diff options
author | Patrick Spek <p.spek@tyil.nl> | 2023-10-27 13:15:57 +0200 |
---|---|---|
committer | Patrick Spek <p.spek@tyil.nl> | 2023-10-27 13:17:59 +0200 |
commit | 8936cde0433bbdf23a663d3feaf6faef31461bae (patch) | |
tree | f8df2b4d8ba84112c8c4cb7de84a39d7150c86a9 /data.d/k3s-master/manifests.d/tyilnet/cicd-system | |
parent | 53f513e057a8259f5e5272ab713f2d35a75d70ce (diff) |
Add proper CSP header for argo
Diffstat (limited to 'data.d/k3s-master/manifests.d/tyilnet/cicd-system')
-rw-r--r-- | data.d/k3s-master/manifests.d/tyilnet/cicd-system/auth-proxy.yaml | 18 | ||||
-rw-r--r-- | data.d/k3s-master/manifests.d/tyilnet/cicd-system/ingress.yaml | 1 |
2 files changed, 19 insertions, 0 deletions
diff --git a/data.d/k3s-master/manifests.d/tyilnet/cicd-system/auth-proxy.yaml b/data.d/k3s-master/manifests.d/tyilnet/cicd-system/auth-proxy.yaml index cd9aeb9..3b96bf8 100644 --- a/data.d/k3s-master/manifests.d/tyilnet/cicd-system/auth-proxy.yaml +++ b/data.d/k3s-master/manifests.d/tyilnet/cicd-system/auth-proxy.yaml @@ -7,9 +7,27 @@ metadata: spec: chart: https://git.tyil.nl/helm/oauth2-proxy/snapshot/oauth2-proxy-497a618778ead59ce985b81031a863dda9ff2126.tar.gz valuesContent: |- + image: + tag: v7.4.0 secret: enabled: false envFrom: secretRef: - name: auth-proxy-ci + ingress: + enabled: true + ingressClassName: traefik + annotations: + cert-manager.io/cluster-issuer: "letsencrypt-production" + traefik.ingress.kubernetes.io/router.middlewares: kube-system-redirect-https@kubernetescrd + traefik.ingress.kubernetes.io/router.middlewares: kube-system-headers-argo@kubernetescrd + tls: + - secretName: tls-nl.tyil.ci + hosts: + - ci.tyil.nl + hosts: + - host: ci.tyil.nl + paths: + - path: / + pathType: Prefix ... diff --git a/data.d/k3s-master/manifests.d/tyilnet/cicd-system/ingress.yaml b/data.d/k3s-master/manifests.d/tyilnet/cicd-system/ingress.yaml index b97af7c..39da576 100644 --- a/data.d/k3s-master/manifests.d/tyilnet/cicd-system/ingress.yaml +++ b/data.d/k3s-master/manifests.d/tyilnet/cicd-system/ingress.yaml @@ -12,6 +12,7 @@ metadata: annotations: cert-manager.io/cluster-issuer: "letsencrypt-production" traefik.ingress.kubernetes.io/router.middlewares: kube-system-redirect-https@kubernetescrd + traefik.ingress.kubernetes.io/router.middlewares: kube-system-headers-argo@kubernetescrd spec: ingressClassName: traefik tls: |