nginx

package
v1.0.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Sep 6, 2017 License: Apache-2.0 Imports: 15 Imported by: 0

Documentation

Index

Constants

View Source
const (
	// TLS Secret
	TLS = iota
	// JWK Secret
	JWK
)
View Source
const DefaultServerSecretName = "default"

DefaultServerSecretName is the filename of the Secret with a TLS cert and a key for the default server

View Source
const JWTKey = "jwk"

JWTKey is the key of the data field of a Secret where the JWK must be stored.

View Source
const JWTKeyAnnotation = "nginx.com/jwt-key"

JWTKeyAnnotation is the annotation where the Secret with a JWK is specified.

View Source
const TLSSecretFileMode = 0600

TLSSecretFileMode defines the default filemode for files with TLS Secrets

Variables

This section is empty.

Functions

func GenerateCertAndKeyFileContent added in v1.0.0

func GenerateCertAndKeyFileContent(secret *api_v1.Secret) []byte

GenerateCertAndKeyFileContent generates a pem file content from the secret

func GetMapKeyAsBool added in v0.6.0

func GetMapKeyAsBool(m map[string]string, key string, context apiObject) (bool, bool, error)

GetMapKeyAsBool searches the map for the given key and parses the key as bool

func GetMapKeyAsInt added in v0.6.0

func GetMapKeyAsInt(m map[string]string, key string, context apiObject) (int64, bool, error)

GetMapKeyAsInt tries to find and parse a key in a map as int64

func GetMapKeyAsStringSlice added in v0.7.0

func GetMapKeyAsStringSlice(m map[string]string, key string, context apiObject, delimiter string) ([]string, bool, error)

GetMapKeyAsStringSlice tries to find and parse a key in the map as string slice splitting it on delimiter

func GetSecretKind added in v1.0.0

func GetSecretKind(secret *api_v1.Secret) (int, error)

GetSecretKind returns the kind of the Secret.

func ValidateJWKSecret added in v1.0.0

func ValidateJWKSecret(secret *api_v1.Secret) error

ValidateJWKSecret validates the secret. If it is valid, the function returns nil.

func ValidateTLSSecret added in v1.0.0

func ValidateTLSSecret(secret *api_v1.Secret) error

ValidateTLSSecret validates the secret. If it is valid, the function returns nil.

Types

type Config

type Config struct {
	LocationSnippets              []string
	ServerSnippets                []string
	ServerTokens                  string
	ProxyConnectTimeout           string
	ProxyReadTimeout              string
	ClientMaxBodySize             string
	HTTP2                         bool
	RedirectToHTTPS               bool
	MainHTTPSnippets              []string
	MainServerNamesHashBucketSize string
	MainServerNamesHashMaxSize    string
	MainLogFormat                 string
	ProxyBuffering                bool
	ProxyBuffers                  string
	ProxyBufferSize               string
	ProxyMaxTempFileSize          string
	ProxyProtocol                 bool
	ProxyHideHeaders              []string
	ProxyPassHeaders              []string
	HSTS                          bool
	HSTSMaxAge                    int64
	HSTSIncludeSubdomains         bool
	LBMethod                      string

	// http://nginx.org/en/docs/http/ngx_http_realip_module.html
	RealIPHeader    string
	SetRealIPFrom   []string
	RealIPRecursive bool

	// http://nginx.org/en/docs/http/ngx_http_ssl_module.html
	MainServerSSLProtocols           string
	MainServerSSLPreferServerCiphers bool
	MainServerSSLCiphers             string
	MainServerSSLDHParam             string

	JWTRealm    string
	JWTKey      string
	JWTToken    string
	JWTLoginURL string

	Ports    []int
	SSLPorts []int
}

Config holds NGINX configuration parameters

func NewDefaultConfig

func NewDefaultConfig() *Config

NewDefaultConfig creates a Config with default values

type Configurator

type Configurator struct {
	// contains filtered or unexported fields
}

Configurator transforms an Ingress resource into NGINX Configuration

func NewConfigurator

func NewConfigurator(nginx *NginxController, config *Config, nginxAPI *plus.NginxAPIController) *Configurator

NewConfigurator creates a new Configurator

func (*Configurator) AddOrUpdateDHParam added in v0.7.0

func (cnf *Configurator) AddOrUpdateDHParam(content string) (string, error)

AddOrUpdateDHParam creates a dhparam file with the content of the string.

func (*Configurator) AddOrUpdateDefaultServerTLSSecret added in v1.0.0

func (cnf *Configurator) AddOrUpdateDefaultServerTLSSecret(secret *api_v1.Secret) error

AddOrUpdateDefaultServerTLSSecret creates or updates a file with a TLS cert and a key from the secret for the default server.

func (*Configurator) AddOrUpdateIngress

func (cnf *Configurator) AddOrUpdateIngress(ingEx *IngressEx) error

AddOrUpdateIngress adds or updates NGINX configuration for the Ingress resource

func (*Configurator) AddOrUpdateSecret added in v1.0.0

func (cnf *Configurator) AddOrUpdateSecret(secret *api_v1.Secret) error

AddOrUpdateSecret creates or updates a file with the content of the secret

func (*Configurator) DeleteIngress

func (cnf *Configurator) DeleteIngress(key string) error

DeleteIngress deletes NGINX configuration for the Ingress resource

func (*Configurator) DeleteSecret added in v1.0.0

func (cnf *Configurator) DeleteSecret(key string, ings []extensions.Ingress) error

