Home Explore Help
Register Sign In
opuppet
/
module-nginx
6
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

Merge pull request #805 from samuelson/proxy_hide_header

Support for proxy_hide_header directive.
Matthew Haughton 7 years ago
parent
ef61c5aa8f 12dfb7e98d
commit
8eb657f2ea
8 changed files with 38 additions and 1 deletions
Split View Show Diff Stats
  1. 2 0
      manifests/config.pp
  2. 3 0
      manifests/init.pp
  3. 3 0
      manifests/resource/location.pp
  4. 3 0
      manifests/resource/vhost.pp
  5. 10 1
      spec/classes/config_spec.rb
  6. 9 0
      spec/defines/resource_location_spec.rb
  7. 3 0
      templates/conf.d/nginx.conf.erb
  8. 5 0
      templates/vhost/locations/proxy.erb

+ 2 - 0
manifests/config.pp
View File 

@@ -93,6 +93,7 @@ class nginx::config(
 
     'X-Real-IP $remote_addr',
 
     'X-Forwarded-For $proxy_add_x_forwarded_for',
 
   ],
 
+  $proxy_hide_header              = [],
 
   $sendfile                       = 'on',
 
   $server_tokens                  = 'on',
 
   $spdy                           = 'off',
 
@@ -121,6 +122,7 @@ class nginx::config(
 
   }
 
   validate_string($multi_accept)
 
   validate_array($proxy_set_header)
 
+  validate_array($proxy_hide_header)
 
   if ($proxy_http_version != undef) {
 
     validate_string($proxy_http_version)
 
   }

+ 3 - 0
manifests/init.pp
View File 

@@ -61,6 +61,7 @@ class nginx (
 
   $proxy_redirect                 = undef,
 
   $proxy_send_timeout             = undef,
 
   $proxy_set_header               = undef,
 
+  $proxy_hide_header              = undef,
 
   $sendfile                       = undef,
 
   $server_tokens                  = undef,
 
   $spdy                           = undef,
 
@@ -185,6 +186,7 @@ class nginx (
 
         $proxy_redirect or
 
         $proxy_send_timeout or
 
         $proxy_set_header or
 
+        $proxy_hide_header or
 
         $proxy_temp_path or
 
         $run_dir or
 
         $sendfile or
 
@@ -266,6 +268,7 @@ class nginx (
 
       proxy_redirect                 => $proxy_redirect,
 
       proxy_send_timeout             => $proxy_send_timeout,
 
       proxy_set_header               => $proxy_set_header,
 
+      proxy_hide_header              => $proxy_hide_header,
 
       proxy_temp_path                => $proxy_temp_path,
 
       run_dir                        => $run_dir,
 
       sendfile                       => $sendfile,

+ 3 - 0
manifests/resource/location.pp
View File 

@@ -31,6 +31,7 @@
 
 #   [*proxy_connect_timeout*] - Override the default the proxy connect timeout
 
 #     value of 90 seconds
 
 #   [*proxy_set_header*]     - Array of vhost headers to set
 
+#   [*proxy_hide_header*]    - Array of vhost headers to hide
 
 #   [*fastcgi*]              - location of fastcgi (host:port)
 
 #   [*fastcgi_param*]        - Set additional custom fastcgi_params
 
 #   [*fastcgi_params*]       - optional alternative fastcgi_params file to use
 
@@ -147,6 +148,7 @@ define nginx::resource::location (
 
   $proxy_read_timeout   = $::nginx::config::proxy_read_timeout,
 
   $proxy_connect_timeout = $::nginx::config::proxy_connect_timeout,
 
   $proxy_set_header     = $::nginx::config::proxy_set_header,
 
+  $proxy_hide_header    = $::nginx::config::proxy_hide_header,
 
   $fastcgi              = undef,
 
   $fastcgi_param        = undef,
 
   $fastcgi_params       = "${::nginx::config::conf_dir}/fastcgi_params",
 
@@ -216,6 +218,7 @@ define nginx::resource::location (
 
   validate_string($proxy_read_timeout)
 
   validate_string($proxy_connect_timeout)
 
   validate_array($proxy_set_header)
 
+  validate_array($proxy_hide_header)
 
   if ($fastcgi != undef) {
 
     validate_string($fastcgi)
 
