kubernetes
/
ingress-nginx
mirror of https://github.com/kubernetes/ingress-nginx.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
5,510 Commits 4 Branches 245 Tags 173 MiB
Commit Graph

206 Commits

Author SHA1 Message Date
Stevo Slavić d4152c74fc Sync user guide with config defaults changes 
PRs #6226 and #6143 changed the configuration defaults but didn't update
all the configuration defaults docs in the user guide.

This PR updates the user guide to be in sync with the defaults.

Signed-off-by: Stevo Slavić <sslavic@gmail.com>
 2020-10-05 10:15:06 +02:00
Kubernetes Prow Robot 6fd891f3df
Merge pull request #6217 from touchifyapp/@feature/cors-expose-headers 
Add annotation to configure CORS Access-Control-Expose-Headers
 2020-09-26 16:52:48 -07:00
Manuel Alejandro de Brito Fontes a990ac3910
Change defaults 2020-09-24 21:33:56 -03:00
Maxime LUCE b7b85175f6 Add annotation to configure CORS Access-Control-Expose-Headers 2020-09-23 17:41:52 +02:00
Daniel Albuschat d4a817325c
Update annotations.md 
Improvements to the documentation of Client Certificate Authentication. (auth-tls-* annotations).
- Mention that these rules are applied per host and not per Ingress/path
- Include more possible and default values
- Describe the headers that are sent to the upstream services
 2020-09-23 09:51:08 +02:00
Elvin Efendi e050ff1b9f disable session tickets by default 2020-09-18 00:08:00 -04:00
Manuel Alejandro de Brito Fontes 87aa96b468 Change server-tokens default value to false 2020-09-17 09:52:07 -03:00
Gian Ortz 3820aa416b Add annotation to set value for burst multiplier on rate limit 2020-08-30 19:43:08 -03:00
Goran 743439e75b
Added missing backend protocol. 
As per https://kubernetes.github.io/ingress-nginx/user-guide/fcgi-services/
 2020-08-14 11:16:53 +02:00
Bernard Van De Walle 2baca9e32a Merge branch 'add-opentracing-operation-name-settings' of https://github.com/JorritSalverda/ingress-nginx into add-opentracing-operation-name-settings 2020-07-23 11:42:44 -07:00
David Schwartz d52141c2b9 Add enable-real-ip 2020-07-15 15:25:29 -04:00
Zhongcheng Lao c0629e92c2
Add proxy-ssl-server-name to enable passing SNI 2020-07-03 14:14:32 +08:00
agile6v 3402d07ff0
doc: update docs and fixed typos (#5821) 2020-07-01 10:02:52 -04:00
mengqi.wmq f232a264ab Add default-type as a configurable for default_type 2020-06-21 11:10:51 +08:00
Kubernetes Prow Robot 99aad291a5
Merge pull request #5656 from agile6v/dev 
feat: add http-access-log-path and stream-access-log-path options in configMap
 2020-06-08 06:27:46 -07:00
agile6v fc1c043437 Add http-access-log-path and stream-access-log-path options in configMap 2020-06-05 01:27:26 +08:00
chamilad ee84603d06 Add minor doc fixes to user guide and chart readme 2020-06-03 17:54:41 +12:00
Kubernetes Prow Robot d061375afa
Merge pull request #5571 from agile6v/dev 
feat: support the combination of Nginx variables for annotation upstream-hash-by.
 2020-06-01 15:10:14 -07:00
agile6v c035a144f8 Support the combination of nginx variables and text value for annotation upstream-hash-by. 2020-06-01 06:37:41 +08:00
Kubernetes Prow Robot ee02d897d5
Merge pull request #5534 from agile6v/master 
Add annotation ssl-prefer-server-ciphers.
 2020-05-29 08:35:16 -07:00
agile6v 41d82005ec Add annotation ssl-prefer-server-ciphers. 2020-05-11 16:31:08 +08:00
Mark Janssen 4a36c804e6 Add 0-RTT warning 2020-05-08 12:40:11 +02:00
Kubernetes Prow Robot 0d2c6db75e
Merge pull request #5358 from praseodym/update-tls-configuration 
Update TLS configuration
 2020-04-28 07:46:08 -07:00
Manuel Alejandro de Brito Fontes f9ae784541 Remove lua-resty-waf docs 2020-04-22 17:42:18 -04:00
Manuel Alejandro de Brito Fontes 90d07d7b69 Fix from-to-www link 2020-04-17 19:41:25 -04:00
Manuel Alejandro de Brito Fontes d18fa90cfd Add e2e test for OCSP and new configmap setting 2020-04-17 12:53:47 -04:00
Manuel Alejandro de Brito Fontes 0257068b9b Fix plugin README.md link 2020-04-14 11:48:23 -04:00
