SplitClient defines a split_clients.
type StatusMatch ¶
StatusMatch defines a Match block for status codes.
type StreamHealthCheck ¶
type StreamHealthCheck struct {
Enabled bool
Interval string
Port int
Passes int
Jitter string
Fails int
Timeout string
Match string
}
StreamHealthCheck defines a health check for a StreamUpstream in a StreamServer.
type StreamServer ¶
type StreamServer struct {
TLSPassthrough bool
UnixSocket string
Port int
UDP bool
StatusZone string
ProxyRequests *int
ProxyResponses *int
ProxyPass string
Name string
Namespace string
ProxyTimeout string
ProxyConnectTimeout string
ProxyNextUpstream bool
ProxyNextUpstreamTimeout string
ProxyNextUpstreamTries int
HealthCheck *StreamHealthCheck
ServerSnippets []string
DisableIPV6 bool
SSL *StreamSSL
}
StreamServer defines a server in the stream module.
type StreamUpstream ¶
type StreamUpstream struct {
Name string
Servers []StreamUpstreamServer
UpstreamLabels UpstreamLabels
LoadBalancingMethod string
Resolve bool
BackupServers []StreamUpstreamBackupServer
}
StreamUpstream defines a stream upstream.
type StreamUpstreamBackupServer ¶
type StreamUpstreamBackupServer struct {
Address string
}
StreamUpstreamBackupServer represents Backup Server address or name defined by the ExternalName service.
type StreamUpstreamServer ¶
type StreamUpstreamServer struct {
Address string
MaxFails int
FailTimeout string
MaxConnections int
}
StreamUpstreamServer defines a stream upstream server.
type TLSPassthroughHostsConfig ¶
TLSPassthroughHostsConfig defines a mapping between TLS Passthrough hosts and the corresponding unix sockets.
type TLSRedirect ¶
TLSRedirect defines a redirect in a Server.
type TemplateExecutor ¶
type TemplateExecutor struct {
// contains filtered or unexported fields
}
TemplateExecutor executes NGINX configuration templates.
func NewTemplateExecutor ¶
func NewTemplateExecutor(virtualServerTemplatePath string, transportServerTemplatePath string) (*TemplateExecutor, error)
NewTemplateExecutor creates a TemplateExecutor.
func (*TemplateExecutor) ExecuteTLSPassthroughHostsTemplate ¶
func (te *TemplateExecutor) ExecuteTLSPassthroughHostsTemplate(cfg *TLSPassthroughHostsConfig) ([]byte, error)
ExecuteTLSPassthroughHostsTemplate generates the content of an NGINX configuration file for mapping between TLS Passthrough hosts and the corresponding unix sockets.
func (*TemplateExecutor) ExecuteTransportServerTemplate ¶
func (te *TemplateExecutor) ExecuteTransportServerTemplate(cfg *TransportServerConfig) ([]byte, error)
ExecuteTransportServerTemplate generates the content of an NGINX configuration file for a TransportServer resource.
func (*TemplateExecutor) ExecuteVirtualServerTemplate ¶
func (te *TemplateExecutor) ExecuteVirtualServerTemplate(cfg *VirtualServerConfig) ([]byte, error)
ExecuteVirtualServerTemplate generates the content of an NGINX configuration file for a VirtualServer resource.
func (*TemplateExecutor) UpdateVirtualServerTemplate ¶
func (te *TemplateExecutor) UpdateVirtualServerTemplate(templateString *string) error
UpdateVirtualServerTemplate updates the VirtualServer template.
type TransportServerConfig ¶
type TransportServerConfig struct {
Server StreamServer
Upstreams []StreamUpstream
StreamSnippets []string
Match *Match
DisableIPV6 bool
DynamicSSLReloadEnabled bool
StaticSSLPath string
}
TransportServerConfig holds NGINX configuration for a TransportServer.
type Upstream ¶
type Upstream struct {
Name string
Servers []UpstreamServer
LBMethod string
Resolve bool
Keepalive int
MaxFails int
MaxConns int
SlowStart string
FailTimeout string
UpstreamZoneSize string
Queue *Queue
SessionCookie *SessionCookie
UpstreamLabels UpstreamLabels
NTLM bool
BackupServers []UpstreamServer
}
Upstream defines an upstream.
type UpstreamLabels ¶
type UpstreamLabels struct {
Service string
ResourceType string
ResourceName string
ResourceNamespace string
}
UpstreamLabels describes the Prometheus labels for an NGINX upstream.
type UpstreamServer ¶
type UpstreamServer struct {
Address string
}
UpstreamServer defines an upstream server.
type VirtualServerConfig ¶
type VirtualServerConfig struct {
HTTPSnippets []string
LimitReqZones []LimitReqZone
Maps []Map
Server Server
SpiffeCerts bool
SpiffeClientCerts bool
SplitClients []SplitClient
StatusMatches []StatusMatch
Upstreams []Upstream
DynamicSSLReloadEnabled bool
StaticSSLPath string
}
VirtualServerConfig holds NGINX configuration for a VirtualServer.
Source Files