argocd: use single ingress for http/grpc

2026-01-10 17:39:43 +00:00 · 2020-11-11 00:19:13 +07:00 · 2020-11-11 00:19:13 +07:00 · f8f7bb59b7
commit f8f7bb59b7
parent 67ee1e6a5d
3 changed files with 7 additions and 52 deletions
--- a/apps/argocd/ingress.yaml
+++ b/apps/argocd/ingress.yaml
@ -1,53 +1,23 @@
---
-apiVersion: cert-manager.io/v1alpha2
-kind: Certificate
-metadata: 
-  name: argocd
-spec:
-  secretName: argocd-secret
-  dnsNames: 
-  - argocd.gorilych.ru
-  - argocd-grpc.gorilych.ru
-  issuerRef:
-    name: letsencrypt
-    kind: ClusterIssuer
---
+# https://argoproj.github.io/argo-cd/operator-manual/ingress/#ssl-passthrough-with-cert-manager-and-lets-encrypt
 apiVersion: networking.k8s.io/v1beta1
 kind: Ingress
 metadata:
-  name: argocd-server-http-ingress
+  name: argocd-server-ingress
  annotations:
+    cert-manager.io/cluster-issuer: letsencrypt
    kubernetes.io/ingress.class: nginx
+    kubernetes.io/tls-acme: "true"
+    nginx.ingress.kubernetes.io/ssl-passthrough: "true"
+    nginx.ingress.kubernetes.io/backend-protocol: "HTTPS"
 spec:
  rules:
  - http:
      paths:
      - backend:
          serviceName: argocd-server
-          servicePort: http
+          servicePort: https
    host: argocd.gorilych.ru
  tls:
  - hosts:
    - argocd.gorilych.ru
    secretName: argocd-secret
---
-apiVersion: networking.k8s.io/v1beta1
-kind: Ingress
-metadata:
-  name: argocd-server-grpc-ingress
-  annotations:
-    kubernetes.io/ingress.class: nginx
-    nginx.ingress.kubernetes.io/backend-protocol: GRPC
-spec:
-  rules:
-  - http:
-      paths:
-      - backend:
-          serviceName: argocd-server
-          servicePort: http
-    host: argocd-grpc.gorilych.ru
-  tls:
-  - hosts:
-    - argocd-grpc.gorilych.ru
-    secretName: argocd-secret
-
--- a/apps/argocd/kustomization.yaml
+++ b/apps/argocd/kustomization.yaml
@ -9,6 +9,5 @@ resources:
 - install.yaml
 - ingress.yaml
 patchesStrategicMerge:
- patches/argocd-server.yaml
 - patches/argocd-cm.yaml
 - patches/argocd-rbac-cm.yaml
--- a/apps/argocd/patches/argocd-server.yaml
+++ b/apps/argocd/patches/argocd-server.yaml
@ -1,14 +0,0 @@
-apiVersion: apps/v1
-kind: Deployment
-metadata:
-  name: argocd-server
-spec:
-  template:
-    spec:
-      containers:
-      - name: argocd-server
-        command:
-        - argocd-server
-        - --staticassets
-        - /shared/app
-        - --insecure