bakery-ia/infrastructure/kubernetes/base/ingress-https.yaml

apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: bakery-ingress-https
  namespace: bakery-ia
  labels:
    app.kubernetes.io/name: bakery-ia
    app.kubernetes.io/component: ingress
  annotations:
    # Nginx ingress controller annotations
    nginx.ingress.kubernetes.io/ssl-redirect: "true"
    nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
    nginx.ingress.kubernetes.io/proxy-body-size: "10m"
    nginx.ingress.kubernetes.io/proxy-connect-timeout: "600"
    nginx.ingress.kubernetes.io/proxy-send-timeout: "600"
    nginx.ingress.kubernetes.io/proxy-read-timeout: "600"
    # CORS configuration for HTTPS
    nginx.ingress.kubernetes.io/enable-cors: "true"
    nginx.ingress.kubernetes.io/cors-allow-origin: "https://bakery-ia.local,https://api.bakery-ia.local,https://monitoring.bakery-ia.local"
    nginx.ingress.kubernetes.io/cors-allow-methods: "GET, POST, PUT, DELETE, OPTIONS, PATCH"
    nginx.ingress.kubernetes.io/cors-allow-headers: "Content-Type, Authorization, X-Requested-With, Accept, Origin"
    nginx.ingress.kubernetes.io/cors-allow-credentials: "true"
    # Cert-manager annotations for automatic certificate issuance
    cert-manager.io/cluster-issuer: "letsencrypt-staging"  # Change to letsencrypt-production for production
    cert-manager.io/acme-challenge-type: http01
spec:
  ingressClassName: nginx
  tls:
  - hosts:
    - bakery-ia.local
    - api.bakery-ia.local
    - monitoring.bakery-ia.local
    secretName: bakery-ia-tls-cert
  rules:
  - host: bakery-ia.local
    http:
      paths:
      - path: /
        pathType: Prefix
        backend:
          service:
            name: frontend-service
            port:
              number: 3000
      - path: /api
        pathType: Prefix
        backend:
          service:
            name: gateway-service
            port:
              number: 8000
      - path: /auth
        pathType: Prefix
        backend:
          service:
            name: auth-service
            port:
              number: 8000
  - host: api.bakery-ia.local
    http:
      paths:
      - path: /
        pathType: Prefix
        backend:
          service:
            name: gateway-service
            port:
              number: 8000
  - host: monitoring.bakery-ia.local
    http:
      paths:
      - path: /grafana
        pathType: Prefix
        backend:
          service:
            name: grafana-service
            port:
              number: 3000
      - path: /prometheus
        pathType: Prefix
        backend:
          service:
            name: prometheus-service
            port:
              number: 9090
Add base kubernetes support final 2025-09-28 13:54:28 +02:00			`apiVersion: networking.k8s.io/v1`
			`kind: Ingress`
			`metadata:`
			`name: bakery-ingress-https`
			`namespace: bakery-ia`
			`labels:`
			`app.kubernetes.io/name: bakery-ia`
			`app.kubernetes.io/component: ingress`
			`annotations:`
			`# Nginx ingress controller annotations`
			`nginx.ingress.kubernetes.io/ssl-redirect: "true"`
			`nginx.ingress.kubernetes.io/force-ssl-redirect: "true"`
			`nginx.ingress.kubernetes.io/proxy-body-size: "10m"`
			`nginx.ingress.kubernetes.io/proxy-connect-timeout: "600"`
			`nginx.ingress.kubernetes.io/proxy-send-timeout: "600"`
			`nginx.ingress.kubernetes.io/proxy-read-timeout: "600"`
			`# CORS configuration for HTTPS`
			`nginx.ingress.kubernetes.io/enable-cors: "true"`
			`nginx.ingress.kubernetes.io/cors-allow-origin: "https://bakery-ia.local,https://api.bakery-ia.local,https://monitoring.bakery-ia.local"`
			`nginx.ingress.kubernetes.io/cors-allow-methods: "GET, POST, PUT, DELETE, OPTIONS, PATCH"`
			`nginx.ingress.kubernetes.io/cors-allow-headers: "Content-Type, Authorization, X-Requested-With, Accept, Origin"`
			`nginx.ingress.kubernetes.io/cors-allow-credentials: "true"`
			`# Cert-manager annotations for automatic certificate issuance`
			`cert-manager.io/cluster-issuer: "letsencrypt-staging" # Change to letsencrypt-production for production`
			`cert-manager.io/acme-challenge-type: http01`
			`spec:`
			`ingressClassName: nginx`
			`tls:`
			`- hosts:`
			`- bakery-ia.local`
			`- api.bakery-ia.local`
			`- monitoring.bakery-ia.local`
			`secretName: bakery-ia-tls-cert`
			`rules:`
			`- host: bakery-ia.local`
			`http:`
			`paths:`
			`- path: /`
			`pathType: Prefix`
			`backend:`
			`service:`
			`name: frontend-service`
			`port:`
			`number: 3000`
			`- path: /api`
			`pathType: Prefix`
			`backend:`
			`service:`
			`name: gateway-service`
			`port:`
			`number: 8000`
			`- path: /auth`
			`pathType: Prefix`
			`backend:`
			`service:`
			`name: auth-service`
			`port:`
			`number: 8000`
			`- host: api.bakery-ia.local`
			`http:`
			`paths:`
			`- path: /`
			`pathType: Prefix`
			`backend:`
			`service:`
			`name: gateway-service`
			`port:`
			`number: 8000`
			`- host: monitoring.bakery-ia.local`
			`http:`
			`paths:`
			`- path: /grafana`
			`pathType: Prefix`
			`backend:`
			`service:`
			`name: grafana-service`
			`port:`
			`number: 3000`
			`- path: /prometheus`
			`pathType: Prefix`
			`backend:`
			`service:`
			`name: prometheus-service`
			`port:`
			`number: 9090`