1 # Copyright (C) The Arvados Authors. All rights reserved.
3 # SPDX-License-Identifier: Apache-2.0
9 name: arvados-keep-proxy-https
11 app: arvados-keep-proxy-https
12 chart: {{ template "arvados.chart" . }}
13 release: {{ .Release.Name }}
14 heritage: {{ .Release.Service }}
18 app: arvados-keep-proxy-https
19 release: {{ .Release.Name }}
23 app: arvados-keep-proxy-https
24 release: {{ .Release.Name }}
27 - name: {{ .Chart.Name }}
29 imagePullPolicy: {{ .Values.image.pullPolicy }}
31 - name: nginx-configmap
32 mountPath: /etc/nginx/conf.d/default.conf
35 mountPath: /etc/nginx/ssl.crt
38 mountPath: /etc/nginx/ssl.key
44 - name: nginx-configmap
46 name: arvados-keep-proxy-https-configmap
51 name: arvados-keep-proxy-https-configmap
53 app: {{ template "arvados.name" . }}
54 chart: {{ template "arvados.chart" . }}
55 release: {{ .Release.Name }}
56 heritage: {{ .Release.Service }}
59 upstream httpContainer {
60 server arvados-keep-proxy:25107;
64 listen 0.0.0.0:25107 ssl;
65 server_name arvados-keep-proxy-https;
68 ssl_certificate /etc/nginx/ssl.crt;
69 ssl_certificate_key /etc/nginx/ssl.key;
71 # Clients need to be able to upload blocks of data up to 64MiB in size.
72 client_body_buffer_size 64M;
73 client_max_body_size 64m;
75 # Redirect plain HTTP requests to HTTPS.
76 error_page 497 301 =307 https://$host:$server_port$request_uri;
79 proxy_pass http://httpContainer;
80 proxy_connect_timeout 90s;
81 proxy_read_timeout 300s;
83 proxy_set_header X-Forwarded-Proto https;
84 proxy_set_header Host $host:$server_port;
85 proxy_set_header X-Real-IP $remote_addr;
86 proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
93 name: arvados-keep-proxy-https
95 app: {{ template "arvados.name" . }}
96 chart: {{ template "arvados.chart" . }}
97 release: {{ .Release.Name }}
98 heritage: {{ .Release.Service }}
101 loadBalancerIP: {{ required "A valid externalIP is required!" .Values.externalIP }}
108 app: arvados-keep-proxy-https