Skip to content

Commit

Permalink
Merge pull request #4 from Inpher/ludo/upstream-scheme
Browse files Browse the repository at this point in the history
Fix TLS config
Ludovic Leroux authored Sep 21, 2021
2 parents cb22b18 + 8696017 commit 71a7f34
Showing 2 changed files with 16 additions and 10 deletions.
16 changes: 6 additions & 10 deletions helpers.go
Original file line number Diff line number Diff line change
@@ -57,6 +57,11 @@ func parseConsulService(entries []*api.ServiceEntry) (upstreams []*reverseproxy.

for _, entry := range entries {

// We add the instance as an upstream
upstreams = append(upstreams, &reverseproxy.Upstream{
Dial: fmt.Sprintf("%s:%d", entry.Service.Address, entry.Service.Port),
})

// We check the options on that instance
for i := 0; i < t.NumField(); i++ {

@@ -87,22 +92,13 @@ func parseConsulService(entries []*api.ServiceEntry) (upstreams []*reverseproxy.
}
fieldValue.SetInt(val)
}

}

}

}

scheme := "http"
if options.UpstreamScheme != "" {
scheme = options.UpstreamScheme
}

// We add the instance as an upstream
upstreams = append(upstreams, &reverseproxy.Upstream{
Dial: fmt.Sprintf("%s://%s:%d", scheme, entry.Service.Address, entry.Service.Port),
})

}

return
10 changes: 10 additions & 0 deletions jsonconf.go
Original file line number Diff line number Diff line change
@@ -124,6 +124,16 @@ func (cc *App) generateHTTPAndTLSAppConfFromConsulServices(conf *caddy.Config) (
},
}

// If Upstream is HTTPS, then we use HTTPTransport and add the TLS tag (insecure)
if options.UpstreamScheme == "https" {
transport := reverseproxy.HTTPTransport{
TLS: &reverseproxy.TLSConfig{
InsecureSkipVerify: true,
},
}
reverseProxyHandler.TransportRaw = caddyconfig.JSON(transport, nil)
}

// Do we propagate upstream headers?
if options.UpstreamHeaders {
reverseProxyHandler.Headers.Response.Add = http.Header{

0 comments on commit 71a7f34

Please sign in to comment.