github.com/nginxinc/kubernetes-ingress@v1.12.5/internal/configs/version2/http.go (about) 1 package version2 2 3 import "fmt" 4 5 // UpstreamLabels describes the Prometheus labels for an NGINX upstream. 6 type UpstreamLabels struct { 7 Service string 8 ResourceType string 9 ResourceName string 10 ResourceNamespace string 11 } 12 13 // VirtualServerConfig holds NGINX configuration for a VirtualServer. 14 type VirtualServerConfig struct { 15 HTTPSnippets []string 16 LimitReqZones []LimitReqZone 17 Maps []Map 18 Server Server 19 SpiffeCerts bool 20 SplitClients []SplitClient 21 StatusMatches []StatusMatch 22 Upstreams []Upstream 23 } 24 25 // Upstream defines an upstream. 26 type Upstream struct { 27 Name string 28 Servers []UpstreamServer 29 LBMethod string 30 Resolve bool 31 Keepalive int 32 MaxFails int 33 MaxConns int 34 SlowStart string 35 FailTimeout string 36 UpstreamZoneSize string 37 Queue *Queue 38 SessionCookie *SessionCookie 39 UpstreamLabels UpstreamLabels 40 } 41 42 // UpstreamServer defines an upstream server. 43 type UpstreamServer struct { 44 Address string 45 } 46 47 // Server defines a server. 48 type Server struct { 49 ServerName string 50 StatusZone string 51 ProxyProtocol bool 52 SSL *SSL 53 ServerTokens string 54 RealIPHeader string 55 SetRealIPFrom []string 56 RealIPRecursive bool 57 Snippets []string 58 InternalRedirectLocations []InternalRedirectLocation 59 Locations []Location 60 ErrorPageLocations []ErrorPageLocation 61 ReturnLocations []ReturnLocation 62 HealthChecks []HealthCheck 63 TLSRedirect *TLSRedirect 64 TLSPassthrough bool 65 Allow []string 66 Deny []string 67 LimitReqOptions LimitReqOptions 68 LimitReqs []LimitReq 69 JWTAuth *JWTAuth 70 IngressMTLS *IngressMTLS 71 EgressMTLS *EgressMTLS 72 OIDC *OIDC 73 WAF *WAF 74 PoliciesErrorReturn *Return 75 VSNamespace string 76 VSName string 77 } 78 79 // SSL defines SSL configuration for a server. 80 type SSL struct { 81 HTTP2 bool 82 Certificate string 83 CertificateKey string 84 RejectHandshake bool 85 } 86 87 // IngressMTLS defines TLS configuration for a server. This is a subset of TLS specifically for clients auth. 88 type IngressMTLS struct { 89 ClientCert string 90 VerifyClient string 91 VerifyDepth int 92 } 93 94 // EgressMTLS defines TLS configuration for a location. 95 type EgressMTLS struct { 96 Certificate string 97 CertificateKey string 98 VerifyServer bool 99 VerifyDepth int 100 Ciphers string 101 Protocols string 102 TrustedCert string 103 SessionReuse bool 104 ServerName bool 105 SSLName string 106 } 107 108 type OIDC struct { 109 AuthEndpoint string 110 ClientID string 111 ClientSecret string 112 JwksURI string 113 Scope string 114 TokenEndpoint string 115 RedirectURI string 116 } 117 118 // WAF defines WAF configuration. 119 type WAF struct { 120 Enable string 121 ApPolicy string 122 ApSecurityLogEnable bool 123 ApLogConf string 124 } 125 126 // Location defines a location. 127 type Location struct { 128 Path string 129 Internal bool 130 Snippets []string 131 ProxyConnectTimeout string 132 ProxyReadTimeout string 133 ProxySendTimeout string 134 ClientMaxBodySize string 135 ProxyMaxTempFileSize string 136 ProxyBuffering bool 137 ProxyBuffers string 138 ProxyBufferSize string 139 ProxyPass string 140 ProxyNextUpstream string 141 ProxyNextUpstreamTimeout string 142 ProxyNextUpstreamTries int 143 ProxyInterceptErrors bool 144 ProxyPassRequestHeaders bool 145 ProxySetHeaders []Header 146 ProxyHideHeaders []string 147 ProxyPassHeaders []string 148 ProxyIgnoreHeaders string 149 ProxyPassRewrite string 150 AddHeaders []AddHeader 151 Rewrites []string 152 HasKeepalive bool 153 ErrorPages []ErrorPage 154 ProxySSLName string 155 InternalProxyPass string 156 Allow []string 157 Deny []string 158 LimitReqOptions LimitReqOptions 159 LimitReqs []LimitReq 160 JWTAuth *JWTAuth 161 EgressMTLS *EgressMTLS 162 OIDC bool 163 WAF *WAF 164 PoliciesErrorReturn *Return 165 ServiceName string 166 IsVSR bool 167 VSRName string 168 VSRNamespace string 169 } 170 171 // ReturnLocation defines a location for returning a fixed response. 