From 55250717f3a56f20eea49d728f1cd5227ad382ec Mon Sep 17 00:00:00 2001 From: Edward Cheng Date: Fri, 6 Sep 2024 11:10:39 +1000 Subject: [PATCH] enable tls on chartmuseum ingress --- apps/chartmuseum/env/k3s-cluster/ingress.yaml | 25 +++++++++++++++++++ .../env/k3s-cluster/templates/tls-secret.yaml | 21 ++++++++++++++++ 2 files changed, 46 insertions(+) create mode 100644 apps/chartmuseum/env/k3s-cluster/ingress.yaml create mode 100644 resources/app-secrets/env/k3s-cluster/templates/tls-secret.yaml diff --git a/apps/chartmuseum/env/k3s-cluster/ingress.yaml b/apps/chartmuseum/env/k3s-cluster/ingress.yaml new file mode 100644 index 0000000..ed51f85 --- /dev/null +++ b/apps/chartmuseum/env/k3s-cluster/ingress.yaml @@ -0,0 +1,25 @@ +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: chartmuseum-ingress + namespace: chartmuseum + annotations: + nginx.ingress.kubernetes.io/ssl-redirect: "false" + nginx.ingress.kubernetes.io/use-regex: "true" +spec: + ingressClassName: nginx + tls: + - hosts: + - "chartmuseum.cluster.edward.sydney" + secretName: "tls-secret" + rules: + - host: "chartmuseum.cluster.edward.sydney" + http: + paths: + - pathType: Prefix + path: "/" + backend: + service: + name: chartmuseum + port: + number: 8899 \ No newline at end of file diff --git a/resources/app-secrets/env/k3s-cluster/templates/tls-secret.yaml b/resources/app-secrets/env/k3s-cluster/templates/tls-secret.yaml new file mode 100644 index 0000000..0ccf603 --- /dev/null +++ b/resources/app-secrets/env/k3s-cluster/templates/tls-secret.yaml @@ -0,0 +1,21 @@ +--- +apiVersion: bitnami.com/v1alpha1 +kind: SealedSecret +metadata: + annotations: + sealedsecrets.bitnami.com/cluster-wide: "true" + creationTimestamp: null + name: tls-secrets +spec: + encryptedData: + tls.crt: