Generate host acl correctly for * host

voyagermesh · Dec 29, 2017 · 113f513 · 113f513
1 parent e89ad35
commit 113f513
Show file tree

Hide file tree

Showing 3 changed files with 29 additions and 10 deletions.
diff --git a/apis/voyager/v1beta1/annotations.go b/apis/voyager/v1beta1/annotations.go
@@ -335,8 +335,11 @@ func (r Ingress) EnableCORS() bool {
 }
 
 func (r Ingress) ForceServicePort() bool {
-	v, _ := meta.GetBool(r.Annotations, ForceServicePort)
-	return v
+	if r.LBType() == LBTypeNodePort {
+		v, _ := meta.GetBool(r.Annotations, ForceServicePort)
+		return v
+	}
+	return true
 }
 
 func (r Ingress) EnableHSTS() bool {

diff --git a/hack/docker/voyager/templates/http-frontend.cfg b/hack/docker/voyager/templates/http-frontend.cfg
@@ -73,10 +73,11 @@ frontend {{ .FrontendName }}
 	acl is_proxy_https hdr(X-Forwarded-Proto) https
 
 	{{ range $host := .Hosts }}
-	{{ if  and (or (eq $.Port 80) (eq $.Port 443)) ( or $.ForceMatchServicePort (not $.NodePort)) }}
-	{{ if $host.Host }}acl host_acl_{{ $host.Host | acl_name }} {{ $host.Host | host_name }}{{ end }}
+	{{ with $conditions := (host_acls $host.Host $.Port $.NodePort $.ForceMatchServicePort ) }}
+	{{ range $cond := $conditions }}
+	{{ if $cond }}acl host_acl_{{ $host.Host | acl_name }} {{ $cond }}{{ end }}
+	{{ end }}
 	{{ end }}
-	{{ if $host.Host }}acl host_acl_{{ $host.Host | acl_name }} {{ $host.Host | host_name }}{{ if and (not $.ForceMatchServicePort) $.NodePort }}:{{ $.NodePort }}{{ else }}:{{ $.Port }}{{ end }}{{ end }}
 	{{ range $path := $host.Paths }}
 	{{ if $path.Path }}acl url_acl_{{ $host.Host | acl_name }}_{{ $path.Path | acl_name }} path_beg {{ $path.Path }}{{ end }}
 	{{ if $path.SSLRedirect }}

diff --git a/pkg/haproxy/template.go b/pkg/haproxy/template.go
@@ -35,11 +35,26 @@ func HeaderName(v string) string {
 	return v[:index]
 }
 
-func HostName(v string) string {
-	v = strings.TrimSpace(v)
-	if v == "" || v == `*` {
-		return ""
+func HostACLs(host string, port int, nodePort int32, forceSvcPort bool) []string {
+	fmt.Printf("host=%v, port=%v, nodePort=%v, forceSvcPort=%v", host, port, nodePort, forceSvcPort)
+	var conditions []string
+	host = strings.TrimSpace(host)
+
+	if !forceSvcPort && nodePort > 0 {
+		conditions = append(conditions, hostMatcher(fmt.Sprintf("%s:%d", host, nodePort)))
+	} else if forceSvcPort && port > 0 {
+		if port != 80 && port != 443 { // non standard http ports
+			conditions = append(conditions, hostMatcher(fmt.Sprintf("%s:%d", host, port)))
+		} else if host != "" && host != `*` { // http or https
+			conditions = append(conditions, hostMatcher(host))
+			conditions = append(conditions, hostMatcher(fmt.Sprintf("%s:%d", host, port)))
+		}
 	}
+	fmt.Println(">>>>>>>> ", strings.Join(conditions, "|"))
+	return conditions
+}
+
+func hostMatcher(v string) string {
 	if strings.HasPrefix(v, "*") {
 		return "hdr_end(host) -i " + v[1:]
 	}
@@ -63,7 +78,7 @@ var (
 	funcMap = template.FuncMap{
 		"acl_name":     ACLName,
 		"header_name":  HeaderName,
-		"host_name":    HostName,
+		"host_acls":    HostACLs,
 		"backend_hash": BackendHash,
 	}