{{- if .Values.ingress.enabled -}} {{- $fullName := include "portalmodelo.fullname" . -}} {{- $hostName := .Values.portal.hostname -}} {{- $hostPrefix := .Values.portal.hostprefix -}} {{- $addPrefix := .Values.portal.addprefix -}} {{- $zopeFolder := .Values.portal.zopefolder -}} {{- if semverCompare ">=1.19-0" .Capabilities.KubeVersion.GitVersion -}} apiVersion: networking.k8s.io/v1 {{- else if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}} apiVersion: networking.k8s.io/v1beta1 {{- else -}} apiVersion: extensions/v1beta1 {{- end }} kind: Ingress metadata: name: {{ $fullName }} labels: {{- include "portalmodelo.labels" . | nindent 4 }} annotations: {{- if .Values.ingress.tls.enabled }} # USE TLS {{- if contains "letsencrypt" .Values.ingress.tls.provider }} cert-manager.io/cluster-issuer: "letsencrypt-prod" {{- end }} {{- if contains "nginx" .Values.ingress.class }} {{- if .Values.ingress.vhostmonster }} nginx.ingress.kubernetes.io/rewrite-target: "/VirtualHostBase/https/{{ $hostPrefix }}.{{ $hostName }}:443{{ $zopeFolder }}portal/VirtualHostRoot/$1" {{- end }} nginx.ingress.kubernetes.io/from-to-www-redirect: "true" nginx.ingress.kubernetes.io/service-upstream: "true" {{- end }} {{- if contains "alb" .Values.ingress.class }} alb.ingress.kubernetes.io/listen-ports: '[{"HTTP": 80}, {"HTTPS": 443}]' alb.ingress.kubernetes.io/actions.ssl-redirect: '{"Type": "redirect", "RedirectConfig": { "Protocol": "HTTPS", "Port": "443", "StatusCode": "HTTP_301"}}' {{- end }} {{- else }} # DO NOT USE TLS {{- if contains "nginx" .Values.ingress.class }} {{- if .Values.ingress.vhostmonster }} nginx.ingress.kubernetes.io/rewrite-target: "/VirtualHostBase/http/{{ $hostPrefix }}.{{ $hostName }}:80{{ $zopeFolder }}portal/VirtualHostRoot/$1" {{- end }} {{- end }} {{- if contains "alb" .Values.ingress.class }} alb.ingress.kubernetes.io/listen-ports: '[{"HTTP": 80}]' {{- end }} {{- end }} {{- if contains "alb" .Values.ingress.class }} alb.ingress.kubernetes.io/group.name: pm alb.ingress.kubernetes.io/scheme: internet-facing alb.ingress.kubernetes.io/target-type: ip kubernetes.io/ingress.class: alb {{- end }} spec: {{- if .Values.ingress.tls.enabled }} tls: - hosts: - "{{ $hostPrefix }}.{{ $hostName }}" {{- if eq "www" $hostPrefix }} - "{{ $hostName }}" {{- end }} {{- if .Values.portal.addprefix }} - "{{ $addPrefix }}.{{ $hostName }}" {{- end }} secretName: {{ $hostName | replace "." "-" }}-tls {{- end }} rules: - host: "{{ $hostPrefix }}.{{ $hostName }}" http: paths: {{- if and (contains "alb" .Values.ingress.class) (.Values.ingress.tls.enabled) }} - path: /* backend: serviceName: ssl-redirect servicePort: use-annotation {{- end }} {{- if contains "nginx" .Values.ingress.class }} {{- if .Values.ingress.vhostmonster }} - path: /(.*) {{- else }} - path: / {{- end }} {{- else }} - path: /* {{- end }} {{- if semverCompare ">=1.18-0" $.Capabilities.KubeVersion.GitVersion }} pathType: ImplementationSpecific {{- end }} backend: {{- if semverCompare ">=1.19-0" $.Capabilities.KubeVersion.GitVersion }} service: name: {{ $fullName }}-plone port: number: 8080 {{- else }} serviceName: {{ $fullName }}-plone servicePort: 8080 {{- end }} {{- if .Values.portal.addprefix }} - host: "{{ $addPrefix }}.{{ $hostName }}" http: paths: {{- if and (contains "alb" .Values.ingress.class) (.Values.ingress.tls.enabled) }} - path: /* backend: serviceName: ssl-redirect servicePort: use-annotation {{- end }} {{- if contains "nginx" .Values.ingress.class }} {{- if .Values.ingress.vhostmonster }} - path: /(.*) {{- else }} - path: / {{- end }} {{- else }} - path: /* {{- end }} {{- if semverCompare ">=1.18-0" $.Capabilities.KubeVersion.GitVersion }} pathType: ImplementationSpecific {{- end }} backend: {{- if semverCompare ">=1.19-0" $.Capabilities.KubeVersion.GitVersion }} service: name: {{ $fullName }} port: number: 8080 {{- else }} serviceName: {{ $fullName }}-plone servicePort: 8080 {{- end }} {{- end }} {{- end }}