nginx

package
v1.2.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: May 1, 2018 License: Apache-2.0 Imports: 15 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	// TLS Secret
	TLS = iota
	// JWK Secret
	JWK
)
View Source 
const DefaultServerSecretName = "default"

DefaultServerSecretName is the filename of the Secret with a TLS cert and a key for the default server

View Source 
const JWTKey = "jwk"

JWTKey is the key of the data field of a Secret where the JWK must be stored.

View Source 
const JWTKeyAnnotation = "nginx.com/jwt-key"

JWTKeyAnnotation is the annotation where the Secret with a JWK is specified.

View Source 
const TLSSecretFileMode = 0600

TLSSecretFileMode defines the default filemode for files with TLS Secrets

Variables

This section is empty.

Functions

func GenerateCertAndKeyFileContent added in v1.0.0 

func GenerateCertAndKeyFileContent(secret *api_v1.Secret) []byte

GenerateCertAndKeyFileContent generates a pem file content from the secret

func GetMapKeyAsBool added in v0.6.0 

func GetMapKeyAsBool(m map[string]string, key string, context apiObject) (bool, bool, error)

GetMapKeyAsBool searches the map for the given key and parses the key as bool

func GetMapKeyAsInt added in v0.6.0 

func GetMapKeyAsInt(m map[string]string, key string, context apiObject) (int64, bool, error)

GetMapKeyAsInt tries to find and parse a key in a map as int64

func GetMapKeyAsStringSlice added in v0.7.0 

func GetMapKeyAsStringSlice(m map[string]string, key string, context apiObject, delimiter string) ([]string, bool, error)

GetMapKeyAsStringSlice tries to find and parse a key in the map as string slice splitting it on delimiter

func GetSecretKind added in v1.0.0 

func GetSecretKind(secret *api_v1.Secret) (int, error)

GetSecretKind returns the kind of the Secret.

func ParseLBMethod added in v1.2.0 

func ParseLBMethod(method string) (string, error)

ParseLBMethod parses method and matches it to a corresponding load balancing method in NGINX. An error is returned if method is not valid

func ParseLBMethodForPlus added in v1.2.0 

func ParseLBMethodForPlus(method string) (string, error)

ParseLBMethodForPlus parses method and matches it to a corresponding load balancing method in NGINX Plus. An error is returned if method is not valid

func ValidateJWKSecret added in v1.0.0 

func ValidateJWKSecret(secret *api_v1.Secret) error

ValidateJWKSecret validates the secret. If it is valid, the function returns nil.

func ValidateTLSSecret added in v1.0.0 

func ValidateTLSSecret(secret *api_v1.Secret) error

ValidateTLSSecret validates the secret. If it is valid, the function returns nil.

Types

type Config 

type Config struct {
	LocationSnippets              []string
	ServerSnippets                []string
	ServerTokens                  string
	ProxyConnectTimeout           string
	ProxyReadTimeout              string
	ClientMaxBodySize             string
	HTTP2                         bool
	RedirectToHTTPS               bool
	SSLRedirect                   bool
	MainMainSnippets              []string
	MainHTTPSnippets              []string
	MainServerNamesHashBucketSize string
	MainServerNamesHashMaxSize    string
	MainLogFormat                 string
	ProxyBuffering                bool
	ProxyBuffers                  string
	ProxyBufferSize               string
	ProxyMaxTempFileSize          string
	ProxyProtocol                 bool
	ProxyHideHeaders              []string
	ProxyPassHeaders              []string
	HSTS                          bool
	HSTSMaxAge                    int64
	HSTSIncludeSubdomains         bool
	LBMethod                      string
	MainWorkerProcesses           string
	MainWorkerCPUAffinity         string
	MainWorkerShutdownTimeout     string
	MainWorkerConnections         string
	MainWorkerRlimitNofile        string
	Keepalive                     int64
	MaxFails                      int64
	FailTimeout                   string

	// http://nginx.org/en/docs/http/ngx_http_realip_module.html
	RealIPHeader    string
	SetRealIPFrom   []string
	RealIPRecursive bool

	// http://nginx.org/en/docs/http/ngx_http_ssl_module.html
	MainServerSSLProtocols           string
	MainServerSSLPreferServerCiphers bool
	MainServerSSLCiphers             string
	MainServerSSLDHParam             string

