Documentation ¶
Index ¶
- Constants
- func GenerateCertAndKeyFileContent(secret *api_v1.Secret) []byte
- func GetMapKeyAsBool(m map[string]string, key string, context apiObject) (bool, bool, error)
- func GetMapKeyAsInt(m map[string]string, key string, context apiObject) (int64, bool, error)
- func GetMapKeyAsStringSlice(m map[string]string, key string, context apiObject, delimiter string) ([]string, bool, error)
- func GetSecretKind(secret *api_v1.Secret) (int, error)
- func ValidateJWKSecret(secret *api_v1.Secret) error
- func ValidateTLSSecret(secret *api_v1.Secret) error
- type Config
- type Configurator
- func (cnf *Configurator) AddOrUpdateDHParam(content string) (string, error)
- func (cnf *Configurator) AddOrUpdateDefaultServerTLSSecret(secret *api_v1.Secret) error
- func (cnf *Configurator) AddOrUpdateIngress(ingEx *IngressEx) error
- func (cnf *Configurator) AddOrUpdateSecret(secret *api_v1.Secret) error
- func (cnf *Configurator) DeleteIngress(key string) error
- func (cnf *Configurator) DeleteSecret(key string, ings []extensions.Ingress) error
- func (cnf *Configurator) UpdateConfig(config *Config, ingExes []*IngressEx) error
- func (cnf *Configurator) UpdateEndpoints(ingEx *IngressEx) error
- type IngressEx
- type IngressNginxConfig
- type Location
- type NginxController
- func (nginx *NginxController) AddOrUpdateDHParam(dhparam string) (string, error)
- func (nginx *NginxController) AddOrUpdateIngress(name string, config IngressNginxConfig)
- func (nginx *NginxController) AddOrUpdateSecretFile(name string, content []byte, mode os.FileMode) string
- func (nginx *NginxController) DeleteIngress(name string)
- func (nginx *NginxController) DeleteSecretFile(name string)
- func (nginx *NginxController) Quit()
- func (nginx *NginxController) Reload() error
- func (nginx *NginxController) Start(done chan error)
- func (nginx *NginxController) UpdateMainConfigFile(cfg *NginxMainConfig)
- type NginxMainConfig
- type Server
- type Upstream
- type UpstreamServer
Constants ¶
const ( // TLS Secret TLS = iota // JWK Secret JWK )
const DefaultServerSecretName = "default"
DefaultServerSecretName is the filename of the Secret with a TLS cert and a key for the default server
const JWTKey = "jwk"
JWTKey is the key of the data field of a Secret where the JWK must be stored.
const JWTKeyAnnotation = "nginx.com/jwt-key"
JWTKeyAnnotation is the annotation where the Secret with a JWK is specified.
const TLSSecretFileMode = 0600
TLSSecretFileMode defines the default filemode for files with TLS Secrets
Variables ¶
This section is empty.
Functions ¶
func GenerateCertAndKeyFileContent ¶ added in v1.0.0
GenerateCertAndKeyFileContent generates a pem file content from the secret
func GetMapKeyAsBool ¶ added in v0.6.0
GetMapKeyAsBool searches the map for the given key and parses the key as bool
func GetMapKeyAsInt ¶ added in v0.6.0
GetMapKeyAsInt tries to find and parse a key in a map as int64
func GetMapKeyAsStringSlice ¶ added in v0.7.0
func GetMapKeyAsStringSlice(m map[string]string, key string, context apiObject, delimiter string) ([]string, bool, error)
GetMapKeyAsStringSlice tries to find and parse a key in the map as string slice splitting it on delimiter
func GetSecretKind ¶ added in v1.0.0
GetSecretKind returns the kind of the Secret.
func ValidateJWKSecret ¶ added in v1.0.0
ValidateJWKSecret validates the secret. If it is valid, the function returns nil.
func ValidateTLSSecret ¶ added in v1.0.0
ValidateTLSSecret validates the secret. If it is valid, the function returns nil.