AgCclZUdaBaTgmJcXF9FJlVauyUHYwL9KJ/RQHfSAXeFK0W9Xn0qAfTbdYpf1u/WCMeBVPVIaQAiu8tz/f7QIzVKcsfe3O9xqA4dyzixfYlQnGmFZNdGZTck0I7NOQCqM06zRA/KB9fyW0Q1nLFzVOBZGCwA04PGaAVN4hYC7MjqUKxggBUdypgHiOjPnOufYj8eTM06hpp3HN/o41v6ra8qxNM5hNH1OBZ5D5UsD5TiUh5fAaimx/khOQqd/ab6YH3C3nlPgcFuCbvVZ7mvyF27+ZqA98nH1mVhEbBXz+UvzAlOZXN/+WnAy7ZPjkqW33sWioMr3MCh9jcAMGgf5iDYNbafTBNDALVXRrMgXgE9jqBEA6g7DP+E8PRcq+iaSP3KKRMUd0Lxy2zoKqxIWbctlThwUywpbwDCBuKvoZa5NoKrC96JvkucuEMyqIL104XIK2BNhOSOCtj5k7urlCJvYeMlxtCGGqjxZgQd7QCrDdoQYxK4GqGM6XTQ13T/Yo8T2sGcF/NtpatOlaiUCSXMjSV3lwvgsYtd/E7vkOsKruUKu90EIu7HH88YAQmRAtKST4kL/6wf5GFbCt5z3itfq15uWp0JWWtKv2kqxKYC5BI7S6CSqlO7BFW84HtrHEaVCp7RTZGDnnEW4KwMo874eBWMB81rJuKRanaHBc23BDVD7HqvC4/ec4Zytcgc1WmtDJKZ+R+4xSBgONEgpdsFDVIY5Kt1zx9a47y2Hijxo9waNmGfo0rSCZ9dfHmD7aKzrd/WXxALOKxPV0ROiOnJ/IZ+JbSlOiDtBlApQXdz/D4jugYSfsA8DYaz40xkll/JrAkOZx6xzmq3b88STeN0kykbXGdCVR4oU2NKnKBdVDxIPH5I9MMAOoryPJn2sneNg8Ab5qtvPmtfyDkNA/UQtOMCekohb+C6gProtnQqPVHSTlQsFHvabLHFztYF3RoWLu1z5Waie2G8Q/DYcR/YgOZXTdQun4ziPeDlUqaonzVgP9v2K4J2WN+7UpNcGps7BeGV2aWmg9IjjVgBon43bgn+I+w5+Ga0MXaIhdD5cej4sWFm8QBdYzIaMGHWabDD2YFdmKjqKJ2hn48OGLbL0i14xx5N9OMxNzz5bHPTBDTR684RwQPSF5F56AVany363BjC9nzgP1NCl8vmg0Cl0TfeTZYBbnl0mHRzoaggUOOP1ARdK8kH75GMT130C1PUwjeQeZsGXG7bolXZziOh5Sd0WYUdwKqrLaZn59Xdrnx2+LVCbbRNy558sExG9cl53NFvDhnY/OYJwxTWOsi9PgAF/Ip7YxUWR1SB/qRupTof/AO0YXqyoxtyoyvguqdVAjDHCs0gVV9Vm6IH0RveRfivOKHwnUl1bCtsHtH7/F4bkgYy+c3IRlb70K6BgUGoSaLoHEMZnZ+nw3PJfEp+Ngt69Kj4xSfxEYLlJp7Lzj6kBXL/swkYyHF0nKJYkkJg3g+Q4YfwLTQIcZeIj5KwVkInwxhvN3yh+tehXD1IHMNULUe1K0i42zOND8z6htGaKwq7BE8G2z08nKXNNwg8hTY0ouVZD50U7BTYMqdaUvPBm5QjQssVabwd4Cg1w9VyW76yIWg9x+t9tvNv877Zcpn3RcR1owXQkmfQsKb4cU7zM94aIdUYmRwP4urpnBkeUw/L1qNBsFvsi+SZyXYINlHQu1IoLJt+mjo/I+GzJm8D38OMIrxXYEZEDb0c3WbR3wVqWMkN91hHDocgGFqeWccMp+MhL4QH1aOMfXsHKxzJ4z+BHQVd6QmueJIGFKO6u+IFbus6ZsvcAFKdIQh10iAjtToVYlEK0RM7upOUD5u8G3HiHNuPzSU4C6iOCWta2rCVJ0+HpFnAls0Wf+49J2RzE/4kFkbxa0i3tc3d/USPmd00uB7EapjSgTlAYPn5cd7Ri4DYZ/S5vrK+NTPfjiY4wLA7yyBkE9fLVoelXFMsUlwEaJGarqjCrpv8rpCm2Br0wTsGNRIK6VKR5h2lyruITjX1lN8fuEW61