diff --git a/provider/marathon/config.go b/provider/marathon/config.go index 6b23c27c1..1c3b1de18 100644 --- a/provider/marathon/config.go +++ b/provider/marathon/config.go @@ -54,6 +54,47 @@ func (p *Provider) buildConfiguration() *types.Configuration { "getRedirectEntryPoint": getFuncStringService(label.TraefikFrontendRedirectEntryPoint, label.DefaultFrontendRedirectEntryPoint), "getRedirectRegex": getFuncStringService(label.TraefikFrontendRedirectRegex, ""), "getRedirectReplacement": getFuncStringService(label.TraefikFrontendRedirectReplacement, ""), + + "hasRequestHeaders": hasFuncService(label.TraefikFrontendRequestHeaders), + "getRequestHeaders": getFuncMapService(label.TraefikFrontendRequestHeaders), + "hasResponseHeaders": hasFuncService(label.TraefikFrontendResponseHeaders), + "getResponseHeaders": getFuncMapService(label.TraefikFrontendResponseHeaders), + "hasAllowedHostsHeaders": hasFuncService(label.TraefikFrontendAllowedHosts), + "getAllowedHostsHeaders": getFuncSliceStringService(label.TraefikFrontendAllowedHosts), + "hasHostsProxyHeaders": hasFuncService(label.TraefikFrontendHostsProxyHeaders), + "getHostsProxyHeaders": getFuncSliceStringService(label.TraefikFrontendHostsProxyHeaders), + "hasSSLRedirectHeaders": hasFuncService(label.TraefikFrontendSSLRedirect), + "getSSLRedirectHeaders": getFuncBoolService(label.TraefikFrontendSSLRedirect, false), + "hasSSLTemporaryRedirectHeaders": hasFuncService(label.TraefikFrontendSSLTemporaryRedirect), + "getSSLTemporaryRedirectHeaders": getFuncBoolService(label.TraefikFrontendSSLTemporaryRedirect, false), + "hasSSLHostHeaders": hasFuncService(label.TraefikFrontendSSLHost), + "getSSLHostHeaders": getFuncStringService(label.TraefikFrontendSSLHost, ""), + "hasSSLProxyHeaders": hasFuncService(label.TraefikFrontendSSLProxyHeaders), + "getSSLProxyHeaders": getFuncMapService(label.TraefikFrontendSSLProxyHeaders), + "hasSTSSecondsHeaders": hasFuncService(label.TraefikFrontendSTSSeconds), + "getSTSSecondsHeaders": getFuncInt64Service(label.TraefikFrontendSTSSeconds, 0), + "hasSTSIncludeSubdomainsHeaders": hasFuncService(label.TraefikFrontendSTSIncludeSubdomains), + "getSTSIncludeSubdomainsHeaders": getFuncBoolService(label.TraefikFrontendSTSIncludeSubdomains, false), + "hasSTSPreloadHeaders": hasFuncService(label.TraefikFrontendSTSPreload), + "getSTSPreloadHeaders": getFuncBoolService(label.TraefikFrontendSTSPreload, false), + "hasForceSTSHeaderHeaders": hasFuncService(label.TraefikFrontendForceSTSHeader), + "getForceSTSHeaderHeaders": getFuncBoolService(label.TraefikFrontendForceSTSHeader, false), + "hasFrameDenyHeaders": hasFuncService(label.TraefikFrontendFrameDeny), + "getFrameDenyHeaders": getFuncBoolService(label.TraefikFrontendFrameDeny, false), + "hasCustomFrameOptionsValueHeaders": hasFuncService(label.TraefikFrontendCustomFrameOptionsValue), + "getCustomFrameOptionsValueHeaders": getFuncStringService(label.TraefikFrontendCustomFrameOptionsValue, ""), + "hasContentTypeNosniffHeaders": hasFuncService(label.TraefikFrontendContentTypeNosniff), + "getContentTypeNosniffHeaders": getFuncBoolService(label.TraefikFrontendContentTypeNosniff, false), + "hasBrowserXSSFilterHeaders": hasFuncService(label.TraefikFrontendBrowserXSSFilter), + "getBrowserXSSFilterHeaders": getFuncBoolService(label.TraefikFrontendBrowserXSSFilter, false), + "hasContentSecurityPolicyHeaders": hasFuncService(label.TraefikFrontendContentSecurityPolicy), + "getContentSecurityPolicyHeaders": getFuncStringService(label.TraefikFrontendContentSecurityPolicy, ""), + "hasPublicKeyHeaders": hasFuncService(label.TraefikFrontendPublicKey), + "getPublicKeyHeaders": getFuncStringService(label.TraefikFrontendPublicKey, ""), + "hasReferrerPolicyHeaders": hasFuncService(label.TraefikFrontendReferrerPolicy), + "getReferrerPolicyHeaders": getFuncStringService(label.TraefikFrontendReferrerPolicy, ""), + "hasIsDevelopmentHeaders": hasFuncService(label.TraefikFrontendIsDevelopment), + "getIsDevelopmentHeaders": getFuncBoolService(label.TraefikFrontendIsDevelopment, false), } v := url.Values{} @@ -405,6 +446,16 @@ func hasFunc(labelName string) func(application marathon.Application) bool { } } +func hasFuncService(labelName string) func(application marathon.Application, serviceName string) bool { + return func(application marathon.Application, serviceName string) bool { + labels := getLabels(application, serviceName) + lbName := getLabelName(serviceName, labelName) + + value, ok := labels[lbName] + return ok && len(value) > 0 + } +} + func getFuncStringService(labelName string, defaultValue string) func(application marathon.Application, serviceName string) string { return func(application marathon.Application, serviceName string) string { labels := getLabels(application, serviceName) @@ -421,6 +472,14 @@ func getFuncBoolService(labelName string, defaultValue bool) func(application