mirror of
https://gitlab.com/oecis/charts.git
synced 2024-11-15 00:28:59 +00:00
72 lines
2.5 KiB
YAML
72 lines
2.5 KiB
YAML
{{- if .Values.ingress.enabled }}
|
|
{{- $newAPIversion := .Capabilities.APIVersions.Has "networking.k8s.io/v1" }}
|
|
{{- if $newAPIversion }}
|
|
apiVersion: networking.k8s.io/v1
|
|
{{- else }}
|
|
apiVersion: extensions/v1beta1
|
|
{{- end }}
|
|
kind: Ingress
|
|
metadata:
|
|
name: {{ include "vaultwarden.fullname" . }}
|
|
namespace: {{ .Release.Namespace }}
|
|
labels:
|
|
app.kubernetes.io/component: vaultwarden
|
|
annotations:
|
|
ingress.kubernetes.io/rewrite-target: /
|
|
{{- if .Values.ingress.tls }}
|
|
ingress.kubernetes.io/ssl-redirect: "true"
|
|
{{- end }}
|
|
{{- if .Values.ingress.additionalAnnotations }}
|
|
{{- toYaml .Values.ingress.additionalAnnotations | nindent 4 }}
|
|
{{- end }}
|
|
{{- if .Values.ingress.nginxIngressAnnotations }}
|
|
nginx.ingress.kubernetes.io/configuration-snippet: |
|
|
more_set_headers "Request-Id: $req_id";
|
|
nginx.ingress.kubernetes.io/connection-proxy-header: "keep-alive"
|
|
nginx.ingress.kubernetes.io/enable-cors: "true"
|
|
nginx.ingress.kubernetes.io/ssl-redirect: "true"
|
|
nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
|
|
nginx.ingress.kubernetes.io/limit-connections: "25"
|
|
nginx.ingress.kubernetes.io/limit-rps: "15"
|
|
nginx.ingress.kubernetes.io/proxy-body-size: 1024m
|
|
nginx.ingress.kubernetes.io/proxy-connect-timeout: "10"
|
|
nginx.ingress.kubernetes.io/proxy-send-timeout: "1800"
|
|
nginx.ingress.kubernetes.io/proxy-read-timeout: "1800"
|
|
{{- if .Values.ingress.nginxAllowList }}
|
|
nginx.ingress.kubernetes.io/whitelist-source-range: {{ .Values.ingress.nginxAllowList }}
|
|
{{- end }}
|
|
{{- end }}
|
|
spec:
|
|
{{- if .Values.ingress.class }}
|
|
ingressClassName: {{ .Values.ingress.class | quote }}
|
|
{{- end }}
|
|
{{- if .Values.ingress.tls }}
|
|
tls:
|
|
- hosts:
|
|
- {{ .Values.ingress.hostname | quote }}
|
|
{{- if eq "nginx" .Values.ingress.class }}
|
|
secretName: {{ .Values.ingress.tlsSecret }}
|
|
{{- end }}
|
|
{{- end }}
|
|
rules:
|
|
- host: {{ .Values.ingress.hostname | quote }}
|
|
http:
|
|
paths:
|
|
- path: {{ .Values.ingress.path }}
|
|
pathType: {{ .Values.ingress.pathType }}
|
|
backend:
|
|
service:
|
|
name: {{ include "vaultwarden.fullname" . }}
|
|
port:
|
|
name: "http"
|
|
{{- if .Values.websocket.enabled }}
|
|
- path: {{ .Values.ingress.pathWs }}
|
|
pathType: {{ .Values.ingress.pathTypeWs }}
|
|
backend:
|
|
service:
|
|
name: {{ include "vaultwarden.fullname" . }}
|
|
port:
|
|
name: "websocket"
|
|
{{- end }}
|
|
{{- end }}
|