diff --git a/docs-web/configuration/global-configuration/configmap-resource.md b/docs-web/configuration/global-configuration/configmap-resource.md index ed5ede56ca..5cb123c952 100644 --- a/docs-web/configuration/global-configuration/configmap-resource.md +++ b/docs-web/configuration/global-configuration/configmap-resource.md @@ -198,6 +198,10 @@ See the doc about [VirtualServer and VirtualServerRoute resources](/nginx-ingres - Disables the `access log `_. - ``False`` - + * - ``default-server-access-log-off`` + - Disables the `access log `_ for the default server. If access log is disabled globally (``access-log-off: "True"``), then the default server access log is always disabled. + - ``False`` + - * - ``log-format`` - Sets the custom `log format `_. - See the `template file `_ for the access log. diff --git a/internal/configs/config_params.go b/internal/configs/config_params.go index 16917ffb6e..7e9101fc92 100644 --- a/internal/configs/config_params.go +++ b/internal/configs/config_params.go @@ -3,81 +3,82 @@ package configs // ConfigParams holds NGINX configuration parameters that affect the main NGINX config // as well as configs for Ingress resources. type ConfigParams struct { - LocationSnippets []string - ServerSnippets []string - ServerTokens string - ProxyConnectTimeout string - ProxyReadTimeout string - ProxySendTimeout string ClientMaxBodySize string + DefaultServerAccessLogOff bool + FailTimeout string + HealthCheckEnabled bool + HealthCheckMandatory bool + HealthCheckMandatoryQueue int64 + HSTS bool + HSTSBehindProxy bool + HSTSIncludeSubdomains bool + HSTSMaxAge int64 HTTP2 bool - RedirectToHTTPS bool - SSLRedirect bool - MainMainSnippets []string + Keepalive int + LBMethod string + LocationSnippets []string + MainAccessLogOff bool + MainErrorLogLevel string MainHTTPSnippets []string - MainStreamSnippets []string + MainKeepaliveRequests int64 + MainKeepaliveTimeout string + MainLogFormat string + MainMainSnippets []string + MainOpenTracingEnabled bool + MainOpenTracingLoadModule bool + MainOpenTracingTracer string + MainOpenTracingTracerConfig string MainServerNamesHashBucketSize string MainServerNamesHashMaxSize string - MainAccessLogOff bool - MainLogFormat string - MainErrorLogLevel string MainStreamLogFormat string + MainStreamSnippets []string + MainWorkerConnections string + MainWorkerCPUAffinity string + MainWorkerProcesses string + MainWorkerRlimitNofile string + MainWorkerShutdownTimeout string + MaxConns int + MaxFails int ProxyBuffering bool ProxyBuffers string ProxyBufferSize string - ProxyMaxTempFileSize string - ProxyProtocol bool + ProxyConnectTimeout string ProxyHideHeaders []string + ProxyMaxTempFileSize string ProxyPassHeaders []string - UpstreamZoneSize string - HSTS bool - HSTSBehindProxy bool - HSTSMaxAge int64 - HSTSIncludeSubdomains bool - LBMethod string - MainWorkerProcesses string - MainWorkerCPUAffinity string - MainWorkerShutdownTimeout string - MainWorkerConnections string - MainWorkerRlimitNofile string - Keepalive int - MaxFails int - MaxConns int - FailTimeout string - HealthCheckEnabled bool - HealthCheckMandatory bool - HealthCheckMandatoryQueue int64 - SlowStart string + ProxyProtocol bool + ProxyReadTimeout string + ProxySendTimeout string + RedirectToHTTPS bool ResolverAddresses []string ResolverIPV6 bool - ResolverValid string ResolverTimeout string - MainKeepaliveTimeout string - MainKeepaliveRequests int64 + ResolverValid string + ServerSnippets []string + ServerTokens string + SlowStart string + SSLRedirect bool + UpstreamZoneSize string VariablesHashBucketSize uint64 VariablesHashMaxSize uint64 - MainOpenTracingLoadModule bool - MainOpenTracingEnabled bool - MainOpenTracingTracer string - MainOpenTracingTracerConfig string RealIPHeader string - SetRealIPFrom []string RealIPRecursive bool + SetRealIPFrom []string - MainServerSSLProtocols string - MainServerSSLPreferServerCiphers bool MainServerSSLCiphers string MainServerSSLDHParam string MainServerSSLDHParamFileContent *string + MainServerSSLPreferServerCiphers bool + MainServerSSLProtocols string - MainTemplate *string IngressTemplate *string + MainTemplate *string - JWTRealm string JWTKey string - JWTToken string JWTLoginURL string + JWTRealm string + JWTToken string Ports []int SSLPorts []int diff --git a/internal/configs/configmaps.go b/internal/configs/configmaps.go index b58171af75..b2b8c10cd9 100644 --- a/internal/configs/configmaps.go +++ b/internal/configs/configmaps.go @@ -215,6 +215,14 @@ func ParseConfigMap(cfgm *v1.ConfigMap, nginxPlus bool) *ConfigParams { cfgParams.MainStreamLogFormat = streamLogFormat } + if defaultServerAccessLogOff, exists, err := GetMapKeyAsBool(cfgm.Data, "default-server-access-log-off", cfgm); exists { + if err != nil { + glog.Error(err) + } else { + cfgParams.DefaultServerAccessLogOff = defaultServerAccessLogOff + } + } + if proxyBuffering, exists, err := GetMapKeyAsBool(cfgm.Data, "proxy-buffering", cfgm); exists { if err != nil { glog.Error(err) @@ -429,45 +437,46 @@ func ParseConfigMap(cfgm *v1.ConfigMap, nginxPlus bool) *ConfigParams { // GenerateNginxMainConfig generates MainConfig. func GenerateNginxMainConfig(staticCfgParams *StaticConfigParams, config *ConfigParams) *version1.MainConfig { nginxCfg := &version1.MainConfig{ + AccessLogOff: config.MainAccessLogOff, + DefaultServerAccessLogOff: config.DefaultServerAccessLogOff, + ErrorLogLevel: config.MainErrorLogLevel, HealthStatus: staticCfgParams.HealthStatus, HealthStatusURI: staticCfgParams.HealthStatusURI, + HTTP2: config.HTTP2, + HTTPSnippets: config.MainHTTPSnippets, + KeepaliveRequests: config.MainKeepaliveRequests, + KeepaliveTimeout: config.MainKeepaliveTimeout, + LogFormat: config.MainLogFormat, + MainSnippets: config.MainMainSnippets, NginxStatus: staticCfgParams.NginxStatus, NginxStatusAllowCIDRs: staticCfgParams.NginxStatusAllowCIDRs, NginxStatusPort: staticCfgParams.NginxStatusPort, - StubStatusOverUnixSocketForOSS: staticCfgParams.StubStatusOverUnixSocketForOSS, - MainSnippets: config.MainMainSnippets, - HTTPSnippets: config.MainHTTPSnippets, - StreamSnippets: config.MainStreamSnippets, + OpenTracingEnabled: config.MainOpenTracingEnabled, + OpenTracingLoadModule: config.MainOpenTracingLoadModule, + OpenTracingTracer: config.MainOpenTracingTracer, + OpenTracingTracerConfig: config.MainOpenTracingTracerConfig, + ProxyProtocol: config.ProxyProtocol, + ResolverAddresses: config.ResolverAddresses, + ResolverIPV6: config.ResolverIPV6, + ResolverTimeout: config.ResolverTimeout, + ResolverValid: config.ResolverValid, ServerNamesHashBucketSize: config.MainServerNamesHashBucketSize, ServerNamesHashMaxSize: config.MainServerNamesHashMaxSize, - AccessLogOff: config.MainAccessLogOff, - LogFormat: config.MainLogFormat, - ErrorLogLevel: config.MainErrorLogLevel, - StreamLogFormat: config.MainStreamLogFormat, - SSLProtocols: config.MainServerSSLProtocols, + ServerTokens: config.ServerTokens, SSLCiphers: config.MainServerSSLCiphers, SSLDHParam: config.MainServerSSLDHParam, SSLPreferServerCiphers: config.MainServerSSLPreferServerCiphers, - HTTP2: config.HTTP2, - ServerTokens: config.ServerTokens, - ProxyProtocol: config.ProxyProtocol, - WorkerProcesses: config.MainWorkerProcesses, - WorkerCPUAffinity: config.MainWorkerCPUAffinity, - WorkerShutdownTimeout: config.MainWorkerShutdownTimeout, - WorkerConnections: config.MainWorkerConnections, - WorkerRlimitNofile: config.MainWorkerRlimitNofile, - ResolverAddresses: config.ResolverAddresses, - ResolverIPV6: config.ResolverIPV6, - ResolverValid: config.ResolverValid, - ResolverTimeout: config.ResolverTimeout, - KeepaliveTimeout: