pk/atst
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Configure K8s deployment for easy LetsEncrypt verification.

Browse Source 
This is not the certificate setup we will use in production. I'd like to
merge this configuration as a reference point because this is the
easiest way to handle manual LetsEncrypt verification within the
cluster.

This allows NGINX to serve static files over HTTP from the
".well-known/acme-challenge" directory, which is necessary for certbot
validation of domain ownership.
This commit is contained in:
dandds
2019-11-14 09:51:35 -05:00
parent 9c086e2f85
commit 79eb691907
5 changed files with 56 additions and 37 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
deploy/azure/atst-nginx-configmap.yml
View File

@@ -9,12 +9,24 @@ data:
server {
listen ${PORT_PREFIX}342;
server_name ${MAIN_DOMAIN};
return 301 https://$host$request_uri;
root /usr/share/nginx/html;
location /.well-known/acme-challenge/ {
try_files $uri =404;
}
location / {
return 301 https://$host$request_uri;
}
}
server {
listen ${PORT_PREFIX}343;
server_name ${AUTH_DOMAIN};
return 301 https://$host$request_uri;
root /usr/share/nginx/html;
location /.well-known/acme-challenge/ {
try_files $uri =404;
}
location / {
return 301 https://$host$request_uri;
}
}
server {
server_name ${MAIN_DOMAIN};