Commit Graph

217 Commits

Author SHA1 Message Date
罗泽轩
c6c2e3cfb2
feat: support include other nginx config (#2803)
Close #2565
Close #1620
2020-11-25 19:23:31 +08:00
罗泽轩
1ad90f7206
chore: sort default plugin list for easier search (#2824) 2020-11-25 14:11:24 +08:00
HelloBug0
1d0c719a7b
feat: enable access log or not (#2769)
Fix #2713.
2020-11-25 13:10:08 +08:00
罗泽轩
ba114fc980
feat: add rewritten proxy url in access log (#2838)
This helps us to locate the problem.
2020-11-25 10:05:22 +08:00
Vinci Xu
b13f167445
refactor: separate admin and proxy port in default config (#2802)
change all admin 9080 to 9180
2020-11-24 16:51:47 +08:00
Shuyang Wu
36162e3607
fix: move conf/cert to t/certs and disable ssl by default (#2112) 2020-11-20 11:10:01 +08:00
guyang
5b396020d5
feat: support plugin for "aliyun" log service (#2177) 2020-11-19 00:04:01 +08:00
罗泽轩
6b52811557
feat: support ENV variable in configuration (#2743)
Close #2675.
2020-11-14 19:39:29 +08:00
罗泽轩
3ba6629daa
feat: disable example-plugin by default (#2673)
Close #2659.
2020-11-10 08:46:54 +08:00
Yousa
0ff2ab8242
fix: disable ssl_session_tickets by default (#2641)
fix #2638

In a word, 'ssl_session_tickets' would make Perfect Forward Secrecy useless.

reference:
ingress-nginx:kubernetes/ingress-nginx#6196
mozilla:mozilla/server-side-tls#135
2020-11-09 22:44:26 +08:00
罗泽轩
ebf0563a40
change: disable skywalking by default. (#2632)
* fix: disable skywalking by default.

Close #2623.

* trailing sw

* clean test
2020-11-09 08:12:52 +08:00
Alex Zhang
188355494d
feat: hide APISIX version from Server header. (#2639)
Sometimes expose version is dangerous, which can be utilized by
malicious crackers when there are some security bugs in that version.
2020-11-07 00:04:28 +08:00
Alex Zhang
5191374545
feat: support TLS connection with etcd. (#2548)
Support the TLS connection when communicating with etcd cluster. We added a configuration item to custom the certificate verification. Whether to setup TLS connection or not depends on the endpoints' scheme, for instance, when endpoints are:

```
etcd:
  host:
    - "https://127.0.0.1:2379"
    - "https://127.0.0.1:3379"
```

APISIX will originate TLS connection automatically, and the Server Name Indication extention will be set by the endpoint host (`127.0.0.1` in above case). Note by default APISIX will verify the certificate, close the verification in configuration explicitly if you want to bypass it.

```
etcd:
  tls:
    verfiy: false
```
2020-11-03 13:53:39 +08:00
shoogoome
fff4d14a0d
feature: support multiple service discovery (#2556)
support multiple service discovery,then we can switch it in upstream
2020-10-30 20:34:10 +08:00
YuanSheng Wang
f2f5ab9766
feat: support json encoding escape for access logs (#2269)
fix #2266 .
2020-10-30 16:07:24 +08:00
罗泽轩
b6eb6f4842
change: rename APIX_WORKER_PROCESSES to APISIX_WORKER_PROCESSES (#2552)
Close #2517.
2020-10-30 08:14:04 +08:00
YuanSheng Wang
b23475fcba
feat: upgrade skywalking plugin to support skywalking 8.0 . (#2389) 2020-10-29 15:29:52 +08:00
Alex Zhang
d87ce33485
feature: support injecting lua_ssl_trusted_certificate. (#2519) 2020-10-28 06:49:20 +08:00
YuanSheng Wang
6a7dfa6775
feat: implement api breaker plugin. (#2455)
Co-authored-by: liuheng <liuhengloveyou@gmail.com>
2020-10-27 13:40:23 +08:00
Vinci Xu
1a6fb8ec2c
feat(CLI): worker and cpu optimization (#2153) 2020-10-22 16:28:26 +08:00
罗泽轩
5b97223592
feat: implemented referer-restriction plugin (#2352) 2020-10-06 18:20:17 +08:00
YuanSheng Wang
6a1fe8a546
bugfix(CLI): if the user used default token and allow any IP to access Admin API, will show a WARNING message.(#2244)
Co-authored-by: Wen Ming <moonbingbing@gmail.com>
2020-09-22 16:09:35 +08:00
nic-chen
84ce7ba781
feat: add AK/SK(HMAC) auth plugin. (#2192) 2020-09-16 14:27:56 +08:00
罗泽轩
b6354ec33e
feat: allow to limit client body size to protect the service (#2214) 2020-09-15 21:58:30 +08:00
seven dickens
312a97c96f
feat: define env in nginx.conf template (#2174)
Co-authored-by: lixiangyang <lixiangyang@dragonest.com>
2020-09-14 18:12:29 +08:00
nic-chen
c54aec8f6c
feat: support custom access log format (#2122)
fix #2009
2020-08-26 16:51:44 +08:00
YuanSheng Wang
9070a4fa95
feature: implemented plugin log-rotate, rotate log by interval time. (#2097) 2020-08-26 16:40:36 +08:00
Alex Zhang
2886b2169b
feature: support multiple certificates(RSA and ECC) for single domain (#2089) 2020-08-24 09:23:06 +08:00
YuanSheng Wang
cf882bda1e
feature: divide config.yaml into two files config-custom.yaml & confi… (#2023)
* feature: divide config.yaml into two files config-custom.yaml & config-default.yaml .

