diff --git a/charts/theia-cloud-base/Chart.yaml b/charts/theia-cloud-base/Chart.yaml index ce9f3a8..464f558 100644 --- a/charts/theia-cloud-base/Chart.yaml +++ b/charts/theia-cloud-base/Chart.yaml @@ -15,7 +15,7 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 1.2.0-next.0 +version: 1.2.0-next.1 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to diff --git a/charts/theia-cloud-base/README.md b/charts/theia-cloud-base/README.md index d95c83f..1b2132d 100644 --- a/charts/theia-cloud-base/README.md +++ b/charts/theia-cloud-base/README.md @@ -1,6 +1,6 @@ # theia-cloud-base -![Version: 1.2.0-next.0](https://img.shields.io/badge/Version-1.2.0--next.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 1.2.0-next](https://img.shields.io/badge/AppVersion-1.2.0--next-informational?style=flat-square) +![Version: 1.2.0-next.1](https://img.shields.io/badge/Version-1.2.0--next.1-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 1.2.0-next](https://img.shields.io/badge/AppVersion-1.2.0--next-informational?style=flat-square) Theia-cloud base chart @@ -16,6 +16,7 @@ Theia-cloud base chart | issuerca.enable | bool | `true` | whether to install the CA certificate signer | | issuerca.name | string | `"theia-cloud-ca-certificate-signer"` | name for the issuer preparing a self signed CA certificate | | issuerprod.enable | bool | `true` | whether to install the let's encrypt production cluster issuer | +| issuerprod.ingressClass | string | `"nginx"` | ingress class for the HTTP-01 ACME challenge solver | | issuerprod.name | string | `"letsencrypt-prod"` | name for the let's encrypt production cluster issuer | | issuerstaging.name | string | `"theia-cloud-selfsigned-issuer"` | name for the self signed cluster issuer | | operatorrole.name | string | `"operator-api-access"` | name for the operator's cluster role | diff --git a/charts/theia-cloud-base/templates/clusterissuer-production.yaml b/charts/theia-cloud-base/templates/clusterissuer-production.yaml index ab5a39f..9bf79cd 100644 --- a/charts/theia-cloud-base/templates/clusterissuer-production.yaml +++ b/charts/theia-cloud-base/templates/clusterissuer-production.yaml @@ -12,6 +12,6 @@ spec: solvers: - http01: ingress: - class: nginx + class: {{ .Values.issuerprod.ingressClass }} {{- end }} \ No newline at end of file diff --git a/charts/theia-cloud-base/values.yaml b/charts/theia-cloud-base/values.yaml index 5b0efcd..075ab7e 100644 --- a/charts/theia-cloud-base/values.yaml +++ b/charts/theia-cloud-base/values.yaml @@ -9,6 +9,8 @@ issuerprod: enable: true # -- name for the let's encrypt production cluster issuer name: letsencrypt-prod + # -- ingress class for the HTTP-01 ACME challenge solver + ingressClass: nginx issuerstaging: # -- name for the self signed cluster issuer diff --git a/charts/theia-cloud/Chart.yaml b/charts/theia-cloud/Chart.yaml index 436a7fa..7b6dc4d 100644 --- a/charts/theia-cloud/Chart.yaml +++ b/charts/theia-cloud/Chart.yaml @@ -15,7 +15,7 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 1.2.0-next.2 +version: 1.2.0-next.3 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to diff --git a/charts/theia-cloud/README.md b/charts/theia-cloud/README.md index dc544c0..7752220 100644 --- a/charts/theia-cloud/README.md +++ b/charts/theia-cloud/README.md @@ -1,6 +1,6 @@ # theia-cloud -![Version: 1.2.0-next.2](https://img.shields.io/badge/Version-1.2.0--next.2-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 1.2.0-next](https://img.shields.io/badge/AppVersion-1.2.0--next-informational?style=flat-square) +![Version: 1.2.0-next.3](https://img.shields.io/badge/Version-1.2.0--next.3-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 1.2.0-next](https://img.shields.io/badge/AppVersion-1.2.0--next-informational?style=flat-square) A Helm chart for Theia Cloud @@ -38,11 +38,18 @@ A Helm chart for Theia Cloud | ingress.addTLSSecretName | bool | `true` | whether the default Theia Cloud tls secret names should be used. If false no tls secret name will be