fixes
This commit is contained in:
parent
5ec7b6c338
commit
8446e04d52
|
|
@ -11,7 +11,8 @@ ingress:
|
||||||
secretName: wildcard-numbergoup-coza-tls
|
secretName: wildcard-numbergoup-coza-tls
|
||||||
|
|
||||||
updateStrategy:
|
updateStrategy:
|
||||||
type: Recreate
|
type: RollingUpdate
|
||||||
|
rollingUpdate: {}
|
||||||
|
|
||||||
persistence:
|
persistence:
|
||||||
enabled: true
|
enabled: true
|
||||||
|
|
|
||||||
|
|
@ -1,55 +1,55 @@
|
||||||
service:
|
service:
|
||||||
type: NodePort
|
type: NodePort
|
||||||
nodePorts:
|
nodePorts:
|
||||||
http: 30080
|
http: 30080
|
||||||
https: 30443
|
https: 30443
|
||||||
|
|
||||||
extraVolumes:
|
extraVolumes:
|
||||||
- name: tls-source
|
- name: tls-source
|
||||||
secret:
|
secret:
|
||||||
secretName: wildcard-jethrocotton-com-tls
|
secretName: wildcard-jethrocotton-com-tls
|
||||||
- name: tls-pem
|
- name: tls-pem
|
||||||
emptyDir: {}
|
emptyDir: {}
|
||||||
|
|
||||||
initContainers:
|
initContainers:
|
||||||
- name: build-tls-pem
|
- name: build-tls-pem
|
||||||
image: busybox:1.36
|
image: busybox:1.36
|
||||||
command:
|
command:
|
||||||
- /bin/sh
|
- /bin/sh
|
||||||
- -ec
|
- -ec
|
||||||
- |
|
- |
|
||||||
cat /certs/tls.crt /certs/tls.key > /tls/tls.pem
|
cat /certs/tls.crt /certs/tls.key > /tls/tls.pem
|
||||||
volumeMounts:
|
volumeMounts:
|
||||||
- name: tls-source
|
- name: tls-source
|
||||||
mountPath: /certs
|
mountPath: /certs
|
||||||
readOnly: true
|
readOnly: true
|
||||||
- name: tls-pem
|
- name: tls-pem
|
||||||
mountPath: /tls
|
mountPath: /tls
|
||||||
|
|
||||||
extraVolumeMounts:
|
extraVolumeMounts:
|
||||||
- name: tls-pem
|
- name: tls-pem
|
||||||
mountPath: /usr/local/etc/ssl
|
mountPath: /usr/local/etc/ssl
|
||||||
|
|
||||||
config: |
|
config: |
|
||||||
global
|
global
|
||||||
log stdout format raw local0
|
log stdout format raw local0
|
||||||
maxconn 1024
|
maxconn 1024
|
||||||
|
|
||||||
defaults
|
defaults
|
||||||
log global
|
log global
|
||||||
timeout client 60s
|
timeout client 60s
|
||||||
timeout connect 10s
|
timeout connect 10s
|
||||||
timeout server 60s
|
timeout server 60s
|
||||||
|
|
||||||
frontend fe_http
|
frontend fe_http
|
||||||
bind :80
|
bind :80
|
||||||
http-request redirect scheme https code 301 if !{ ssl_fc }
|
http-request redirect scheme https code 301 if !{ ssl_fc }
|
||||||
|
|
||||||
frontend fe_https
|
frontend fe_https
|
||||||
bind :443 ssl crt /usr/local/etc/ssl/tls.pem
|
bind :443 ssl crt /usr/local/etc/ssl/tls.pem
|
||||||
acl host_forgejo hdr(host) -i forgejo.jethrocotton.com
|
acl host_forgejo hdr(host) -i forgejo.jethrocotton.com
|
||||||
use_backend be_forgejo if host_forgejo
|
use_backend be_forgejo if host_forgejo
|
||||||
default_backend be_forgejo
|
default_backend be_forgejo
|
||||||
|
|
||||||
backend be_forgejo
|
backend be_forgejo
|
||||||
server forgejo forgejo.forgejo.svc.cluster.local:80 check
|
server forgejo forgejo.forgejo.svc.cluster.local:80 check
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue