update
This commit is contained in:
@@ -1,36 +0,0 @@
|
||||
apiVersion: cert-manager.io/v1
|
||||
kind: Issuer
|
||||
metadata:
|
||||
name: quickstart-kong-selfsigned-issuer-root
|
||||
spec:
|
||||
selfSigned: {}
|
||||
|
||||
---
|
||||
|
||||
apiVersion: cert-manager.io/v1
|
||||
kind: Certificate
|
||||
metadata:
|
||||
name: quickstart-kong-selfsigned-issuer-ca
|
||||
spec:
|
||||
commonName: quickstart-kong-selfsigned-issuer-ca
|
||||
duration: 2160h0m0s
|
||||
isCA: true
|
||||
issuerRef:
|
||||
group: cert-manager.io
|
||||
kind: Issuer
|
||||
name: quickstart-kong-selfsigned-issuer-root
|
||||
privateKey:
|
||||
algorithm: ECDSA
|
||||
size: 256
|
||||
renewBefore: 360h0m0s
|
||||
secretName: quickstart-kong-selfsigned-issuer-ca
|
||||
|
||||
---
|
||||
|
||||
apiVersion: cert-manager.io/v1
|
||||
kind: Issuer
|
||||
metadata:
|
||||
name: quickstart-kong-selfsigned-issuer
|
||||
spec:
|
||||
ca:
|
||||
secretName: quickstart-kong-selfsigned-issuer-ca
|
||||
@@ -13,119 +13,32 @@ spec:
|
||||
|
||||
---
|
||||
|
||||
#kind: Service
|
||||
#apiVersion: v1
|
||||
#metadata:
|
||||
# name: kong-external-dns
|
||||
# annotations:
|
||||
# external-dns.alpha.kubernetes.io/hostname: kong.durp.info
|
||||
#spec:
|
||||
# type: ExternalName
|
||||
# externalName: durp.info
|
||||
|
||||
---
|
||||
|
||||
apiVersion: traefik.containo.us/v1alpha1
|
||||
kind: IngressRoute
|
||||
metadata:
|
||||
name: kong-kong-admin
|
||||
name: kong-kong-proxy
|
||||
namespace: kong
|
||||
spec:
|
||||
entryPoints:
|
||||
- websecure
|
||||
routes:
|
||||
- match: Host(`kong.durp.info`) && PathPrefix(`/api`)
|
||||
- match: Host(`kong.durp.info`) && PathPrefix(`/`)
|
||||
kind: Rule
|
||||
services:
|
||||
- name: kong-kong-admin
|
||||
port: 8444
|
||||
- name: kong-kong-proxy
|
||||
port: 443
|
||||
scheme: https
|
||||
tls:
|
||||
secretName: kong-tls
|
||||
|
||||
---
|
||||
|
||||
apiVersion: traefik.containo.us/v1alpha1
|
||||
kind: IngressRoute
|
||||
kind: Service
|
||||
apiVersion: v1
|
||||
metadata:
|
||||
name: kong-kong-manager
|
||||
namespace: kong
|
||||
name: kong-external-dns
|
||||
annotations:
|
||||
external-dns.alpha.kubernetes.io/hostname: kong.durp.info
|
||||
spec:
|
||||
entryPoints:
|
||||
- websecure
|
||||
routes:
|
||||
- match: Host(`kong.durp.info`)
|
||||
kind: Rule
|
||||
services:
|
||||
- name: kong-kong-manager
|
||||
port: 8445
|
||||
scheme: https
|
||||
tls:
|
||||
secretName: kong-tls
|
||||
|
||||
---
|
||||
|
||||
apiVersion: cert-manager.io/v1
|
||||
kind: Certificate
|
||||
metadata:
|
||||
name: kong-developer-tls
|
||||
spec:
|
||||
secretName: kong-developer-tls
|
||||
issuerRef:
|
||||
name: letsencrypt-production
|
||||
kind: ClusterIssuer
|
||||
commonName: "developer.durp.info"
|
||||
dnsNames:
|
||||
- "developer.durp.info"
|
||||
|
||||
---
|
||||
|
||||
#kind: Service
|
||||
#apiVersion: v1
|
||||
#metadata:
|
||||
# name: kong-developer-external-dns
|
||||
# annotations:
|
||||
# external-dns.alpha.kubernetes.io/hostname: developer.durp.info
|
||||
#spec:
|
||||
# type: ExternalName
|
||||
# externalName: durp.info
|
||||
#
|
||||
---
|
||||
|
||||
apiVersion: traefik.containo.us/v1alpha1
|
||||
kind: IngressRoute
|
||||
metadata:
|
||||
name: kong-kong-portal
|
||||
namespace: kong
|
||||
spec:
|
||||
entryPoints:
|
||||
- websecure
|
||||
routes:
|
||||
- match: Host(`developer.durp.info`)
|
||||
kind: Rule
|
||||
services:
|
||||
- name: kong-kong-portal
|
||||
port: 8446
|
||||
scheme: https
|
||||
tls:
|
||||
secretName: kong-developer-tls
|
||||
|
||||
---
|
||||
|
||||
apiVersion: traefik.containo.us/v1alpha1
|
||||
kind: IngressRoute
|
||||
metadata:
|
||||
name: kong-kong-portalapi
|
||||
namespace: kong
|
||||
spec:
|
||||
entryPoints:
|
||||
- websecure
|
||||
routes:
|
||||
- match: Host(`developer.durp.info`) && PathPrefix(`/api`)
|
||||
kind: Rule
|
||||
services:
|
||||
- name: kong-kong-portalapi
|
||||
port: 8447
|
||||
scheme: https
|
||||
tls:
|
||||
secretName: kong-developer-tls
|
||||
type: ExternalName
|
||||
externalName: durp.info
|
||||
|
||||
@@ -29,40 +29,6 @@ spec:
|
||||
key: secrets/kong/tls
|
||||
property: key
|
||||
|
||||
#---
|
||||
#
|
||||
#apiVersion: external-secrets.io/v1beta1
|
||||
#kind: ExternalSecret
|
||||
#metadata:
|
||||
# name: kong-config-secret
|
||||
#spec:
|
||||
# secretStoreRef:
|
||||
# name: vault-kong
|
||||
# kind: SecretStore
|
||||
# target:
|
||||
# name: kong-config-secret
|
||||
# data:
|
||||
# - secretKey: admin_gui_session_conf
|
||||
# remoteRef:
|
||||
# key: secrets/kong/config
|
||||
# property: admin_gui_session_conf
|
||||
# - secretKey: kong_admin_password
|
||||
# remoteRef:
|
||||
# key: secrets/kong/config
|
||||
# property: kong_admin_password
|
||||
# - secretKey: password
|
||||
# remoteRef:
|
||||
# key: secrets/kong/postgres
|
||||
# property: password
|
||||
# - secretKey: pg_host
|
||||
# remoteRef:
|
||||
# key: secrets/kong/config
|
||||
# property: pg_host
|
||||
# - secretKey: portal_session_conf
|
||||
# remoteRef:
|
||||
# key: secrets/kong/config
|
||||
# property: portal_session_conf
|
||||
#
|
||||
---
|
||||
|
||||
apiVersion: external-secrets.io/v1beta1
|
||||
@@ -79,33 +45,3 @@ spec:
|
||||
kubernetes:
|
||||
mountPath: "kubernetes"
|
||||
role: "external-secrets"
|
||||
|
||||
---
|
||||
|
||||
apiVersion: external-secrets.io/v1beta1
|
||||
kind: ExternalSecret
|
||||
metadata:
|
||||
name: kong-postgresql
|
||||
spec:
|
||||
secretStoreRef:
|
||||
name: vault-kong
|
||||
kind: SecretStore
|
||||
target:
|
||||
name: kong-postgresql
|
||||
data:
|
||||
- secretKey: postgres-username
|
||||
remoteRef:
|
||||
key: secrets/kong/postgres
|
||||
property: username
|
||||
- secretKey: postgres-password
|
||||
remoteRef:
|
||||
key: secrets/kong/postgres
|
||||
property: password
|
||||
- secretKey: postgres-database
|
||||
remoteRef:
|
||||
key: secrets/kong/postgres
|
||||
property: database
|
||||
- secretKey: password
|
||||
remoteRef:
|
||||
key: secrets/kong/postgres
|
||||
property: password
|
||||
|
||||
Reference in New Issue
Block a user