nginx

package
v1.1.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Dec 20, 2017 License: Apache-2.0 Imports: 15 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	// TLS Secret
	TLS = iota
	// JWK Secret
	JWK
)
View Source 
const DefaultServerSecretName = "default"

DefaultServerSecretName is the filename of the Secret with a TLS cert and a key for the default server

View Source 
const JWTKey = "jwk"

JWTKey is the key of the data field of a Secret where the JWK must be stored.

View Source 
const JWTKeyAnnotation = "nginx.com/jwt-key"

JWTKeyAnnotation is the annotation where the Secret with a JWK is specified.

View Source 
const TLSSecretFileMode = 0600

TLSSecretFileMode defines the default filemode for files with TLS Secrets

Variables

This section is empty.

Functions

func GenerateCertAndKeyFileContent added in v1.0.0 

func GenerateCertAndKeyFileContent(secret *api_v1.Secret) []byte

GenerateCertAndKeyFileContent generates a pem file content from the secret

func GetMapKeyAsBool added in v0.6.0 

func GetMapKeyAsBool(m map[string]string, key string, context apiObject) (bool, bool, error)

GetMapKeyAsBool searches the map for the given key and parses the key as bool

func GetMapKeyAsInt added in v0.6.0 

func GetMapKeyAsInt(m map[string]string, key string, context apiObject) (int64, bool, error)

GetMapKeyAsInt tries to find and parse a key in a map as int64

func GetMapKeyAsStringSlice added in v0.7.0 

func GetMapKeyAsStringSlice(m map[string]string, key string, context apiObject, delimiter string) ([]string, bool, error)

GetMapKeyAsStringSlice tries to find and parse a key in the map as string slice splitting it on delimiter

func GetSecretKind added in v1.0.0 

func GetSecretKind(secret *api_v1.Secret) (int, error)

GetSecretKind returns the kind of the Secret.

func ValidateJWKSecret added in v1.0.0 

func ValidateJWKSecret(secret *api_v1.Secret) error

ValidateJWKSecret validates the secret. If it is valid, the function returns nil.

func ValidateTLSSecret added in v1.0.0 

func ValidateTLSSecret(secret *api_v1.Secret) error

ValidateTLSSecret validates the secret. If it is valid, the function returns nil.

Types

type Config 

type Config struct {
	LocationSnippets              []string
	ServerSnippets                []string
	ServerTokens                  string
	ProxyConnectTimeout           string
	ProxyReadTimeout              string
	ClientMaxBodySize             string
	HTTP2                         bool
	RedirectToHTTPS               bool
	SSLRedirect                   bool
	MainMainSnippets              []string
	MainHTTPSnippets              []string
	MainServerNamesHashBucketSize string
	MainServerNamesHashMaxSize    string
	MainLogFormat                 string
	ProxyBuffering                bool
	ProxyBuffers                  string
	ProxyBufferSize               string
	ProxyMaxTempFileSize          string
	ProxyProtocol                 bool
	ProxyHideHeaders              []string
	ProxyPassHeaders              []string
	HSTS                          bool
	HSTSMaxAge                    int64
	HSTSIncludeSubdomains         bool
	LBMethod                      string
	MainWorkerProcesses           string
	MainWorkerCPUAffinity         string
	MainWorkerShutdownTimeout     string
	Keepalive                     int64

	// http://nginx.org/en/docs/http/ngx_http_realip_module.html
	RealIPHeader    string
	SetRealIPFrom   []string
	RealIPRecursive bool

	// http://nginx.org/en/docs/http/ngx_http_ssl_module.html
	MainServerSSLProtocols           string
	MainServerSSLPreferServerCiphers bool
	MainServerSSLCiphers             string
	MainServerSSLDHParam             string

	JWTRealm    string
	JWTKey      string
	JWTToken    string
	JWTLoginURL string

	Ports    []int
	SSLPorts []int
}

Config holds NGINX configuration parameters

func NewDefaultConfig 

func NewDefaultConfig() *Config

NewDefaultConfig creates a Config with default values

type Configurator 

type Configurator struct {
	// contains filtered or unexported fields
}

Configurator transforms an Ingress resource into NGINX Configuration

func NewConfigurator 

func NewConfigurator(nginx *NginxController, config *Config, nginxAPI *plus.NginxAPIController) *Configurator

NewConfigurator creates a new Configurator

func (*Configurator) AddOrUpdateDHParam added in v0.7.0 

func (cnf *Configurator) AddOrUpdateDHParam(content string) (string, error)

AddOrUpdateDHParam creates a dhparam file with the content of the string.

func (*Configurator) AddOrUpdateDefaultServerTLSSecret added in v1.0.0 

func (cnf *Configurator) AddOrUpdateDefaultServerTLSSecret(secret *api_v1.Secret) error

AddOrUpdateDefaultServerTLSSecret creates or updates a file with a TLS cert and a key from the secret for the default server.

func (*Configurator) AddOrUpdateIngress 

func (cnf *Configurator) AddOrUpdateIngress(ingEx *IngressEx) error

AddOrUpdateIngress adds or updates NGINX configuration for the Ingress resource

func (*Configurator) AddOrUpdateSecret added in v1.0.0 

func (cnf *Configurator) AddOrUpdateSecret(secret *api_v1.Secret) error

AddOrUpdateSecret creates or updates a file with the content of the secret

func (*Configurator) DeleteIngress 

func (cnf *Configurator) DeleteIngress(key string) error

DeleteIngress deletes NGINX configuration for the Ingress resource

func (*Configurator) DeleteSecret added in v1.0.0 

func (cnf *Configurator) DeleteSecret(key string, ings []extensions.Ingress) error

DeleteSecret deletes the file associated with the secret and the configuration files for the Ingress resources. NGINX is reloaded only when len(ings) > 0

func (*Configurator) HasIngress added in v1.1.0 

func (cnf *Configurator) HasIngress(ing *extensions.Ingress) bool

HasIngress checks if the Ingress resource is present in NGINX configuration

func (*Configurator) UpdateConfig 

func (cnf *Configurator) UpdateConfig(config *Config, ingExes []*IngressEx) error

UpdateConfig updates NGINX Configuration parameters

func (*Configurator) UpdateEndpoints 

func (cnf *Configurator) UpdateEndpoints(ingEx *IngressEx) error

UpdateEndpoints updates endpoints in NGINX configuration for the Ingress resource

type IngressEx 

type IngressEx struct {
	Ingress    *extensions.Ingress
	TLSSecrets map[string]*api_v1.Secret
	JWTKey     *api_v1.Secret
	Endpoints  map[string][]string
}

IngressEx holds an Ingress along with Secrets and Endpoints of the services that are referenced in this Ingress

type IngressNginxConfig 

type IngressNginxConfig struct {
	Upstreams []Upstream
	Servers   []Server
	Keepalive string
}

IngressNginxConfig describes an NGINX configuration

type Location 

type Location struct {
	LocationSnippets     []string
	Path                 string
	Upstream             Upstream
	ProxyConnectTimeout  string
	ProxyReadTimeout     string
	ClientMaxBodySize    string
	Websocket            bool
	Rewrite              string
	SSL                  bool
	ProxyBuffering       bool
	ProxyBuffers         string
	ProxyBufferSize      string
	ProxyMaxTempFileSize string
}

Location describes an NGINX location

type NginxController 

type NginxController struct {
	// contains filtered or unexported fields
}

NginxController Updates NGINX configuration, starts and reloads NGINX

func NewNginxController 

func NewNginxController(nginxConfPath string, local bool, healthStatus bool, nginxConfTemplatePath string, nginxIngressTemplatePath string) (*NginxController, error)

