apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: default
annotations:
cert-manager.io/cluster-issuer: letsencrypt-prod
ingress.pomerium.io/allow_public_unauthenticated_access: "true"
ingress.pomerium.io/pass_identity_headers: "true"
ingress.pomerium.io/preserve_host_header: "true"
spec:
ingressClassName: pomerium
rules:
- host: "bigasterisk.com"
http:
paths:
- { pathType: Prefix, path: /, backend: { service: { name: nginx, port: { number: 11444 } } } }
tls:
- hosts: [bigasterisk.com]
secretName: bigasterisk.com-tls