|
9 | 9 | String $http_edge_path_owner = 'root', |
10 | 10 | String $http_edge_frontend = 'default_fe', |
11 | 11 |
|
12 | | - String $http_edge_redirect_marker = '###http-edge-redirects###', |
| 12 | + Hash $http_edge_markers = { 'redirects' => '###http-edge-redirects###', |
| 13 | + 'canonicals' => '###http-edge-canonicals###', |
| 14 | + 'nofollow' => '###http-edge-nofollow###', |
| 15 | + 'status410' => '###http-edge-status410###' }, |
13 | 16 | Array $http_edge_redirect_types = [ 'str', 'beg', 'end', 'sub', 'dir', 'regm' ], |
| 17 | + Array $http_edge_services = [ 'redirects' ], |
14 | 18 | Hash $http_edge_domains_envs = {}, |
15 | 19 | ) { |
16 | 20 |
|
|
28 | 32 | replace => false, |
29 | 33 | } |
30 | 34 |
|
31 | | - $http_edge_redirect_rules = flatten($http_edge_domains_envs.map |$domain, $options| { |
32 | | - $match_type = pick($options['match_type'], 'str') |
33 | | - $hdr_match = $match_type ? { |
34 | | - 'str' => 'hdr', |
35 | | - default => "hdr_${match_type}" |
36 | | - } |
37 | | - $domain_separator = $match_type ? { |
38 | | - 'reg' => '\.', |
39 | | - default => '.', |
40 | | - } |
41 | | - $options['_envs'].map |$env| { |
42 | | - $path_env = "${http_edge_path}/${env}" |
43 | | - if $options[$env] { |
44 | | - $domain_env = $options[$env] |
| 35 | + $http_edge_rules_all_placeholder = $http_edge_services.map | $service | { |
| 36 | + $http_edge_rules = flatten($http_edge_domains_envs.map |$domain, $options| { |
| 37 | + $match_type = pick($options['match_type'], 'str') |
| 38 | + $hdr_match = $match_type ? { |
| 39 | + 'str' => 'hdr', |
| 40 | + default => "hdr_${match_type}" |
45 | 41 | } |
46 | | - else { |
47 | | - $parts = [$options['_domain_prefix'], $env, $options['_domain_suffix']].filter |$item| { !$item.empty } |
48 | | - $domain_env = join($parts, $domain_separator) |
| 42 | + $domain_separator = $match_type ? { |
| 43 | + 'reg' => '\.', |
| 44 | + default => '.', |
49 | 45 | } |
| 46 | + $options['_envs'].map |$env| { |
| 47 | + $path_env = "${http_edge_path}/${env}" |
| 48 | + if $options[$env] { |
| 49 | + $domain_env = $options[$env] |
| 50 | + } |
| 51 | + else { |
| 52 | + $parts = [$options['_domain_prefix'], $env, $options['_domain_suffix']].filter |$item| { !$item.empty } |
| 53 | + $domain_env = join($parts, $domain_separator) |
| 54 | + } |
| 55 | + |
| 56 | + if $service in $options['_services'] { |
| 57 | + |
| 58 | + ensure_resource('file', [$path_env, "$path_env/current", "$path_env/current/$service"], $file_args) |
50 | 59 |
|
51 | | - ensure_resource('file', [$path_env, "$path_env/current", "$path_env/current/redirects"], $file_args) |
| 60 | + $http_edge_redirect_types.map |$type| { |
| 61 | + $map_file = "$path_env/current/$service/$domain.$type.map" |
| 62 | + $map_func = "map_$type" |
52 | 63 |
|
53 | | - $http_edge_redirect_types.map |$type| { |
54 | | - $map_file = "$path_env/current/redirects/$domain.$type.map" |
55 | | - $map_func = "map_$type" |
56 | | - file { $map_file: |
57 | | - ensure => present, |
58 | | - owner => $http_edge_path_owner, |
| 64 | + file { $map_file: |
| 65 | + ensure => present, |
| 66 | + owner => $http_edge_path_owner, |
| 67 | + } |
| 68 | + if $service == 'redirects' { |
| 69 | + "redirect location %[path,$map_func($map_file)] code 301 if { ${hdr_match}(host) -i $domain_env } { path,$map_func($map_file) -m found } !{ path,$map_func($map_file) -m str haproxy-skip }" |
| 70 | + } elsif $service == 'nofollow' { |
