Skip to content

Commit

Permalink
option to disable server tokens
Browse files Browse the repository at this point in the history
  • Loading branch information
dwradcliffe committed Jan 19, 2017
1 parent dc30bc8 commit 714edeb
Show file tree
Hide file tree
Showing 5 changed files with 22 additions and 0 deletions.
8 changes: 8 additions & 0 deletions nginx-controller/controller/controller.go
Original file line number Diff line number Diff line change
Expand Up @@ -361,6 +361,14 @@ func (lbc *LoadBalancerController) syncCfgm(key string) {
if cfgmExists {
cfgm := obj.(*api.ConfigMap)

if serverTokens, exists, err := nginx.GetMapKeyAsBool(cfgm.Data, "server-tokens", cfgm); exists {
if err != nil {
glog.Error(err)
} else {
cfg.ServerTokens = serverTokens
}
}

if proxyConnectTimeout, exists := cfgm.Data["proxy-connect-timeout"]; exists {
cfg.ProxyConnectTimeout = proxyConnectTimeout
}
Expand Down
2 changes: 2 additions & 0 deletions nginx-controller/nginx/config.go
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,7 @@ package nginx

// Config holds NGINX configuration parameters
type Config struct {
ServerTokens bool
ProxyConnectTimeout string
ProxyReadTimeout string
ClientMaxBodySize string
Expand Down Expand Up @@ -35,6 +36,7 @@ type Config struct {
// NewDefaultConfig creates a Config with default values
func NewDefaultConfig() *Config {
return &Config{
ServerTokens: true,
ProxyConnectTimeout: "60s",
ProxyReadTimeout: "60s",
ClientMaxBodySize: "1m",
Expand Down
9 changes: 9 additions & 0 deletions nginx-controller/nginx/configurator.go
Original file line number Diff line number Diff line change
Expand Up @@ -109,6 +109,7 @@ func (cnf *Configurator) generateNginxCfg(ingEx *IngressEx, pems map[string]stri

server := Server{
Name: serverName,
ServerTokens: ingCfg.ServerTokens,
HTTP2: ingCfg.HTTP2,
ProxyProtocol: ingCfg.ProxyProtocol,
HSTS: ingCfg.HSTS,
Expand Down Expand Up @@ -159,6 +160,7 @@ func (cnf *Configurator) generateNginxCfg(ingEx *IngressEx, pems map[string]stri
if len(ingEx.Ingress.Spec.Rules) == 0 && ingEx.Ingress.Spec.Backend != nil {
server := Server{
Name: emptyHost,
ServerTokens: ingCfg.ServerTokens,
HTTP2: ingCfg.HTTP2,
ProxyProtocol: ingCfg.ProxyProtocol,
HSTS: ingCfg.HSTS,
Expand Down Expand Up @@ -193,6 +195,13 @@ func (cnf *Configurator) generateNginxCfg(ingEx *IngressEx, pems map[string]stri

func (cnf *Configurator) createConfig(ingEx *IngressEx) Config {
ingCfg := *cnf.config
if serverTokens, exists, err := GetMapKeyAsBool(ingEx.Ingress.Annotations, "nginx.org/server-tokens", ingEx.Ingress); exists {
if err != nil {
glog.Error(err)
} else {
ingCfg.ServerTokens = serverTokens
}
}
if proxyConnectTimeout, exists := ingEx.Ingress.Annotations["nginx.org/proxy-connect-timeout"]; exists {
ingCfg.ProxyConnectTimeout = proxyConnectTimeout
}
Expand Down
2 changes: 2 additions & 0 deletions nginx-controller/nginx/ingress.tmpl
Original file line number Diff line number Diff line change
Expand Up @@ -17,6 +17,8 @@ server {
{{if $server.RealIPHeader}}real_ip_header {{$server.RealIPHeader}};{{end}}
{{if $server.RealIPRecursive}}real_ip_recursive on;{{end}}

{{if not $server.ServerTokens}}server_tokens off;{{end}}

{{if $server.Name}}
server_name {{$server.Name}};
{{end}}
Expand Down
1 change: 1 addition & 0 deletions nginx-controller/nginx/nginx.go
Original file line number Diff line number Diff line change
Expand Up @@ -41,6 +41,7 @@ type UpstreamServer struct {
// Server describes an NGINX server
type Server struct {
Name string
ServerTokens bool
Locations []Location
SSL bool
SSLCertificate string
Expand Down

0 comments on commit 714edeb

Please sign in to comment.