Elvin Efendi b60e25f1db ingress-nginx lua plugins documentation 2020-04-14 09:47:58 -04:00
Mark Janssen 049b25e566 Update TLS configuration 
Enable TLSv1.3 by default and update list of ciphers. The new
configuration matches the 'Intermediate' configuration recommended by
the Mozilla SSL Configuration Generator:
https://ssl-config.mozilla.org/#server=nginx&version=1.17.7&config=modern&openssl=1.1.1d&guideline=5.4
 2020-04-13 17:46:33 +02:00
Manuel Alejandro de Brito Fontes c0db19b0ec Enable configuration of plugins using configmap 2020-04-13 11:38:42 -04:00
Weihang Lo 12dddcca17
docs: fix use-gzip wrong markdown style 2020-04-11 14:28:04 +08:00
Luis Valdés e001b5a5b7
I found a typo :) 
Change *onyl* to * only*
 2020-02-27 23:05:37 -03:00
schaefec 141ea59b7f Allows overriding the server name used to verify the certificate of the proxied HTTPS server 2020-02-25 13:32:14 +01:00
Kubernetes Prow Robot 35264d6e8f
Merge pull request #5114 from whalecold/match 
Feat: add header-pattern annotation.
 2020-02-24 17:07:36 -08:00
Kubernetes Prow Robot 6cd223558f
Merge pull request #4981 from janosi/proxy-ssl-scope 
Applying proxy-ssl-* directives on locations only
 2020-02-24 15:53:36 -08:00
Lisheng Zheng 0b33650bb8 Feat: canary supports using specific match strategy to match header value. 2020-02-21 10:02:20 +08:00
James Taylor f97599c189
Use correct spelling of "Original" 
Fix the spelling of "original" in the annotations documentation
 2020-02-20 16:45:26 +11:00
Daniel Arifin d48d5a61ae Add gzip-min-length as a configurable 2020-02-14 13:29:51 +07:00
Kubernetes Prow Robot 5e54f66ab2
Merge pull request #5040 from BrianKopp/samesite-followup 
Update documentation and remove hack fixed by upstream cookie library
 2020-02-10 10:25:53 -08:00
Manuel Alejandro de Brito Fontes 34b6d083b8
Cleanup docs (#5043) 2020-02-09 20:50:27 -03:00
BrianKopp 34b194c770 Update documentation and remove hack fixed by upstream cookie library 2020-02-08 11:54:52 -07:00
Manuel Alejandro de Brito Fontes b3146354d4 Refactor mirror feature 2020-02-05 10:39:55 -03:00
Brian Kopp 1b523390bb Add SameSite=None support and conditionally omit SameSite=None for backwards compatibility 2020-01-29 14:30:00 -07:00
Laszlo Janosi bc79fe1532 Add: documentation for proxy-ssl-location-only 2020-01-29 10:00:55 +01:00
Manuel Alejandro de Brito Fontes 74944b99e9
Enable download of GeoLite2 databases (#4896) 2020-01-08 19:46:43 -03:00
Sungmin Lee d7be5db7de Support sample rate and global sampling configuration for Datadog in ConfigMap 2020-01-07 16:59:59 -08:00
Manuel Alejandro de Brito Fontes 0dce5be743 Migrate ingress definitions from extensions to networking.k8s.io 2019-12-12 21:25:00 -03:00
Sablu Miah 010ec6f159
Remove extra annotation when Enabling ModSecurity 
Since version 0.25, if you try to use both annotations of:

nginx.ingress.kubernetes.io/modsecurity-snippet: |
Include /etc/nginx/owasp-modsecurity-crs/nginx-modsecurity.conf
Include /etc/nginx/modsecurity/modsecurity.conf

and 

nginx.ingress.kubernetes.io/enable-modsecurity: "true"

it breaks nginx config and you will not catch it unless you have nginx admission controller enabled. 

You do not need the annotation of `Include /etc/nginx/modsecurity/modsecurity.conf` from version 0.25
 2019-11-28 15:16:09 +00:00
Kubernetes Prow Robot b286c2a336
Merge pull request #4732 from willthames/enable-opentracing-annotation 
Allow enabling/disabling opentracing for ingresses
 2019-11-26 17:31:21 -08:00
Will Thames 0ae463a5f3 Provide annotation to control opentracing 
By default you might want opentracing off, but on for a particular
ingress.

Similarly, you might want opentracing globally on, but disabled for
a specific endpoint. To achieve this, `opentracing_propagate_context`
cannot be set when combined with `opentracing off`

A new annotation, `enable-opentracing` allows more fine grained control
of opentracing for specific ingresses.
 2019-11-27 11:07:26 +10:00