fix #1923
2020-08-18 20:18:55 +08:00
Nirojan Selvanathan
240942e941
feature: implemented request-id plugin to uniquely track requests in APISIX (#2026)
fix #2022
2020-08-12 23:09:39 +08:00
罗泽轩
f7b5f2b7ec
feat: allow customizing worker_processes (#2017)
* feat: allow customizing worker_processes

Close #2016
2020-08-07 17:25:26 +08:00
dabue
77dfecaab6
revert: enable proxy-cache and proxy-mirror plugins by default. (#1992)
fixed #1987
2020-08-05 00:20:04 +08:00
YuanSheng Wang
d32b5cf361
perf: no longer generate unnecessary nginx conf for better performance. (#1968)
* perf: no longer generate unnecessary nginx conf for better performance.
* benchmark: sync nginx.conf for fake-apisix.

> Is this PR backward compatible?

Disable two plugins by default(proxy-cache, proxy-mirror), if the user wants to enable them, need to modify the conf/config.yaml by manual.
2020-08-04 09:31:35 +08:00
Swayam Raina
0034c66586
bugfix: update comment to 30 seconds in config.yaml (#1929) 2020-07-29 23:09:02 +08:00
YuanSheng Wang
f9a8a26dd4
feature: add a new option, decide if we remove the "/" at the end of … (#1766)
* feature: add a new option, decide if we remove the "/" at the end of the URI before route matching.

fix #1765
2020-07-29 19:25:30 +08:00
Yousa
d079b3dbcc
'worker_shutdown_timeout 240s' in nginx.conf is better. (#1883) 2020-07-24 16:05:29 +08:00
Nirojan Selvanathan
a6179996d4
feature: new plugin request-validator (#1709) 2020-07-21 21:38:48 +08:00
nic-chen
a5fc25c2a9
feat: Support admin API authentication with SSL certificates (#1747) 2020-07-21 11:41:11 +08:00
mtx2d
24d7007e94
change: removed useless plugin heartbeat (#1845)
Fix #1176
2020-07-16 17:31:39 +08:00
罗泽轩
bfa24d41ba
feature: allow to congfiure the worker_shutdown_timeout (#1828)
The default 3s may be too low.
2020-07-10 21:59:44 +08:00
YuanSheng Wang
ee7533874d
optimize: Use lru to avoid resolving IP addresses repeatedly . (#1772)
* optimize: Use lru to avoid resolving IP addresses repeatedly .
Cached the global rules to `ctx` .

* optimzie: used a longer time interval for etcd and flush access log.

* optimize: return upstream node directly if the count is 1 .

