Add "satisfy" option to the location section
https://www.nginx.com/resources/admin-guide/restricting-access/ http://nginx.org/en/docs/http/ngx_http_core_module.html?&_ga=1.238118336.1949645469.1456390584#satisfy
This commit is contained in:
parent
9b673763bb
commit
2154002e73
4 changed files with 22 additions and 0 deletions
|
@ -11,6 +11,7 @@
|
|||
# entry to include with
|
||||
# [*location*] - Specifies the URI associated with this location
|
||||
# entry
|
||||
# [*location_satisfy*] - Allows access if all (all) or at least one (any) of the auth modules allow access.
|
||||
# [*location_allow*] - Array: Locations to allow connections from.
|
||||
# [*location_deny*] - Array: Locations to deny connections from.
|
||||
# [*www_root*] - Specifies the location on disk for files to be
|
||||
|
@ -156,6 +157,7 @@ define nginx::resource::location (
|
|||
$ssl = false,
|
||||
$ssl_only = false,
|
||||
$location_alias = undef,
|
||||
$location_satisfy = undef,
|
||||
$location_allow = undef,
|
||||
$location_deny = undef,
|
||||
$option = undef,
|
||||
|
@ -239,6 +241,10 @@ define nginx::resource::location (
|
|||
if ($location_alias != undef) {
|
||||
validate_string($location_alias)
|
||||
}
|
||||
if ($location_satisfy != undef) {
|
||||
validate_re($location_satisfy, '^(any|all)$',
|
||||
"${$location_satisfy} is not supported for location_satisfy. Allowed values are 'any' and 'all'.")
|
||||
}
|
||||
if ($location_allow != undef) {
|
||||
validate_array($location_allow)
|
||||
}
|
||||
|
|
|
@ -17,6 +17,7 @@
|
|||
# vHost on. Defaults to UNIX /var/run/nginx.sock
|
||||
# [*listen_unix_socket_options*] - Extra options for listen directive like
|
||||
# 'default' to catchall. Undef by default.
|
||||
# [*location_satisfy*] - Allows access if all (all) or at least one (any) of the auth modules allow access.
|
||||
# [*location_allow*] - Array: Locations to allow connections from.
|
||||
# [*location_deny*] - Array: Locations to deny connections from.
|
||||
# [*ipv6_enable*] - BOOL value to enable/disable IPv6 support
|
||||
|
@ -178,6 +179,7 @@ define nginx::resource::vhost (
|
|||
$listen_unix_socket_enable = false,
|
||||
$listen_unix_socket = '/var/run/nginx.sock',
|
||||
$listen_unix_socket_options = undef,
|
||||
$location_satisfy = undef,
|
||||
$location_allow = [],
|
||||
$location_deny = [],
|
||||
$ipv6_enable = false,
|
||||
|
@ -290,6 +292,10 @@ define nginx::resource::vhost (
|
|||
if ($listen_unix_socket_options != undef) {
|
||||
validate_string($listen_unix_socket_options)
|
||||
}
|
||||
if ($location_satisfy != undef) {
|
||||
validate_re($location_satisfy, '^(any|all)$',
|
||||
"${$location_satisfy} is not supported for location_satisfy. Allowed values are 'any' and 'all'.")
|
||||
}
|
||||
validate_array($location_allow)
|
||||
validate_array($location_deny)
|
||||
validate_bool($ipv6_enable)
|
||||
|
@ -557,6 +563,7 @@ define nginx::resource::vhost (
|
|||
ssl => $ssl,
|
||||
ssl_only => $ssl_only,
|
||||
location => '/',
|
||||
location_satisfy => $location_satisfy,
|
||||
location_allow => $location_allow,
|
||||
location_deny => $location_deny,
|
||||
proxy => $proxy,
|
||||
|
|
|
@ -70,6 +70,12 @@ describe 'nginx::resource::location' do
|
|||
:value => true,
|
||||
:match => ' flv;'
|
||||
},
|
||||
{
|
||||
:title => 'should set location_satisfy',
|
||||
:attr => 'location_satisfy',
|
||||
:value => 'any',
|
||||
:match => ' satisfy any;'
|
||||
},
|
||||
{
|
||||
:title => 'should set location_allow',
|
||||
:attr => 'location_allow',
|
||||
|
|
|
@ -9,6 +9,9 @@
|
|||
<% if @flv -%>
|
||||
flv;
|
||||
<% end -%>
|
||||
<% if @location_satisfy -%>
|
||||
satisfy <%= @location_satisfy -%>;
|
||||
<% end -%>
|
||||
<% if @location_allow -%>
|
||||
<%- @location_allow.each do |allow_rule| -%>
|
||||
allow <%= allow_rule %>;
|
||||
|
|
Loading…
Reference in a new issue