diff --git a/charts/opensrp-server-web/Chart.yaml b/charts/opensrp-server-web/Chart.yaml index cd82d8a..f5545af 100644 --- a/charts/opensrp-server-web/Chart.yaml +++ b/charts/opensrp-server-web/Chart.yaml @@ -18,9 +18,9 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 0.1.4 +version: 0.1.5 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to # follow Semantic Versioning. They should reflect the version the application is using. -appVersion: v2.6.5-SNAPSHOT +appVersion: v2.6.6-SNAPSHOT diff --git a/charts/opensrp-server-web/README.md b/charts/opensrp-server-web/README.md index 504f3cb..00311cb 100644 --- a/charts/opensrp-server-web/README.md +++ b/charts/opensrp-server-web/README.md @@ -292,4 +292,8 @@ The following table lists the configurable parameters of the Opensrp-server-web | `rabbitmq.max_concurrent_consumers` | | `1` | | `spring_active_profiles` | | `["postgres", "jedis", "oauth2"]` | | `oauth_profiles` | `(Array)` | `null` | - \ No newline at end of file +| `tomcatRemoteIpValve.className` | | `"org.apache.catalina.valves.RemoteIpValve"` | +| `tomcatRemoteIpValve.protocolHeader` | | `"x-forwarded-proto"` | +| `tomcatRemoteIpValve.proxiesHeader` | | `"x-forwarded-by"` | +| `tomcatRemoteIpValve.remoteIpHeader` | | `"x-forwarded-for"` | +| `useTomcatRemoteIpValve` | | `false` | \ No newline at end of file diff --git a/charts/opensrp-server-web/templates/config/opensrp/_context.xml.tpl b/charts/opensrp-server-web/templates/config/opensrp/_context.xml.tpl index 46adeaa..debdad8 100644 --- a/charts/opensrp-server-web/templates/config/opensrp/_context.xml.tpl +++ b/charts/opensrp-server-web/templates/config/opensrp/_context.xml.tpl @@ -22,5 +22,14 @@ driverClassName="org.postgresql.Driver" url="jdbc:postgresql://{{ .Values.postgres.host }}:{{ .Values.postgres.port }}/{{ .Values.postgres.database }}" /> + +{{- if .Values.useTomcatRemoteIpValve }} + +{{- end}} + {{- end }} diff --git a/charts/opensrp-server-web/templates/config/opensrp/_opensrp.properties.tpl b/charts/opensrp-server-web/templates/config/opensrp/_opensrp.properties.tpl index d64f4cf..41c4529 100644 --- a/charts/opensrp-server-web/templates/config/opensrp/_opensrp.properties.tpl +++ b/charts/opensrp-server-web/templates/config/opensrp/_opensrp.properties.tpl @@ -108,6 +108,6 @@ oauth.default.token.validity={{ .token_validity }} oauth.default.callback.url={{ .callback_url }} oauth.default.roles={{ .roles | join "," }} #end -{{end}} +{{ end }} {{- end }} \ No newline at end of file diff --git a/charts/opensrp-server-web/values.yaml b/charts/opensrp-server-web/values.yaml index a2ee99c..3e5d095 100644 --- a/charts/opensrp-server-web/values.yaml +++ b/charts/opensrp-server-web/values.yaml @@ -62,6 +62,18 @@ tolerations: [] affinity: {} +# if true it applies tomcatRemoteIpValve properties on the opensrp context.xml file +useTomcatRemoteIpValve: false + +# Enable useTomcatRemoteIpValve to use this feature +# This valve replaces the apparent client remote IP address and hostname for the request with the IP address list presented by a proxy or a load balancer via a request headers +# Refer to https://tomcat.apache.org/tomcat-9.0-doc/api/org/apache/catalina/valves/RemoteIpValve.html +# Include 'internalProxies' for address family of the pod network, omit this to use the default (refer to url above) +tomcatRemoteIpValve: + className: 'org.apache.catalina.valves.RemoteIpValve' + remoteIpHeader: 'x-forwarded-for' + proxiesHeader: 'x-forwarded-by' + protocolHeader: 'x-forwarded-proto' # Recreates pods when configMap changes, default is true recreatePodsWhenConfigMapChange: true