Uses Google-managed certificates and an Ingress resource to set up an HTTPS load-balancer. This probably won't be the final version as the GKE Ingress is very limited and can not do things like redirect URLs, which I need to decommission the old setup.
		
			
				
	
	
		
			25 lines
		
	
	
	
		
			690 B
		
	
	
	
		
			YAML
		
	
	
	
	
	
			
		
		
	
	
			25 lines
		
	
	
	
		
			690 B
		
	
	
	
		
			YAML
		
	
	
	
	
	
| # Kontemplate configuration for the primary GKE cluster in the project
 | |
| # 'tazjins-infrastructure'.
 | |
| ---
 | |
| context: gke_tazjins-infrastructure_europe-north1_tazjin-cluster
 | |
| include:
 | |
|   # SSL certificates (provisioned by Google)
 | |
|   - name: tazj-in-cert
 | |
|     path: https-cert
 | |
|     values:
 | |
|       domain: tazj.in
 | |
|   - name: www-tazj-in-cert
 | |
|     path: https-cert
 | |
|     values:
 | |
|       domain: www.tazj.in
 | |
| 
 | |
|   # Services
 | |
|   - name: nixery
 | |
|     values:
 | |
|       port: 8080
 | |
|       version: 2e688c1
 | |
|       bucket: tazjins-data
 | |
|       account: nixery@tazjins-infrastructure.iam.gserviceaccount.com
 | |
|       repo: ssh://source.developers.google.com:2022/p/tazjins-infrastructure/r/monorepo
 | |
|   - name: tazblog
 | |
|   - name: https-lb
 |