Interlegis Public Rancher Charts for Kubernetes
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

71 lines
2.6 KiB

{{- if .Values.ingress.enabled -}}
{{- $fullName := include "portalmodelo.fullname" . -}}
{{- $hostName := .Values.portal.hostname -}}
{{- $hostPrefix := .Values.portal.hostprefix -}}
{{- if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}}
apiVersion: networking.k8s.io/v1beta1
{{- else -}}
apiVersion: extensions/v1beta1
{{- end }}
kind: Ingress
metadata:
name: {{ $fullName }}
labels:
{{- include "portalmodelo.labels" . | nindent 4 }}
annotations:
{{- if .Values.ingress.tls.enabled }}
# USE TLS
{{- if contains "letsencrypt" .Values.ingress.tls.provider }}
cert-manager.io/cluster-issuer: "letsencrypt-prod"
{{- end }}
{{- if contains "nginx" .Values.ingress.class }}
nginx.ingress.kubernetes.io/rewrite-target: "/VirtualHostBase/https/{{ $hostPrefix }}.{{ $hostName }}:443/portal/VirtualHostRoot/$1"
nginx.ingress.kubernetes.io/from-to-www-redirect: "true"
{{- end }}
{{- if contains "alb" .Values.ingress.class }}
alb.ingress.kubernetes.io/listen-ports: '[{"HTTP": 80}, {"HTTPS": 443}]'
alb.ingress.kubernetes.io/actions.ssl-redirect: '{"Type": "redirect", "RedirectConfig": { "Protocol": "HTTPS", "Port": "443", "StatusCode": "HTTP_301"}}'
{{- end }}
{{- else }}
# DO NOT USE TLS
{{- if contains "nginx" .Values.ingress.class }}
nginx.ingress.kubernetes.io/rewrite-target: "/VirtualHostBase/http/{{ $hostPrefix }}.{{ $hostName }}:80/portal/VirtualHostRoot/$1"
{{- end }}
{{- if contains "alb" .Values.ingress.class }}
alb.ingress.kubernetes.io/listen-ports: '[{"HTTP": 80}]'
{{- end }}
{{- end }}
{{- if contains "alb" .Values.ingress.class }}
alb.ingress.kubernetes.io/group.name: pm
alb.ingress.kubernetes.io/scheme: internet-facing
alb.ingress.kubernetes.io/target-type: ip
kubernetes.io/ingress.class: alb
{{- end }}
spec:
{{- if .Values.ingress.tls.enabled }}
tls:
- hosts:
- "{{ $hostPrefix }}.{{ $hostName }}"
- "{{ $hostName }}"
secretName: {{ $hostName | replace "." "-" }}-tls
{{- end }}
rules:
- host: "{{ $hostPrefix }}.{{ $hostName }}"
http:
paths:
{{- if and (contains "alb" .Values.ingress.class) (.Values.ingress.tls.enabled) }}
- path: /*
backend:
serviceName: ssl-redirect
servicePort: use-annotation
{{- end }}
{{- if contains "nginx" .Values.ingress.class }}
- path: /(.*)
{{- else }}
- path: /*
{{- end }}
backend:
serviceName: {{ $fullName }}-plone
servicePort: 8080
{{- end }}