From cae99692de34a9d7600adb2fa7bb88436a332ff6 Mon Sep 17 00:00:00 2001 From: Vincent Ambo Date: Tue, 27 Aug 2019 12:43:55 +0100 Subject: feat(k8s): Add Google managed TLS certificates Introduces certificates for tazj.in & www.tazj.in. --- infra/kubernetes/https-cert/cert.yaml | 8 ++++++++ infra/kubernetes/primary-cluster.yaml | 11 +++++++++++ 2 files changed, 19 insertions(+) create mode 100644 infra/kubernetes/https-cert/cert.yaml (limited to 'infra') diff --git a/infra/kubernetes/https-cert/cert.yaml b/infra/kubernetes/https-cert/cert.yaml new file mode 100644 index 000000000000..c7a85275ae67 --- /dev/null +++ b/infra/kubernetes/https-cert/cert.yaml @@ -0,0 +1,8 @@ +--- +apiVersion: networking.gke.io/v1beta1 +kind: ManagedCertificate +metadata: + name: {{ .domain | replace "." "-" }} +spec: + domains: + - {{ .domain }} diff --git a/infra/kubernetes/primary-cluster.yaml b/infra/kubernetes/primary-cluster.yaml index c8a6423e341c..f043f92fa89b 100644 --- a/infra/kubernetes/primary-cluster.yaml +++ b/infra/kubernetes/primary-cluster.yaml @@ -3,6 +3,17 @@ --- context: gke_tazjins-infrastructure_europe-north1_tazjin-cluster include: + # SSL certificates (provisioned by Google) + - name: tazj-in-cert + path: https-cert + values: + domain: tazj.in + - name: www-tazj-in-cert + path: https-cert + values: + domain: www.tazj.in + + # Services - name: nixery values: port: 8080 -- cgit 1.4.1