Starting implementation of OAuth2 support. An oauth2 proxy should be configured as a deployment+service to make the OAuth handshake and sign a token. The current implementation uses Bitly’s `oauth2_proxy`.
A single HAProxy frontend can handle several domains using a single `bind` keyword and a single `crt` configuration. This change create a directory that receives (hard link) all certificates used on the shared frontend.
This will change again on v0.8 after create an array of frontends, each one with their array of servers/crt/key.
Template trust only in the SSLRedirect attribute to configure the redirect itself and the URL rewrite.
So turn SSLRedirect off despite of its original configuration if the server doesn’t have a certificate.
On some haproxy-ingress setups several instances of haproxy can coexists
on same node, to avoid port mapping clashes, add configuration options
to allow change ports
v1->v2:
- Sort options in README.md by `sort -t'|' -k3`
- Move http/https port to [1] snapshot target
v2->v3:
- Fix: Replace http port with HTTPPort template var
for ACL https-to-http
Since DNS resolver are global in HAProxy we only need to define it in
configmap. There is no need to allow extra setups that could lead
to confusing configuration. Backends still have all the data related to
them
Joao Morais
Artem Kobrin
Jan van Brügge
Timofey Titovets
Zlatko Bratkovic