* optimize: avoid to cache useless variable.
2020-06-28 18:14:38 +08:00
Shenal Silva
ef89dceda6
feature: support etcd auth (#1769)
Fix #1713 , #1770
2020-06-26 17:25:58 +08:00
Wen Ming
d372fe2516
bugfix: fixed configures of nginx.conf for security reasons (#1759)
removed working_directory and removed TLSv1 TLSv1.1 from ssl_protocols
2020-06-23 16:03:19 +08:00
YuanSheng Wang
6a43a8c735
feature: implemented plugin uri-blocklist . (#1727)
first step: #1617
2020-06-22 14:45:55 +08:00
Nirojan Selvanathan
cd98a2bec8
feature: support authorization Plugin for Keycloak Identity Server (#1701) 2020-06-16 13:51:36 +08:00
Ayeshmantha Perera
1764890d08
feature: support body filter plugin echo. (#1632) 2020-06-13 20:56:11 +08:00
nic-chen
56aeb4a6a9
feature: ssl enhance (#1678)
support enable or disable ssl by patch method
support encrypted storage of the SSL private key in etcd
support multi snis

Fix #1668
2020-06-13 16:10:27 +08:00
stone4774
d6cee162d6
plugin: add consumer-restriction (#1437) 2020-06-08 12:49:46 +08:00
YuanSheng Wang
c452846b81
bugfix: wildcard certificates cannot match multi-level subdomains in … (#810) 2020-06-08 10:52:25 +08:00
dabue
3228e16705
feature: support to enable HTTPS for admin API (#1648) 2020-06-07 21:02:50 +08:00
Wen Ming
398941b72f
feature: add skywalking plugin. (#1241) 2020-05-27 17:55:47 +08:00
qiujiayu
e7d19ec160
feature: support discovery center (#1440) 2020-05-14 23:20:44 +08:00
Nirojan Selvanathan
64fcb9fd72
plugin: add HTTP logger for APISIX (#1396) 2020-05-09 16:19:41 +08:00
Ayeshmantha Perera
33b437df4e
feature: implemented plugin sys logger. (#1414) 2020-05-06 10:49:18 +08:00
Vinci Xu
3a9e0fc675
feature: add batch request plugin. (#1388) 2020-04-29 21:40:45 +08:00
Wen Ming
f39dd6efa2
bugfix: only allow 127.0.0.1 access admin API and dashboard by default. (#1458) 2020-04-15 22:39:11 +08:00
dabue
5d50895790
change: update to use the local DNS resolver by default (#1387)
close #1378
2020-04-02 09:16:24 +08:00
SuperWalle
12677c322b
feature: Allow add custom shared dict (#1367) 2020-03-31 10:22:58 +08:00
Vinci Xu
c363ea46d9
feature: add cors plugin (#1327) 2020-03-29 10:30:59 +08:00
qiujiayu
7baa0abd44
feature: if the dns_resolver is not set in the file conf/config.yaml, use the resolver in local DNS. (#1217)
Fix #1164
2020-03-26 09:48:18 +08:00
Ayeshmantha Perera
8adafa3ee2
feature: add Kafka Logger plugin. (#1312) 2020-03-25 08:26:45 +08:00
agile6v
fc948f9578
feautre: support for proxy mirror plugin. (#1288) 2020-03-19 08:10:03 +08:00
Ayeshmantha Perera
cee03225f8
feature: support multiple etcd address. (#1283) 2020-03-19 08:01:41 +08:00
agile6v
864aa16e91
feature: support for proxy caching plugin based on disk. (#1153) 2020-03-15 22:26:08 +08:00
Ayeshmantha Perera
d07871186a
feature: implemented tcp logger plugin. (#1221) 2020-03-15 09:22:13 +08:00
Wen Ming
be2eec3c6d
feature: supported key-based authentication to the dashboard. (#1169) 2020-03-05 14:48:27 +08:00
YuanSheng Wang
de16a7e04f
bugfix: updated the dns parse result by TTL. (#1077) 2020-02-19 20:30:34 +08:00
agile6v
01a5b807b5
feature: Add support for PROXY Protocol. (#1113) 2020-02-12 10:53:20 +08:00
Yousa
60b2493f5b CLI: bin/apisix to support the SO_REUSEPORT (#1085)
Fix #342
2020-02-09 17:19:45 +08:00
iGeeky
5fff97d0b1
feature: Add wolf rbac plugin (#1095) 2020-02-06 15:22:49 +08:00
罗泽轩
fda20d99d5
feature: make the number of file is as configurable as the connections. (#1098) 2020-02-02 09:13:34 +08:00
Nirojan Selvanathan
81c37003b7 feature: add UDP logger plugin (#1070) 2020-01-17 23:30:05 +08:00
agile6v
9758a0e334 feature: implemented new fault-injection plugin. (#1042) 2020-01-13 22:22:21 +08:00
KowloonZh
262b9904fb feature: add basic-auth plugin (#1029) 2020-01-13 17:43:04 +08:00
Changwei Hu
9c9be959d3 feature: chash key support more flexible ways (#1022)
upstream add hash_on, chash key support more flexible ways
 routes and services admin api add upstream_conf check
2020-01-10 15:17:17 +08:00
Yousa
eff1ca78e9 feature: added support CORS for /apisix/admin. (#982) 2019-12-24 14:44:42 +08:00
Nirojan Selvanathan
3399c7d5ee Removing the autogenerated nginx.conf file (#952) 2019-12-11 13:43:38 +08:00
Nirojan Selvanathan
9e0030e2e8 feature: added dev mode flag in config yaml to set the nginx worker_process to one (#926) 2019-12-05 00:09:20 +08:00
chnliyong
7443133031
Resolve #882 and simplify conf (#894)
* Resolve #882 and simplify conf
2019-11-24 23:05:52 +08:00
Lien
fbb51ddadd plugin: implement plugin response rewrite 2019-11-21 21:49:53 +08:00
YuanSheng Wang
2c57621f23 bugfix: avoid a useless redirect when access /apisix/dashboard. (#886) 2019-11-20 19:01:59 +08:00
YuanSheng Wang
4ee11806de
travis: supported to run APISIX with Tengine. (#683) 2019-11-02 09:05:38 +08:00
YuanSheng Wang
a1c56ceb53 bugfix: skipped to init etcd if use local file as config center. (#737) 2019-11-02 07:59:59 +08:00
YuanSheng Wang
da853702d6 feature: supported redirect plugin. (#732) 2019-10-31 10:19:22 +08:00
WenMing
12a2b01b71
license: add ASF header. (#743) 2019-10-31 09:27:28 +08:00
YuanSheng Wang
4efc1202dc optimize: avoid concat string object, and kept source route id and se… (#738)
* optimize: avoid concat string object, and kept source route id and service id.

