From f253d249f2c5f7c95f1280488f542721c7123f8c Mon Sep 17 00:00:00 2001 From: Manuel de Brito Fontes Date: Fri, 29 Sep 2017 18:03:27 -0300 Subject: [PATCH] Cleanup --- controllers/nginx/pkg/template/template.go | 7 +++++-- controllers/nginx/rootfs/etc/nginx/template/nginx.tmpl | 4 ++-- 2 files changed, 7 insertions(+), 4 deletions(-) diff --git a/controllers/nginx/pkg/template/template.go b/controllers/nginx/pkg/template/template.go index 111a7626c0..0cbb52f618 100644 --- a/controllers/nginx/pkg/template/template.go +++ b/controllers/nginx/pkg/template/template.go @@ -673,17 +673,20 @@ func buildForwardedFor(input interface{}) string { func trustHTTPHeaders(input interface{}) bool { conf, ok := input.(config.TemplateConfig) if !ok { + glog.Errorf("%v", input) return true } return conf.Cfg.RealClientFrom == "http-proxy" || - (conf.Cfg.RealClientFrom == "auto" && !conf.Cfg.UseProxyProtocol && - (conf.PublishService != nil && conf.PublishService.Spec.Type == apiv1.ServiceTypeLoadBalancer)) + (conf.Cfg.RealClientFrom == "auto" && !conf.Cfg.UseProxyProtocol || + (conf.Cfg.RealClientFrom == "auto" && conf.PublishService != nil && + conf.PublishService.Spec.Type == apiv1.ServiceTypeLoadBalancer)) } func trustProxyProtocol(input interface{}) bool { conf, ok := input.(config.TemplateConfig) if !ok { + glog.Errorf("%v", input) return true } diff --git a/controllers/nginx/rootfs/etc/nginx/template/nginx.tmpl b/controllers/nginx/rootfs/etc/nginx/template/nginx.tmpl index c827d994fc..88413515d2 100644 --- a/controllers/nginx/rootfs/etc/nginx/template/nginx.tmpl +++ b/controllers/nginx/rootfs/etc/nginx/template/nginx.tmpl @@ -155,8 +155,8 @@ http { # Trust HTTP X-Forwarded-* Headers, but use direct values if they're missing. map {{ buildForwardedFor $cfg.ForwardedForHeader }} $the_real_ip { # Get IP address from X-Forwarded-For HTTP header - default $remote_addr; - '' $realip_remote_addr; + default $realip_remote_addr; + '' $remote_addr; } # trust http_x_forwarded_proto headers correctly indicate ssl offloading