| 71 | + "set-var(txn.noindex) always_true if { ${hdr_match}(host) $domain_env } { path,$map_func($map_file) -m found }" |
| 72 | + } elsif $service == 'status410' { |
| 73 | + "set-var(txn.status410) always_true if { ${hdr_match}(host) $domain_env } { path,$map_func($map_file) -m found }" |
| 74 | + } elsif $service == 'canonicals' { |
| 75 | + "set-header X-Canonical-Custom <https://%[${hdr_match}(host)]%[url,$map_func($map_file)]>;\\ rel=\"canonical\" if !{ req.hdr(X-Canonical-Custom) -m found } { ${hdr_match}(host) $domain_env } { url,$map_func($map_file) -m found }" |
| 76 | + } |
| 77 | + |
| 78 | + } |
59 | 79 | } |
60 | | - "redirect location %[path,$map_func($map_file)] code 301 if { ${hdr_match}(host) -i $domain_env } { path,$map_func($map_file) -m found } !{ path,$map_func($map_file) -m str haproxy-skip }" |
| 80 | + } |
| 81 | + }) |
| 82 | + [$service, $http_edge_rules] |
| 83 | + } |
| 84 | + |
| 85 | + $http_edge_rules_all = Hash($http_edge_rules_all_placeholder) |
| 86 | + # Filter undef fields from the http-edge rules |
| 87 | + $http_edge_rules_all_real_without_undef = $http_edge_rules_all.map |$key, $value| { |
| 88 | + $real_rules = $value.filter |$rules| { $rules =~ NotUndef } |
| 89 | + [$key, $real_rules] |
| 90 | + } |
| 91 | + $http_edge_rules_all_real = Hash($http_edge_rules_all_real_without_undef) |
| 92 | + |
| 93 | + # Insert additional http-edge rules that are service specific |
| 94 | + if 'canonicals' in $http_edge_services or 'status410' in $http_edge_services or or 'nofollow' in $http_edge_services { |
| 95 | + if 'canonicals' in $http_edge_services { |
| 96 | + $http_edge_canonicals_rules_real = flatten($http_edge_rules_all_real['canonicals'], 'set-var(txn.canonical_custom) hdr(X-Canonical-Custom) if { hdr(X-Canonical-Custom) -m found }', 'del-header X-Canonical-Custom if { hdr(X-Canonical-Custom) -m found }') |
| 97 | + } |
| 98 | + $http_response_rules = $ducktape::haproxy::frontends[$http_edge_frontend]['options']['http-response'] |
| 99 | + $http_response_new_rules = $http_edge_services.map | $service | { |
| 100 | + if $service == 'canonicals' { |
| 101 | + 'set-header link %[var(txn.canonical_custom)] if { var(txn.canonical_custom) -m found }' |
| 102 | + } elsif $service == 'status410' { |
| 103 | + 'set-status 410 if { var(txn.status410) -m bool }' |
| 104 | + } elsif $service == 'nofollow' { |
| 105 | + 'set-header X-Robots-Tag "noindex, nofollow" if { var(txn.noindex) -m bool }' |
61 | 106 | } |
62 | 107 | } |
63 | | - }) |
| 108 | + $http_response_new_rules_real = $http_response_new_rules.filter |$rules| { $rules =~ NotUndef } |
| 109 | + $http_response_rules_real = concat($http_response_rules, $http_response_new_rules_real) |
| 110 | + $http_response_rules_hash = {$http_edge_frontend => {'options' => {'http-response' => $http_response_rules_real}}} |
| 111 | + } |
64 | 112 |
|
65 | | - # Insert http-edge redirect rules at the marker position, or at the end if no marker |
| 113 | + # Insert http-edge rules at the marker position, or at the end if no marker |
66 | 114 | $http_request_rules = $ducktape::haproxy::frontends[$http_edge_frontend]['options']['http-request'] |
67 | | - if grep($http_request_rules, $http_edge_redirect_marker) == [] { |
68 | | - $http_request_rules_real = concat($http_request_rules, $http_edge_redirect_rules) |
| 115 | + if 'redirects' in $http_edge_services and grep($http_request_rules, $http_edge_markers['redirects']) == [] { |