xqzVz1CJBMHBTEZQSkvtMLFZWEGzTghyWMW99i1P+EUc0VA+Oh6gsRUd7jL9I9oaztxAse5XNHyTf8T5nlyyw5CBACbas95Liv7Cwu6s7BjjlnOXyMmLkv79LWAkSAoUQ9PiBQqHQnMbb0e3s5J20KN5RNf/mXdEl3OKG/2gVucCpm+fja4l61kzieRWuvgbyYMbkuyeHiXDdZCQxU2pon+3Awo4aslzUk056NwrXSSaez+apkDkN0jMozzqSvYl4i60TieEpWYswJMf2lgEi9nfPE9vXOwHc2MnaEqKbI+rq8G1PiAI2mlc+KURSEO1DxEThb4dO3LI58fvjaBiNPDEJnmnKi37qpJM5mkBhQzA9gj4pNXxgvDN01tolS3dRaMmRpUS4vNskGSc/E1I/QRXvJ99CO5WATuT0XxvtTjIvbUd+T5yy8Ux2jDInQ1kAIWUz7ndSRkMaqm0EiuSajMe9cQ/T15rAZTI15B09Pex2nf9bQDu0J2RQICVLYAnGeuw/jA5QkiavNWCNhE+WJ/sean0Rug4l5d7T1uzHb+xjS4KCuIL8jGKmrRLnzgxzHybeYwWLE1MQvG6+4Bmv3bK8YEhnY881PxE8PID8FptisXhUtLlG4ZiYryuoCJ1lP0bYiDFCBFmycbfQI+9Y8dSy+FwfzO8mTZnA0XQufM+a+f3E9hfvP8SVlMP2xuxtLU3eggdPvR6lLa7pdyrMYUflVBeXbAnTKsnHcMTGQiSB+YAAMbXI7hRW5q0BvQS2PzHKTQhX+ZFlGsHPzdPc6vxcV4H4l65jqj6+xp9qRUufv/EcVpW/Z+sBXeuquQhrM/Tz8xFykIEALnDz3/l4Cxf/C5MuHEZLT7bo/ujXcyiRwFBktFYFalYSEbf4xb6CBjzOz0FFH/mohknlxJ01Yly2ik99GXjjprpzWFWUVMu460E1gxUD2y0tb9OuFCXC/1eCgSDkP1bESMySHNWqbyXLMT9LW6nUaw9z17ZYvM9YPdVAgP8ExkQ60QlH2tCq/QSZciIdjpyVPQko8fmGxoHY/E3jr6qmse7mexJvtJ5GxihsetosBQxApb4OAnYpeOL7gyyF54ll2WByJDEwrMh0o7i3Mq+KUWtYIEXZBzeEVX+IqLRid0GQoFbCO+opOXX6X7Luu3/qrx2isjxwlPi6aClTdSb1jZsFLxScYT0V001fk0D/zzsYbnLNLLlRW2wxdr5FcepbbtfEUSaYyxfBPbx72UhnlCP6dMmV+5DORYUgpCeqM34PrkEYcDs8+QGgiu8VX9Fnl6QEwAkzAN8fMvN61ulKI7QnfduKdjJikVrhXd0k6Ck7coHaB7zJKPMShMYBD+f7BLG/H2L55jJ3c3NNonapZ3E2A25IffIPaTHSPoP0OMFZQKOPyRKvjAloNC3LaPEBZVyKHtKPApSuP+iqBTuROeccuZmYl3nG13558kBsy2UpBRxXBtZOUysXL6PzseBk8RqS371ZE73ltmdWYXj02yWKgEM0GzaMT0PTFf45FxVH6y6f2UIMgix7aKkiC9D61tSOXZXXopRw8nYovGRJVZ81Zgx3Xb+4lwBHClJK6FiV3oVktNKKXdwcz7N6xAiY2ytrJqy3cu5vMz1vzi2426DFksY/VGXHQII/hv7PtxiVUlLZLqtTxKJXM6JZWY9rMto7K+TtbB3BMJcqOvCQQd+x8TwZy92aEbo/Br5p7KEQyZA4gLfAcRzPwoT8J4VjMzip8EOf2waQ4TGZM8kofSL9yPrNdqixUURtrdolANvzRN77ei+hzogAxSEa8LiuT8aYcMwI6VN6Q634XE6HUYSfkREOkc1SzAUzsyHb6W061cjCY7l+QA5jaKBDTyEnYWRGU+ArtNNaj1g2SND5Dk6702I1mfPZghA2ytJwC+5xh9YNnzDzs7VZRyy2fTTxOXmhFduEHS/1jg2A4l8gf/OOrTQFM5TBkHndQncXnb4D7eyJXdzSnKc7SnfDefVrH+cHorHCc+bGW6PLtBcFh9Vua16op86PiPdAWqhcHtMGNy8ljJLtohoSCXN+D90gHtjGN4erGkiv6LGL9vKfeNYKvpVffiARXwmxoMTWxIAoSw6chLfj83ehfw9NlEDjANST/+2XVxxYh3aX8SJZ0Yw1jqer+LXn8NPCSN1XDXMiv7bZjRclKo1kd4y4kP7WaNwy/T+DSU5rhDDNSx2ZZKPZz57RFQ/EdjpVwdksc7MxWcEsNREyQQjXON5uzC06M86t0FdDtCF8nzsGKEVe3nsTFut1WCdIy6w6HJcy/q++a+bUFgkm+UttfksG6AJ5ILZ77s0GFyKQw/GIuIwybGpycseCUms8pvMF1W3hTa8pqI+wS1IHq0DyOMz4ZPTqmbm0dR1PHVASBTxfJBWWlqdTEXnZ9gBDp+GK+/gQBcaSVnZd33c0x3DB8I94EmBQ4iFzAYtfB2VJqPhcs5RK3Z8NXWZFIReXShT+DnHc3ONYbAcYz/Z7TWqg== + tls.key: AgAlqM2aHeSWCbYIjVG60ALt1AXffgnDMMy4fQSmIYbIdroPWN4a/xwi5AT1Zpzz/NqWmJbQq/vdlJYfSSeZ0u9GWvRA7J6DaVjxuIIkxOhCKzfMrlYXkTOyWBU2mi8S70yQg5+LPNic2C+6lojxBMMFLU4UIlinquiSpCJI63IDgNjmr6nbztai9k3vz91B0LtHPbyP6NhXU8Et3kZHBAJ5JNmaxbE+nfdAQOYg2Yg1mQzS2o0M3RCTpsQVVm7YKj99ysl2BGW6IJY0XNi4O0y4WJP8e6e+Nhte8T+oNO5K6Uj+KN0M6rybJ30aKcIFwQwSRjER+KcNmAv5UPWKxe37u/zv8R7YsbbYYrV/ycH6b9POS3oMuvMhfIdas86eZj4bryX5K5b0C9ycBEK1/1r6AcExxR5bdaA1Y7IWzyrgbMpn8FJvehdVZTH6Wng2pnnjTuuvWH++A0mi2ua26h7rTCPJ/vyA/xJsOwl7ZscpybFKfpBt2TIQvX3eW2y71NMJ7/O2b/HJ0OVAlt8HbcV+pr+pmZTWomDhna2fHLtVug+ACJN9+/bGweCgEo5W4h+kqVEiiPkJlGRA7quEYW+u/5/emN/cT3Ctfmxt95WQbFlyCyXoVcEWLRT/9Og2wZ3Q7WD+EqgS64Suq4sbuH7kPF2mXkE/24tPN7DC5jZFMLRNTz+h04ZySf47yRiwOWTezr1zxARKBZPzoxpOI95Y98tQEmtmNGl/ZVzaLFNBC7p/Yrygv2lXe/+s5nhWSRsfZ0x6BkuGN/P7u5Y6ZJReUJszusTjKOg4vyOOeycFwat4ahckVpZTj6ASQJrsfPHMQCD1S4lv5YmxRptdNflF7ytHf6uHzo58lDTMmn7mx3fW3bLKs3Lq4la1WtLRKnjZp1tFNr4s9I6sVC3Z2KshKoQHtFcuTgXta7xIHwYD8Riypz0IgtZ/PbBYJq48Wh+HMiJ6UeFrPoYCmoVXeFG3OIjK9M3AALlKvCfl913pgObY4izeiLVGZmlcoUdKPTiu + template: + metadata: + annotations: + argocd.argoproj.io/sync-options: Prune=false + sealedsecrets.bitnami.com/cluster-wide: "true" + sealedsecrets.bitnami.com/managed: "true" + creationTimestamp: null + name: tls-secrets + type: kubernetes.io/tls