1 # Copyright (C) The Arvados Authors. All rights reserved.
3 # SPDX-License-Identifier: Apache-2.0
8 name: arvados-api-server-configmap
10 app: arvados-api-server
11 chart: {{ template "arvados.chart" . }}
12 release: {{ .Release.Name }}
13 heritage: {{ .Release.Service }}
15 {{- (tpl (.Files.Glob "config/api-server/*").AsConfig . ) | nindent 2 }}
21 name: arvados-api-server-https-configmap
23 app: {{ template "arvados.name" . }}
24 chart: {{ template "arvados.chart" . }}
25 release: {{ .Release.Name }}
26 heritage: {{ .Release.Service }}
30 server 127.0.0.1:9004;
33 proxy_http_version 1.1;
35 # When Keep clients request a list of Keep services from the API server, the
36 # server will automatically return the list of available proxies if
37 # the request headers include X-External-Client: 1. Following the example
38 # here, at the end of this section, add a line for each netmask that has
39 # direct access to Keep storage daemons to set this header value to 0.
40 geo $external_client {
47 server_name public-api;
49 ssl_certificate /etc/nginx/ssl.crt;
50 ssl_certificate_key /etc/nginx/ssl.key;
52 client_max_body_size 128m;
54 # Redirect plain HTTP requests to HTTPS.
55 error_page 497 301 =307 https://$host:$server_port$request_uri;
58 proxy_pass http://controller;
59 proxy_connect_timeout 90s;
60 proxy_read_timeout 300s;
62 proxy_set_header X-Forwarded-Proto https;
63 proxy_set_header Host $http_host;
64 proxy_set_header X-External-Client $external_client;
65 proxy_set_header X-Real-IP $remote_addr;
66 proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
projects / arvados-k8s.git / blob