ma } } +func getFuncInt64Service(labelName string, defaultValue int64) func(application marathon.Application, serviceName string) int64 { + return func(application marathon.Application, serviceName string) int64 { + labels := getLabels(application, serviceName) + lbName := getLabelName(serviceName, labelName) + return label.GetInt64Value(labels, lbName, defaultValue) + } +} + func getFuncSliceStringService(labelName string) func(application marathon.Application, serviceName string) []string { return func(application marathon.Application, serviceName string) []string { labels := getLabels(application, serviceName) @@ -428,6 +487,13 @@ func getFuncSliceStringService(labelName string) func(application marathon.Appli } } +func getFuncMapService(labelName string) func(application marathon.Application, serviceName string) map[string]string { + return func(application marathon.Application, serviceName string) map[string]string { + labels := getLabels(application, serviceName) + return label.GetMapValue(labels, getLabelName(serviceName, labelName)) + } +} + func getFuncString(labelName string, defaultValue string) func(application marathon.Application) string { return func(application marathon.Application) string { return label.GetStringValueP(application.Labels, labelName, defaultValue) diff --git a/templates/marathon.tmpl b/templates/marathon.tmpl index 381c77769..158a88f4c 100644 --- a/templates/marathon.tmpl +++ b/templates/marathon.tmpl @@ -79,6 +79,83 @@ replacement = "{{getRedirectReplacement $app $serviceName}}" {{end}} + [frontends."{{ getFrontendName $app $serviceName }}".headers] + {{if hasSSLRedirectHeaders $app $serviceName}} + SSLRedirect = {{getSSLRedirectHeaders $app $serviceName}} + {{end}} + {{if hasSSLTemporaryRedirectHeaders $app $serviceName}} + SSLTemporaryRedirect = {{getSSLTemporaryRedirectHeaders $app $serviceName}} + {{end}} + {{if hasSSLHostHeaders $app $serviceName}} + SSLHost = "{{getSSLHostHeaders $app $serviceName}}" + {{end}} + {{if hasSTSSecondsHeaders $app $serviceName}} + STSSeconds = {{getSTSSecondsHeaders $app $serviceName}} + {{end}} + {{if hasSTSIncludeSubdomainsHeaders $app $serviceName}} + STSIncludeSubdomains = {{getSTSIncludeSubdomainsHeaders $app $serviceName}} + {{end}} + {{if hasSTSPreloadHeaders $app $serviceName}} + STSPreload = {{getSTSPreloadHeaders $app $serviceName}} + {{end}} + {{if hasForceSTSHeaderHeaders $app $serviceName}} + ForceSTSHeader = {{getForceSTSHeaderHeaders $app $serviceName}} + {{end}} + {{if hasFrameDenyHeaders $app $serviceName}} + FrameDeny = {{getFrameDenyHeaders $app $serviceName}} + {{end}} + {{if hasCustomFrameOptionsValueHeaders $app $serviceName}} + CustomFrameOptionsValue = "{{getCustomFrameOptionsValueHeaders $app $serviceName}}" + {{end}} + {{if hasContentTypeNosniffHeaders $app $serviceName}} + ContentTypeNosniff = {{getContentTypeNosniffHeaders $app $serviceName}} + {{end}} + {{if hasBrowserXSSFilterHeaders $app $serviceName}} + BrowserXSSFilter = {{getBrowserXSSFilterHeaders $app $serviceName}} + {{end}} + {{if hasContentSecurityPolicyHeaders $app $serviceName}} + ContentSecurityPolicy = "{{getContentSecurityPolicyHeaders $app $serviceName}}" + {{end}} + {{if hasPublicKeyHeaders $app $serviceName}} + PublicKey = "{{getPublicKeyHeaders $app $serviceName}}" + {{end}} + {{if hasReferrerPolicyHeaders $app $serviceName}} + ReferrerPolicy = "{{getReferrerPolicyHeaders $app $serviceName}}" + {{end}} + {{if hasIsDevelopmentHeaders $app $serviceName}} + IsDevelopment = {{getIsDevelopmentHeaders $app $serviceName}} + {{end}} + {{if hasRequestHeaders $app $serviceName}} + [frontends."{{ getFrontendName $app $serviceName }}".headers.customRequestHeaders] + {{range $k, $v := getRequestHeaders $app $serviceName}} + {{$k}} = "{{$v}}" + {{end}} + {{end}} + {{if hasResponseHeaders $app $serviceName}} + [frontends."{{ getFrontendName $app $serviceName }}".headers.customResponseHeaders] + {{range $k, $v := getResponseHeaders $app $serviceName}} + {{$k}} = "{{$v}}" + {{end}} + {{end}} + {{if hasAllowedHostsHeaders $app $serviceName}} + [frontends."{{ getFrontendName $app $serviceName }}".headers.AllowedHosts] + {{range getAllowedHostsHeaders $app $serviceName}} + "{{.}}" + {{end}} + {{end}} + {{if hasHostsProxyHeaders $app $serviceName}} + [frontends."{{ getFrontendName $app $serviceName }}".headers.HostsProxyHeaders] + {{range getHostsProxyHeaders $app $serviceName}} + "{{.}}" + {{end}} + {{end}} + {{if hasSSLProxyHeaders $app $serviceName}} + [frontends."{{ getFrontendName $app $serviceName }}".headers.SSLProxyHeaders] + {{range $k, $v := getSSLProxyHeaders $app $serviceName}} + {{$k}} = "{{$v}}" + {{end}} + {{end}} + [frontends."{{ getFrontendName $app $serviceName }}".routes."route-host{{$app.ID | replace "/" "-"}}{{getServiceNameSuffix $serviceName }}"] rule = "{{getFrontendRule $app $serviceName}}"