You can not select more than 25 topics
			Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
		
		
		
		
		
			
		
			
				
					
					
						
							131 lines
						
					
					
						
							4.8 KiB
						
					
					
				
			
		
		
		
			
			
			
				
					
				
				
					
				
			
		
		
	
	
							131 lines
						
					
					
						
							4.8 KiB
						
					
					
				| {{- if .Values.ingress.enabled -}} | |
| {{- $fullName := include "portalmodelo.fullname" . -}} | |
| {{- $hostName := .Values.portal.hostname -}} | |
| {{- $hostPrefix := .Values.portal.hostprefix -}} | |
| {{- $addPrefix := .Values.portal.addprefix -}} | |
| {{- $zopeFolder := .Values.portal.zopefolder -}} | |
| {{- if semverCompare ">=1.19-0" .Capabilities.KubeVersion.GitVersion -}} | |
| apiVersion: networking.k8s.io/v1 | |
| {{- else if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}} | |
| apiVersion: networking.k8s.io/v1beta1 | |
| {{- else -}} | |
| apiVersion: extensions/v1beta1 | |
| {{- end }} | |
| kind: Ingress | |
| metadata: | |
|   name: {{ $fullName }} | |
|   labels: | |
|     {{- include "portalmodelo.labels" . | nindent 4 }} | |
|   annotations: | |
|   {{- if .Values.ingress.tls.enabled }} | |
|     # USE TLS | |
|     {{- if contains "letsencrypt" .Values.ingress.tls.provider }}  | |
|     cert-manager.io/cluster-issuer: "letsencrypt-prod" | |
|     {{- end }} | |
|     {{- if contains "nginx" .Values.ingress.class }} | |
|       {{- if .Values.ingress.vhostmonster }} | |
|     nginx.ingress.kubernetes.io/rewrite-target: "/VirtualHostBase/https/{{ $hostPrefix }}.{{ $hostName }}:443{{ $zopeFolder }}portal/VirtualHostRoot/$1" | |
|       {{- end }} | |
|     nginx.ingress.kubernetes.io/from-to-www-redirect: "true" | |
|     nginx.ingress.kubernetes.io/service-upstream: "true" | |
|     {{- end }} | |
|     {{- if contains "alb" .Values.ingress.class }} | |
|     alb.ingress.kubernetes.io/listen-ports: '[{"HTTP": 80}, {"HTTPS": 443}]' | |
|     alb.ingress.kubernetes.io/actions.ssl-redirect: '{"Type": "redirect", "RedirectConfig": { "Protocol": "HTTPS", "Port": "443", "StatusCode": "HTTP_301"}}' | |
|     {{- end }} | |
|   {{- else }} | |
|     # DO NOT USE TLS | |
|     {{- if contains "nginx" .Values.ingress.class }} | |
|       {{- if .Values.ingress.vhostmonster }} | |
|     nginx.ingress.kubernetes.io/rewrite-target: "/VirtualHostBase/http/{{ $hostPrefix }}.{{ $hostName }}:80{{ $zopeFolder }}portal/VirtualHostRoot/$1" | |
|       {{- end }} | |
|     {{- end }} | |
|     {{- if contains "alb" .Values.ingress.class }} | |
|     alb.ingress.kubernetes.io/listen-ports: '[{"HTTP": 80}]' | |
|     {{- end }} | |
|   {{- end }} | |
|   {{- if contains "alb" .Values.ingress.class }} | |
|     alb.ingress.kubernetes.io/group.name: pm | |
|     alb.ingress.kubernetes.io/scheme: internet-facing | |
|     alb.ingress.kubernetes.io/target-type: ip | |
|     kubernetes.io/ingress.class: alb | |
|   {{- end }} | |
| spec: | |
|   {{- if .Values.ingress.tls.enabled }} | |
|   tls: | |
|     - hosts: | |
|         - "{{ $hostPrefix }}.{{ $hostName }}" | |
|         {{- if eq "www" $hostPrefix }} | |
|         - "{{ $hostName }}" | |
|         {{- end }} | |
|         {{- if .Values.portal.addprefix }} | |
|         - "{{ $addPrefix }}.{{ $hostName }}" | |
|         {{- end }} | |
|       secretName: {{ $hostName | replace "." "-" }}-tls | |
|   {{- end }} | |
|   rules: | |
|     - host: "{{ $hostPrefix }}.{{ $hostName }}" | |
|       http: | |
|         paths: | |
|           {{- if and (contains "alb" .Values.ingress.class) (.Values.ingress.tls.enabled) }} | |
|           - path: /* | |
|             backend: | |
|               serviceName: ssl-redirect | |
|               servicePort: use-annotation | |
|           {{- end }} | |
|           {{- if contains "nginx" .Values.ingress.class }} | |
|           {{-   if .Values.ingress.vhostmonster }} | |
|           - path: /(.*) | |
|           {{-   else }} | |
|           - path: / | |
|           {{-   end }} | |
|           {{- else }} | |
|           - path: /* | |
|           {{- end }} | |
|           {{- if semverCompare ">=1.18-0" $.Capabilities.KubeVersion.GitVersion }} | |
|             pathType: ImplementationSpecific | |
|           {{- end }} | |
|             backend: | |
|               {{- if semverCompare ">=1.19-0" $.Capabilities.KubeVersion.GitVersion }} | |
|               service: | |
|                 name: {{ $fullName }}-plone | |
|                 port: | |
|                   number: 8080 | |
|               {{- else }} | |
|               serviceName: {{ $fullName }}-plone | |
|               servicePort: 8080 | |
|               {{- end }} | |
|     {{- if .Values.portal.addprefix }} | |
|     - host: "{{ $addPrefix }}.{{ $hostName }}" | |
|       http: | |
|         paths: | |
|           {{- if and (contains "alb" .Values.ingress.class) (.Values.ingress.tls.enabled) }} | |
|           - path: /* | |
|             backend: | |
|               serviceName: ssl-redirect | |
|               servicePort: use-annotation | |
|           {{- end }} | |
|           {{- if contains "nginx" .Values.ingress.class }} | |
|           {{-   if .Values.ingress.vhostmonster }} | |
|           - path: /(.*) | |
|           {{-   else }} | |
|           - path: / | |
|           {{-   end }} | |
|           {{- else }} | |
|           - path: /* | |
|           {{- end }} | |
|           {{- if semverCompare ">=1.18-0" $.Capabilities.KubeVersion.GitVersion }} | |
|             pathType: ImplementationSpecific | |
|           {{- end }} | |
|             backend: | |
|               {{- if semverCompare ">=1.19-0" $.Capabilities.KubeVersion.GitVersion }} | |
|               service: | |
|                 name: {{ $fullName }} | |
|                 port: | |
|                   number: 8080 | |
|               {{- else }} | |
|               serviceName: {{ $fullName }}-plone | |
|               servicePort: 8080 | |
|               {{- end }} | |
|      {{- end }}  | |
| {{- end }}
 | |
| 
 |