Add proxy_hide-header directive (#144)
* Add proxy_hide-header directive * Add proxy_hide_headers to tests * Add comment's also to defaults/main.yml
This commit is contained in:
parent
f5f3a65fd8
commit
a8dfb5b7df
@ -371,6 +371,7 @@ nginx_http_template:
|
|||||||
#auth_request_set:
|
#auth_request_set:
|
||||||
#name: $auth_user
|
#name: $auth_user
|
||||||
#value: $upstream_http_x_user
|
#value: $upstream_http_x_user
|
||||||
|
proxy_hide_headers: [] # A list of headers which shouldn't be passed to the application
|
||||||
add_headers:
|
add_headers:
|
||||||
strict_transport_security:
|
strict_transport_security:
|
||||||
name: Strict-Transport-Security
|
name: Strict-Transport-Security
|
||||||
@ -397,6 +398,7 @@ nginx_http_template:
|
|||||||
locations:
|
locations:
|
||||||
default:
|
default:
|
||||||
location: /
|
location: /
|
||||||
|
proxy_hide_headers: [] # A list of headers which shouldn't be passed to the application
|
||||||
add_headers:
|
add_headers:
|
||||||
strict_transport_security:
|
strict_transport_security:
|
||||||
name: Strict-Transport-Security
|
name: Strict-Transport-Security
|
||||||
@ -444,6 +446,7 @@ nginx_http_template:
|
|||||||
locations:
|
locations:
|
||||||
backend:
|
backend:
|
||||||
location: /
|
location: /
|
||||||
|
proxy_hide_headers: [] # A list of headers which shouldn't be passed to the application
|
||||||
add_headers:
|
add_headers:
|
||||||
strict_transport_security:
|
strict_transport_security:
|
||||||
name: Strict-Transport-Security
|
name: Strict-Transport-Security
|
||||||
|
@ -183,6 +183,7 @@ nginx_http_template:
|
|||||||
#auth_request_set:
|
#auth_request_set:
|
||||||
#name: $auth_user
|
#name: $auth_user
|
||||||
#value: $upstream_http_x_user
|
#value: $upstream_http_x_user
|
||||||
|
proxy_hide_headers: [] # A list of headers which shouldn't be passed to the application
|
||||||
add_headers:
|
add_headers:
|
||||||
strict_transport_security:
|
strict_transport_security:
|
||||||
name: Strict-Transport-Security
|
name: Strict-Transport-Security
|
||||||
@ -209,6 +210,7 @@ nginx_http_template:
|
|||||||
locations:
|
locations:
|
||||||
default:
|
default:
|
||||||
location: /
|
location: /
|
||||||
|
proxy_hide_headers: [] # A list of headers which shouldn't be passed to the application
|
||||||
add_headers:
|
add_headers:
|
||||||
strict_transport_security:
|
strict_transport_security:
|
||||||
name: Strict-Transport-Security
|
name: Strict-Transport-Security
|
||||||
@ -256,6 +258,7 @@ nginx_http_template:
|
|||||||
locations:
|
locations:
|
||||||
backend:
|
backend:
|
||||||
location: /
|
location: /
|
||||||
|
proxy_hide_headers: [] # A list of headers which shouldn't be passed to the application
|
||||||
add_headers:
|
add_headers:
|
||||||
strict_transport_security:
|
strict_transport_security:
|
||||||
name: Strict-Transport-Security
|
name: Strict-Transport-Security
|
||||||
|
@ -91,6 +91,11 @@ server {
|
|||||||
listen {{ item.value.port }};
|
listen {{ item.value.port }};
|
||||||
{% endif %}
|
{% endif %}
|
||||||
server_name {{ item.value.server_name | default('localhost') }};
|
server_name {{ item.value.server_name | default('localhost') }};
|
||||||
|
{% if item.value.proxy_hide_headers is defined %}
|
||||||
|
{% for header in item.value.proxy_hide_headers %}
|
||||||
|
proxy_hide_header {{ header }};
|
||||||
|
{% endfor %}
|
||||||
|
{% endif %}
|
||||||
{% if item.value.add_headers is defined %}
|
{% if item.value.add_headers is defined %}
|
||||||
{% for header in item.value.add_headers %}
|
{% for header in item.value.add_headers %}
|
||||||
add_header {{ item.value.add_headers[header].name }} "{{ item.value.add_headers[header].value }}"{% if item.value.add_headers[header].always is defined and item.value.add_headers[header].always %} always{% endif %};
|
add_header {{ item.value.add_headers[header].name }} "{{ item.value.add_headers[header].value }}"{% if item.value.add_headers[header].always is defined and item.value.add_headers[header].always %} always{% endif %};
|
||||||
@ -127,6 +132,11 @@ server {
|
|||||||
{% if item.value.reverse_proxy.locations[location].internal is sameas true %}
|
{% if item.value.reverse_proxy.locations[location].internal is sameas true %}
|
||||||
internal;
|
internal;
|
||||||
{% endif %}
|
{% endif %}
|
||||||
|
{% if item.value.reverse_proxy.locations[location].proxy_hide_headers is defined %}
|
||||||
|
{% for header in item.value.reverse_proxy.locations[location].proxy_hide_headers %}
|
||||||
|
proxy_hide_header {{ header }};
|
||||||
|
{% endfor %}
|
||||||
|
{% endif %}
|
||||||
{% if item.value.reverse_proxy.locations[location].add_headers is defined %}
|
{% if item.value.reverse_proxy.locations[location].add_headers is defined %}
|
||||||
{% for header in item.value.reverse_proxy.locations[location].add_headers %}
|
{% for header in item.value.reverse_proxy.locations[location].add_headers %}
|
||||||
add_header {{ item.value.reverse_proxy.locations[location].add_headers[header].name }} "{{ item.value.reverse_proxy.locations[location].add_headers[header].value }}"{% if item.value.reverse_proxy.locations[location].add_headers[header].always is defined and item.value.reverse_proxy.locations[location].add_headers[header].always %} always{% endif %};
|
add_header {{ item.value.reverse_proxy.locations[location].add_headers[header].name }} "{{ item.value.reverse_proxy.locations[location].add_headers[header].value }}"{% if item.value.reverse_proxy.locations[location].add_headers[header].always is defined and item.value.reverse_proxy.locations[location].add_headers[header].always %} always{% endif %};
|
||||||
@ -266,6 +276,11 @@ server {
|
|||||||
{% if item.value.web_server.locations[location].try_files is defined %}
|
{% if item.value.web_server.locations[location].try_files is defined %}
|
||||||
try_files {{ item.value.web_server.locations[location].try_files }};
|
try_files {{ item.value.web_server.locations[location].try_files }};
|
||||||
{% endif %}
|
{% endif %}
|
||||||
|
{% if item.value.web_server.locations[location].proxy_hide_headers is defined %}
|
||||||
|
{% for header in item.value.web_server.locations[location].proxy_hide_headers %}
|
||||||
|
proxy_hide_header {{ header }};
|
||||||
|
{% endfor %}
|
||||||
|
{% endif %}
|
||||||
{% if item.value.web_server.locations[location].add_headers is defined %}
|
{% if item.value.web_server.locations[location].add_headers is defined %}
|
||||||
{% for header in item.value.web_server.locations[location].add_headers %}
|
{% for header in item.value.web_server.locations[location].add_headers %}
|
||||||
add_header {{ item.value.web_server.locations[location].add_headers[header].name }} "{{ item.value.web_server.locations[location].add_headers[header].value }}"{% if item.value.web_server.locations[location].add_headers[header].always is defined and item.value.web_server.locations[location].add_headers[header].always %} always{% endif %};
|
add_header {{ item.value.web_server.locations[location].add_headers[header].name }} "{{ item.value.web_server.locations[location].add_headers[header].value }}"{% if item.value.web_server.locations[location].add_headers[header].always is defined and item.value.web_server.locations[location].add_headers[header].always %} always{% endif %};
|
||||||
|
@ -15,6 +15,8 @@
|
|||||||
port: 80
|
port: 80
|
||||||
server_name: localhost
|
server_name: localhost
|
||||||
error_page: /usr/share/nginx/html
|
error_page: /usr/share/nginx/html
|
||||||
|
proxy_hide_headers:
|
||||||
|
- X-Powered-By
|
||||||
add_headers:
|
add_headers:
|
||||||
strict_transport_security:
|
strict_transport_security:
|
||||||
name: Strict-Transport-Security
|
name: Strict-Transport-Security
|
||||||
@ -51,6 +53,8 @@
|
|||||||
locations:
|
locations:
|
||||||
frontend:
|
frontend:
|
||||||
location: /
|
location: /
|
||||||
|
proxy_hide_headers:
|
||||||
|
- X-Powered-By
|
||||||
add_headers:
|
add_headers:
|
||||||
strict_transport_security:
|
strict_transport_security:
|
||||||
name: Strict-Transport-Security
|
name: Strict-Transport-Security
|
||||||
@ -152,6 +156,8 @@
|
|||||||
locations:
|
locations:
|
||||||
frontend_site:
|
frontend_site:
|
||||||
location: /
|
location: /
|
||||||
|
proxy_hide_headers:
|
||||||
|
- X-Powered-By
|
||||||
html_file_location: /usr/share/nginx/html
|
html_file_location: /usr/share/nginx/html
|
||||||
html_file_name: frontend_index.html
|
html_file_name: frontend_index.html
|
||||||
autoindex: false
|
autoindex: false
|
||||||
|
Loading…
Reference in New Issue
Block a user