Mercurial > code > home > repos > light9
changeset 2415:aca4a29d06fc
ingress
| author | drewp@bigasterisk.com |
|---|---|
| date | Mon, 20 May 2024 01:26:44 -0700 |
| parents | 6c61735514e9 |
| children | 61dc5bc8ce2e |
| files | ingress.yaml |
| diffstat | 1 files changed, 38 insertions(+), 0 deletions(-) [+] |
line wrap: on
line diff
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/ingress.yaml Mon May 20 01:26:44 2024 -0700 @@ -0,0 +1,38 @@ +apiVersion: v1 +kind: Service +metadata: + name: light9 +spec: + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + type: ExternalName + externalName: dash5 +--- +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: light9 + annotations: + cert-manager.io/cluster-issuer: letsencrypt-prod + ingress.pomerium.io/pass_identity_headers: "true" + ingress.pomerium.io/preserve_host_header: "true" + ingress.pomerium.io/allow_websockets: "true" + ingress.pomerium.io/allow_public_unauthenticated_access: "false" + ingress.pomerium.io/policy: | + allow: + or: + - { email: { is: "drewpca@gmail.com" }} + - { email: { is: "kelsimp@gmail.com" }} + - { email: { is: "david.mcclosky@gmail.com" }} +spec: + ingressClassName: pomerium + rules: + - host: "light9.bigasterisk.com" + http: + paths: + - { pathType: Prefix, path: "/", backend: { service: { name: light9, port: { number: 8200 } } } } + tls: + - hosts: [light9.bigasterisk.com] + secretName: light9.bigasterisk.com-tls