basic auth / ip filter only for path that contain special character in Ingress NGINX
General Tech Bugs & Fixes 2 years ago
Posted on 16 Aug 2022, this text provides information on Bugs & Fixes related to General Tech. Please note that while accuracy is prioritized, the data presented might not be entirely correct or up-to-date. This information is offered for general knowledge and informational purposes only, and should not be considered as a substitute for professional advice.
Answers (2)
manpreet 2 years ago
First of all, your:
location ~ /+ { auth_basic ...; auth_basic_user_file ...; < route it somehow to the similar location as it would have no +, but don't cut out the + > }
Would only match servicex/+something , not the servicex/something/+nice
The regex you are searching is something like:
location ~ ^/(.*)\+(.*) for the "+" to be anywhere location ~ ^(.*)\/\+(.*) for the "+" to be only after a "/"
For the part:
< route it somehow to the similar location as it would have no +, but don't cut out the + >
Like this you'll send the uri exactly like it came:
proxy_pass http://192.168.0.2$request_uri;
And like this you'd take out the "+"
proxy_pass http://192.168.0.2$1/$2;
Where $1 is the (.*) before the /+ and $2 is everything after, and we add the lacking / in the middle.
No matter what stage you're at in your education or career, TuteeHub will help you reach the next level that you're aiming for. Simply,Choose a subject/topic and get started in self-paced practice sessions to improve your knowledge and scores.
Which operating system you favour and why?
General Tech 10 Answers
What are the most popular tech portals in India?
General Tech 7 Answers
What are best technologies available today for education / aiding learning?
General Tech 3 Answers
What professional training certifications are most marketable?
General Tech 9 Answers
manpreet![Tuteehub forum best answer]()
Best Answer
2 years ago
I want my Ingress (NGINX) to filter by source IP address and show a basic auth before proxying to a service. While this is straightforward, the complicated part is, that I want it to do this only, if the URL contains a special character in the path.
Lets say I want to secure all paths that start with a "+" before proxying them to the correct service. On the other hand I still want that paths that do not start with a "+" will be routed (without basic auth) to the same service. It should also not change the URL that the service will see.
Examples would be:
Is it possible to achieve this either in Ingress or at least in a NGINX config? The regex for the URL path is also quite simple in NGINX but is it possible without duplicating all path entries and also without adding a second proxy nginx in front?
The ideal solution would be in Ingress yml config but I'm more familar with NGINX, so here is an example what I want to achieve in NGINX-Syntax:
Location ~ /+ { auth_basic ...; auth_basic_user_file ...; < route it somehow to the similar location as it would have no +, but don't cut out the + > } Location /serviceA { proxy_pass ...; } ... more Locations ...
Or in Ingress something similar with path-entries.