Skip to content

Commit

Permalink
Fix TLS config
Browse files Browse the repository at this point in the history
  • Loading branch information
Ludovic LEROUX committed Sep 21, 2021
1 parent 1e33705 commit 8696017
Show file tree
Hide file tree
Showing 2 changed files with 16 additions and 10 deletions.
16 changes: 6 additions & 10 deletions helpers.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -57,6 +57,11 @@ func parseConsulService(entries []*api.ServiceEntry) (upstreams []*reverseproxy.

for _, entry := range entries {

// We add the instance as an upstream
upstreams = append(upstreams, &reverseproxy.Upstream{
Dial: fmt.Sprintf("%s:%d", entry.Service.Address, entry.Service.Port),
})

// We check the options on that instance
for i := 0; i < t.NumField(); i++ {

Expand Down Expand Up @@ -87,22 +92,13 @@ func parseConsulService(entries []*api.ServiceEntry) (upstreams []*reverseproxy.
}
fieldValue.SetInt(val)
}

}

}

}

scheme := "http"
if options.UpstreamScheme != "" {
scheme = options.UpstreamScheme
}

// We add the instance as an upstream
upstreams = append(upstreams, &reverseproxy.Upstream{
Dial: fmt.Sprintf("%s://%s:%d", scheme, entry.Service.Address, entry.Service.Port),
})

}

return
Expand Down
10 changes: 10 additions & 0 deletions jsonconf.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -124,6 +124,16 @@ func (cc *App) generateHTTPAndTLSAppConfFromConsulServices(conf *caddy.Config) (
},
}

// If Upstream is HTTPS, then we use HTTPTransport and add the TLS tag (insecure)
if options.UpstreamScheme == "https" {
transport := reverseproxy.HTTPTransport{
TLS: &reverseproxy.TLSConfig{
InsecureSkipVerify: true,
},
}
reverseProxyHandler.TransportRaw = caddyconfig.JSON(transport, nil)
}

// Do we propagate upstream headers?
if options.UpstreamHeaders {
reverseProxyHandler.Headers.Response.Add = http.Header{
Expand Down

0 comments on commit 8696017

Please sign in to comment.