pk/atst
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
5,519 Commits 1 Branch 0 Tags
b1cf89051a2d74bb1567c12906b626b0ff4ff267
Commit Graph

6 Commits

Author SHA1 Message Date
dandds
b1cf89051a Add kubernetes config and scripts for syncing CRLs. 
This adds a previous version of the CRL sync functionality back to the
repo, with some small adjustments. We now grab the CRLs directly from
their DISA URLs.

The CRL sync is handled by a kubernetes cronjob that sync the files to a
persistent volume that is mounted into each Flask app container.
 2019-08-06 11:05:18 -04:00
dandds
27a0569a7e HTTP -> HTTPS upgrade redirects for the staging sites. 
There may be a cleaner way to configure this with Kubernetes. For now,
we expose port 80 on the load balancers and let NGINX redirect that
traffic to the HTTPS version of the site.
 2019-08-02 15:30:37 -04:00
dandds
e5c360452c Add SSL/TLS config for staging sites. 
This presumes the existence of TLS kubernetes secrets available in both
clusters. It adds NGINX config for SSL termination and the necessary k8s
config to write the certificate and private key to the NGINX container.
 2019-08-02 15:01:56 -04:00
dandds
1577312fb8 Add htpwasswd for basic auth on login-dev. 
Add the k8s secret and volume mount for the htpasswd file.
 2019-08-02 15:01:56 -04:00
dandds
4c70d59c5d Add k8s networking. 
- bind static azure IPs
- Add load balancers for both CSPs
 2019-07-31 11:58:08 -04:00
dandds
52829a1236 Add additional k8s config for AWS and Azure. 
- remove unused k8s environment config
- experimental config for azure and aws
- use nginx for proxy and add rq worker pod
 2019-07-31 11:57:24 -04:00