Mercurial > code > home > repos > victoriametrics

changeset 8:e393b24f0e01

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
ingress
author drewp@bigasterisk.com
date Sun, 04 Dec 2022 02:07:14 -0800
parents 7130eb6d8e6b
children 17db5e8e7a2f
files ingress.yaml
diffstat 1 files changed, 83 insertions(+), 0 deletions(-) [+]
line wrap: on
line diff
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/ingress.yaml	Sun Dec 04 02:07:14 2022 -0800
@@ -0,0 +1,83 @@
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  name: victoriametrics
+  annotations:
+    cert-manager.io/issuer: letsencrypt-prod
+    ingress.pomerium.io/allow_public_unauthenticated_access: "false"
+    ingress.pomerium.io/pass_identity_headers: "true"
+    ingress.pomerium.io/preserve_host_header: "true"
+    ingress.pomerium.io/policy: |
+      allow:
+        or: 
+          - { email: { is: "drewpca@gmail.com" }}
+          - { email: { is: "kelsimp@gmail.com" }}
+    ingress.pomerium.io/prefix_rewrite: "/m/"
+spec:
+  ingressClassName: pomerium
+  rules:
+    - host: "bigasterisk.com"
+      http:
+        paths:
+          - pathType: Prefix
+            path: /m/
+            backend: { service: { name: victoriametrics, port: { number: 80 } } }
+  tls:
+    - hosts: [bigasterisk.com]
+      secretName: bigasterisk.com-tls
+---
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  name: vmalert
+  annotations:
+    cert-manager.io/issuer: letsencrypt-prod
+    ingress.pomerium.io/allow_public_unauthenticated_access: "false"
+    ingress.pomerium.io/pass_identity_headers: "true"
+    ingress.pomerium.io/preserve_host_header: "true"
+    ingress.pomerium.io/policy: |
+      allow:
+        or: 
+          - { email: { is: "drewpca@gmail.com" }}
+          - { email: { is: "kelsimp@gmail.com" }}
+    # ingress.pomerium.io/prefix_rewrite: "/vmalert/"
+spec:
+  ingressClassName: pomerium
+  rules:
+    - host: "bigasterisk.com"
+      http:
+        paths:
+          - pathType: Prefix
+            path: /vmalert/
+            backend: { service: { name: vmalert, port: { number: 80 } } }
+  tls:
+    - hosts: [bigasterisk.com]
+      secretName: bigasterisk.com-tls
+---
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  name: alertmanager
+  annotations:
+    cert-manager.io/issuer: letsencrypt-prod
+    ingress.pomerium.io/allow_public_unauthenticated_access: "false"
+    ingress.pomerium.io/pass_identity_headers: "true"
+    ingress.pomerium.io/preserve_host_header: "true"
+    ingress.pomerium.io/policy: |
+      allow:
+        or: 
+          - { email: { is: "drewpca@gmail.com" }}
+          - { email: { is: "kelsimp@gmail.com" }}
+    ingress.pomerium.io/prefix_rewrite: "/"
+spec:
+  ingressClassName: pomerium
+  rules:
+    - host: "bigasterisk.com"
+      http:
+        paths:
+          - pathType: Prefix
+            path: /alertmanager/
+            backend: { service: { name: alertmanager, port: { number: 80 } } }
+  tls:
+    - hosts: [bigasterisk.com]
+      secretName: bigasterisk.com-tls
\ No newline at end of file