diff --git a/pkg/controller/config.go b/pkg/controller/config.go index 181eb2788..082fe1a9b 100644 --- a/pkg/controller/config.go +++ b/pkg/controller/config.go @@ -224,12 +224,14 @@ func (cfg *haConfig) newHAProxyLocations(server *ingress.Server) ([]*types.HAPro haRootLocation = &haLocation } else { otherPaths = otherPaths + " " + location.Path - haLocation.HAMatchPath = " { var(txn.path) -m beg " + haLocation.Path + " }" + haLocation.HAMatchPath = " { path -m beg " + haLocation.Path + " }" + haLocation.HAMatchTxnPath = " { var(txn.path) -m beg " + haLocation.Path + " }" } haLocations[i] = &haLocation } if haRootLocation != nil && otherPaths != "" { - haRootLocation.HAMatchPath = " !{ var(txn.path) -m beg " + otherPaths + " }" + haRootLocation.HAMatchPath = " !{ path -m beg " + otherPaths + " }" + haRootLocation.HAMatchTxnPath = " !{ var(txn.path) -m beg " + otherPaths + " }" } return haLocations, haRootLocation } diff --git a/pkg/types/types.go b/pkg/types/types.go index 22c9f6df2..e7b22ae9a 100644 --- a/pkg/types/types.go +++ b/pkg/types/types.go @@ -127,6 +127,7 @@ type ( Proxy proxy.Configuration `json:"proxy,omitempty"` RateLimit ratelimit.RateLimit `json:"rateLimit,omitempty"` HAMatchPath string `json:"haMatchPath"` + HAMatchTxnPath string `json:"haMatchTxnPath"` HAWhitelist string `json:"whitelist,omitempty"` HARateLimitWhiteList string `json:"rateLimitWhiteList,omitempty"` } diff --git a/rootfs/etc/haproxy/template/haproxy.tmpl b/rootfs/etc/haproxy/template/haproxy.tmpl index abee2de26..cc1bb5cab 100644 --- a/rootfs/etc/haproxy/template/haproxy.tmpl +++ b/rootfs/etc/haproxy/template/haproxy.tmpl @@ -334,6 +334,17 @@ frontend httpfront-{{ $host }} option forwardfor if-none {{- end }} +{{- range $location := $server.Locations }} +{{- $rewriteTarget := $location.Rewrite.Target }} +{{- if ne $rewriteTarget "" }} +{{- if eq $rewriteTarget "/" }} + reqrep ^([^\ :]*)\ {{ $location.Path }}/?(.*$) \1\ {{ $rewriteTarget }}\2 if { var(txn.path) -m beg {{ $location.Path }} } +{{- else }} + reqrep ^([^\ :]*)\ {{ $location.Path }}(.*$) \1\ {{ $rewriteTarget }}{{ if hasSuffix $location.Path "/" }}/{{ end }}\2 if { var(txn.path) -m beg {{ $location.Path }} } +{{- end }} +{{- end }} +{{- end }} + {{- if $server.IsDefaultServer }} {{- if $server.SSLRedirect }} @@ -341,7 +352,7 @@ frontend httpfront-{{ $host }} {{- else }} {{- range $location := $server.Locations }} {{- if $location.Rewrite.SSLRedirect }} - redirect scheme https if{{ $location.HAMatchPath }} !from-https + redirect scheme https if{{ $location.HAMatchTxnPath }} !from-https {{- end }} {{- end }} {{- end }} @@ -352,7 +363,7 @@ frontend httpfront-{{ $host }} {{- else }} {{- range $location := $server.Locations }} {{- if $location.Rewrite.SSLRedirect }} - redirect scheme https if{{ $location.HAMatchPath }} !from-https + redirect scheme https if{{ $location.HAMatchTxnPath }} !from-https {{- end }} {{- end }} {{- end }} @@ -385,17 +396,6 @@ frontend httpfront-{{ $host }} {{- end }} {{- end }} -{{- range $location := $server.Locations }} -{{- $rewriteTarget := $location.Rewrite.Target }} -{{- if ne $rewriteTarget "" }} -{{- if eq $rewriteTarget "/" }} - reqrep ^([^\ :]*)\ {{ $location.Path }}/?(.*$) \1\ {{ $rewriteTarget }}\2 if { var(txn.path) -m beg {{ $location.Path }} } -{{- else }} - reqrep ^([^\ :]*)\ {{ $location.Path }}(.*$) \1\ {{ $rewriteTarget }}{{ if hasSuffix $location.Path "/" }}/{{ end }}\2 if { var(txn.path) -m beg {{ $location.Path }} } -{{- end }} -{{- end }} -{{- end }} - {{- if $sslconn }} {{- if $server.HSTS }} {{- $hsts := $server.HSTS }} @@ -406,7 +406,7 @@ frontend httpfront-{{ $host }} {{- range $location := $server.Locations }} {{- $hsts := $location.HSTS }} {{- if $hsts.Enable }} - http-response set-header Strict-Transport-Security "max-age={{ $hsts.MaxAge }}{{ if $hsts.Subdomains }}; includeSubDomains{{ end }}{{ if $hsts.Preload }}; preload{{ end }}" if from-https{{ $location.HAMatchPath }} + http-response set-header Strict-Transport-Security "max-age={{ $hsts.MaxAge }}{{ if $hsts.Subdomains }}; includeSubDomains{{ end }}{{ if $hsts.Preload }}; preload{{ end }}" if from-https{{ $location.HAMatchTxnPath }} {{- end }} {{- end }} {{- end }}