diff --git a/nginx/Chart.yaml b/nginx/Chart.yaml index c923ad42..6891c648 100644 --- a/nginx/Chart.yaml +++ b/nginx/Chart.yaml @@ -1,5 +1,12 @@ -apiVersion: v1 -appVersion: "1.0" -description: A Helm chart for Kubernetes +apiVersion: v2 name: nginx -version: 0.1.3 +description: Nginx reverse proxy +type: application +version: 1.0.0 +dependencies: + - name: cos-common + version: 1.0.0 + repository: https://centerforopenscience.github.io/helm-charts/ + # - name: cos-common + # version: 1.0.0 + # repository: file://../cos-common diff --git a/nginx/files/nginx.conf b/nginx/files/nginx.conf new file mode 100644 index 00000000..64ccf671 --- /dev/null +++ b/nginx/files/nginx.conf @@ -0,0 +1,41 @@ +user nginx; +worker_processes 1; + +pid /var/run/nginx.pid; + +error_log /var/log/nginx/error.log warn; + +events { + worker_connections 1024; +} + +http { + include /etc/nginx/mime.types; + default_type application/octet-stream; + + log_format main '$remote_addr - $upstream_cache_status $remote_user [$time_local] ' + '"$request" $status $body_bytes_sent ' + '"$http_referer" "$http_user_agent" "$http_x_forwarded_for" ' + 'rt=$request_time uct="$upstream_connect_time" uht="$upstream_header_time" urt="$upstream_response_time"'; + access_log /var/log/nginx/access.log main; + + sendfile on; + tcp_nopush on; + tcp_nodelay on; + keepalive_timeout 620s; + keepalive_requests 10000; + types_hash_max_size 2048; + server_tokens off; + + include /etc/nginx/conf.d/*.conf; + + server { + listen 80; + server_name _; + + location = /healthz { + access_log off; + return 200; + } + } +} \ No newline at end of file diff --git a/nginx/templates/NOTES.txt b/nginx/templates/NOTES.txt index 49090f8a..268c81da 100644 --- a/nginx/templates/NOTES.txt +++ b/nginx/templates/NOTES.txt @@ -1,21 +1,24 @@ -1. Get the application URL by running these commands: -{{- if .Values.ingress.enabled }} -{{- range $host := .Values.ingress.hosts }} - {{- range $.Values.ingress.paths }} - http{{ if $.Values.ingress.tls }}s{{ end }}://{{ $host }}{{ . }} +Component fullname: {{ include "cos-common.fullname" (dict "root" . "name" "" "values" .Values.main) }} + +{{- if and .Values.main.ingress.enabled (.Values.main.ingress.hosts) }} +Ingress hosts: +{{- $hosts := list }} +{{- if and (kindIs "map" .Values.main.ingress.hosts) (or (hasKey .Values.main.ingress.hosts "primary") (hasKey .Values.main.ingress.hosts "additional")) }} + {{- range $h := (default (list) .Values.main.ingress.hosts.primary) }} + {{- $hosts = append $hosts $h }} {{- end }} + {{- range $h := (default (list) .Values.main.ingress.hosts.additional) }} + {{- $hosts = append $hosts $h }} + {{- end }} +{{- else }} + {{- range $h := .Values.main.ingress.hosts }} + {{- $hosts = append $hosts $h.host }} + {{- end }} +{{- end }} +{{- range $hosts }} + - {{ . }} {{- end }} -{{- else if contains "NodePort" .Values.service.type }} - export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "nginx.fullname" . }}) - export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}") - echo http://$NODE_IP:$NODE_PORT -{{- else if contains "LoadBalancer" .Values.service.type }} - NOTE: It may take a few minutes for the LoadBalancer IP to be available. - You can watch the status of by running 'kubectl get svc -w {{ include "nginx.fullname" . }}' - export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "nginx.fullname" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}') - echo http://$SERVICE_IP:{{ .Values.service.port }} -{{- else if contains "ClusterIP" .Values.service.type }} - export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "nginx.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") - echo "Visit http://127.0.0.1:8080 to use your application" - kubectl port-forward $POD_NAME 8080:80 +{{- else }} +Port-forward example: +kubectl -n {{ .Release.Namespace }} port-forward svc/{{ include "cos-common.fullname" (dict "root" . "name" "" "values" .Values.main) }} 8080:{{ ( .Values.main.http.containers.nginx.internalPort ) }} {{- end }} diff --git a/nginx/templates/_helpers.tpl b/nginx/templates/_helpers.tpl deleted file mode 100644 index 35e447e6..00000000 --- a/nginx/templates/_helpers.tpl +++ /dev/null @@ -1,41 +0,0 @@ -{{/* vim: set filetype=mustache: */}} -{{/* -Expand the name of the chart. -*/}} -{{- define "nginx.name" -}} -{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}} -{{- end -}} - -{{/* -Create a default fully qualified app name. -We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). -If release name contains chart name it will be used as a full name. -*/}} -{{- define "nginx.fullname" -}} -{{- if .Values.fullnameOverride -}} -{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}} -{{- else -}} -{{- $name := default .Chart.Name .Values.nameOverride -}} -{{- if contains $name .Release.Name -}} -{{- .Release.Name | trunc 63 | trimSuffix "-" -}} -{{- else -}} -{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} -{{- end -}} -{{- end -}} -{{- end -}} - -{{/* -Create chart name and version as used by the chart label. -*/}} -{{- define "nginx.chart" -}} -{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}} -{{- end -}} - -{{/* -Create a default fully qualified certificate name. -We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). -*/}} -{{- define "nginx.certificate.fullname" -}} -{{- $name := default .Chart.Name .Values.nameOverride -}} -{{- printf "%s-%s-%s" .Release.Name $name .Values.certificate.name | trunc 63 | trimSuffix "-" -}} -{{- end -}} diff --git a/nginx/templates/certificate.yaml b/nginx/templates/certificate.yaml deleted file mode 100644 index 42ec1494..00000000 --- a/nginx/templates/certificate.yaml +++ /dev/null @@ -1,69 +0,0 @@ -{{- if .Values.certificate.enabled -}} -apiVersion: cert-manager.io/v1 -kind: Certificate -metadata: - name: "{{ template "nginx.certificate.fullname" . }}" - labels: - app: {{ template "nginx.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - heritage: {{ .Release.Service }} - release: {{ .Release.Name }} -spec: - secretName: "{{ template "nginx.certificate.fullname" . }}" - issuerRef: - name: {{ .Values.certificate.issuerRef.name }} - kind: {{ .Values.certificate.issuerRef.kind }} - commonName: {{ .Values.certificate.commonName }} - dnsNames: - {{- range .Values.certificate.dnsNames }} - - {{ . }} - {{- end }} - acme: - config: - - http01: - {{- if hasKey .Values.certificate.acmeConfig.http01 "ingress" }} - ingress: {{ .Values.certificate.acmeConfig.http01.ingress }} - {{- else }} - ingress: {{ template "nginx.fullname" . }} - {{- end }} - domains: - {{- range .Values.certificate.acmeConfig.domains }} - - {{ . }} - {{- end }} -{{- end -}} -{{- range $certificate := .Values.additionalCertificates }} -{{- $name := default $.Chart.Name $.Values.nameOverride }} -{{- $certificateFullName := (printf "%s-%s-%s" $.Release.Name $name $certificate.name | trunc 63 | trimSuffix "-") }} -apiVersion: cert-manager.io/v1 -kind: Certificate -metadata: - name: {{ $certificateFullName }} - labels: - app: {{ template "nginx.name" $ }} - chart: {{ $.Chart.Name }}-{{ $.Chart.Version | replace "+" "_" }} - heritage: {{ $.Release.Service }} - release: {{ $.Release.Name }} -spec: - secretName: {{ $certificateFullName }} - issuerRef: - name: {{ $certificate.issuerRef.name }} - kind: {{ $certificate.issuerRef.kind }} - commonName: {{ $certificate.commonName }} - dnsNames: - {{- range $certificate.dnsNames }} - - {{ . }} - {{- end }} - acme: - config: - - http01: - {{- if hasKey $certificate.acmeConfig.http01 "ingress" }} - ingress: {{ $certificate.acmeConfig.http01.ingress }} - {{- else }} - ingress: {{ template "nginx.fullname" $ }} - {{- end }} - domains: - {{- range $certificate.acmeConfig.domains }} - - {{ . }} - {{- end }} ---- -{{- end }} diff --git a/nginx/templates/configmap.yaml b/nginx/templates/configmap.yaml deleted file mode 100644 index 5ba96b13..00000000 --- a/nginx/templates/configmap.yaml +++ /dev/null @@ -1,58 +0,0 @@ -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ template "nginx.fullname" . }} - labels: - app: {{ template "nginx.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - heritage: {{ .Release.Service }} - release: {{ .Release.Name }} -data: -{{- define "nginx.inlineconfigs" }} -nginx.conf: |- - user nginx; - worker_processes 1; - - pid /var/run/nginx.pid; - - error_log /var/log/nginx/error.log warn; - - events { - worker_connections 1024; - } - - http { - include /etc/nginx/mime.types; - default_type application/octet-stream; - - log_format main '$remote_addr - $upstream_cache_status $remote_user [$time_local] ' - '"$request" $status $body_bytes_sent ' - '"$http_referer" "$http_user_agent" "$http_x_forwarded_for" ' - 'rt=$request_time uct="$upstream_connect_time" uht="$upstream_header_time" urt="$upstream_response_time"'; - access_log /var/log/nginx/access.log main; - - sendfile on; - tcp_nopush on; - tcp_nodelay on; - keepalive_timeout 620s; - keepalive_requests 10000; - types_hash_max_size 2048; - server_tokens off; - - include /etc/nginx/conf.d/*.conf; - - server { - listen 80; - server_name _; - - location = /healthz { - access_log off; - return 200; - } - } - } -{{- end -}} -{{- range $key, $value := merge .Values.configFiles (include "nginx.inlineconfigs" . | fromYaml) }} - {{ $key | replace "/" "-" }}: |- - {{- $value | nindent 4 }} -{{- end }} diff --git a/nginx/templates/deployment.yaml b/nginx/templates/deployment.yaml deleted file mode 100644 index 9fe1656f..00000000 --- a/nginx/templates/deployment.yaml +++ /dev/null @@ -1,69 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - name: {{ include "nginx.fullname" . }} - labels: - app.kubernetes.io/name: {{ include "nginx.name" . }} - helm.sh/chart: {{ include "nginx.chart" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/managed-by: {{ .Release.Service }} -spec: - replicas: {{ .Values.replicaCount }} - selector: - matchLabels: - app.kubernetes.io/name: {{ include "nginx.name" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - template: - metadata: - labels: - app.kubernetes.io/name: {{ include "nginx.name" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - checksum/config: {{ include (print $.Template.BasePath "/configmap.yaml") . | sha256sum | trunc 63 }} - spec: - containers: - - name: {{ .Chart.Name }} - image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}" - imagePullPolicy: {{ .Values.image.pullPolicy }} - command: - - nginx - - -c - - /etc/nginx/nginx.conf - - -g - - daemon off; - ports: - - name: http - containerPort: 80 - protocol: TCP - livenessProbe: - httpGet: - path: /healthz - port: http - readinessProbe: - httpGet: - path: /healthz - port: http - resources: - {{- toYaml .Values.resources | nindent 12 }} - volumeMounts: - {{- range $key := keys (merge .Values.configFiles (include "nginx.inlineconfigs" . | fromYaml)) }} - - mountPath: /etc/nginx/{{ $key }} - name: config - subPath: {{ $key | replace "/" "-" }} - readOnly: true - {{- end }} - {{- with .Values.nodeSelector }} - nodeSelector: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.affinity }} - affinity: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.tolerations }} - tolerations: - {{- toYaml . | nindent 8 }} - {{- end }} - volumes: - - name: config - configMap: - name: {{ template "nginx.fullname" . }} diff --git a/nginx/templates/ingress.yaml b/nginx/templates/ingress.yaml deleted file mode 100644 index 295eb28c..00000000 --- a/nginx/templates/ingress.yaml +++ /dev/null @@ -1,55 +0,0 @@ -{{- if .Values.ingress.enabled -}} -{{- $fullName := include "nginx.fullname" . -}} -{{- $ingressPaths := .Values.ingress.paths -}} -apiVersion: networking.k8s.io/v1 -kind: Ingress -metadata: - name: {{ $fullName }} - labels: - app.kubernetes.io/name: {{ include "nginx.name" . }} - helm.sh/chart: {{ include "nginx.chart" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/managed-by: {{ .Release.Service }} - {{- with .Values.ingress.annotations }} - annotations: - {{- toYaml . | nindent 4 }} - {{- end }} -spec: - rules: - {{- range .Values.ingress.hosts }} - - host: {{ . | quote }} - http: - paths: - {{- range $ingressPaths }} - - path: {{ . }} - pathType: ImplementationSpecific - backend: - service: - name: {{ $fullName }} - port: - number: 80 - {{- end }} - {{- end }} - {{- if (or .Values.ingress.tls (and .Values.certificate.enabled .Values.certificate.tls)) }} - tls: - {{- if .Values.ingress.tls }} - {{- toYaml .Values.ingress.tls | nindent 4 }} - {{- end -}} - {{- if (and .Values.certificate.enabled .Values.certificate.tls) }} - - secretName: "{{ template "nginx.certificate.fullname" . }}" - hosts: - {{- range .Values.certificate.acmeConfig.domains }} - - {{ . }} - {{- end }} - {{- end -}} - {{- range $certificate := .Values.additionalCertificates }} - {{- $name := default $.Chart.Name $.Values.nameOverride }} - {{- $certificateFullName := (printf "%s-%s-%s" $.Release.Name $name $certificate.name | trunc 63 | trimSuffix "-") }} - - secretName: {{ $certificateFullName }} - hosts: - {{- range $certificate.acmeConfig.domains }} - - {{ . }} - {{- end }} - {{- end }} - {{- end }} -{{- end }} diff --git a/nginx/templates/main.yaml b/nginx/templates/main.yaml new file mode 100644 index 00000000..28eddfdd --- /dev/null +++ b/nginx/templates/main.yaml @@ -0,0 +1,5 @@ +{{- include "cos-common.configmap" (dict "root" . "name" "" "values" .Values.main) }} +{{- include "cos-common.deployment" (dict "root" . "name" "" "values" .Values.main) }} +{{- include "cos-common.service" (dict "root" . "name" "" "values" .Values.main) }} +{{- include "cos-common.ingress" (dict "root" . "name" "" "values" .Values.main) }} +{{- include "cos-common.certificate" (dict "root" . "name" "" "values" .Values.main) }} diff --git a/nginx/templates/service.yaml b/nginx/templates/service.yaml deleted file mode 100644 index d06a3a77..00000000 --- a/nginx/templates/service.yaml +++ /dev/null @@ -1,23 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: {{ include "nginx.fullname" . }} - labels: - app.kubernetes.io/name: {{ include "nginx.name" . }} - helm.sh/chart: {{ include "nginx.chart" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/managed-by: {{ .Release.Service }} - annotations: - {{- range $key, $value := .Values.service.annotations }} - {{ $key }}: {{ $value | quote }} - {{- end }} -spec: - type: {{ .Values.service.type }} - ports: - - port: {{ .Values.service.port }} - targetPort: http - protocol: TCP - name: http - selector: - app.kubernetes.io/name: {{ include "nginx.name" . }} - app.kubernetes.io/instance: {{ .Release.Name }} diff --git a/nginx/templates/test-connection.yaml b/nginx/templates/test-connection.yaml new file mode 100644 index 00000000..709891f0 --- /dev/null +++ b/nginx/templates/test-connection.yaml @@ -0,0 +1,16 @@ +{{- $svcPort := tpl (toString (index .Values.main.service.ports 0).port) . -}} +apiVersion: v1 +kind: Pod +metadata: + name: {{ include "cos-common.fullname" (dict "root" . "name" "" "values" .Values.main) }}-test-connection + labels: + {{- include "cos-common.selectorLabels" (dict "root" . "name" "" "values" .Values.main) | nindent 4 }} + annotations: + "helm.sh/hook": test-success +spec: + containers: + - name: wget + image: busybox + command: ['wget'] + args: ['{{ include "cos-common.fullname" (dict "root" . "name" "" "values" .Values.main) }}:{{ $svcPort }}'] + restartPolicy: Never diff --git a/nginx/templates/tests/test-connection.yaml b/nginx/templates/tests/test-connection.yaml deleted file mode 100644 index 6985491d..00000000 --- a/nginx/templates/tests/test-connection.yaml +++ /dev/null @@ -1,18 +0,0 @@ -apiVersion: v1 -kind: Pod -metadata: - name: "{{ include "nginx.fullname" . }}-test-connection" - labels: - app.kubernetes.io/name: {{ include "nginx.name" . }} - helm.sh/chart: {{ include "nginx.chart" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/managed-by: {{ .Release.Service }} - annotations: - "helm.sh/hook": test-success -spec: - containers: - - name: wget - image: busybox - command: ['wget'] - args: ['{{ include "nginx.fullname" . }}:{{ .Values.service.port }}'] - restartPolicy: Never diff --git a/nginx/values.yaml b/nginx/values.yaml index 579bfbef..8794977b 100644 --- a/nginx/values.yaml +++ b/nginx/values.yaml @@ -1,89 +1,171 @@ -# Default values for nginx. -# This is a YAML-formatted file. -# Declare variables to be passed into your templates. - -replicaCount: 1 - +### ------- Global or Reusable parts across values.yaml ------- image: repository: nginx tag: stable pullPolicy: IfNotPresent -nodeSelector: {} - -tolerations: [] - -affinity: {} - -resources: {} - # We usually recommend not to specify default resources and to leave this as a conscious - # choice for the user. This also increases chances charts run on environments with little - # resources, such as Minikube. If you do want to specify resources, uncomment the following - # lines, adjust them as necessary, and remove the curly braces after 'resources:'. - # limits: - # cpu: 100m - # memory: 128Mi - # requests: - # cpu: 100m - # memory: 128Mi - -configFiles: - conf.d/default.conf: |- - # Insert nginx config here - -nameOverride: "" -fullnameOverride: "" - -service: - type: ClusterIP - port: 80 - -ingress: - enabled: false - annotations: {} - # kubernetes.io/ingress.class: nginx - # kubernetes.io/tls-acme: "true" - paths: [] - hosts: - - chart-example.local - tls: [] - # - secretName: chart-example-tls - # hosts: - # - chart-example.local - -certificate: - enabled: false - name: cert - # WORKAROUND: Ingress deploy blocked to GLBC due to race condition w/ missing TLS certificate - # - Issue: https://github.com/jetstack/cert-manager/issues/606 - # - PR: https://github.com/kubernetes/ingress-gce/pull/388 - tls: true - # issuerRef: - # name: letsencrypt-prod - # kind: ClusterIssuer - # commonName: example.org - # dnsNames: - # - example.org - # - subdomain.example.org - # acmeConfig: - # http01: - # ingress: example-ingress - # domains: - # - example.org - # - subdomain.example.org - -# additionalCertificates: -# - name: cert-2 -# commonName: example2.org -# dnsNames: -# - example2.org -# - www.example2.org -# issuerRef: -# name: letsencrypt-prod -# kind: ClusterIssuer -# acmeConfig: -# http01: -# ingress: example-ingress -# domains: -# - example2.org -# - www.example2.org + +## Remember that full name for all objects is '{{ include "cos-common.fullname" (dict "root" . "name" "") | trim }}' +## or in other form current naming is Release.Name-Chart.Name + +## =============== MAIN Component =============== +main: + enabled: true + + replicas: 1 + + http: + containers: + nginx: + internalPort: 80 + externalPort: 80 + serviceType: ClusterIP + +# ------- Configuration follows for containerName: nginx ------- + image: + repository: "{{ .Values.image.repository }}" + tag: "{{ .Values.image.tag }}" + pullPolicy: "{{ .Values.image.pullPolicy }}" + + containerName: nginx + + command: + - nginx + - -c + - /etc/nginx/nginx.conf + - -g + - daemon off; + + env: [] + + envFrom: [] + + probes: + liveness: + httpGet: + path: /healthz + port: "{{ .Values.main.http.containers.nginx.internalPort }}" + readiness: + httpGet: + path: /healthz + port: "{{ .Values.main.http.containers.nginx.internalPort }}" + + ports: + - name: http + containerPort: "{{ .Values.main.http.containers.nginx.internalPort }}" + protocol: TCP + + volumeMounts: + - name: config + mountPath: /etc/nginx/nginx.conf + subPath: nginx.conf + readOnly: true + - name: config + mountPath: /etc/nginx/conf.d/default.conf + subPath: conf.d-default.conf + readOnly: true + + resources: {} + + +# ------- Volumes configuration for the pod ------- + volumes: + - name: config + configMap: + name: '{{ include "cos-common.fullname" (dict "root" . "name" "" "values" .Values.main) | trim }}' + + +# ------- Affitnity configuration ------- + affinity: {} + additionalAffinities: [] + + +# ------- Pod Annotations ------- + podAnnotations: + checksum/main-config: '{{ include "cos-common.componentChecksum" (dict "root" . "name" "" "values" .Values.main "resource" "configmap") }}' + + +# ------- Service configuration ------- + service: + enabled: true + type: "{{ .Values.main.http.containers.nginx.serviceType }}" + ports: + - name: http + port: "{{ .Values.main.http.containers.nginx.externalPort }}" + targetPort: "{{ .Values.main.http.containers.nginx.internalPort }}" + + +# ------- Ingress configuration ------- + ingress: + enabled: false + annotations: {} + # kubernetes.io/ingress.class: nginx + # kubernetes.io/tls-acme: "true" + hosts: + primary: + - chart-example.local + rules: + - name: main + includeForPrimaryHost: true + pathType: ImplementationSpecific + service: + name: '{{ include "cos-common.fullname" (dict "root" . "name" "") | trim }}' + port: "{{ .Values.main.http.containers.nginx.externalPort }}" + paths: + - / + tls: [] + # - secretName: secret_name + # hosts: + # - chart-example.local + + +# ------- Certificate configuration ------- + certificate: + enabled: false + issuerRef: + name: letsencrypt-prod + kind: ClusterIssuer + commonName: example.org + dnsNames: + - example.org + acmeConfig: + http01: {} + domains: + - example.org + + # additionalCertificates: + # # cert name: '{{ include "cos-common.fullname" (dict "root" . "name" "certificate") | trim }}' + name + # - name: example-org-cert + # enabled: true + # secretName: secret-with-cert # default secret name is certificate name + # commonName: example.org + # dnsNames: + # - example.org + # - submdomain.example.org + # issuerRef: + # name: letsencrypt-prod + # kind: ClusterIssuer + # acmeConfig: + # http01: {} + # # ingress: '' + # domains: + # - example.org + # - subdomain.example.org + + +# ------- ConfigMap configuration ------- + configMap: + enabled: true + tpl: true + data: + nginx.conf: | + {{ tpl (.Files.Get "files/nginx.conf") (dict "Values" .Values "root" .) }} + + conf.d-default.conf: | + # Insert nginx config here + + +# ------- Selectors and etc. ------- + nodeSelector: {} + + tolerations: [] \ No newline at end of file