From 0b71819d22f0a9896fd0767beb948246e2a5d4d8 Mon Sep 17 00:00:00 2001
From: bunkerity <contact@bunkerity.com>
Date: Tue, 4 Apr 2023 11:45:34 +0200
Subject: [PATCH] watch services for autoconf/k8s and support real IP in
 default http server

---
 src/autoconf/IngressController.py                |  4 +++-
 .../confs/default-server-http/real-ip.conf       | 16 ++++++++++++++++
 src/scheduler/main.py                            |  2 +-
 3 files changed, 20 insertions(+), 2 deletions(-)
 create mode 100644 src/common/core/realip/confs/default-server-http/real-ip.conf

diff --git a/src/autoconf/IngressController.py b/src/autoconf/IngressController.py
index 9f3c27c5..c4ada942 100644
--- a/src/autoconf/IngressController.py
+++ b/src/autoconf/IngressController.py
@@ -213,6 +213,8 @@ class IngressController(Controller, ConfigCaller):
             what = self.__networkingv1.list_ingress_for_all_namespaces
         elif watch_type == "configmap":
             what = self.__corev1.list_config_map_for_all_namespaces
+        elif watch_type == "service":
+            what = self.__corev1.list_service_for_all_namespaces
         else:
             raise Exception(f"Unsupported watch_type {watch_type}")
 
@@ -283,7 +285,7 @@ class IngressController(Controller, ConfigCaller):
 
     def process_events(self):
         self._set_autoconf_load_db()
-        watch_types = ("pod", "ingress", "configmap")
+        watch_types = ("pod", "ingress", "configmap", "service")
         threads = [
             Thread(target=self.__watch, args=(watch_type,))
             for watch_type in watch_types
diff --git a/src/common/core/realip/confs/default-server-http/real-ip.conf b/src/common/core/realip/confs/default-server-http/real-ip.conf
new file mode 100644
index 00000000..ad99190d
--- /dev/null
+++ b/src/common/core/realip/confs/default-server-http/real-ip.conf
@@ -0,0 +1,16 @@
+{% if USE_REAL_IP == "yes" +%}
+	{% for element in read_lines("/var/cache/bunkerweb/realip/combined.list") +%}
+set_real_ip_from {{ element }};
+	{% endfor +%}
+	{% if REAL_IP_FROM != "" %}
+		{% for element in REAL_IP_FROM.split(" ") +%}
+set_real_ip_from {{ element }};
+		{% endfor %}
+	{% endif %}
+real_ip_header {{ REAL_IP_HEADER }};
+	{% if REAL_IP_RECURSIVE == "yes" +%}
+real_ip_recursive on;
+	{% else +%}
+real_ip_recursive off;
+	{% endif +%}
+{% endif %}
\ No newline at end of file
diff --git a/src/scheduler/main.py b/src/scheduler/main.py
index 6db4b570..33ceed56 100644
--- a/src/scheduler/main.py
+++ b/src/scheduler/main.py
@@ -383,9 +383,9 @@ if __name__ == "__main__":
                         logger.info("Successfuly sent /data/cache folder")
 
                 # restart nginx
-                logger.info("Stopping temp nginx ...")
                 if integration == "Linux":
                     # Stop temp nginx
+                    logger.info("Stopping temp nginx ...")
                     proc = subprocess_run(
                         ["/usr/sbin/nginx", "-s", "stop"],
                         stdin=DEVNULL,