Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add support for configuring nginx realIp #767

Open
wants to merge 3 commits into
base: master
Choose a base branch
from
Open

Add support for configuring nginx realIp #767

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
3c4ec6b
Add support for configuring nginx realIp
Blackburn29 Jul 5, 2024
33fa171
Add variable documentation
Blackburn29 Jul 8, 2024
3410b6c
Update default IPs to be set in values.yaml instead of else condition…
Blackburn29 Jul 8, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 2 additions & 0 deletions charts/apisix/README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -102,6 +102,8 @@ The command removes all the Kubernetes components associated with the chart and
| apisix.nginx.logs.enableAccessLog | bool | `true` | Enable access log or not, default true |
| apisix.nginx.logs.errorLog | string | `"/dev/stderr"` | Error log path |
| apisix.nginx.logs.errorLogLevel | string | `"warn"` | Error log level |
| apisix.nginx.realIp.header | string | `"X-Real-IP"` | Defines the header to use for the nginx_realip_module |
| apisix.nginx.realIp.fromIps | list | `["127.0.0.1", "unix:"]` | Defines trusted addresses for the nginx_realip_module |
| apisix.nginx.workerConnections | string | `"10620"` | |
| apisix.nginx.workerProcesses | string | `"auto"` | |
| apisix.nginx.workerRlimitNofile | string | `"20480"` | |
Expand Down
8 changes: 5 additions & 3 deletions charts/apisix/templates/configmap.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -189,10 +189,12 @@ data:
client_body_timeout: 60s # timeout for reading client request body, then 408 (Request Time-out) error is returned to the client
send_timeout: 10s # timeout for transmitting a response to the client.then the connection is closed
underscores_in_headers: "on" # default enables the use of underscores in client request header fields
real_ip_header: "X-Real-IP" # http://nginx.org/en/docs/http/ngx_http_realip_module.html#real_ip_header
real_ip_header: "{{ .Values.apisix.nginx.realIp.header }}" # http://nginx.org/en/docs/http/ngx_http_realip_module.html#real_ip_header
real_ip_from: # http://nginx.org/en/docs/http/ngx_http_realip_module.html#set_real_ip_from
- 127.0.0.1
- 'unix:'
{{- if .Values.apisix.nginx.realIp.fromIps }}
{{- range $cidrs := .Values.apisix.nginx.realIp.fromIps }}
- {{ $cidrs }}
{{- end }}
{{- if .Values.apisix.nginx.customLuaSharedDicts }}
custom_lua_shared_dict: # add custom shared cache to nginx.conf
{{- range $dict := .Values.apisix.nginx.customLuaSharedDicts }}
Expand Down
3 changes: 3 additions & 0 deletions charts/apisix/values.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -369,6 +369,9 @@ apisix:
enableCPUAffinity: true
# -- Timeout during which a keep-alive client connection will stay open on the server side.
keepaliveTimeout: 60s
realIp:
header: "X-Real-IP"
fromIps: ["127.0.0.1", "unix:"]
envs: []
# access log and error log configuration
logs:
Expand Down