Types ¶
type Config ¶
type Config struct { LocationSnippets []string ServerSnippets []string ServerTokens string ProxyConnectTimeout string ProxyReadTimeout string ClientMaxBodySize string HTTP2 bool RedirectToHTTPS bool MainHTTPSnippets []string MainServerNamesHashBucketSize string MainServerNamesHashMaxSize string MainLogFormat string ProxyBuffering bool ProxyBuffers string ProxyBufferSize string ProxyMaxTempFileSize string ProxyProtocol bool ProxyHideHeaders []string ProxyPassHeaders []string HSTS bool HSTSMaxAge int64 HSTSIncludeSubdomains bool LBMethod string // http://nginx.org/en/docs/http/ngx_http_realip_module.html RealIPHeader string SetRealIPFrom []string RealIPRecursive bool // http://nginx.org/en/docs/http/ngx_http_ssl_module.html MainServerSSLProtocols string MainServerSSLPreferServerCiphers bool MainServerSSLCiphers string MainServerSSLDHParam string JWTRealm string JWTKey string JWTToken string JWTLoginURL string Ports []int SSLPorts []int }
Config holds NGINX configuration parameters
func NewDefaultConfig ¶
func NewDefaultConfig() *Config
NewDefaultConfig creates a Config with default values
type Configurator ¶
type Configurator struct {
// contains filtered or unexported fields
}
Configurator transforms an Ingress resource into NGINX Configuration
func NewConfigurator ¶
func NewConfigurator(nginx *NginxController, config *Config, nginxAPI *plus.NginxAPIController) *Configurator
NewConfigurator creates a new Configurator
func (*Configurator) AddOrUpdateDHParam ¶ added in v0.7.0
func (cnf *Configurator) AddOrUpdateDHParam(content string) (string, error)
AddOrUpdateDHParam creates a dhparam file with the content of the string.
func (*Configurator) AddOrUpdateDefaultServerTLSSecret ¶ added in v1.0.0
func (cnf *Configurator) AddOrUpdateDefaultServerTLSSecret(secret *api_v1.Secret) error
AddOrUpdateDefaultServerTLSSecret creates or updates a file with a TLS cert and a key from the secret for the default server.
func (*Configurator) AddOrUpdateIngress ¶
func (cnf *Configurator) AddOrUpdateIngress(ingEx *IngressEx) error
AddOrUpdateIngress adds or updates NGINX configuration for the Ingress resource
func (*Configurator) AddOrUpdateSecret ¶ added in v1.0.0
func (cnf *Configurator) AddOrUpdateSecret(secret *api_v1.Secret) error
AddOrUpdateSecret creates or updates a file with the content of the secret
func (*Configurator) DeleteIngress ¶
func (cnf *Configurator) DeleteIngress(key string) error
DeleteIngress deletes NGINX configuration for the Ingress resource
func (*Configurator) DeleteSecret ¶ added in v1.0.0
func (cnf *Configurator) DeleteSecret(key string, ings []extensions.Ingress) error
DeleteSecret deletes the file associated with the secret and the configuration files for the Ingress resources. NGINX is reloaded only when len(ings) > 0
func (*Configurator) UpdateConfig ¶
func (cnf *Configurator) UpdateConfig(config *Config, ingExes []*IngressEx) error
UpdateConfig updates NGINX Configuration parameters
func (*Configurator) UpdateEndpoints ¶
func (cnf *Configurator) UpdateEndpoints(ingEx *IngressEx) error
UpdateEndpoints updates endpoints in NGINX configuration for the Ingress resource
type IngressEx ¶
type IngressEx struct { Ingress *extensions.Ingress TLSSecrets map[string]*api_v1.Secret JWTKey *api_v1.Secret Endpoints map[string][]string }
IngressEx holds an Ingress along with Secrets and Endpoints of the services that are referenced in this Ingress
type IngressNginxConfig ¶
IngressNginxConfig describes an NGINX configuration
type Location ¶