set on the ingress only needed when ingress.tls == true | | ingress.certManagerAnnotations | bool | `true` | When set to true the cert-manager.io annotations will be set. Only used when ingress.addTLSSecretName === true When false certificate management is handled outside of Theia Cloud. | | ingress.clusterIssuer | string | `"letsencrypt-prod"` | The cluster issuer to use Only needed when ingress.certManagerAnnotations is true | -| ingress.instances | object | `{"allWildcardSecretNames":{},"configurationSnippets":["proxy_set_header 'X-Forwarded-Uri' $request_uri"],"name":"theia-cloud-demo-ws-ingress","proxyBodySize":"1m"}` | Values to influence the instances ingress | +| ingress.controller | string | `"nginx"` | The ingress controller to use. Currently supported: "nginx" or null Determines controller-specific default annotations and ingress class name to use. Using null or an unknown value results in only explicitly specified annotations being used. | +| ingress.ingressClassName | string | `""` | Optional: Override the ingressClassName. If empty, defaults based on ingress.controller | +| ingress.instances | object | (see details below) | Values to influence the instances ingress | | ingress.instances.allWildcardSecretNames | object | `{}` | All additional wildcard hostnames and the respective TLS secret names. Use this for wildcard hostnames that should use a TLS certificate with a `secretName` different from the default one. Only accepts wildcard hostnames that are configured in `hosts.allWildcardInstances`. | -| ingress.instances.configurationSnippets | list | `["proxy_set_header 'X-Forwarded-Uri' $request_uri"]` | Additional configuration to the ingress configuration via the `nginx.ingress.kubernetes.io/configuration-snippet` annotation. One entry in this array results in a line for the annotation. Do not add a semicolon at the end of the line here, it is automatically added. Note: Since ingress-nginx version 1.10 this annotation needs to be enabled. See [this README](../../README.md#cluster-prerequisites) for more information. | +| ingress.instances.annotations | object | `{}` | Optional: Custom annotations for instances ingress. If empty, defaults based on ingress.controller | +| ingress.instances.configurationSnippets | Deprecated | `["proxy_set_header 'X-Forwarded-Uri' $request_uri"]` | Additional configuration to the ingress configuration via the `nginx.ingress.kubernetes.io/configuration-snippet` annotation. One entry in this array results in a line for the annotation. Do not add a semicolon at the end of the line here, it is automatically added. This is deprecated in favor of using ingress.instances.annotations with the configuration-snippet key. If both configurationSnippets and annotations with configuration-snippet are provided, annotations takes precedence. Note: Since ingress-nginx version 1.10 this annotation needs to be enabled. See [this README](../../README.md#cluster-prerequisites) for more information. | | ingress.instances.name | string | `"theia-cloud-demo-ws-ingress"` | The name of the ingress which will be updated to publish new theia application. If this is not existing it will be created. You may chose to set the ingress up yourself and point Theia Cloud to the ingress via the name | | ingress.instances.proxyBodySize | string | `"1m"` | Sets the maximum allowed size of the client request body inside the application (e.g. file uploads in Theia). Defaults to 1m. Setting size to 0 disables checking of client request body size. | +| ingress.landingPage | object | (see details below) | Values to influence the landing page ingress | +| ingress.landingPage.annotations | object | `{}` | Optional: Custom annotations for landing page ingress. If empty, defaults based on ingress.controller | +| ingress.service | object | (see details below) | Values to influence the service ingress | +| ingress.service.annotations | object | `{}` | Optional: Custom annotations for service ingress. If empty, defaults