github.com/uber/kraken@v0.1.4/nginx/config/default.go (about) 1 // Copyright (c) 2016-2019 Uber Technologies, Inc. 2 // 3 // Licensed under the Apache License, Version 2.0 (the "License"); 4 // you may not use this file except in compliance with the License. 5 // You may obtain a copy of the License at 6 // 7 // http://www.apache.org/licenses/LICENSE-2.0 8 // 9 // Unless required by applicable law or agreed to in writing, software 10 // distributed under the License is distributed on an "AS IS" BASIS, 11 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 // See the License for the specific language governing permissions and 13 // limitations under the License. 14 package config 15 16 import ( 17 "fmt" 18 ) 19 20 var _nameToDefaultTemplate = map[string]string{ 21 "base": BaseTemplate, 22 "kraken-agent": AgentTemplate, 23 "kraken-origin": OriginTemplate, 24 "kraken-build-index": BuildIndexTemplate, 25 "kraken-tracker": TrackerTemplate, 26 "kraken-proxy": ProxyTemplate, 27 } 28 29 // DefaultClientVerification is the default nginx configuration for 30 // client verification in the server block. 31 const DefaultClientVerification = ` 32 ssl_verify_client optional; 33 set $required_verified_client 1; 34 if ($scheme = http) { 35 set $required_verified_client 0; 36 } 37 if ($request_method ~ ^(GET|HEAD)$) { 38 set $required_verified_client 0; 39 } 40 if ($remote_addr = "127.0.0.1") { 41 set $required_verified_client 0; 42 } 43 44 set $verfied_client $required_verified_client$ssl_client_verify; 45 if ($verfied_client !~ ^(0.*|1SUCCESS)$) { 46 return 403; 47 } 48 ` 49 50 // GetDefaultTemplate returns the tmpl given name. 51 func GetDefaultTemplate(name string) (string, error) { 52 if tmpl, ok := _nameToDefaultTemplate[name]; ok { 53 return tmpl, nil 54 } 55 return "", fmt.Errorf("name not found") 56 }