-
Notifications
You must be signed in to change notification settings - Fork 2
/
deployment.yaml
59 lines (58 loc) · 1.89 KB
/
deployment.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
---
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: internaltableau
spec:
replicas: 1
template:
metadata:
labels:
name: internaltableau
spec:
containers:
- name: opensslsidekick
image: quay.io/ukhomeofficedigital/dq-haproxy-openssl-sidekick:b489e4b631ebddf4513ca536b01e2cd80af60f6d
imagePullPolicy: Always
securityContext:
runAsNonRoot: true
runAsUser: 1000
env:
- name: EXPOSED_PORT
value: '5000'
- name: HOST
value: '10.3.0.11'
- name: PORT
value: '8081'
ports:
- containerPort: 5000
- name: proxy
image: quay.io/ukhomeofficedigital/nginx-proxy-proxy-redirect
securityContext:
runAsNonRoot: true
runAsUser: 1000
env:
- name: PROXY_SERVICE_HOST
value: 'https://10.3.0.11'
- name: PROXY_SERVICE_PORT
value: '8081'
- name: LOG_FORMAT_NAME
value: 'json'
- name: NAXSI_USE_DEFAULT_RULES
value: 'FALSE'
- name: ENABLE_UUID_PARAM
value: 'FALSE'
- name: PROXY_REDIRECT
value: 'https://127.0.0.1:5000 https://$host; proxy_redirect https://{{.URL}}:10443 https://$host'
- name: ADD_NGINX_SERVER_CFG
value: |
proxy_read_timeout 300s;
proxy_send_timeout 300s;
proxy_connect_timeout 300s;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Host $server_name;
proxy_set_header X-Forwarded-Proto https;
ports:
- name: https
containerPort: 10443