You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
72 lines
2.7 KiB
72 lines
2.7 KiB
{{- if .Values.ingress.enabled -}}
|
|
{{- $fullName := include "portalmodelo.fullname" . -}}
|
|
{{- $hostName := .Values.portal.hostname -}}
|
|
{{- $hostPrefix := .Values.portal.hostprefix -}}
|
|
{{- $zopeFolder := .Values.portal.zopefolder -}}
|
|
{{- if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}}
|
|
apiVersion: networking.k8s.io/v1beta1
|
|
{{- else -}}
|
|
apiVersion: extensions/v1beta1
|
|
{{- end }}
|
|
kind: Ingress
|
|
metadata:
|
|
name: {{ $fullName }}
|
|
labels:
|
|
{{- include "portalmodelo.labels" . | nindent 4 }}
|
|
annotations:
|
|
{{- if .Values.ingress.tls.enabled }}
|
|
# USE TLS
|
|
{{- if contains "letsencrypt" .Values.ingress.tls.provider }}
|
|
cert-manager.io/cluster-issuer: "letsencrypt-prod"
|
|
{{- end }}
|
|
{{- if contains "nginx" .Values.ingress.class }}
|
|
nginx.ingress.kubernetes.io/rewrite-target: "/VirtualHostBase/https/{{ $hostPrefix }}.{{ $hostName }}:443{{ $zopeFolder }}portal/VirtualHostRoot/$1"
|
|
nginx.ingress.kubernetes.io/from-to-www-redirect: "true"
|
|
nginx.ingress.kubernetes.io/service-upstream: "true"
|
|
{{- end }}
|
|
{{- if contains "alb" .Values.ingress.class }}
|
|
alb.ingress.kubernetes.io/listen-ports: '[{"HTTP": 80}, {"HTTPS": 443}]'
|
|
alb.ingress.kubernetes.io/actions.ssl-redirect: '{"Type": "redirect", "RedirectConfig": { "Protocol": "HTTPS", "Port": "443", "StatusCode": "HTTP_301"}}'
|
|
{{- end }}
|
|
{{- else }}
|
|
# DO NOT USE TLS
|
|
{{- if contains "nginx" .Values.ingress.class }}
|
|
nginx.ingress.kubernetes.io/rewrite-target: "/VirtualHostBase/http/{{ $hostPrefix }}.{{ $hostName }}:80{{ $zopeFolder }}portal/VirtualHostRoot/$1"
|
|
{{- end }}
|
|
{{- if contains "alb" .Values.ingress.class }}
|
|
alb.ingress.kubernetes.io/listen-ports: '[{"HTTP": 80}]'
|
|
{{- end }}
|
|
{{- end }}
|
|
{{- if contains "alb" .Values.ingress.class }}
|
|
alb.ingress.kubernetes.io/group.name: pm
|
|
alb.ingress.kubernetes.io/scheme: internet-facing
|
|
alb.ingress.kubernetes.io/target-type: ip
|
|
kubernetes.io/ingress.class: alb
|
|
{{- end }}
|
|
spec:
|
|
{{- if .Values.ingress.tls.enabled }}
|
|
tls:
|
|
- hosts:
|
|
- "{{ $hostPrefix }}.{{ $hostName }}"
|
|
- "{{ $hostName }}"
|
|
secretName: {{ $hostName | replace "." "-" }}-tls
|
|
{{- end }}
|
|
rules:
|
|
- host: "{{ $hostPrefix }}.{{ $hostName }}"
|
|
http:
|
|
paths:
|
|
{{- if and (contains "alb" .Values.ingress.class) (.Values.ingress.tls.enabled) }}
|
|
- path: /*
|
|
backend:
|
|
serviceName: ssl-redirect
|
|
servicePort: use-annotation
|
|
{{- end }}
|
|
{{- if contains "nginx" .Values.ingress.class }}
|
|
- path: /(.*)
|
|
{{- else }}
|
|
- path: /*
|
|
{{- end }}
|
|
backend:
|
|
serviceName: {{ $fullName }}-plone
|
|
servicePort: 8080
|
|
{{- end }}
|
|
|