41 lines
1.1 KiB
YAML
41 lines
1.1 KiB
YAML
apiVersion: networking.k8s.io/v1
|
|
kind: Ingress
|
|
metadata:
|
|
name: veza-ingress
|
|
namespace: veza-production
|
|
annotations:
|
|
kubernetes.io/ingress.class: nginx
|
|
cert-manager.io/cluster-issuer: letsencrypt-prod
|
|
nginx.ingress.kubernetes.io/ssl-redirect: "true"
|
|
nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
|
|
nginx.ingress.kubernetes.io/ssl-protocols: "TLSv1.2 TLSv1.3"
|
|
nginx.ingress.kubernetes.io/ssl-ciphers: "ECDHE-ECDSA-AES128-GCM-SHA256,ECDHE-RSA-AES128-GCM-SHA256,ECDHE-ECDSA-AES256-GCM-SHA384,ECDHE-RSA-AES256-GCM-SHA384"
|
|
nginx.ingress.kubernetes.io/ssl-prefer-server-ciphers: "true"
|
|
spec:
|
|
tls:
|
|
- hosts:
|
|
- app.veza.com
|
|
- api.veza.com
|
|
secretName: veza-tls
|
|
rules:
|
|
- host: app.veza.com
|
|
http:
|
|
paths:
|
|
- path: /
|
|
pathType: Prefix
|
|
backend:
|
|
service:
|
|
name: veza-frontend
|
|
port:
|
|
number: 80
|
|
- host: api.veza.com
|
|
http:
|
|
paths:
|
|
- path: /
|
|
pathType: Prefix
|
|
backend:
|
|
service:
|
|
name: veza-backend-api
|
|
port:
|
|
number: 8080
|
|
|