	JWTRealm    string
	JWTKey      string
	JWTToken    string
	JWTLoginURL string

	Ports    []int
	SSLPorts []int
}

Config holds NGINX configuration parameters

func NewDefaultConfig 

func NewDefaultConfig() *Config

NewDefaultConfig creates a Config with default values

type Configurator 

type Configurator struct {
	// contains filtered or unexported fields
}

Configurator transforms an Ingress resource into NGINX Configuration

func NewConfigurator 

func NewConfigurator(nginx *NginxController, config *Config, nginxAPI *plus.NginxAPIController) *Configurator

NewConfigurator creates a new Configurator

func (*Configurator) AddOrUpdateDHParam added in v0.7.0 

func (cnf *Configurator) AddOrUpdateDHParam(content string) (string, error)

AddOrUpdateDHParam creates a dhparam file with the content of the string.

func (*Configurator) AddOrUpdateDefaultServerTLSSecret added in v1.0.0 

func (cnf *Configurator) AddOrUpdateDefaultServerTLSSecret(secret *api_v1.Secret) error

AddOrUpdateDefaultServerTLSSecret creates or updates a file with a TLS cert and a key from the secret for the default server.

func (*Configurator) AddOrUpdateIngress 

func (cnf *Configurator) AddOrUpdateIngress(ingEx *IngressEx) error

AddOrUpdateIngress adds or updates NGINX configuration for the Ingress resource

func (*Configurator) AddOrUpdateMergableIngress added in v1.2.0 

func (cnf *Configurator) AddOrUpdateMergableIngress(mergeableIngs *MergeableIngresses) error

AddOrUpdateIngress adds or updates NGINX configuration for the Ingress resources with Mergeable Types

func (*Configurator) AddOrUpdateSecret added in v1.0.0 

func (cnf *Configurator) AddOrUpdateSecret(secret *api_v1.Secret) error

AddOrUpdateSecret creates or updates a file with the content of the secret

func (*Configurator) DeleteIngress 

func (cnf *Configurator) DeleteIngress(key string) error

DeleteIngress deletes NGINX configuration for the Ingress resource

func (*Configurator) DeleteSecret added in v1.0.0 

func (cnf *Configurator) DeleteSecret(key string, ings []extensions.Ingress) error

DeleteSecret deletes the file associated with the secret and the configuration files for the Ingress resources. NGINX is reloaded only when len(ings) > 0

func (*Configurator) HasIngress added in v1.1.0 

func (cnf *Configurator) HasIngress(ing *extensions.Ingress) bool

HasIngress checks if the Ingress resource is present in NGINX configuration

func (*Configurator) UpdateConfig 

func (cnf *Configurator) UpdateConfig(config *Config, ingExes []*IngressEx, mergeableIngs map[string]*MergeableIngresses) error

UpdateConfig updates NGINX Configuration parameters

func (*Configurator) UpdateEndpoints 

func (cnf *Configurator) UpdateEndpoints(ingEx *IngressEx) error

UpdateEndpoints updates endpoints in NGINX configuration for the Ingress resource

func (*Configurator) UpdateEndpointsMergeableIngress added in v1.2.0 

func (cnf *Configurator) UpdateEndpointsMergeableIngress(mergeableIngs *MergeableIngresses) error

UpdateEndpointsMergeableIngress updates endpoints in NGINX configuration for a mergeable Ingress resource

type IngressEx 

type IngressEx struct {
	Ingress    *extensions.Ingress
	TLSSecrets map[string]*api_v1.Secret
	JWTKey     *api_v1.Secret
	Endpoints  map[string][]string
}

IngressEx holds an Ingress along with Secrets and Endpoints of the services that are referenced in this Ingress

type IngressNginxConfig 

type IngressNginxConfig struct {
	Upstreams []Upstream
	Servers   []Server
	Keepalive string
}

IngressNginxConfig describes an NGINX configuration

type Location 

type Location struct {
	LocationSnippets     []string
	Path                 string
	Upstream             Upstream
	ProxyConnectTimeout  string
	ProxyReadTimeout     string
	ClientMaxBodySize    string
	Websocket            bool
	Rewrite              string
	SSL                  bool
	GRPC                 bool
	ProxyBuffering       bool
	ProxyBuffers         string
	ProxyBufferSize      string
	ProxyMaxTempFileSize string

