feat(openbao): enable bao.coulomb.social ingress and Traefik middlewares
Expose OpenBao UI via TLS ingress with rate-limit and HSTS middlewares. Track netkingdom OIDC mount in authenticated verify checks.
This commit is contained in:
parent
7838df6069
commit
423eccc8e9
4 changed files with 59 additions and 2 deletions
|
|
@ -31,7 +31,23 @@ server:
|
|||
memory: 512Mi
|
||||
|
||||
ingress:
|
||||
enabled: false
|
||||
enabled: true
|
||||
annotations:
|
||||
cert-manager.io/cluster-issuer: letsencrypt-prod
|
||||
traefik.ingress.kubernetes.io/router.middlewares: >-
|
||||
openbao-openbao-rate-limit@kubernetescrd,
|
||||
openbao-openbao-hsts@kubernetescrd
|
||||
ingressClassName: traefik
|
||||
pathType: Prefix
|
||||
activeService: true
|
||||
hosts:
|
||||
- host: bao.coulomb.social
|
||||
paths:
|
||||
- /
|
||||
tls:
|
||||
- secretName: bao-tls
|
||||
hosts:
|
||||
- bao.coulomb.social
|
||||
|
||||
authDelegator:
|
||||
enabled: true
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue