providers/proxy: create ingress for forward_auth /akprox path

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
This commit is contained in:
Jens Langhammer 2021-05-09 12:40:44 +02:00
parent 8c0a87b710
commit a6a8eddf7c

View file

@ -101,12 +101,27 @@ class IngressReconciler(KubernetesObjectReconciler[NetworkingV1beta1Ingress]):
tls_hosts = [] tls_hosts = []
for proxy_provider in ProxyProvider.objects.filter( for proxy_provider in ProxyProvider.objects.filter(
outpost__in=[self.controller.outpost], outpost__in=[self.controller.outpost],
forward_auth_mode=False,
): ):
proxy_provider: ProxyProvider proxy_provider: ProxyProvider
external_host_name = urlparse(proxy_provider.external_host) external_host_name = urlparse(proxy_provider.external_host)
if external_host_name.scheme == "https": if external_host_name.scheme == "https":
tls_hosts.append(external_host_name.hostname) tls_hosts.append(external_host_name.hostname)
if proxy_provider.forward_auth_mode:
rule = NetworkingV1beta1IngressRule(
host=external_host_name.hostname,
http=NetworkingV1beta1HTTPIngressRuleValue(
paths=[
NetworkingV1beta1HTTPIngressPath(
backend=NetworkingV1beta1IngressBackend(
service_name=self.name,
service_port="http",
),
path="/akprox",
)
]
),
)
else:
rule = NetworkingV1beta1IngressRule( rule = NetworkingV1beta1IngressRule(
host=external_host_name.hostname, host=external_host_name.hostname,
http=NetworkingV1beta1HTTPIngressRuleValue( http=NetworkingV1beta1HTTPIngressRuleValue(