diff options
Diffstat (limited to 'ansible/roles/ansible-vvp-templates/templates/configmaps')
3 files changed, 70 insertions, 1 deletions
diff --git a/ansible/roles/ansible-vvp-templates/templates/configmaps/haproxy-cfg-configmap.yaml.j2 b/ansible/roles/ansible-vvp-templates/templates/configmaps/haproxy-cfg-configmap.yaml.j2 index 3fd9055..8b9012c 100644 --- a/ansible/roles/ansible-vvp-templates/templates/configmaps/haproxy-cfg-configmap.yaml.j2 +++ b/ansible/roles/ansible-vvp-templates/templates/configmaps/haproxy-cfg-configmap.yaml.j2 @@ -95,7 +95,7 @@ data: frontend portal mode http redirect scheme https if !{ ssl_fc } - acl is_api_call path_beg -i /ice + acl is_api_call path_beg -i /vvp acl is_s3 hdr_beg(host) s3. staging-s3. dev-s3. use_backend api if is_api_call use_backend s3 if is_s3 diff --git a/ansible/roles/ansible-vvp-templates/templates/configmaps/portal-nginx-configmap.yaml.j2 b/ansible/roles/ansible-vvp-templates/templates/configmaps/portal-nginx-configmap.yaml.j2 new file mode 100644 index 0000000..34cc2d3 --- /dev/null +++ b/ansible/roles/ansible-vvp-templates/templates/configmaps/portal-nginx-configmap.yaml.j2 @@ -0,0 +1,39 @@ +--- +kind: ConfigMap +apiVersion: v1 +metadata: + name: portal-nginx-config + namespace: default +data: + file: | + pid /nginx.pid; + error_log /dev/stdout warn; + + http { + access_log /dev/stdout; + server { + listen 0.0.0.0:8181; + + location / { + include /etc/nginx/mime.types; + root /usr/share/nginx/html/; + } + + } + + } + + events { + worker_connections 4096; + } + + service_provider.json: | + { + "serviceProvider": { + "name": "{{service_provider}}" + }, + "program": { + "name": "{{program_name}}" + } + } + diff --git a/ansible/roles/ansible-vvp-templates/templates/configmaps/site-certificate-configmap.yaml.j2 b/ansible/roles/ansible-vvp-templates/templates/configmaps/site-certificate-configmap.yaml.j2 new file mode 100644 index 0000000..2d56741 --- /dev/null +++ b/ansible/roles/ansible-vvp-templates/templates/configmaps/site-certificate-configmap.yaml.j2 @@ -0,0 +1,30 @@ +--- +kind: ConfigMap +apiVersion: v1 +metadata: + name: site-certificate + namespace: default +data: + site.crt: | + {{ site_pem_cert|indent }} + wrapper.sh: | + #!/bin/sh + # This script is meant to be used as a wrapper, so that it can be easily + # used with docker or kubernetes' container command specification. + # + # Kubernetes' volumeMount creates symlinks for configMapped files at the + # target directory. + # Alpine's update-ca-certificates ignores symlinks. + # So we must contrive to copy the contents of the mounted cert (a symlink) + # into place as a normal file. + dev_cert="${0%/*}/site.crt" + echo >&2 "$0: Checking for site CA certificate at $dev_cert..." + if [ -s "$dev_cert" ]; then + echo >&2 "$0: Updating container CA certificate bundle with site certificate..." + cp -L "$dev_cert" /usr/local/share/ca-certificates/ + update-ca-certificates + else + echo >&2 "$0: No site CA certificate found." + fi + echo >&2 "$0: Launching command: $@" + exec "$@" |