release: {{ .Release.Name }}
heritage: {{ .Release.Service }}
data:
-{{ (.Files.Glob "config/ws/*").AsConfig | indent 2 }}
+ {{- (tpl (.Files.Glob "config/ws/*").AsConfig . ) | nindent 2 }}
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: arvados-ws-https-configmap
+ labels:
+ app: {{ template "arvados.name" . }}
+ chart: {{ template "arvados.chart" . }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+data:
+ nginx.conf: |
+ upstream httpContainer {
+ server 127.0.0.1:29003;
+ }
+
+ server {
+ listen 9003 ssl;
+ server_name arvados-ws-https;
+
+ proxy_connect_timeout 90s;
+ proxy_read_timeout 300s;
+ proxy_set_header X-Real-IP $remote_addr;
+
+ ssl_certificate /etc/nginx/ssl.crt;
+ ssl_certificate_key /etc/nginx/ssl.key;
+
+ # Clients need to be able to upload blocks of data up to 64MiB in size.
+ client_max_body_size 64m;
+
+ # Redirect plain HTTP requests to HTTPS.
+ error_page 497 301 =307 https://$host:$server_port$request_uri;
+
+ location / {
+ proxy_pass http://httpContainer;
+ proxy_set_header Upgrade $http_upgrade;
+ proxy_set_header Connection "upgrade";
+ proxy_set_header Host $host:$server_port;
+ proxy_set_header X-Forwarded-For $remote_addr;
+ }
+ }
projects / arvados-k8s.git / blobdiff