based on ingress.controller | | ingress.theiaCloudCommonName | bool | `false` | When set to true the cert-manager.io/common-name annotation will be set. This is only required when the issued certificate by the cert-manager misses a common-name Only needed when ingress.certManagerAnnotations is true | | ingress.tls | bool | `true` | Does Theia Cloud expect TLS connections (true) or is TLS terminated outside of Theia Cloud (e.g. via a Load Balancer) (false) | | issuer | object | (see details below) | Values related to certificates/Cert-manager | diff --git a/charts/theia-cloud/templates/_helpers.tpl b/charts/theia-cloud/templates/_helpers.tpl new file mode 100644 index 0000000..0d1689e --- /dev/null +++ b/charts/theia-cloud/templates/_helpers.tpl @@ -0,0 +1,138 @@ +{{/* +Return the ingress class name +*/}} +{{- define "theiacloud.ingress.className" -}} +{{- if .Values.ingress.ingressClassName -}} +{{ .Values.ingress.ingressClassName }} +{{- else if eq .Values.ingress.controller "nginx" -}} +nginx +{{- else -}} +{{ .Values.ingress.controller }} +{{- end -}} +{{- end -}} + +{{/* +Return the annotations for the instances ingress +*/}} +{{- define "theiacloud.ingress.instances.annotations" -}} +{{- $annotations := dict -}} +{{- if .Values.ingress.instances.annotations -}} +{{- $annotations = .Values.ingress.instances.annotations -}} +{{- else -}} +{{- if eq .Values.ingress.controller "nginx" -}} +{{- $annotations = include "theiacloud.ingress.nginx.instances.defaultAnnotations" . | fromYaml | default (dict) -}} +{{- end -}} +{{- end -}} +{{- $certAnnotations := include "theiacloud.ingress.certManagerAnnotations" . | fromYaml | default (dict) -}} +{{- $annotations = merge $annotations $certAnnotations -}} +{{- $annotations | toYaml -}} +{{- end -}} + +{{/* +Return the annotations for the landing page ingress +*/}} +{{- define "theiacloud.ingress.landingPage.annotations" -}} +{{- $annotations := dict -}} +{{- if .Values.ingress.landingPage.annotations -}} +{{- $annotations = .Values.ingress.landingPage.annotations -}} +{{- else -}} +{{- if eq .Values.ingress.controller "nginx" -}} +{{- $annotations = include "theiacloud.ingress.nginx.landingPage.defaultAnnotations" . | fromYaml | default (dict) -}} +{{- end -}} +{{- end -}} +{{- $certAnnotations := include "theiacloud.ingress.certManagerAnnotations" (dict "root" . "includeHttp01" false) | fromYaml | default (dict) -}} +{{- $annotations = merge $annotations $certAnnotations -}} +{{- $annotations | toYaml -}} +{{- end -}} + +{{/* +Return the annotations for the service ingress +*/}} +{{- define "theiacloud.ingress.service.annotations" -}} +{{- $annotations := dict -}} +{{- if .Values.ingress.service.annotations -}} +{{- $annotations = .Values.ingress.service.annotations -}} +{{- else -}} +{{- if eq .Values.ingress.controller "nginx" -}} +{{- $annotations = include "theiacloud.ingress.nginx.service.defaultAnnotations" . | fromYaml | default (dict) -}} +{{- end -}} +{{- end -}} +{{- $certAnnotations := include "theiacloud.ingress.certManagerAnnotations" . | fromYaml | default (dict) -}} +{{- $annotations = merge $annotations $certAnnotations -}} +{{- $annotations | toYaml -}} +{{- end -}} + +{{/* +Return default nginx annotations for instances ingress +*/}} +{{- define "theiacloud.ingress.nginx.instances.defaultAnnotations" -}} +{{- if not .Values.ingress.tls }} +nginx.ingress.kubernetes.io/ssl-redirect: "false" +{{- end }} +nginx.ingress.kubernetes.io/proxy-buffer-size: "128k" +nginx.ingress.kubernetes.io/rewrite-target: /$2 +{{- if .Values.ingress.instances.configurationSnippets }} +nginx.ingress.kubernetes.io/configuration-snippet: | + {{- range .Values.ingress.instances.configurationSnippets }} + {{ . }}; + {{- end }} +{{- else }} +nginx.ingress.kubernetes.io/configuration-snippet: | + proxy_set_header 'X-Forwarded-Uri' $request_uri; +{{- end }} +nginx.ingress.kubernetes.io/proxy-body-size: {{ tpl (.Values.ingress.instances.proxyBodySize | toString) . }} +{{- end -}} + +{{/* +Return default nginx annotations for landing page ingress (path-based) +*/}} +{{- define "theiacloud.ingress.nginx.landingPage.defaultAnnotations" -}} +{{- if not .Values.ingress.tls }} +nginx.ingress.kubernetes.io/ssl-redirect: "false" +{{- end }} +{{- if .Values.hosts.usePaths }} +{{- if .Values.hosts.configuration.landing }} +nginx.ingress.kubernetes.io/rewrite-target: /$2 +{{- end }} +nginx.ingress.kubernetes.io/configuration-snippet: | + rewrite ^([^.?]