54 lines
1.7 KiB
YAML
54 lines
1.7 KiB
YAML
apiVersion: kustomize.config.k8s.io/v1beta1
|
|
kind: Kustomization
|
|
|
|
resources:
|
|
- ../../base
|
|
- gitea-service.yaml
|
|
|
|
namePrefix: prod-
|
|
|
|
patches:
|
|
- target:
|
|
kind: Ingress
|
|
name: bakery-ingress
|
|
patch: |-
|
|
- op: replace
|
|
path: /spec/tls/0/hosts/0
|
|
value: bakewise.ai
|
|
- op: replace
|
|
path: /spec/tls/0/hosts/1
|
|
value: gitea.bakewise.ai
|
|
- op: replace
|
|
path: /spec/tls/0/hosts/2
|
|
value: registry.bakewise.ai
|
|
- op: add
|
|
path: /spec/tls/0/hosts/-
|
|
value: mail.bakewise.ai
|
|
- op: replace
|
|
path: /spec/tls/0/secretName
|
|
value: bakery-ia-prod-tls-cert
|
|
- op: replace
|
|
path: /spec/rules/0/host
|
|
value: bakewise.ai
|
|
- op: replace
|
|
path: /spec/rules/1/host
|
|
value: gitea.bakewise.ai
|
|
- op: replace
|
|
path: /spec/rules/2/host
|
|
value: registry.bakewise.ai
|
|
# Mail rule removed - mail ingress is deployed separately via mailu-helm
|
|
- op: add
|
|
path: /metadata/annotations/nginx.ingress.kubernetes.io~1cors-allow-origin
|
|
value: "https://bakewise.ai,https://www.bakewise.ai,https://mail.bakewise.ai,https://registry.bakewise.ai,https://gitea.bakewise.ai"
|
|
- op: add
|
|
path: /metadata/annotations/nginx.ingress.kubernetes.io~1limit-rps
|
|
value: "100"
|
|
- op: add
|
|
path: /metadata/annotations/nginx.ingress.kubernetes.io~1limit-connections
|
|
value: "50"
|
|
- op: add
|
|
path: /metadata/annotations/cert-manager.io~1cluster-issuer
|
|
value: "letsencrypt-production"
|
|
- op: add
|
|
path: /metadata/annotations/cert-manager.io~1acme-challenge-type
|
|
value: "http01" |