172 type ReturnLocation struct { 173 Name string 174 DefaultType string 175 Return Return 176 } 177 178 // SplitClient defines a split_clients. 179 type SplitClient struct { 180 Source string 181 Variable string 182 Distributions []Distribution 183 } 184 185 // Return defines a Return directive used for redirects and canned responses. 186 type Return struct { 187 Code int 188 Text string 189 } 190 191 // ErrorPage defines an error_page of a location. 192 type ErrorPage struct { 193 Name string 194 Codes string 195 ResponseCode int 196 } 197 198 // ErrorPageLocation defines a named location for an error_page directive. 199 type ErrorPageLocation struct { 200 Name string 201 DefaultType string 202 Return *Return 203 Headers []Header 204 } 205 206 // Header defines a header to use with add_header directive. 207 type Header struct { 208 Name string 209 Value string 210 } 211 212 // AddHeader defines a header to use with add_header directive with an optional Always field. 213 type AddHeader struct { 214 Header 215 Always bool 216 } 217 218 // HealthCheck defines a HealthCheck for an upstream in a Server. 219 type HealthCheck struct { 220 Name string 221 URI string 222 Interval string 223 Jitter string 224 Fails int 225 Passes int 226 Port int 227 ProxyPass string 228 ProxyConnectTimeout string 229 ProxyReadTimeout string 230 ProxySendTimeout string 231 Headers map[string]string 232 Match string 233 } 234 235 // TLSRedirect defines a redirect in a Server. 236 type TLSRedirect struct { 237 Code int 238 BasedOn string 239 } 240 241 // SessionCookie defines a session cookie for an upstream. 242 type SessionCookie struct { 243 Enable bool 244 Name string 245 Path string 246 Expires string 247 Domain string 248 HTTPOnly bool 249 Secure bool 250 } 251 252 // Distribution maps weight to a value in a SplitClient. 253 type Distribution struct { 254 Weight string 255 Value string 256 } 257 258 // InternalRedirectLocation defines a location for internally redirecting requests to named locations. 259 type InternalRedirectLocation struct { 260 Path string 261 Destination string 262 } 263 264 // Map defines a map. 265 type Map struct { 266 Source string 267 Variable string 268 Parameters []Parameter 269 } 270 271 // Parameter defines a Parameter in a Map. 272 type Parameter struct { 273 Value string 274 Result string 275 } 276 277 // StatusMatch defines a Match block for status codes. 278 type StatusMatch struct { 279 Name string 280 Code string 281 } 282 283 // Queue defines a queue in upstream. 284 type Queue struct { 285 Size int 286 Timeout string 287 } 288 289 // LimitReqZone defines a rate limit shared memory zone. 290 type LimitReqZone struct { 291 Key string 292 ZoneName string 293 ZoneSize string 294 Rate string 295 } 296 297 func (rlz LimitReqZone) String() string { 298 return fmt.Sprintf("{Key %q, ZoneName %q, ZoneSize %v, Rate %q}", rlz.Key, rlz.ZoneName, rlz.ZoneSize, rlz.Rate) 299 } 300 301 // LimitReq defines a rate limit. 302 type LimitReq struct { 303 ZoneName string 304 Burst int 305 NoDelay bool 306 Delay int 307 } 308 309 func (rl LimitReq) String() string { 310 return fmt.Sprintf("{ZoneName %q, Burst %q, NoDelay %v, Delay %q}", rl.ZoneName, rl.Burst, rl.NoDelay, rl.Delay) 311 } 312 313 // LimitReqOptions defines rate limit options. 314 type LimitReqOptions struct { 315 DryRun bool 316 LogLevel string 317 RejectCode int 318 } 319 320 func (rl LimitReqOptions) String() string { 321 return fmt.Sprintf("{DryRun %v, LogLevel %q, RejectCode %q}", rl.DryRun, rl.LogLevel, rl.RejectCode) 322 } 323 324 // JWTAuth holds JWT authentication configuration. 325 type JWTAuth struct { 326 Secret string 327 Realm string 328 Token string 329 }