config.MainKeepaliveTimeout, - KeepaliveRequests: config.MainKeepaliveRequests, + SSLProtocols: config.MainServerSSLProtocols, + StreamLogFormat: config.MainStreamLogFormat, + StreamSnippets: config.MainStreamSnippets, + StubStatusOverUnixSocketForOSS: staticCfgParams.StubStatusOverUnixSocketForOSS, VariablesHashBucketSize: config.VariablesHashBucketSize, VariablesHashMaxSize: config.VariablesHashMaxSize, - OpenTracingLoadModule: config.MainOpenTracingLoadModule, - OpenTracingEnabled: config.MainOpenTracingEnabled, - OpenTracingTracer: config.MainOpenTracingTracer, - OpenTracingTracerConfig: config.MainOpenTracingTracerConfig, + WorkerConnections: config.MainWorkerConnections, + WorkerCPUAffinity: config.MainWorkerCPUAffinity, + WorkerProcesses: config.MainWorkerProcesses, + WorkerRlimitNofile: config.MainWorkerRlimitNofile, + WorkerShutdownTimeout: config.MainWorkerShutdownTimeout, } return nginxCfg } diff --git a/internal/configs/version1/config.go b/internal/configs/version1/config.go index 48ef3cdb6e..f8738deaa9 100644 --- a/internal/configs/version1/config.go +++ b/internal/configs/version1/config.go @@ -124,45 +124,46 @@ type Location struct { // MainConfig describe the main NGINX configuration file. type MainConfig struct { - ServerNamesHashBucketSize string - ServerNamesHashMaxSize string AccessLogOff bool - LogFormat string + DefaultServerAccessLogOff bool ErrorLogLevel string - StreamLogFormat string HealthStatus bool HealthStatusURI string + HTTP2 bool + HTTPSnippets []string + KeepaliveRequests int64 + KeepaliveTimeout string + LogFormat string + MainSnippets []string NginxStatus bool NginxStatusAllowCIDRs []string NginxStatusPort int - StubStatusOverUnixSocketForOSS bool - MainSnippets []string - HTTPSnippets []string - StreamSnippets []string - SSLProtocols string - SSLPreferServerCiphers bool - SSLCiphers string - SSLDHParam string - HTTP2 bool - ServerTokens string + OpenTracingEnabled bool + OpenTracingLoadModule bool + OpenTracingTracer string + OpenTracingTracerConfig string ProxyProtocol bool - WorkerProcesses string - WorkerCPUAffinity string - WorkerShutdownTimeout string - WorkerConnections string - WorkerRlimitNofile string ResolverAddresses []string ResolverIPV6 bool - ResolverValid string ResolverTimeout string - KeepaliveTimeout string - KeepaliveRequests int64 + ResolverValid string + ServerNamesHashBucketSize string + ServerNamesHashMaxSize string + ServerTokens string + SSLCiphers string + SSLDHParam string + SSLPreferServerCiphers bool + SSLProtocols string + StreamLogFormat string + StreamSnippets []string + StubStatusOverUnixSocketForOSS bool VariablesHashBucketSize uint64 VariablesHashMaxSize uint64 - OpenTracingLoadModule bool - OpenTracingEnabled bool - OpenTracingTracer string - OpenTracingTracerConfig string + WorkerConnections string + WorkerCPUAffinity string + WorkerProcesses string + WorkerRlimitNofile string + WorkerShutdownTimeout string } // NewUpstreamWithDefaultServer creates an upstream with the default server. diff --git a/internal/configs/version1/nginx-plus.tmpl b/internal/configs/version1/nginx-plus.tmpl index a89916cdc7..4b2a4ccfa3 100644 --- a/internal/configs/version1/nginx-plus.tmpl +++ b/internal/configs/version1/nginx-plus.tmpl @@ -99,7 +99,9 @@ http { server_name _; server_tokens "{{.ServerTokens}}"; + {{if .DefaultServerAccessLogOff}} access_log off; + {{end}} {{if .OpenTracingEnabled}} opentracing off; diff --git a/internal/configs/version1/nginx.tmpl b/internal/configs/version1/nginx.tmpl index b51e69573b..a27d7e6c67 100644 --- a/internal/configs/version1/nginx.tmpl +++ b/internal/configs/version1/nginx.tmpl @@ -93,7 +93,9 @@ http { server_name _; server_tokens "{{.ServerTokens}}"; + {{if .DefaultServerAccessLogOff}} access_log off; + {{end}} {{if .OpenTracingEnabled}} opentracing off;