Use dhparam.pem from AZ Key Vault
This commit is contained in:
tomdds
@@ -23,6 +23,7 @@ spec:
|
|||||||
labels:
|
labels:
|
||||||
app: atst
|
app: atst
|
||||||
role: web
|
role: web
|
||||||
|
aadpodidbinding: atat-kv-id-binding
|
||||||
spec:
|
spec:
|
||||||
securityContext:
|
securityContext:
|
||||||
fsGroup: 101
|
fsGroup: 101
|
||||||
@@ -76,6 +77,9 @@ spec:
|
|||||||
mountPath: "/usr/share/nginx/html/.well-known/acme-challenge/"
|
mountPath: "/usr/share/nginx/html/.well-known/acme-challenge/"
|
||||||
- name: snippets
|
- name: snippets
|
||||||
mountPath: "/etc/nginx/snippets/"
|
mountPath: "/etc/nginx/snippets/"
|
||||||
|
- name: nginx-dhparam-secret
|
||||||
|
mountPath: "/etc/ssl/"
|
||||||
|
readOnly: true
|
||||||
volumes:
|
volumes:
|
||||||
- name: atst-config
|
- name: atst-config
|
||||||
secret:
|
secret:
|
||||||
@@ -136,6 +140,16 @@ spec:
|
|||||||
- name: snippets
|
- name: snippets
|
||||||
configMap:
|
configMap:
|
||||||
name: nginx-snippets
|
name: nginx-snippets
|
||||||
|
- name: nginx-dhparam-secret
|
||||||
|
flexVolume:
|
||||||
|
driver: "azure/kv"
|
||||||
|
options:
|
||||||
|
usepodidentity: "true"
|
||||||
|
keyvaultname: "atat-vault-test"
|
||||||
|
keyvaultobjectnames: "dhparam4096"
|
||||||
|
keyvaultobjectaliases: "dhparam.pem"
|
||||||
|
keyvaultobjecttypes: secret
|
||||||
|
tenantid: "b5ab0e1e-09f8-4258-afb7-fb17654bc5b3"
|
||||||
---
|
---
|
||||||
apiVersion: extensions/v1beta1
|
apiVersion: extensions/v1beta1
|
||||||
kind: Deployment
|
kind: Deployment
|
||||||
|
|||||||
Reference in New Issue
Block a user