apisix

mirror of https://gitee.com/iresty/apisix.git synced 2024-12-03 12:37:36 +08:00

Author	SHA1	Message	Date
罗泽轩	ba114fc980	feat: add rewritten proxy url in access log (#2838 ) This helps us to locate the problem.	2020-11-25 10:05:22 +08:00
Vinci Xu	b13f167445	refactor: separate admin and proxy port in default config (#2802 ) change all admin 9080 to 9180	2020-11-24 16:51:47 +08:00
Shuyang Wu	36162e3607	fix: move `conf/cert` to `t/certs` and disable ssl by default (#2112 )	2020-11-20 11:10:01 +08:00
guyang	5b396020d5	feat: support plugin for "aliyun" log service (#2177 )	2020-11-19 00:04:01 +08:00
罗泽轩	6b52811557	feat: support ENV variable in configuration (#2743 ) Close #2675.	2020-11-14 19:39:29 +08:00
罗泽轩	3ba6629daa	feat: disable example-plugin by default (#2673 ) Close #2659.	2020-11-10 08:46:54 +08:00
Yousa	0ff2ab8242	fix: disable ssl_session_tickets by default (#2641 ) fix #2638 In a word, 'ssl_session_tickets' would make Perfect Forward Secrecy useless. reference： ingress-nginx：kubernetes/ingress-nginx#6196 mozilla：mozilla/server-side-tls#135	2020-11-09 22:44:26 +08:00
罗泽轩	ebf0563a40	change: disable skywalking by default. (#2632 ) * fix: disable skywalking by default. Close #2623. * trailing sw * clean test	2020-11-09 08:12:52 +08:00
Alex Zhang	188355494d	feat: hide APISIX version from Server header. (#2639 ) Sometimes expose version is dangerous, which can be utilized by malicious crackers when there are some security bugs in that version.	2020-11-07 00:04:28 +08:00
Alex Zhang	5191374545	feat: support TLS connection with etcd. (#2548 ) Support the TLS connection when communicating with etcd cluster. We added a configuration item to custom the certificate verification. Whether to setup TLS connection or not depends on the endpoints' scheme, for instance, when endpoints are: ``` etcd: host: - "https://127.0.0.1:2379" - "https://127.0.0.1:3379" ``` APISIX will originate TLS connection automatically, and the Server Name Indication extention will be set by the endpoint host (`127.0.0.1` in above case). Note by default APISIX will verify the certificate, close the verification in configuration explicitly if you want to bypass it. ``` etcd: tls: verfiy: false ```	2020-11-03 13:53:39 +08:00
shoogoome	fff4d14a0d	feature: support multiple service discovery (#2556 ) support multiple service discovery,then we can switch it in upstream	2020-10-30 20:34:10 +08:00
YuanSheng Wang	f2f5ab9766	feat: support `json` encoding escape for access logs (#2269 ) fix #2266 .	2020-10-30 16:07:24 +08:00
罗泽轩	b6eb6f4842	change: rename APIX_WORKER_PROCESSES to APISIX_WORKER_PROCESSES (#2552 ) Close #2517.	2020-10-30 08:14:04 +08:00
YuanSheng Wang	b23475fcba	feat: upgrade skywalking plugin to support skywalking 8.0 . (#2389 )	2020-10-29 15:29:52 +08:00
Alex Zhang	d87ce33485	feature: support injecting lua_ssl_trusted_certificate. (#2519 )	2020-10-28 06:49:20 +08:00
YuanSheng Wang	6a7dfa6775	feat: implement api breaker plugin. (#2455 ) Co-authored-by: liuheng <liuhengloveyou@gmail.com>	2020-10-27 13:40:23 +08:00
Vinci Xu	1a6fb8ec2c	feat(CLI): worker and cpu optimization (#2153 )	2020-10-22 16:28:26 +08:00
罗泽轩	5b97223592	feat: implemented `referer-restriction` plugin (#2352 )	2020-10-06 18:20:17 +08:00
YuanSheng Wang	6a1fe8a546	bugfix(CLI): if the user used default token and allow any IP to access Admin API, will show a WARNING message.(#2244 ) Co-authored-by: Wen Ming <moonbingbing@gmail.com>	2020-09-22 16:09:35 +08:00
nic-chen	84ce7ba781	feat: add AK/SK(HMAC) auth plugin. (#2192 )	2020-09-16 14:27:56 +08:00
罗泽轩	b6354ec33e	feat: allow to limit client body size to protect the service (#2214 )	2020-09-15 21:58:30 +08:00
seven dickens	312a97c96f	feat: define env in nginx.conf template (#2174 ) Co-authored-by: lixiangyang <lixiangyang@dragonest.com>	2020-09-14 18:12:29 +08:00
nic-chen	c54aec8f6c	feat: support custom access log format (#2122 ) fix #2009	2020-08-26 16:51:44 +08:00
YuanSheng Wang	9070a4fa95	feature: implemented plugin `log-rotate`, rotate log by interval time. (#2097 )	2020-08-26 16:40:36 +08:00
Alex Zhang	2886b2169b	feature: support multiple certificates(RSA and ECC) for single domain (#2089 )	2020-08-24 09:23:06 +08:00
YuanSheng Wang	cf882bda1e	feature: divide config.yaml into two files config-custom.yaml & confi… (#2023 ) * feature: divide config.yaml into two files config-custom.yaml & config-default.yaml . fix #1923	2020-08-18 20:18:55 +08:00
Nirojan Selvanathan	240942e941	feature: implemented `request-id` plugin to uniquely track requests in APISIX (#2026 ) fix #2022	2020-08-12 23:09:39 +08:00
罗泽轩	f7b5f2b7ec	feat: allow customizing worker_processes (#2017 ) * feat: allow customizing worker_processes Close #2016	2020-08-07 17:25:26 +08:00
dabue	77dfecaab6	revert: enable proxy-cache and proxy-mirror plugins by default. (#1992 ) fixed #1987	2020-08-05 00:20:04 +08:00
YuanSheng Wang	d32b5cf361	perf: no longer generate unnecessary nginx conf for better performance. (#1968 ) * perf: no longer generate unnecessary nginx conf for better performance. * benchmark: sync nginx.conf for fake-apisix. > Is this PR backward compatible? Disable two plugins by default(proxy-cache, proxy-mirror), if the user wants to enable them, need to modify the conf/config.yaml by manual.	2020-08-04 09:31:35 +08:00
Swayam Raina	0034c66586	bugfix: update comment to 30 seconds in config.yaml (#1929 )	2020-07-29 23:09:02 +08:00
YuanSheng Wang	f9a8a26dd4	feature: add a new option, decide if we remove the "/" at the end of … (#1766 ) * feature: add a new option, decide if we remove the "/" at the end of the URI before route matching. fix #1765	2020-07-29 19:25:30 +08:00
Yousa	d079b3dbcc	'worker_shutdown_timeout 240s' in nginx.conf is better. (#1883 )	2020-07-24 16:05:29 +08:00
Nirojan Selvanathan	a6179996d4	feature: new plugin request-validator (#1709 )	2020-07-21 21:38:48 +08:00
nic-chen	a5fc25c2a9	feat: Support admin API authentication with SSL certificates (#1747 )	2020-07-21 11:41:11 +08:00
mtx2d	24d7007e94	change: removed useless plugin `heartbeat` (#1845 ) Fix #1176	2020-07-16 17:31:39 +08:00
罗泽轩	bfa24d41ba	feature: allow to congfiure the worker_shutdown_timeout (#1828 ) The default 3s may be too low.	2020-07-10 21:59:44 +08:00
YuanSheng Wang	ee7533874d	optimize: Use lru to avoid resolving IP addresses repeatedly . (#1772 ) * optimize: Use lru to avoid resolving IP addresses repeatedly . Cached the global rules to `ctx` . * optimzie: used a longer time interval for etcd and flush access log. * optimize: return upstream node directly if the count is 1 . * optimize: avoid to cache useless variable.	2020-06-28 18:14:38 +08:00
Shenal Silva	ef89dceda6	feature: support etcd auth (#1769 ) Fix #1713 , #1770	2020-06-26 17:25:58 +08:00
Wen Ming	d372fe2516	bugfix: fixed configures of nginx.conf for security reasons (#1759 ) removed working_directory and removed TLSv1 TLSv1.1 from ssl_protocols	2020-06-23 16:03:19 +08:00
YuanSheng Wang	6a43a8c735	feature: implemented plugin `uri-blocklist` . (#1727 ) first step: #1617	2020-06-22 14:45:55 +08:00
Nirojan Selvanathan	cd98a2bec8	feature: support authorization Plugin for Keycloak Identity Server (#1701 )	2020-06-16 13:51:36 +08:00
Ayeshmantha Perera	1764890d08	feature: support body filter plugin `echo`. (#1632 )	2020-06-13 20:56:11 +08:00
nic-chen	56aeb4a6a9	feature: ssl enhance (#1678 ) support enable or disable ssl by patch method support encrypted storage of the SSL private key in etcd support multi snis Fix #1668	2020-06-13 16:10:27 +08:00
stone4774	d6cee162d6	plugin: add consumer-restriction (#1437 )	2020-06-08 12:49:46 +08:00
YuanSheng Wang	c452846b81	bugfix: wildcard certificates cannot match multi-level subdomains in … (#810 )	2020-06-08 10:52:25 +08:00
dabue	3228e16705	feature: support to enable HTTPS for admin API (#1648 )	2020-06-07 21:02:50 +08:00
Wen Ming	398941b72f	feature: add skywalking plugin. (#1241 )	2020-05-27 17:55:47 +08:00
qiujiayu	e7d19ec160	feature: support discovery center (#1440 )	2020-05-14 23:20:44 +08:00
Nirojan Selvanathan	64fcb9fd72	plugin: add HTTP logger for APISIX (#1396 )	2020-05-09 16:19:41 +08:00

1 2 3 4

164 Commits