nic-6443 opened a new pull request, #13561:
URL: https://github.com/apache/apisix/pull/13561
### Description
`apisix.proxy_protocol.enable_tcp_pp` and `enable_tcp_pp_to_upstream` apply
to **every** stream TCP port — it's all-or-nothing today. This PR adds per-port
control via two new optional fields on `stream_proxy.tcp` entries:
- `proxy_protocol`: accept the PROXY protocol on this port
- `proxy_protocol_to_upstream`: send the PROXY protocol to the upstream from
this port
Both fall back to the global `proxy_protocol.enable_tcp_pp*` values when
unset, so existing configs are unaffected — the generated `nginx.conf` is
byte-identical when no per-port field is used.
The accept side is a per-`listen` directive, so ports with different
settings still share one listener. The upstream side (`proxy_protocol on;`) is
a server-level directive, so ports that send the PROXY protocol upstream are
rendered into their own stream `server` block; UDP listens always stay in the
plain block since they never carry the PROXY protocol upstream.
Example:
```yaml
apisix:
proxy_protocol:
enable_tcp_pp: true # default for ports that don't set
proxy_protocol
proxy_mode: http&stream
stream_proxy:
tcp:
- addr: 9100 # inherits the global default
(accept)
- addr: 9101
proxy_protocol: false # opt this port out
- addr: 9102
proxy_protocol_to_upstream: true # also send PROXY protocol
upstream
```
### Checklist
- [x] I have explained the need for this PR and the problem it solves
- [x] I have explained the changes or the new features added to this PR
- [x] I have added tests corresponding to this change
- [x] I have updated the documentation to reflect this change
- [x] I have verified that this change is backward compatible
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]