From 06fd70d3e98ee9137e8c368ef57d01f9f9944a33 Mon Sep 17 00:00:00 2001 From: lijianguo Date: Sat, 14 Sep 2024 11:30:50 +0800 Subject: [PATCH] fix(controller): no cert domain do not redirect https --- rootfs/api/models/gateway.py | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) diff --git a/rootfs/api/models/gateway.py b/rootfs/api/models/gateway.py index a411309c4..9ad67ee09 100644 --- a/rootfs/api/models/gateway.py +++ b/rootfs/api/models/gateway.py @@ -3,6 +3,7 @@ from django.conf import settings from django.shortcuts import get_object_or_404 from django.contrib.auth import get_user_model +from django.db.models import Q from api.exceptions import ServiceUnavailable from scheduler import KubeException @@ -196,6 +197,15 @@ def hostnames(self): return [domain.domain for domain in self.app.domain_set.filter( ptype=self.ptype)] + @property + def tls_force_hostnames(self): + tls = self.app.tls_set.latest() + q = Q(ptype=self.ptype) + if not tls.certs_auto_enabled: + q &= Q(certificate__isnull=False) + domains = self.app.domain_set.filter(q) + return [domain.domain for domain in domains] + @property def default_rules(self): service = get_object_or_404(self.app.service_set, ptype=self.ptype) @@ -350,7 +360,7 @@ def _https_enforced_to_k8s(self, parent_refs): } }] }], - "hostnames": self.hostnames, + "hostnames": self.tls_force_hostnames, "parent_refs": parent_refs, } try: