AverageMarcus/cluster.fun
1
0
Fork 0
Code Issues 1 Pull Requests 1 Releases Activity

Include a masked remote addr in nginx logs

Browse Source 
Signed-off-by: Marcus Noble <github@marcusnoble.co.uk>
This commit is contained in:
Marcus Noble 2024-09-02 08:18:48 +01:00
parent 4ef3ad59e2
commit f9683e1077
Signed by: AverageMarcus
GPG Key ID: B8F2DB8A7AEBAF78
1 changed files with 22 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

23
manifests/nginx-lb/nginx-lb.yaml
View File

@ -337,10 +337,31 @@ apiVersion: v1
data:
allow-snippet-annotations: "true"
use-proxy-protocol: "true"
log-format-upstream: '{"time": "$time_iso8601", "request_id": "$req_id", "remote_user": "$remote_user", "bytes_sent": $bytes_sent, "request_time": $request_time, "status": $status, "host": "$host", "request_proto": "$server_protocol", "path": "$uri", "request_query": "$args", "request_length": $request_length, "duration": $request_time,"method": "$request_method", "http_referrer": "$http_referer", "http_user_agent": "$http_user_agent", "redirect_location": "$redirect_location" }'
log-format-upstream: '{"time": "$time_iso8601", "request_id": "$req_id", "remote_user": "$remote_user", "remote_addr_masked": "$remote_addr_masked", "bytes_sent": $bytes_sent, "request_time": $request_time, "status": $status, "host": "$host", "request_proto": "$server_protocol", "path": "$uri", "request_query": "$args", "request_length": $request_length, "duration": $request_time,"method": "$request_method", "http_referrer": "$http_referer", "http_user_agent": "$http_user_agent", "redirect_location": "$redirect_location" }'
plugins: "redirect_location"
location-snippet: |
set $redirect_location '';
server-snippet: |
set_by_lua_block $remote_addr_masked {
local bit = require("bit")
local hval = 2166136261
local rem_addr = ngx.var.remote_addr
for w in rem_addr:gmatch(".") do
hval = bit.bxor(hval,string.byte(w))
hval = hval + bit.lshift(hval,1) + bit.lshift(hval,4) + bit.lshift(hval,7) + bit.lshift(hval,8) + bit.lshift(hval,24)
end
if hval < 0 then
hval = bit.bnot(hval)
end
local octet1 = bit.band(bit.rshift(hval,24), 255)
local octet2 = bit.band(bit.rshift(hval,16), 255)
local octet3 = bit.band(bit.rshift(hval,8), 255)
local octet4 = bit.band(hval, 255)
local op = octet1 .. "." .. octet2 .. "." .. octet3 .. "." .. octet4
return op
}
kind: ConfigMap
metadata:
labels: