Skip to content

Commit

Permalink
test
Browse files Browse the repository at this point in the history
  • Loading branch information
@akurilov
akurilov committed Nov 24, 2023
1 parent 10c0a1a commit 5ae835f
Show file tree
Hide file tree
Showing 4 changed files with 43 additions and 3 deletions.
2 changes: 2 additions & 0 deletions .gitignore
View file
Original file line number Diff line number Diff line change
@@ -1 +1,3 @@
client_secret_*.json
ca.*
server.*
38 changes: 38 additions & 0 deletions README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,3 +6,41 @@ Reference Web UI

Uses an external identity provider (Google OAuth2 currently).
Navigate https://awakari.cloud

## 2. Server TLS

```shell
openssl req -x509 -sha256 -newkey rsa:4096 -nodes \
-keyout ca.key \
-out ca.crt \
-addext "subjectAltName=DNS:awakari.cloud" \
-subj '/O=awakari/CN=awakari.cloud' \
-days 30
```

```shell
kubectl create secret generic \
secret-webapp-tls-ca \
--from-file=ca.crt=ca.crt
```

```shell
openssl req -newkey rsa:4096 -nodes -keyout server.key -out server.csr \
-addext "subjectAltName=DNS:awakari.cloud" \
-subj "/O=awakari"
```

```shell
openssl x509 -req -in server.csr -CA ca.crt -CAkey ca.key -CAcreateserial \
-copy_extensions copyall \
-extfile <(printf "subjectAltName=DNS:awakari.cloud") \
-out server.crt \
-days 30
```

```shell
kubectl create secret tls \
secret-webapp-tls-server \
--key server.key \
--cert server.crt
```
2 changes: 1 addition & 1 deletion helm/webapp/values-demo-0.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,6 @@ ingress:
- path: /
pathType: ImplementationSpecific
tls:
- secretName: secret-api-tls-server
- secretName: secret-webapp-tls-server
hosts:
- awakari.cloud
4 changes: 2 additions & 2 deletions helm/webapp/values.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -47,9 +47,9 @@ ingress:
- path: /
pathType: ImplementationSpecific
tlsCa:
secretName: secret-api-tls-ca
secretName: secret-webapp-tls-ca
tls:
- secretName: secret-api-tls-server
- secretName: secret-webapp-tls-server
hosts:
- webapp.local

Expand Down

0 comments on commit 5ae835f

Please sign in to comment.