From df6c563262bba6ae7b89ca012ad105f52b342a21 Mon Sep 17 00:00:00 2001
From: Devon Mackay <devon@dds.mil>
Date: Wed, 8 Aug 2018 10:49:26 -0400
Subject: [PATCH] Enable redirects for login route and non-ssl traffic

---
 deploy/kubernetes/atst-nginx-configmap.yml | 9 ++++++---
 1 file changed, 6 insertions(+), 3 deletions(-)

diff --git a/deploy/kubernetes/atst-nginx-configmap.yml b/deploy/kubernetes/atst-nginx-configmap.yml
index eef7b377..6e2b1d69 100644
--- a/deploy/kubernetes/atst-nginx-configmap.yml
+++ b/deploy/kubernetes/atst-nginx-configmap.yml
@@ -10,9 +10,12 @@ data:
         server_name www.atat.codes atat.codes;
         listen 8442;
         listen [::]:8442 ipv6only=on;
-        #if ($http_x_forwarded_proto != 'https') {
-        #    return 301 https://$host$request_uri;
-        #}
+        if ($http_x_forwarded_proto != 'https') {
+            return 301 https://$host$request_uri;
+        }
+        location /login-redirect {
+            return 301 https://auth.atat.codes$request_uri;
+        }
         location /login-dev {
             try_files $uri @appbasicauth;
         }