encounter/haproxy-ingress
0
0
Fork 0
mirror of https://github.com/encounter/haproxy-ingress.git synced 2026-03-30 11:12:55 -07:00
Code Issues Packages Projects Releases Wiki Activity

Fix config with long fqdn #112

Browse Source
This commit is contained in:
Joao Morais
2018-03-10 17:28:02 -03:00
parent f31e25f5d0
commit 2d4dceb30e
4 changed files with 19 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files
pkg/controller/config.go
+7
View File
@@ -18,6 +18,8 @@ package controller
import (
"bufio"
"crypto/md5"
"fmt"
"github.com/golang/glog"
"github.com/jcmoraisjr/haproxy-ingress/pkg/common/file"
"github.com/jcmoraisjr/haproxy-ingress/pkg/common/ingress"
@@ -170,6 +172,7 @@ func (cfg *haConfig) createHAProxyServers() {
UseHTTPS: server.SSLCertificate != "" || isDefaultServer,
Hostname: server.Hostname,
HostnameLabel: labelizeHostname(server.Hostname),
HostnameHash: hashHostname(server.Hostname),
SSLCertificate: server.SSLCertificate,
SSLPemChecksum: server.SSLPemChecksum,
RootLocation: haRootLocation,
@@ -244,6 +247,10 @@ func labelizeHostname(hostname string) string {
return re.ReplaceAllLiteralString(hostname, "_")
}
func hashHostname(hostname string) string {
return fmt.Sprintf("%x", md5.Sum([]byte(hostname)))
}
// This could be improved creating a list of auth secrets (or even configMaps)
// on Ingress and saving usr(s)/pwd in auth.BasicDigest struct
func (cfg *haConfig) createUserlists() {
pkg/controller/template.go
+6
View File
@@ -33,6 +33,12 @@ type template struct {
}
var funcMap = gotemplate.FuncMap{
"iif": func(q bool, o1, o2 string) string {
if q {
return o1
}
return o2
},
"backendHash": func(endpoint string) string {
return utils.BackendHash(endpoint)
},
pkg/types/types.go
+1
View File
@@ -105,6 +105,7 @@ type (
UseHTTPS bool `json:"useHTTPS"`
Hostname string `json:"hostname"`
HostnameLabel string `json:"hostnameLabel"`
HostnameHash string `json:"hostnameHash"`
SSLCertificate string `json:"sslCertificate"`
SSLPemChecksum string `json:"sslPemChecksum"`
RootLocation *HAProxyLocation `json:"defaultLocation"`
rootfs/etc/haproxy/template/haproxy.tmpl
+5 -4
View File
@@ -235,26 +235,27 @@ frontend httpsfront
######
{{- range $server := $ing.HAProxies }}
{{- $host := $server.HostnameLabel }}
{{- $sock := iif (lt (len $host) 65) $host $server.HostnameHash }}
##
## {{ if $server.IsDefaultServer }}Default backend{{ else }}{{ $server.Hostname }}{{ end }}
{{- if or $server.UseHTTP $hasHTTPStoHTTP }}
backend httpback-{{ $host }}
mode http
server {{ $host }} unix@/var/run/haproxy-http-{{ $host }}.sock send-proxy-v2
server {{ $host }} unix@/var/run/haproxy-http-{{ $sock }}.sock send-proxy-v2
{{- end }}
{{- if $server.UseHTTPS }}
backend httpsback-{{ $host }}
mode tcp
server {{ $host }} unix@/var/run/haproxy-https-{{ $host }}.sock send-proxy-v2
server {{ $host }} unix@/var/run/haproxy-https-{{ $sock }}.sock send-proxy-v2
{{- end }}
{{- $sslconn := or $server.UseHTTPS $hasHTTPStoHTTP }}
{{- $authSSLCert := $server.CertificateAuth.AuthSSLCert }}
frontend httpfront-{{ $host }}
{{- if or $server.UseHTTP $hasHTTPStoHTTP }}
bind unix@/var/run/haproxy-http-{{ $host }}.sock accept-proxy
bind unix@/var/run/haproxy-http-{{ $sock }}.sock accept-proxy
{{- end }}
{{- if $server.UseHTTPS }}
@@ -262,7 +263,7 @@ frontend httpfront-{{ $host }}
{{- if ne $authSSLCert.PemSHA "" }}
# CA PEM checksum: {{ $authSSLCert.PemSHA }}
{{- end }}
bind unix@/var/run/haproxy-https-{{ $host }}.sock ssl crt {{ $server.SSLCertificate }}{{ if ne $authSSLCert.CAFileName "" }} ca-file {{ $authSSLCert.CAFileName }} verify optional ca-ignore-err all crt-ignore-err all{{ end }} accept-proxy
bind unix@/var/run/haproxy-https-{{ $sock }}.sock ssl crt {{ $server.SSLCertificate }}{{ if ne $authSSLCert.CAFileName "" }} ca-file {{ $authSSLCert.CAFileName }} verify optional ca-ignore-err all crt-ignore-err all{{ end }} accept-proxy
{{- end }}
mode http