gcalendarwatch: ingress.yaml annotate

annotate ingress.yaml @ 91:62caecb41dfd default tip

fix tag

author	drewp@bigasterisk.com
date	Fri, 03 Jan 2025 18:06:13 -0800
parents	1f8e66cb0108
children

rev	line source
30 dfba6e5de4a7 ingress drewp@bigasterisk.com parents: diff changeset	1 apiVersion: networking.k8s.io/v1
dfba6e5de4a7 ingress drewp@bigasterisk.com parents: diff changeset	2 kind: Ingress
dfba6e5de4a7 ingress drewp@bigasterisk.com parents: diff changeset	3 metadata:
dfba6e5de4a7 ingress drewp@bigasterisk.com parents: diff changeset	4 name: gcalendarwatch
dfba6e5de4a7 ingress drewp@bigasterisk.com parents: diff changeset	5 annotations:
dfba6e5de4a7 ingress drewp@bigasterisk.com parents: diff changeset	6 cert-manager.io/cluster-issuer: letsencrypt-prod
dfba6e5de4a7 ingress drewp@bigasterisk.com parents: diff changeset	7 ingress.pomerium.io/allow_public_unauthenticated_access: "false"
dfba6e5de4a7 ingress drewp@bigasterisk.com parents: diff changeset	8 ingress.pomerium.io/pass_identity_headers: "true"
dfba6e5de4a7 ingress drewp@bigasterisk.com parents: diff changeset	9 ingress.pomerium.io/preserve_host_header: "true"
dfba6e5de4a7 ingress drewp@bigasterisk.com parents: diff changeset	10 ingress.pomerium.io/policy: \|
dfba6e5de4a7 ingress drewp@bigasterisk.com parents: diff changeset	11 allow:
dfba6e5de4a7 ingress drewp@bigasterisk.com parents: diff changeset	12 or:
dfba6e5de4a7 ingress drewp@bigasterisk.com parents: diff changeset	13 - { email: { is: "drewpca@gmail.com" }}
dfba6e5de4a7 ingress drewp@bigasterisk.com parents: diff changeset	14 - { email: { is: "kelsimp@gmail.com" }}
dfba6e5de4a7 ingress drewp@bigasterisk.com parents: diff changeset	15 ingress.pomerium.io/prefix_rewrite: "/"
dfba6e5de4a7 ingress drewp@bigasterisk.com parents: diff changeset	16 spec:
dfba6e5de4a7 ingress drewp@bigasterisk.com parents: diff changeset	17 ingressClassName: pomerium
dfba6e5de4a7 ingress drewp@bigasterisk.com parents: diff changeset	18 rules:
dfba6e5de4a7 ingress drewp@bigasterisk.com parents: diff changeset	19 - host: "bigasterisk.com"
dfba6e5de4a7 ingress drewp@bigasterisk.com parents: diff changeset	20 http:
dfba6e5de4a7 ingress drewp@bigasterisk.com parents: diff changeset	21 paths:
dfba6e5de4a7 ingress drewp@bigasterisk.com parents: diff changeset	22 - pathType: Prefix
dfba6e5de4a7 ingress drewp@bigasterisk.com parents: diff changeset	23 path: /gcalendarwatch/
dfba6e5de4a7 ingress drewp@bigasterisk.com parents: diff changeset	24 backend: { service: { name: gcalendarwatch, port: { number: 80 } } }
dfba6e5de4a7 ingress drewp@bigasterisk.com parents: diff changeset	25 tls:
dfba6e5de4a7 ingress drewp@bigasterisk.com parents: diff changeset	26 - hosts: [bigasterisk.com]
dfba6e5de4a7 ingress drewp@bigasterisk.com parents: diff changeset	27 secretName: bigasterisk.com-tls
59 1f8e66cb0108 deployment drewp@bigasterisk.com parents: 30 diff changeset	28 ---
1f8e66cb0108 deployment drewp@bigasterisk.com parents: 30 diff changeset	29 apiVersion: networking.k8s.io/v1
1f8e66cb0108 deployment drewp@bigasterisk.com parents: 30 diff changeset	30 kind: Ingress
1f8e66cb0108 deployment drewp@bigasterisk.com parents: 30 diff changeset	31 metadata:
1f8e66cb0108 deployment drewp@bigasterisk.com parents: 30 diff changeset	32 name: gcalendarwatch-webhook
1f8e66cb0108 deployment drewp@bigasterisk.com parents: 30 diff changeset	33 annotations:
1f8e66cb0108 deployment drewp@bigasterisk.com parents: 30 diff changeset	34 cert-manager.io/cluster-issuer: letsencrypt-prod
1f8e66cb0108 deployment drewp@bigasterisk.com parents: 30 diff changeset	35 ingress.pomerium.io/allow_public_unauthenticated_access: "true"
1f8e66cb0108 deployment drewp@bigasterisk.com parents: 30 diff changeset	36 ingress.pomerium.io/pass_identity_headers: "true"
1f8e66cb0108 deployment drewp@bigasterisk.com parents: 30 diff changeset	37 ingress.pomerium.io/preserve_host_header: "true"
1f8e66cb0108 deployment drewp@bigasterisk.com parents: 30 diff changeset	38 spec:
1f8e66cb0108 deployment drewp@bigasterisk.com parents: 30 diff changeset	39 ingressClassName: pomerium
1f8e66cb0108 deployment drewp@bigasterisk.com parents: 30 diff changeset	40 rules:
1f8e66cb0108 deployment drewp@bigasterisk.com parents: 30 diff changeset	41 - host: "bigasterisk.com"
1f8e66cb0108 deployment drewp@bigasterisk.com parents: 30 diff changeset	42 http:
1f8e66cb0108 deployment drewp@bigasterisk.com parents: 30 diff changeset	43 paths:
1f8e66cb0108 deployment drewp@bigasterisk.com parents: 30 diff changeset	44 - pathType: Prefix
1f8e66cb0108 deployment drewp@bigasterisk.com parents: 30 diff changeset	45 path: /gcalendarwatch/notifications
1f8e66cb0108 deployment drewp@bigasterisk.com parents: 30 diff changeset	46 backend: { service: { name: gcalendarwatch, port: { number: 8080 } } }
1f8e66cb0108 deployment drewp@bigasterisk.com parents: 30 diff changeset	47 tls:
1f8e66cb0108 deployment drewp@bigasterisk.com parents: 30 diff changeset	48 - hosts: [bigasterisk.com]
1f8e66cb0108 deployment drewp@bigasterisk.com parents: 30 diff changeset	49 secretName: bigasterisk.com-tls

Mercurial > code > home > repos > gcalendarwatch

annotate ingress.yaml @ 91:62caecb41dfd default tip