* default config: changed the timeout of etcd to 3 sec.
2019-10-28 15:57:30 +08:00
YuanSheng Wang
d8b0c2d04c change: removed router r3. (#725) 2019-10-23 12:59:22 +08:00
WenMing
9ebd052403 bugfix: removed epoll in nginx.conf. (#711) 2019-10-18 21:55:01 +08:00
coolsoul
8075520fc8 CLI: added more nginx configures in the config.yaml. 2019-10-15 19:59:40 +08:00
WenMing
f94c2b0948 config: fixed code style. (#684) 2019-10-13 09:27:12 +08:00
fc13240@gmail.com
f22b0e0d52 bugfix: increase maxLength of certificate (#682) 2019-10-12 16:14:50 +08:00
YuanSheng Wang
9074a8a3b8
feature: support for host + uri as an index (radixtree) (#671) 2019-10-12 14:24:34 +08:00
WenMing
bf2a769071 bugfix: set ssl_ciphers to old mode as default. (#667) 2019-10-11 11:30:47 +08:00
YuanSheng Wang
0e10fa6c68
feature: enabled HTTP2 and supported to set ssl_protocols. (#663)
* feature: enabled HTTP2 and supported to set `ssl_protocols`.
* bugfix: used default certificate if failed to load certificate by SNI.

Fix #595.
2019-10-10 22:28:58 +08:00
YuanSheng Wang
d05fcc6854
feature: supported to print the input parameters and return values of… (#641)
* feature: supported to print the input parameters and return values of the specified function for debugging.
2019-10-09 11:26:54 +08:00
Janko
25fd6983ea feature(plugin): rewrite upstream info with plugin proxy-rewrite (#594)
* test: add `proxy-rewrite` plugin test cases
2019-09-27 15:14:48 +08:00
YuanSheng Wang
0d36723e6f
change(dashboard): use /apisix/dashboard to login dashboard. (#611)
change(CLI): exported new argument of `error_log.level`.
change(CLI): enabled dashboard when use an independent admin port.
2019-09-27 10:16:29 +08:00
YuanSheng Wang
894fa584e0
feature: supported to use host name in upstream (#522)
* feature: supported to config resolver in yaml config file.

* feature: supported domain host for upstream node
2019-09-18 17:41:44 +08:00
YuanSheng Wang
ad2b67ee81
feature: supported to added pluings to stream routes. (#513)
* feature: supported to added pluings to stream routes.
* feature: supported MQTT protocol.
2019-09-16 10:58:27 +08:00
YuanSheng Wang
4aaaf3ee5a
feature: support dynamic stream(TCP/UDP) proxy in apisix. (#501)
* feature: support stream in apisix.
* doc: added new feature in README.
* CLI and added more doc.
2019-09-12 13:27:18 +08:00