mirror of
https://github.com/pomerium/pomerium.git
synced 2025-05-24 06:27:17 +02:00
4cb3281af7
* update k8s install for ingress conrtoller * typo correction * prep k8s section * squashme * init Ingress Controller doc Co-authored-by: travisgroth <tgroth@pomerium.com> Co-authored-by: wasaga <dmishin@pomerium.com> * update, organize, annotate * breakout custom from standard annotations * more info links * Update docs/docs/k8s/ingress.md Co-authored-by: Travis Groth <travisgroth@users.noreply.github.com> * Update docs/docs/k8s/ingress.md Co-authored-by: Travis Groth <travisgroth@users.noreply.github.com> * Update docs/docs/k8s/ingress.md Co-authored-by: Travis Groth <travisgroth@users.noreply.github.com> * prep k8s section * document YAML policies in Ingress * sort and compress standard annotations * final draft * link cleanup * Create ingress.md * Update docs/docs/k8s/ingress.md Co-authored-by: Travis Groth <travisgroth@users.noreply.github.com> * Apply suggestions from code review * rm redundant config * fix file reference * update available annotations * Copy Proofread Grammar updates. * discussed copy edit * whitespace cleanup * add redirect for moved k8s docs * fixed malformed links * Update docs/docs/k8s/ingress.md Co-authored-by: bobby <1544881+desimone@users.noreply.github.com> * Update docs/docs/k8s/ingress.md Co-authored-by: bobby <1544881+desimone@users.noreply.github.com> Update docs/docs/k8s/ingress.md Co-authored-by: bobby <1544881+desimone@users.noreply.github.com> Update docs/docs/k8s/ingress.md Co-authored-by: bobby <1544881+desimone@users.noreply.github.com> partial copy edits Update docs/docs/k8s/ingress.md Co-authored-by: bobby <1544881+desimone@users.noreply.github.com> Update docs/docs/k8s/ingress.md Co-authored-by: bobby <1544881+desimone@users.noreply.github.com> partial copy edits Update docs/docs/k8s/ingress.md Co-authored-by: bobby <1544881+desimone@users.noreply.github.com> Update docs/docs/k8s/ingress.md Co-authored-by: bobby <1544881+desimone@users.noreply.github.com> Update docs/docs/k8s/ingress.md Co-authored-by: bobby <1544881+desimone@users.noreply.github.com> partial copy edits * One last TLS * Update docs/docs/k8s/ingress.md Co-authored-by: bobby <1544881+desimone@users.noreply.github.com> * clarify namespaces flag * Update docs/docs/k8s/ingress.md Co-authored-by: bobby <1544881+desimone@users.noreply.github.com> Co-authored-by: travisgroth <tgroth@pomerium.com> Co-authored-by: wasaga <dmishin@pomerium.com> Co-authored-by: Travis Groth <travisgroth@users.noreply.github.com> Co-authored-by: cmo-pomerium <91488121+cmo-pomerium@users.noreply.github.com> Co-authored-by: bobby <1544881+desimone@users.noreply.github.com>
36 lines
1 KiB
YAML
36 lines
1 KiB
YAML
apiVersion: cert-manager.io/v1
|
|
kind: Certificate
|
|
metadata:
|
|
name: pomerium-cert
|
|
namespace: pomerium
|
|
spec:
|
|
secretName: pomerium-tls
|
|
issuerRef:
|
|
name: pomerium-issuer
|
|
kind: Issuer
|
|
usages:
|
|
- server auth
|
|
- client auth
|
|
dnsNames:
|
|
- pomerium-proxy.pomerium.svc.cluster.local
|
|
- pomerium-authorize.pomerium.svc.cluster.local
|
|
- pomerium-databroker.pomerium.svc.cluster.local
|
|
- pomerium-authenticate.pomerium.svc.cluster.local
|
|
- authenticate.localhost.pomerium.io
|
|
# TODO - If you're not using the Pomerium Ingress controller, you may want a wildcard entry as well.
|
|
#- "*.localhost.pomerium.io" # Quotes are required to escape the wildcard
|
|
---
|
|
apiVersion: cert-manager.io/v1
|
|
kind: Certificate
|
|
metadata:
|
|
name: pomerium-redis-cert
|
|
namespace: pomerium
|
|
spec:
|
|
secretName: pomerium-redis-tls
|
|
issuerRef:
|
|
name: pomerium-issuer
|
|
kind: Issuer
|
|
dnsNames:
|
|
- pomerium-redis-master.pomerium.svc.cluster.local
|
|
- pomerium-redis-headless.pomerium.svc.cluster.local
|
|
- pomerium-redis-replicas.pomerium.svc.cluster.local
|