DeleteSecret deletes the file associated with the secret and the configuration files for the Ingress resources. NGINX is reloaded only when len(ings) > 0

func (*Configurator) UpdateConfig

func (cnf *Configurator) UpdateConfig(config *Config, ingExes []*IngressEx) error

UpdateConfig updates NGINX Configuration parameters

func (*Configurator) UpdateEndpoints

func (cnf *Configurator) UpdateEndpoints(ingEx *IngressEx) error

UpdateEndpoints updates endpoints in NGINX configuration for the Ingress resource

type IngressEx

type IngressEx struct {
	Ingress    *extensions.Ingress
	TLSSecrets map[string]*api_v1.Secret
	JWTKey     *api_v1.Secret
	Endpoints  map[string][]string
}

IngressEx holds an Ingress along with Secrets and Endpoints of the services that are referenced in this Ingress

type IngressNginxConfig

type IngressNginxConfig struct {
	Upstreams []Upstream
	Servers   []Server
}

IngressNginxConfig describes an NGINX configuration

type Location

type Location struct {
	LocationSnippets     []string
	Path                 string
	Upstream             Upstream
	ProxyConnectTimeout  string
	ProxyReadTimeout     string
	ClientMaxBodySize    string
	Websocket            bool
	Rewrite              string
	SSL                  bool
	ProxyBuffering       bool
	ProxyBuffers         string
	ProxyBufferSize      string
	ProxyMaxTempFileSize string
}

Location describes an NGINX location

type NginxController

type NginxController struct {
	// contains filtered or unexported fields
}

NginxController Updates NGINX configuration, starts and reloads NGINX

func NewNginxController

func NewNginxController(nginxConfPath string, local bool, healthStatus bool, nginxConfTemplatePath string, nginxIngressTemplatePath string) (*NginxController, error)

NewNginxController creates a NGINX controller

func (*NginxController) AddOrUpdateDHParam added in v0.7.0

func (nginx *NginxController) AddOrUpdateDHParam(dhparam string) (string, error)

AddOrUpdateDHParam creates the servers dhparam.pem file

func (*NginxController) AddOrUpdateIngress

func (nginx *NginxController) AddOrUpdateIngress(name string, config IngressNginxConfig)

AddOrUpdateIngress creates or updates a file with the specified configuration for the specified ingress

func (*NginxController) AddOrUpdateSecretFile added in v1.0.0

func (nginx *NginxController) AddOrUpdateSecretFile(name string, content []byte, mode os.FileMode) string

AddOrUpdateSecretFile creates a file with the specified name, content and mode.

func (*NginxController) DeleteIngress

func (nginx *NginxController) DeleteIngress(name string)

DeleteIngress deletes the configuration file, which corresponds for the specified ingress from NGINX conf directory

func (*NginxController) DeleteSecretFile added in v1.0.0

func (nginx *NginxController) DeleteSecretFile(name string)

DeleteSecretFile the file with a Secret

func (*NginxController) Quit added in v1.0.0

func (nginx *NginxController) Quit()

Quit shutdowns NGINX gracefully

func (*NginxController) Reload

func (nginx *NginxController) Reload() error

Reload reloads NGINX

func (*NginxController) Start

func (nginx *NginxController) Start(done chan error)

Start starts NGINX

func (*NginxController) UpdateMainConfigFile

func (nginx *NginxController) UpdateMainConfigFile(cfg *NginxMainConfig)

UpdateMainConfigFile update the main NGINX configuration file

type NginxMainConfig

type NginxMainConfig struct {
	ServerNamesHashBucketSize string
	ServerNamesHashMaxSize    string
	LogFormat                 string
	HealthStatus              bool
	HTTPSnippets              []string
	// http://nginx.org/en/docs/http/ngx_http_ssl_module.html
	SSLProtocols           string
	SSLPreferServerCiphers bool
	SSLCiphers             string
	SSLDHParam             string
	HTTP2                  bool
	ServerTokens           string
	ProxyProtocol          bool
}

NginxMainConfig describe the main NGINX configuration file

type Server

type Server struct {
	ServerSnippets        []string
	Name                  string
	ServerTokens          string
	Locations             []Location
	SSL                   bool
	SSLCertificate        string
	SSLCertificateKey     string
	StatusZone            string
	HTTP2                 bool
	RedirectToHTTPS       bool
	ProxyProtocol         bool
	HSTS                  bool
	HSTSMaxAge            int64
	HSTSIncludeSubdomains bool
	ProxyHideHeaders      []string
	ProxyPassHeaders      []string

	// http://nginx.org/en/docs/http/ngx_http_realip_module.html
	RealIPHeader    string
	SetRealIPFrom   []string
	RealIPRecursive bool

	JWTKey      string
	JWTRealm    string
	JWTToken    string
	JWTLoginURL string

	Ports    []int
	SSLPorts []int
}

Server describes an NGINX server

type Upstream

type Upstream struct {
	Name            string
	UpstreamServers []UpstreamServer
	StickyCookie    string
	LBMethod        string
}

Upstream describes an NGINX upstream

func NewUpstreamWithDefaultServer

func NewUpstreamWithDefaultServer(name string) Upstream

NewUpstreamWithDefaultServer creates an upstream with the default server. proxy_pass to an upstream with the default server returns 502. We use it for services that have no endpoints

type UpstreamServer

type UpstreamServer struct {
	Address string
	Port    string
}

UpstreamServer describes a server in an NGINX upstream

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL