2021-08-21 20:43:04 +00:00
|
|
|
apiVersion: networking.k8s.io/v1
|
2018-04-27 00:09:55 +00:00
|
|
|
kind: Ingress
|
|
|
|
|
metadata:
|
|
|
|
|
annotations:
|
|
|
|
|
# Enable client certificate authentication
|
|
|
|
|
nginx.ingress.kubernetes.io/auth-tls-verify-client: "on"
|
2018-10-22 19:51:36 +00:00
|
|
|
# Create the secret containing the trusted ca certificates
|
|
|
|
|
nginx.ingress.kubernetes.io/auth-tls-secret: "default/ca-secret"
|
2018-04-27 00:09:55 +00:00
|
|
|
# Specify the verification depth in the client certificates chain
|
|
|
|
|
nginx.ingress.kubernetes.io/auth-tls-verify-depth: "1"
|
2018-06-01 14:14:10 +00:00
|
|
|
# Specify an error page to be redirected to verification errors
|
2018-04-27 00:09:55 +00:00
|
|
|
nginx.ingress.kubernetes.io/auth-tls-error-page: "http://www.mysite.com/error-cert.html"
|
2018-06-01 14:14:10 +00:00
|
|
|
# Specify if certificates are passed to upstream server
|
2019-04-10 00:14:41 +00:00
|
|
|
nginx.ingress.kubernetes.io/auth-tls-pass-certificate-to-upstream: "true"
|
2018-04-27 00:09:55 +00:00
|
|
|
name: nginx-test
|
|
|
|
|
namespace: default
|
|
|
|
|
spec:
|
2021-11-09 15:45:04 +00:00
|
|
|
ingressClassName: nginx
|
2018-04-27 00:09:55 +00:00
|
|
|
rules:
|
2019-04-10 00:14:41 +00:00
|
|
|
- host: mydomain.com
|
2018-04-27 00:09:55 +00:00
|
|
|
http:
|
|
|
|
|
paths:
|
2021-11-02 00:13:54 +00:00
|
|
|
- path: /
|
|
|
|
|
pathType: Prefix
|
|
|
|
|
backend:
|
|
|
|
|
service:
|
|
|
|
|
name: http-svc
|
|
|
|
|
port:
|
|
|
|
|
number: 80
|
2018-04-27 00:09:55 +00:00
|
|
|
tls:
|
|
|
|
|
- hosts:
|
2019-04-10 00:14:41 +00:00
|
|
|
- mydomain.com
|
2018-04-27 00:09:55 +00:00
|
|
|
secretName: tls-secret
|
