-
Notifications
You must be signed in to change notification settings - Fork 23
/
gateway.yaml
42 lines (41 loc) · 1.29 KB
/
gateway.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
# Copyright 2024 Defense Unicorns
# SPDX-License-Identifier: AGPL-3.0-or-later OR LicenseRef-Defense-Unicorns-Commercial
{{- $domain := tpl .Values.domain . }}
{{- if .Values.tls }}
apiVersion: networking.istio.io/v1beta1
kind: Gateway
metadata:
name: {{ .Values.name }}-gateway
namespace: {{ .Release.Namespace }}
spec:
selector:
app: {{ .Values.name }}-ingressgateway
servers:
{{ range $name,$server := .Values.tls.servers }}
- hosts:
{{- range $server.hosts | default (list "*") }}
- "{{ . }}.{{ $domain }}"
{{- end }}
port:
name: "http-{{ $name }}"
number: 80
protocol: HTTP
tls:
httpsRedirect: true
- hosts:
{{- range $server.hosts | default (list "*") }}
- "{{ . }}.{{ $domain }}"
{{- end }}
port:
name: "https-{{ $name }}"
number: 443
protocol: HTTPS
tls:
mode: {{ $server.mode }}
{{- if ne $server.mode "PASSTHROUGH" }}
credentialName: {{ $.Values.tls.credentialName | default "gateway-tls" | quote }}
# if supportTLSV1_2 is both defined and true, use TLSV1_2, otherwise use TLSV1_3
minProtocolVersion: {{ if $.Values.tls.supportTLSV1_2 }}TLSV1_2{{ else }}TLSV1_3{{ end }}
{{- end }}
{{ end }}
{{ end }}