| 116 | + $http_request_rules_with_redirects = concat($http_request_rules, $http_edge_rules_all_real['redirects']) |
| 117 | + } |
| 118 | + elsif 'redirects' in $http_edge_services { |
| 119 | + $http_request_rules_with_redirects = split(regsubst(join($http_request_rules, "\n"), $http_edge_markers['redirects'], join($http_edge_rules_all_real['redirects'], "\n")), "\n") |
| 120 | + } else { |
| 121 | + $http_request_rules_with_redirects = $http_request_rules |
| 122 | + } |
| 123 | + |
| 124 | + if 'status410' in $http_edge_services and grep($http_request_rules_with_redirects, $http_edge_markers['status410']) == [] { |
| 125 | + $http_request_rules_with_status410 = concat($http_request_rules_with_redirects, $http_edge_rules_all_real['status410']) |
| 126 | + } |
| 127 | + elsif 'status410' in $http_edge_services { |
| 128 | + $http_request_rules_with_status410 = split(regsubst(join($http_request_rules_with_redirects, "\n"), $http_edge_markers['status410'], join($http_edge_rules_all_real['status410'], "\n")), "\n") |
| 129 | + } else { |
| 130 | + $http_request_rules_with_status410 = $http_request_rules_with_redirects |
69 | 131 | } |
70 | | - else { |
71 | | - $http_request_rules_real = split(regsubst(join($http_request_rules, "\n"), $http_edge_redirect_marker, join($http_edge_redirect_rules, "\n")), "\n") |
| 132 | + |
| 133 | + if 'nofollow' in $http_edge_services and grep($http_request_rules_with_status410, $http_edge_markers['nofollow']) == [] { |
| 134 | + $http_request_rules_with_nofollow = concat($http_request_rules_with_status410, $http_edge_rules_all_real['nofollow']) |
| 135 | + } |
| 136 | + elsif 'nofollow' in $http_edge_services { |
| 137 | + $http_request_rules_with_nofollow = split(regsubst(join($http_request_rules_with_status410, "\n"), $http_edge_markers['nofollow'], join($http_edge_rules_all_real['nofollow'], "\n")), "\n") |
| 138 | + } else { |
| 139 | + $http_request_rules_with_nofollow = $http_request_rules_with_status410 |
| 140 | + } |
| 141 | + |
| 142 | + if 'canonicals' in $http_edge_services and grep($http_request_rules_with_nofollow, $http_edge_markers['canonicals']) == [] { |
| 143 | + $http_request_rules_real = concat($http_request_rules_with_nofollow, $http_edge_canonicals_rules_real) |
| 144 | + } |
| 145 | + elsif 'canonicals' in $http_edge_services { |
| 146 | + $http_request_rules_real = split(regsubst(join($http_request_rules_with_nofollow, "\n"), $http_edge_markers['canonicals'], join($http_edge_canonicals_rules_real, "\n")), "\n") |
| 147 | + } else { |
| 148 | + $http_request_rules_real = $http_request_rules_with_nofollow |
72 | 149 | } |
73 | 150 |
|
74 | 151 | $http_request_rules_hash = {$http_edge_frontend => {'options' => {'http-request' => $http_request_rules_real}}} |
75 | | - $frontends_real = deep_merge($ducktape::haproxy::frontends, $http_request_rules_hash) |
| 152 | + if 'canonicals' in $http_edge_services or 'status410' in $http_edge_services or 'nofollow' in $http_edge_services { |
| 153 | + $frontends_real_placeholder = deep_merge($ducktape::haproxy::frontends, $http_request_rules_hash) |
| 154 | + $frontends_real = deep_merge($frontends_real_placeholder, $http_response_rules_hash) |
| 155 | + } else { |
| 156 | + $frontends_real = deep_merge($ducktape::haproxy::frontends, $http_request_rules_hash) |
| 157 | + } |
76 | 158 | } |
77 | 159 | else { |
78 | 160 | $frontends_real = $ducktape::haproxy::frontends |
|
0 commit comments