	// Used for mergeable types
	IngressResource string
}

Location describes an NGINX location

type MergeableIngresses added in v1.2.0 

type MergeableIngresses struct {
	Master  *IngressEx
	Minions []*IngressEx
}

type NginxController 

type NginxController struct {
	// contains filtered or unexported fields
}

NginxController Updates NGINX configuration, starts and reloads NGINX

func NewNginxController 

func NewNginxController(nginxConfPath string, local bool, healthStatus bool, nginxConfTemplatePath string, nginxIngressTemplatePath string) (*NginxController, error)

NewNginxController creates a NGINX controller

func (*NginxController) AddOrUpdateDHParam added in v0.7.0 

func (nginx *NginxController) AddOrUpdateDHParam(dhparam string) (string, error)

AddOrUpdateDHParam creates the servers dhparam.pem file

func (*NginxController) AddOrUpdateIngress 

func (nginx *NginxController) AddOrUpdateIngress(name string, config IngressNginxConfig)

AddOrUpdateIngress creates or updates a file with the specified configuration for the specified ingress

func (*NginxController) AddOrUpdateSecretFile added in v1.0.0 

func (nginx *NginxController) AddOrUpdateSecretFile(name string, content []byte, mode os.FileMode) string

AddOrUpdateSecretFile creates a file with the specified name, content and mode.

func (*NginxController) DeleteIngress 

func (nginx *NginxController) DeleteIngress(name string)

DeleteIngress deletes the configuration file, which corresponds for the specified ingress from NGINX conf directory

func (*NginxController) DeleteSecretFile added in v1.0.0 

func (nginx *NginxController) DeleteSecretFile(name string)

DeleteSecretFile the file with a Secret

func (*NginxController) Quit added in v1.0.0 

func (nginx *NginxController) Quit()

Quit shutdowns NGINX gracefully

func (*NginxController) Reload 

func (nginx *NginxController) Reload() error

Reload reloads NGINX

func (*NginxController) Start 

func (nginx *NginxController) Start(done chan error)

Start starts NGINX

func (*NginxController) UpdateMainConfigFile 

func (nginx *NginxController) UpdateMainConfigFile(cfg *NginxMainConfig)

UpdateMainConfigFile update the main NGINX configuration file

type NginxMainConfig 

type NginxMainConfig struct {
	ServerNamesHashBucketSize string
	ServerNamesHashMaxSize    string
	LogFormat                 string
	HealthStatus              bool
	MainSnippets              []string
	HTTPSnippets              []string
	// http://nginx.org/en/docs/http/ngx_http_ssl_module.html
	SSLProtocols           string
	SSLPreferServerCiphers bool
	SSLCiphers             string
	SSLDHParam             string
	HTTP2                  bool
	ServerTokens           string
	ProxyProtocol          bool
	WorkerProcesses        string
	WorkerCPUAffinity      string
	WorkerShutdownTimeout  string
	WorkerConnections      string
	WorkerRlimitNofile     string
}

NginxMainConfig describe the main NGINX configuration file

type Server 

type Server struct {
	ServerSnippets        []string
	Name                  string
	ServerTokens          string
	Locations             []Location
	SSL                   bool
	SSLCertificate        string
	SSLCertificateKey     string
	GRPCOnly              bool
	StatusZone            string
	HTTP2                 bool
	RedirectToHTTPS       bool
	SSLRedirect           bool
	ProxyProtocol         bool
	HSTS                  bool
	HSTSMaxAge            int64
	HSTSIncludeSubdomains bool
	ProxyHideHeaders      []string
	ProxyPassHeaders      []string

	// http://nginx.org/en/docs/http/ngx_http_realip_module.html
	RealIPHeader    string
	SetRealIPFrom   []string
	RealIPRecursive bool

	JWTKey      string
	JWTRealm    string
	JWTToken    string
	JWTLoginURL string

	Ports    []int
	SSLPorts []int

	// Used for mergeable types
	IngressResource string
}

Server describes an NGINX server

type Upstream 

type Upstream struct {
	Name            string
	UpstreamServers []UpstreamServer
	StickyCookie    string
	LBMethod        string
}

Upstream describes an NGINX upstream

func NewUpstreamWithDefaultServer 

func NewUpstreamWithDefaultServer(name string) Upstream

NewUpstreamWithDefaultServer creates an upstream with the default server. proxy_pass to an upstream with the default server returns 502. We use it for services that have no endpoints

type UpstreamServer 

type UpstreamServer struct {
	Address     string
	Port        string
	MaxFails    int64
	FailTimeout string
}

UpstreamServer describes a server in an NGINX upstream

Source Files

View all Source files

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.