HTTP -> HTTPS upgrade redirects for the staging sites.

There may be a cleaner way to configure this with Kubernetes. For now,
we expose port 80 on the load balancers and let NGINX redirect that
traffic to the HTTPS version of the site.

k8s/aws/atst-nginx-configmap.yml

@@ -6,6 +6,16 @@ metadata:
   namespace: atat
 data:
   nginx-config: |-
+    server {
+        listen 8342;
+        server_name aws.atat.code.mil;
+        return 301 https://$host$request_uri;
+    }
+    server {
+        listen 8343;
+        server_name auth-aws.atat.code.mil;
+        return 301 https://$host$request_uri;
+    }
     server {
         server_name aws.atat.code.mil;
         # access_log /var/log/nginx/access.log json;

k8s/aws/aws.yml

@@ -47,8 +47,12 @@ spec:
         - name: nginx
           image: nginx:alpine
           ports:
+            - containerPort: 8342
+              name: main-upgrade
             - containerPort: 8442
               name: main
+            - containerPort: 8343
+              name: auth-upgrade
             - containerPort: 8443
               name: auth
           volumeMounts:
@@ -169,8 +173,12 @@ metadata:
     service.beta.kubernetes.io/aws-load-balancer-type: "nlb"
 spec:
   ports:
+  - port: 80
+    targetPort: 8342
+    name: http
   - port: 443
     targetPort: 8442
+    name: https
   selector:
     role: web
   type: LoadBalancer
@@ -186,8 +194,12 @@ metadata:
     service.beta.kubernetes.io/aws-load-balancer-type: "nlb"
 spec:
   ports:
+  - port: 80
+    targetPort: 8343
+    name: http
   - port: 443
     targetPort: 8443
+    name: https
   selector:
     role: web
   type: LoadBalancer

k8s/azure/atst-nginx-configmap.yml

@@ -6,6 +6,16 @@ metadata:
   namespace: atat
 data:
   nginx-config: |-
+    server {
+        listen 8342;
+        server_name azure.atat.code.mil;
+        return 301 https://$host$request_uri;
+    }
+    server {
+        listen 8343;
+        server_name auth-azure.atat.code.mil;
+        return 301 https://$host$request_uri;
+    }
     server {
         server_name azure.atat.code.mil;
         # access_log /var/log/nginx/access.log json;

k8s/azure/azure.yml

@@ -47,8 +47,12 @@ spec:
         - name: nginx
           image: nginx:alpine
           ports:
+            - containerPort: 8342
+              name: main-upgrade
             - containerPort: 8442
               name: main
+            - containerPort: 8343
+              name: auth-upgrade
             - containerPort: 8443
               name: auth
           volumeMounts:
@@ -168,8 +172,12 @@ metadata:
 spec:
   loadBalancerIP: 13.92.235.6
   ports:
+  - port: 80
+    targetPort: 8342
+    name: http
   - port: 443
     targetPort: 8442
+    name: https
   selector:
     role: web
   type: LoadBalancer
@@ -184,8 +192,12 @@ metadata:
 spec:
   loadBalancerIP: 23.100.24.41
   ports:
+  - port: 80
+    targetPort: 8343
+    name: http
   - port: 443
     targetPort: 8443
+    name: https
   selector:
     role: web
   type: LoadBalancer