   }

+ 3 - 0
manifests/resource/vhost.pp
View File 

@@ -220,6 +220,7 @@ define nginx::resource::vhost (
 
   $proxy_read_timeout           = $::nginx::config::proxy_read_timeout,
 
   $proxy_connect_timeout        = $::nginx::config::proxy_connect_timeout,
 
   $proxy_set_header             = $::nginx::config::proxy_set_header,
 
+  $proxy_hide_header            = $::nginx::config::proxy_hide_header,
 
   $proxy_cache                  = false,
 
   $proxy_cache_key              = undef,
 
   $proxy_cache_use_stale        = undef,
 
@@ -379,6 +380,7 @@ define nginx::resource::vhost (
 
     validate_string($proxy_redirect)
 
   }
 
   validate_array($proxy_set_header)
 
+  validate_array($proxy_hide_header)
 
   if ($proxy_cache != false) {
 
     validate_string($proxy_cache)
 
   }
 
@@ -604,6 +606,7 @@ define nginx::resource::vhost (
 
       proxy_cache_valid           => $proxy_cache_valid,
 
       proxy_method                => $proxy_method,
 
       proxy_set_header            => $proxy_set_header,
 
+      proxy_hide_header           => $proxy_hide_header,
 
       proxy_set_body              => $proxy_set_body,
 
       fastcgi                     => $fastcgi,
 
       fastcgi_params              => $fastcgi_params,

+ 10 - 1
spec/classes/config_spec.rb
View File 

@@ -476,7 +476,7 @@ describe 'nginx::config' do
 
           :notmatch => 'proxy_http_version',
 
         },
 
         {
 
-          :title => 'should contain ordered appended directives',
 
+          :title => 'should contain ordered appended proxy_set_header directives',
 
           :attr  => 'proxy_set_header',
 
           :value => ['header1','header2'],
 
           :match => [
 
@@ -485,6 +485,15 @@ describe 'nginx::config' do
 
           ],
 
         },
 
         {
 
+          :title => 'should contain ordered appended proxy_hide_header directives',
 
+          :attr  => 'proxy_hide_header',
 
+          :value => ['header1','header2'],
 
+          :match => [
 
+            '  proxy_hide_header        header1;',
 
+            '  proxy_hide_header        header2;',
 
+          ],
 
+        },
 
+        {
 
             :title    => 'should set client_body_temp_path',
 
             :attr     => 'client_body_temp_path',
 
             :value    => '/path/to/body_temp',

+ 9 - 0
spec/defines/resource_location_spec.rb
View File 

@@ -665,6 +665,15 @@ describe 'nginx::resource::location' do
 
           ]
 
         },
 
         {
 
+          :title => 'should hide proxy headers',
 
+          :attr  => 'proxy_hide_header',
 
+          :value => [ 'X-TestHeader1 value1', 'X-TestHeader2 value2' ],
 
+          :match => [
 
+            /^\s+proxy_hide_header\s+X-TestHeader1 value1;/,
 
+            /^\s+proxy_hide_header\s+X-TestHeader2 value2;/,
 
+          ]
 
+        },
 
+        {
 
           :title => 'should set proxy_method',
 
           :attr  => 'proxy_method',
 
           :value => 'value',

+ 3 - 0
templates/conf.d/nginx.conf.erb
View File 

@@ -120,6 +120,9 @@ http {
 
 <% @proxy_set_header.each do |header| -%>
 
   proxy_set_header        <%= header %>;
 
 <% end -%>
 
+<% @proxy_hide_header.each do |header| -%>
 
+  proxy_hide_header        <%= header %>;
 
+<% end -%>
 
 <% if @proxy_headers_hash_bucket_size -%>
 
   proxy_headers_hash_bucket_size <%= @proxy_headers_hash_bucket_size %>;
 
 <% end -%>

+ 5 - 0
templates/vhost/locations/proxy.erb
View File 

@@ -13,6 +13,11 @@
 
     proxy_set_header      <%= header %>;
 
     <%- end -%>
 
 <% end -%>
 
+<% unless @proxy_hide_header.nil? -%>
 
+    <%- @proxy_hide_header.each do |header| -%>
 
+    proxy_hide_header      <%= header %>;
 
+    <%- end -%>
 
+<% end -%>
 
 <% if @proxy_cache -%>
 
     proxy_cache           <%= @proxy_cache %>;
 
 <% end -%>