...
 
Commits (2)
...@@ -61,6 +61,10 @@ type siteBackendServerInfo struct { ...@@ -61,6 +61,10 @@ type siteBackendServerInfo struct {
Port int `json:"port"` Port int `json:"port"`
} }
func (s siteBackendServerInfo) Name() string {
return fmt.Sprintf("%v_%v", strings.Replace(strings.Replace(s.Host, ".", "_", -1), "-", "_", -1), s.Port)
}
type siteBackendHealthCheckInfo struct { type siteBackendHealthCheckInfo struct {
Path string `json:"path"` Path string `json:"path"`
} }
...@@ -131,13 +135,13 @@ frontend fe_proxy ...@@ -131,13 +135,13 @@ frontend fe_proxy
{{end -}} {{end -}}
{{if .EnableAuth -}} {{if .EnableAuth -}}
{{"\t"}}acl auth_{{$site.Name}} http_auth(users_{{$site.Name}}) {{"\t"}}acl auth_{{$site.Name}} http_auth(users_{{$site.Name}})
{{"\t"}}http-request auth realm private if domain_{{$site.Name}} !auth_{{$site.Name}} {{"\t"}}http-request auth realm private if domain_{{$site.Name}} !auth_{{$site.Name}} !is_health !is_letsencrypt
{{"\t"}}http-request auth realm private if domain_{{$site.Name}}_80 !auth_{{$site.Name}} {{"\t"}}http-request auth realm private if domain_{{$site.Name}}_80 !auth_{{$site.Name}} !is_health !is_letsencrypt
{{"\t"}}http-request auth realm private if domain_{{$site.Name}}_443 !auth_{{$site.Name}} {{"\t"}}http-request auth realm private if domain_{{$site.Name}}_443 !auth_{{$site.Name}} !is_health !is_letsencrypt
{{range $i, $domain := .AltDomains -}} {{range $i, $domain := .AltDomains -}}
{{"\t"}}http-request auth realm private if alt_domain_{{$site.Name}}_{{$i}} !auth_{{$site.Name}} {{"\t"}}http-request auth realm private if alt_domain_{{$site.Name}}_{{$i}} !auth_{{$site.Name}} !is_health !is_letsencrypt
{{"\t"}}http-request auth realm private if alt_domain_{{$site.Name}}_{{$i}}_80 !auth_{{$site.Name}} {{"\t"}}http-request auth realm private if alt_domain_{{$site.Name}}_{{$i}}_80 !auth_{{$site.Name}} !is_health !is_letsencrypt
{{"\t"}}http-request auth realm private if alt_domain_{{$site.Name}}_{{$i}}_443 !auth_{{$site.Name}} {{"\t"}}http-request auth realm private if alt_domain_{{$site.Name}}_{{$i}}_443 !auth_{{$site.Name}} !is_health !is_letsencrypt
{{end -}} {{end -}}
{{end -}} {{end -}}
{{range $i, $route := .Routes -}} {{range $i, $route := .Routes -}}
...@@ -182,7 +186,7 @@ backend be_{{$site.Name}}_{{.Name}} ...@@ -182,7 +186,7 @@ backend be_{{$site.Name}}_{{.Name}}
http-request del-header Authorization http-request del-header Authorization
{{- end}} {{- end}}
{{- range $i, $server := .Servers}} {{- range $i, $server := .Servers}}
{{"\t"}}server-template srv_{{$i}}_ 100 {{.Host}}:{{.Port}} check resolvers main {{"\t"}}server-template srv_{{.Name}}_ 100 {{.Host}}:{{.Port}} check resolvers main
{{- end}} {{- end}}
{{if not $site.AllowHTTP}}{{"\t"}}redirect scheme https code 301 if !{ ssl_fc }{{end}} {{if not $site.AllowHTTP}}{{"\t"}}redirect scheme https code 301 if !{ ssl_fc }{{end}}
{{end}} {{end}}
......
...@@ -170,9 +170,9 @@ frontend fe_proxy ...@@ -170,9 +170,9 @@ frontend fe_proxy
acl domain_example2_80 hdr(Host) -i example2.com:80 acl domain_example2_80 hdr(Host) -i example2.com:80
acl domain_example2_443 hdr(Host) -i example2.com:443 acl domain_example2_443 hdr(Host) -i example2.com:443
acl auth_example2 http_auth(users_example2) acl auth_example2 http_auth(users_example2)
http-request auth realm private if domain_example2 !auth_example2 http-request auth realm private if domain_example2 !auth_example2 !is_health !is_letsencrypt
http-request auth realm private if domain_example2_80 !auth_example2 http-request auth realm private if domain_example2_80 !auth_example2 !is_health !is_letsencrypt
http-request auth realm private if domain_example2_443 !auth_example2 http-request auth realm private if domain_example2_443 !auth_example2 !is_health !is_letsencrypt
acl route_example2_0 path_beg / acl route_example2_0 path_beg /
use_backend be_example2_default if domain_example2 route_example2_0 auth_example2 use_backend be_example2_default if domain_example2 route_example2_0 auth_example2
use_backend be_example2_default if domain_example2_80 route_example2_0 auth_example2 use_backend be_example2_default if domain_example2_80 route_example2_0 auth_example2
...@@ -199,7 +199,7 @@ backend be_example_web ...@@ -199,7 +199,7 @@ backend be_example_web
http-request set-header X-Forwarded-Proto https if { ssl_fc } http-request set-header X-Forwarded-Proto https if { ssl_fc }
option httpchk GET /_health option httpchk GET /_health
http-check expect status 200 http-check expect status 200
server-template srv_0_ 100 srv1.example.com:8080 check resolvers main server-template srv_srv1_example_com_8080_ 100 srv1.example.com:8080 check resolvers main
redirect scheme https code 301 if !{ ssl_fc } redirect scheme https code 301 if !{ ssl_fc }
backend be_example_api backend be_example_api
...@@ -210,7 +210,7 @@ backend be_example_api ...@@ -210,7 +210,7 @@ backend be_example_api
http-request set-header X-Forwarded-Proto https if { ssl_fc } http-request set-header X-Forwarded-Proto https if { ssl_fc }
option httpchk GET /_health option httpchk GET /_health
http-check expect status 200 http-check expect status 200
server-template srv_0_ 100 srv-api1.example.com:8081 check resolvers main server-template srv_srv_api1_example_com_8081_ 100 srv-api1.example.com:8081 check resolvers main
redirect scheme https code 301 if !{ ssl_fc } redirect scheme https code 301 if !{ ssl_fc }
...@@ -221,7 +221,7 @@ backend be_example2_default ...@@ -221,7 +221,7 @@ backend be_example2_default
http-request set-header X-Forwarded-Port %[dst_port] http-request set-header X-Forwarded-Port %[dst_port]
http-request set-header X-Forwarded-Proto https if { ssl_fc } http-request set-header X-Forwarded-Proto https if { ssl_fc }
http-request del-header Authorization http-request del-header Authorization
server-template srv_0_ 100 srv1.example2.com:8090 check resolvers main server-template srv_srv1_example2_com_8090_ 100 srv1.example2.com:8090 check resolvers main
` `
assertLongStringEqual(t, output, expectedOutput) assertLongStringEqual(t, output, expectedOutput)
......