1 # Copyright (C) The Arvados Authors. All rights reserved.
3 # SPDX-License-Identifier: Apache-2.0
12 chart: {{ template "arvados.chart" . }}
13 release: {{ .Release.Name }}
14 heritage: {{ .Release.Service }}
19 release: {{ .Release.Name }}
24 release: {{ .Release.Name }}
27 - name: {{ .Chart.Name }}
29 imagePullPolicy: {{ .Values.image.pullPolicy }}
31 - name: nginx-configmap
32 mountPath: /etc/nginx/conf.d/default.conf
35 mountPath: /etc/nginx/ssl.crt
38 mountPath: /etc/nginx/ssl.key
44 - name: nginx-configmap
46 name: arvados-ws-https-configmap
51 name: arvados-ws-https-configmap
53 app: {{ template "arvados.name" . }}
54 chart: {{ template "arvados.chart" . }}
55 release: {{ .Release.Name }}
56 heritage: {{ .Release.Service }}
59 upstream httpContainer {
60 server arvados-ws:9003;
64 listen 0.0.0.0:9003 ssl;
65 server_name arvados-ws-https;
67 proxy_connect_timeout 90s;
68 proxy_read_timeout 300s;
69 proxy_set_header X-Real-IP $remote_addr;
72 ssl_certificate /etc/nginx/ssl.crt;
73 ssl_certificate_key /etc/nginx/ssl.key;
75 # Clients need to be able to upload blocks of data up to 64MiB in size.
76 client_max_body_size 64m;
78 # Redirect plain HTTP requests to HTTPS.
79 error_page 497 301 =307 https://$host:$server_port$request_uri;
82 proxy_pass http://httpContainer;
83 proxy_set_header Upgrade $http_upgrade;
84 proxy_set_header Connection "upgrade";
85 proxy_set_header Host $host:$server_port;
86 proxy_set_header X-Forwarded-For $remote_addr;
93 name: arvados-ws-https
95 app: {{ template "arvados.name" . }}
96 chart: {{ template "arvados.chart" . }}
97 release: {{ .Release.Name }}
98 heritage: {{ .Release.Service }}
101 loadBalancerIP: {{ required "A valid externalIP is required!" .Values.externalIP }}
108 app: arvados-ws-https