From ef8846eb004377a4d7fe3f7d589e71035a8017dd Mon Sep 17 00:00:00 2001
From: Vincent Ambo <tazjin@gmail.com>
Date: Wed, 21 Sep 2016 02:27:31 +0200
Subject: [PATCH] [nginx] Add gogs certificate

---
 nginx/conf/http.conf | 4 ++++
 nginx/nginx.yaml     | 7 ++++++-
 2 files changed, 10 insertions(+), 1 deletion(-)

diff --git a/nginx/conf/http.conf b/nginx/conf/http.conf
index c8b7d3d8d..d7995f543 100644
--- a/nginx/conf/http.conf
+++ b/nginx/conf/http.conf
@@ -26,6 +26,10 @@ server {
 server {
     listen 443 ssl http2;
     server_name git.tazj.in;
+
+    ssl_certificate /etc/nginx/ssl/git.tazj.in/fullchain.pem;
+    ssl_certificate_key /etc/nginx/ssl/git.tazj.in/key.pem;
+
     location / {
         proxy_pass http://gogs-priv.default.svc.cluster.local:3000;
     }
diff --git a/nginx/nginx.yaml b/nginx/nginx.yaml
index 3d44e33ce..01391492e 100644
--- a/nginx/nginx.yaml
+++ b/nginx/nginx.yaml
@@ -7,7 +7,7 @@ metadata:
     app: nginx
     spec: v4
 spec:
-  replicas: 1
+  replicas: 2
   template:
     metadata:
       labels:
@@ -21,6 +21,8 @@ spec:
               mountPath: /etc/nginx/ssl/tazj.in
             - name: www-tazj-in-tls
               mountPath: /etc/nginx/ssl/www.tazj.in
+            - name: git-tazj-in-tls
+              mountPath: /etc/nginx/ssl/git.tazj.in
             - name: nginx-dhparam
               mountPath: /etc/nginx/ssl/dhparam
             - name: nginx-config
@@ -46,6 +48,9 @@ spec:
         - name: www-tazj-in-tls
           secret:
             secretName: www-tazj-in-tls
+        - name: git-tazj-in-tls
+          secret:
+            secretName: git-tazj-in-tls
         - name: nginx-dhparam
           secret:
             secretName: nginx-dhparam