type Location struct { LocationSnippets []string Path string Upstream Upstream ProxyConnectTimeout string ProxyReadTimeout string ClientMaxBodySize string Websocket bool Rewrite string SSL bool ProxyBuffering bool ProxyBuffers string ProxyBufferSize string ProxyMaxTempFileSize string }
Location describes an NGINX location
type NginxController ¶
type NginxController struct {
// contains filtered or unexported fields
}
NginxController Updates NGINX configuration, starts and reloads NGINX
func NewNginxController ¶
func NewNginxController(nginxConfPath string, local bool, healthStatus bool, nginxConfTemplatePath string, nginxIngressTemplatePath string) (*NginxController, error)
NewNginxController creates a NGINX controller
func (*NginxController) AddOrUpdateDHParam ¶ added in v0.7.0
func (nginx *NginxController) AddOrUpdateDHParam(dhparam string) (string, error)
AddOrUpdateDHParam creates the servers dhparam.pem file
func (*NginxController) AddOrUpdateIngress ¶
func (nginx *NginxController) AddOrUpdateIngress(name string, config IngressNginxConfig)
AddOrUpdateIngress creates or updates a file with the specified configuration for the specified ingress
func (*NginxController) AddOrUpdateSecretFile ¶ added in v1.0.0
func (nginx *NginxController) AddOrUpdateSecretFile(name string, content []byte, mode os.FileMode) string
AddOrUpdateSecretFile creates a file with the specified name, content and mode.
func (*NginxController) DeleteIngress ¶
func (nginx *NginxController) DeleteIngress(name string)
DeleteIngress deletes the configuration file, which corresponds for the specified ingress from NGINX conf directory
func (*NginxController) DeleteSecretFile ¶ added in v1.0.0
func (nginx *NginxController) DeleteSecretFile(name string)
DeleteSecretFile the file with a Secret
func (*NginxController) Quit ¶ added in v1.0.0
func (nginx *NginxController) Quit()
Quit shutdowns NGINX gracefully
func (*NginxController) Start ¶
func (nginx *NginxController) Start(done chan error)
Start starts NGINX
func (*NginxController) UpdateMainConfigFile ¶
func (nginx *NginxController) UpdateMainConfigFile(cfg *NginxMainConfig)
UpdateMainConfigFile update the main NGINX configuration file
type NginxMainConfig ¶
type NginxMainConfig struct { ServerNamesHashBucketSize string ServerNamesHashMaxSize string LogFormat string HealthStatus bool HTTPSnippets []string // http://nginx.org/en/docs/http/ngx_http_ssl_module.html SSLProtocols string SSLPreferServerCiphers bool SSLCiphers string SSLDHParam string HTTP2 bool ServerTokens string ProxyProtocol bool }
NginxMainConfig describe the main NGINX configuration file
type Server ¶
type Server struct { ServerSnippets []string Name string ServerTokens string Locations []Location SSL bool SSLCertificate string SSLCertificateKey string StatusZone string HTTP2 bool RedirectToHTTPS bool ProxyProtocol bool HSTS bool HSTSMaxAge int64 HSTSIncludeSubdomains bool ProxyHideHeaders []string ProxyPassHeaders []string // http://nginx.org/en/docs/http/ngx_http_realip_module.html RealIPHeader string SetRealIPFrom []string RealIPRecursive bool JWTKey string JWTRealm string JWTToken string JWTLoginURL string Ports []int SSLPorts []int }
Server describes an NGINX server
type Upstream ¶
type Upstream struct { Name string UpstreamServers []UpstreamServer StickyCookie string LBMethod string }
Upstream describes an NGINX upstream
func NewUpstreamWithDefaultServer ¶
NewUpstreamWithDefaultServer creates an upstream with the default server. proxy_pass to an upstream with the default server returns 502. We use it for services that have no endpoints
type UpstreamServer ¶
UpstreamServer describes a server in an NGINX upstream