NewNginxController creates a NGINX controller

func (*NginxController) AddOrUpdateDHParam added in v0.7.0 

func (nginx *NginxController) AddOrUpdateDHParam(dhparam string) (string, error)

AddOrUpdateDHParam creates the servers dhparam.pem file

func (*NginxController) AddOrUpdateIngress 

func (nginx *NginxController) AddOrUpdateIngress(name string, config IngressNginxConfig)

AddOrUpdateIngress creates or updates a file with the specified configuration for the specified ingress

func (*NginxController) AddOrUpdateSecretFile added in v1.0.0 

func (nginx *NginxController) AddOrUpdateSecretFile(name string, content []byte, mode os.FileMode) string

AddOrUpdateSecretFile creates a file with the specified name, content and mode.

func (*NginxController) DeleteIngress 

func (nginx *NginxController) DeleteIngress(name string)

DeleteIngress deletes the configuration file, which corresponds for the specified ingress from NGINX conf directory

func (*NginxController) DeleteSecretFile added in v1.0.0 

func (nginx *NginxController) DeleteSecretFile(name string)

DeleteSecretFile the file with a Secret

func (*NginxController) Quit added in v1.0.0 

func (nginx *NginxController) Quit()

Quit shutdowns NGINX gracefully

func (*NginxController) Reload 

func (nginx *NginxController) Reload() error

Reload reloads NGINX

func (*NginxController) Start 

func (nginx *NginxController) Start(done chan error)

Start starts NGINX

func (*NginxController) UpdateMainConfigFile 

func (nginx *NginxController) UpdateMainConfigFile(cfg *NginxMainConfig)

UpdateMainConfigFile update the main NGINX configuration file

type NginxMainConfig 

type NginxMainConfig struct {
	ServerNamesHashBucketSize string
	ServerNamesHashMaxSize    string
	LogFormat                 string
	HealthStatus              bool
	MainSnippets              []string
	HTTPSnippets              []string
	// http://nginx.org/en/docs/http/ngx_http_ssl_module.html
	SSLProtocols           string
	SSLPreferServerCiphers bool
	SSLCiphers             string
	SSLDHParam             string
	HTTP2                  bool
	ServerTokens           string
	ProxyProtocol          bool
	WorkerProcesses        string
	WorkerCPUAffinity      string
	WorkerShutdownTimeout  string
}

NginxMainConfig describe the main NGINX configuration file

type Server 

type Server struct {
	ServerSnippets        []string
	Name                  string
	ServerTokens          string
	Locations             []Location
	SSL                   bool
	SSLCertificate        string
	SSLCertificateKey     string
	StatusZone            string
	HTTP2                 bool
	RedirectToHTTPS       bool
	SSLRedirect           bool
	ProxyProtocol         bool
	HSTS                  bool
	HSTSMaxAge            int64
	HSTSIncludeSubdomains bool
	ProxyHideHeaders      []string
	ProxyPassHeaders      []string

	// http://nginx.org/en/docs/http/ngx_http_realip_module.html
	RealIPHeader    string
	SetRealIPFrom   []string
	RealIPRecursive bool

	JWTKey      string
	JWTRealm    string
	JWTToken    string
	JWTLoginURL string

	Ports    []int
	SSLPorts []int
}

Server describes an NGINX server

type Upstream 

type Upstream struct {
	Name            string
	UpstreamServers []UpstreamServer
	StickyCookie    string
	LBMethod        string
}

Upstream describes an NGINX upstream

func NewUpstreamWithDefaultServer 

func NewUpstreamWithDefaultServer(name string) Upstream

NewUpstreamWithDefaultServer creates an upstream with the default server. proxy_pass to an upstream with the default server returns 502. We use it for services that have no endpoints

type UpstreamServer 

type UpstreamServer struct {
	Address string
	Port    string
}

UpstreamServer describes a server in an NGINX upstream

Source Files

View all Source files

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.