Files
@ ac55319a2eac
Branch filter:
Location: light9/ingress.yaml - annotation
ac55319a2eac
1.0 KiB
text/x-yaml
don't drop patches that arrive before we get WS connected
aca4a29d06fc aca4a29d06fc aca4a29d06fc aca4a29d06fc aca4a29d06fc aca4a29d06fc aca4a29d06fc aca4a29d06fc aca4a29d06fc aca4a29d06fc aca4a29d06fc aca4a29d06fc aca4a29d06fc aca4a29d06fc aca4a29d06fc aca4a29d06fc aca4a29d06fc aca4a29d06fc aca4a29d06fc aca4a29d06fc aca4a29d06fc aca4a29d06fc aca4a29d06fc aca4a29d06fc aca4a29d06fc aca4a29d06fc aca4a29d06fc aca4a29d06fc aca4a29d06fc aca4a29d06fc aca4a29d06fc aca4a29d06fc aca4a29d06fc aca4a29d06fc aca4a29d06fc aca4a29d06fc aca4a29d06fc aca4a29d06fc | apiVersion: v1
kind: Service
metadata:
name: light9
spec:
ports:
- protocol: TCP
port: 8200
targetPort: 8200
type: ExternalName
externalName: dash5
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: light9
annotations:
cert-manager.io/cluster-issuer: letsencrypt-prod
ingress.pomerium.io/pass_identity_headers: "true"
ingress.pomerium.io/preserve_host_header: "true"
ingress.pomerium.io/allow_websockets: "true"
ingress.pomerium.io/allow_public_unauthenticated_access: "false"
ingress.pomerium.io/policy: |
allow:
or:
- { email: { is: "drewpca@gmail.com" }}
- { email: { is: "kelsimp@gmail.com" }}
- { email: { is: "david.mcclosky@gmail.com" }}
spec:
ingressClassName: pomerium
rules:
- host: "light9.bigasterisk.com"
http:
paths:
- { pathType: Prefix, path: "/", backend: { service: { name: light9, port: { number: 8200 } } } }
tls:
- hosts: [light9.bigasterisk.com]
secretName: light9.bigasterisk.com-tls
|