*[^/])$ $1/ redirect; +{{- end }} +{{- end -}} + +{{/* +Return default nginx annotations for service ingress +*/}} +{{- define "theiacloud.ingress.nginx.service.defaultAnnotations" -}} +{{- if not .Values.ingress.tls }} +nginx.ingress.kubernetes.io/ssl-redirect: "false" +{{- end }} +nginx.ingress.kubernetes.io/rewrite-target: /service$1 +{{- end -}} + +{{/* +Return cert-manager annotations if enabled +Params: + . - root context + includeHttp01 - (optional) whether to include HTTP-01 specific annotations +*/}} +{{- define "theiacloud.ingress.certManagerAnnotations" -}} +{{- $includeHttp01 := true -}} +{{- if hasKey . "includeHttp01" -}} +{{- $includeHttp01 = .includeHttp01 -}} +{{- end -}} +{{- $root := . -}} +{{- if hasKey . "root" -}} +{{- $root = .root -}} +{{- end -}} +{{- if $root.Values.ingress.addTLSSecretName }} +{{- if $root.Values.ingress.certManagerAnnotations }} +cert-manager.io/cluster-issuer: {{ tpl ($root.Values.ingress.clusterIssuer | toString) $root }} +{{- if and $includeHttp01 $root.Values.ingress.theiaCloudCommonName }} +cert-manager.io/common-name: "Theia Cloud" +{{- end }} +{{- if $includeHttp01 }} +acme.cert-manager.io/http01-ingress-class: {{ include "theiacloud.ingress.className" $root }} +{{- end }} +{{- end }} +{{- end }} +{{- end -}} diff --git a/charts/theia-cloud/templates/instances-ingress-path-based.yaml b/charts/theia-cloud/templates/instances-ingress-path-based.yaml index f4c3a64..8b1515b 100644 --- a/charts/theia-cloud/templates/instances-ingress-path-based.yaml +++ b/charts/theia-cloud/templates/instances-ingress-path-based.yaml @@ -5,29 +5,9 @@ metadata: name: {{ tpl (.Values.ingress.instances.name | toString) . }} namespace: {{ .Release.Namespace }} annotations: - {{- if not .Values.ingress.tls }} - nginx.ingress.kubernetes.io/ssl-redirect: "false" - {{- end }} - nginx.ingress.kubernetes.io/proxy-buffer-size: "128k" - nginx.ingress.kubernetes.io/rewrite-target: /$2 - {{- if .Values.ingress.instances.configurationSnippets }} - nginx.ingress.kubernetes.io/configuration-snippet: | - {{- range .Values.ingress.instances.configurationSnippets }} - {{ . }}; - {{- end }} - {{- end }} - nginx.ingress.kubernetes.io/proxy-body-size: {{ tpl (.Values.ingress.instances.proxyBodySize | toString) . }} - {{- if .Values.ingress.addTLSSecretName }} - {{- if .Values.ingress.certManagerAnnotations }} - cert-manager.io/cluster-issuer: {{ tpl (.Values.ingress.clusterIssuer | toString) . }} - {{- if .Values.ingress.theiaCloudCommonName }} - cert-manager.io/common-name: "Theia Cloud" - {{- end }} - acme.cert-manager.io/http01-ingress-class: nginx - {{- end }} - {{- end }} + {{- include "theiacloud.ingress.instances.annotations" . | nindent 4 }} spec: - ingressClassName: nginx + ingressClassName: {{ include "theiacloud.ingress.className" . }} {{- if .Values.ingress.tls }} tls: - hosts: diff --git a/charts/theia-cloud/templates/instances-ingress.yaml b/charts/theia-cloud/templates/instances-ingress.yaml index befcc3d..593ff45 100644 --- a/charts/theia-cloud/templates/instances-ingress.yaml +++ b/charts/theia-cloud/templates/instances-ingress.yaml @@ -5,29 +5,9 @@ metadata: name: {{ tpl (.Values.ingress.instances.name | toString) . }} namespace: {{ .Release.Namespace }} annotations: - {{- if not .Values.ingress.tls }} - nginx.ingress.kubernetes.io/ssl-redirect: "false" - {{- end }} - {{- if .Values.ingress.addTLSSecretName }} - {{- if .Values.ingress.certManagerAnnotations }} - cert-manager.io/cluster-issuer: {{ tpl (.Values.ingress.clusterIssuer | toString) . }} - {{- if .Values.ingress.theiaCloudCommonName }} - cert-manager.io/common-name: "Theia Cloud" - {{- end }} - acme.cert-manager.io/http01-ingress-class: nginx - {{- end }} - {{- end }} - nginx.ingress.kubernetes.io/proxy-buffer-size: "128k" - nginx.ingress.kubernetes.io/rewrite-target: /$2 - {{- if .Values.ingress.instances.configurationSnippets }} - nginx.ingress.kubernetes.io/configuration-snippet: | - {{- range .Values.ingress.instances.configurationSnippets }} - {{ . }}; - {{- end }} - {{- end }} - nginx.ingress.kubernetes.io/proxy-body-size: {{ tpl (.Values.ingress.instances.proxyBodySize | toString) . }} + {{- include "theiacloud.ingress.instances.annotations" . | nindent 4 }} spec: - ingressClassName: nginx + ingressClassName: {{ include "theiacloud.ingress.className" . }} {{- if .Values.ingress.tls }} tls: - hosts: diff --git a/charts/theia-cloud/templates/landing-page-ingress-path-based.yaml b/charts/theia-cloud/templates/landing-page-ingress-path-based.yaml index e8b5d34..fd341a8 100644 --- a/charts/theia-cloud/templates/landing-page-ingress-path-based.yaml +++ b/charts/theia-cloud/templates/landing-page-ingress-path-based.yaml @@ -5,24 +5,10 @@ kind: Ingress metadata: name: landing-page-ingress annotations: - {{- if not .Values.ingress.tls }} - nginx.ingress.kubernetes.io/ssl-redirect: "false" - {{- end }} - {{- if .Values.hosts.configuration.landing }} - nginx.ingress.kubernetes.io/rewrite-target: /$2 - {{- end }} - # Rewrite all URLs not ending with a segment containing . or ? with a trailing slash - # This is necessary to correctly resolve relative paths (e.g. for css files) from the landing page. - nginx.ingress.kubernetes.io/configuration-snippet: | - rewrite ^([^.?]*[^/])$ $1/ redirect; - {{- if .Values.ingress.addTLSSecretName }} - {{- if .Values.ingress.certManagerAnnotations }} - cert-manager.io/cluster-issuer: {{ tpl (.Values.ingress.clusterIssuer | toString) . }} - {{- end }} - {{- end }} + {{- include "theiacloud.ingress.landingPage.annotations" . | nindent 4 }} namespace: {{ .Release.Namespace }} spec: - ingressClassName: nginx + ingressClassName: {{ include "theiacloud.ingress.className" . }} {{- if .Values.ingress.tls }} tls: - hosts: diff --git a/charts/theia-cloud/templates/landing-page-ingress.yaml b/charts/theia-cloud/templates/landing-page-ingress.yaml index fc67090..f455e0b 100644 --- a/charts/theia-cloud/templates/landing-page-ingress.yaml +++ b/charts/theia-cloud/templates/landing-page-ingress.yaml @@ -5,17 +5,10 @@ kind: Ingress metadata: name: landing-page-ingress annotations: - {{- if not .Values.ingress.tls }} - nginx.ingress.kubernetes.io/ssl-redirect: "false" - {{- end }} - {{- if .Values.ingress.addTLSSecretName }} - {{- if .Values.ingress.certManagerAnnotations }} - cert-manager.io/cluster-issuer: {{ tpl (.Values.ingress.clusterIssuer | toString) . }} - {{- end }} - {{- end }} + {{- include "theiacloud.ingress.landingPage.annotations" . | nindent 4 }} namespace: {{ .Release.Namespace }} spec: - ingressClassName: nginx + ingressClassName: {{ include "theiacloud.ingress.className" . }} {{- if .Values.ingress.tls }} tls: - hosts: diff --git a/charts/theia-cloud/templates/service-ingress-path-based.yaml b/charts/theia-cloud/templates/service-ingress-path-based.yaml index 37c95fc..a841e72 100644 --- a/charts/theia-cloud/templates/service-ingress-path-based.yaml +++ b/charts/theia-cloud/templates/service-ingress-path-based.yaml @@ -4,21 +4,10 @@ kind: Ingress metadata: name: service-ingress annotations: - {{- if not .Values.ingress.tls }} - nginx.ingress.kubernetes.io/ssl-redirect: "false" - {{- end }} - nginx.ingress.kubernetes.io/rewrite-target: /service$1 - {{- if .Values.ingress.addTLSSecretName }} - {{- if .Values.ingress.certManagerAnnotations }} - cert-manager.io/cluster-issuer: {{ tpl (.Values.ingress.clusterIssuer | toString) . }} - {{- if .Values.ingress.theiaCloudCommonName }} - cert-manager.io/common-name: "Theia Cloud" - {{- end }} - {{- end }} - {{- end }} + {{- include "theiacloud.ingress.service.annotations" . | nindent 4 }} namespace: {{ .Release.Namespace }} spec: - ingressClassName: nginx + ingressClassName: {{ include "theiacloud.ingress.className" . }} {{- if .Values.ingress.tls }} tls: - hosts: diff --git a/charts/theia-cloud/templates/service-ingress.yaml b/charts/theia-cloud/templates/service-ingress.yaml index 89c6517..6c46957 100644 --- a/charts/theia-cloud/templates/service-ingress.yaml +++ b/charts/theia-cloud/templates/service-ingress.yaml @@ -4,21 +4,10 @@ kind: Ingress metadata: name: service-ingress annotations: - {{- if not .Values.ingress.tls }} - nginx.ingress.kubernetes.io/ssl-redirect: "false" - {{- end }} - {{- if .Values.ingress.addTLSSecretName }} - {{- if .Values.ingress.certManagerAnnotations }} - cert-manager.io/cluster-issuer: {{ tpl (.Values.ingress.clusterIssuer | toString) . }} - {{- if .Values.ingress.theiaCloudCommonName }} - cert-manager.io/common-name: "Theia Cloud" - {{- end }} - {{- end }} - {{- end }} - nginx.ingress.kubernetes.io/rewrite-target: /service$1 + {{- include "theiacloud.ingress.service.annotations" . | nindent 4 }} namespace: {{ .Release.Namespace }} spec: - ingressClassName: nginx + ingressClassName: {{ include "theiacloud.ingress.className" . }} {{- if .Values.ingress.tls }} tls: - hosts: diff --git a/charts/theia-cloud/values.yaml b/charts/theia-cloud/values.yaml index 291a712..0b19cb9 100644 --- a/charts/theia-cloud/values.yaml +++ b/charts/theia-cloud/values.yaml @@ -318,7 +318,16 @@ service: # -- Values to influence the ingresses # @default -- (see details below) ingress: + # -- The ingress controller to use. Currently supported: "nginx" or null + # Determines controller-specific default annotations and ingress class name to use. + # Using null or an unknown value results in only explicitly specified annotations being used. + controller: nginx + + # -- Optional: Override the ingressClassName. If empty, defaults based on ingress.controller + ingressClassName: "" + # -- Values to influence the instances ingress + # @default -- (see details below) instances: # -- The name of the ingress which will be updated to publish new theia application. # If this is not existing it will be created. @@ -336,13 +345,30 @@ ingress: allWildcardSecretNames: {} # "*.webview.": webview-ws-cert-secret - # -- Additional configuration to the ingress configuration via the `nginx.ingress.kubernetes.io/configuration-snippet` annotation. + # -- Optional: Custom annotations for instances ingress. If empty, defaults based on ingress.controller + annotations: {} + + # -- (Deprecated) Additional configuration to the ingress configuration via the `nginx.ingress.kubernetes.io/configuration-snippet` annotation. # One entry in this array results in a line for the annotation. # Do not add a semicolon at the end of the line here, it is automatically added. + # This is deprecated in favor of using ingress.instances.annotations with the configuration-snippet key. + # If both configurationSnippets and annotations with configuration-snippet are provided, annotations takes precedence. # Note: Since ingress-nginx version 1.10 this annotation needs to be enabled. See [this README](../../README.md#cluster-prerequisites) for more information. configurationSnippets: - "proxy_set_header 'X-Forwarded-Uri' $request_uri" + # -- Values to influence the landing page ingress + # @default -- (see details below) + landingPage: + # -- Optional: Custom annotations for landing page ingress. If empty, defaults based on ingress.controller + annotations: {} + + # -- Values to influence the service ingress + # @default -- (see details below) + service: + # -- Optional: Custom annotations for service ingress. If empty, defaults based on ingress.controller + annotations: {} + # -- When set to true the cert-manager.io annotations will be set. # Only used when ingress.addTLSSecretName === true # When false certificate management is handled outside of Theia Cloud.