From 83089f11975082c96887665c87adec2ce8dfd2f2 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?David=20N=C3=A9grier?= Date: Fri, 11 Jun 2021 14:25:02 +0200 Subject: [PATCH] Fixing key access rights --- .github/workflows/build-and-deploy.yml | 4 +-- deeployer.libsonnet | 35 +++++++++++++------------- 2 files changed, 19 insertions(+), 20 deletions(-) diff --git a/.github/workflows/build-and-deploy.yml b/.github/workflows/build-and-deploy.yml index 27d895e1..b01b2b64 100644 --- a/.github/workflows/build-and-deploy.yml +++ b/.github/workflows/build-and-deploy.yml @@ -150,12 +150,12 @@ jobs: - uses: rlespinasse/github-slug-action@3.1.0 - name: Write certificate - run: echo "${CERTS_PRIVATE_KEY}" > secret.key + run: echo "${CERTS_PRIVATE_KEY}" > secret.key && chmod 0600 secret.key env: CERTS_PRIVATE_KEY: ${{ secrets.CERTS_PRIVATE_KEY }} - name: Download certificate - run: mkdir secrets && scp -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -i secret.key ubuntu@cert.workadventu.re:./config/live/workadventu.re/* secrets/ && chmod 0600 secrets/* + run: mkdir secrets && scp -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -i secret.key ubuntu@cert.workadventu.re:./config/live/workadventu.re/* secrets/* - name: Install certificates in namespace uses: steebchen/kubectl@v1.0.0 diff --git a/deeployer.libsonnet b/deeployer.libsonnet index f9dd87bd..40da555d 100644 --- a/deeployer.libsonnet +++ b/deeployer.libsonnet @@ -11,8 +11,7 @@ "back1": { "image": "thecodingmachine/workadventure-back:"+tag, "host": { - "url": "api1."+url, - "https": "enable", + "url": "api1-"+url, "containerPort": 8080 }, "ports": [8080, 50051], @@ -30,8 +29,7 @@ "back2": { "image": "thecodingmachine/workadventure-back:"+tag, "host": { - "url": "api2."+url, - "https": "enable", + "url": "api2-"+url, "containerPort": 8080 }, "ports": [8080, 50051], @@ -50,8 +48,7 @@ "replicas": 2, "image": "thecodingmachine/workadventure-pusher:"+tag, "host": { - "url": "pusher."+url, - "https": "enable" + "url": "pusher-"+url, }, "ports": [8080], "env": { @@ -68,27 +65,25 @@ "front": { "image": "thecodingmachine/workadventure-front:"+tag, "host": { - "url": "play."+url, - "https": "enable" + "url": "play-"+url, }, "ports": [80], "env": { - "PUSHER_URL": "//pusher."+url, - "UPLOADER_URL": "//uploader."+url, + "PUSHER_URL": "//pusher-"+url, + "UPLOADER_URL": "//uploader-"+url, "ADMIN_URL": "//"+url, "JITSI_URL": env.JITSI_URL, "SECRET_JITSI_KEY": env.SECRET_JITSI_KEY, "TURN_SERVER": "turn:coturn.workadventu.re:443,turns:coturn.workadventu.re:443", "JITSI_PRIVATE_MODE": if env.SECRET_JITSI_KEY != '' then "true" else "false", - "START_ROOM_URL": "/_/global/maps."+url+"/Floor0/floor0.json" + "START_ROOM_URL": "/_/global/maps-"+url+"/Floor0/floor0.json" //"GA_TRACKING_ID": "UA-10196481-11" } }, "uploader": { "image": "thecodingmachine/workadventure-uploader:"+tag, "host": { - "url": "uploader."+url, - "https": "enable", + "url": "uploader-"+url, "containerPort": 8080 }, "ports": [8080], @@ -98,16 +93,12 @@ "maps": { "image": "thecodingmachine/workadventure-maps:"+tag, "host": { - "url": "maps."+url, - "https": "enable" + "url": "maps-"+url }, "ports": [80] }, }, "config": { - "https": { - "mail": "d.negrier@thecodingmachine.com" - }, k8sextension(k8sConf):: k8sConf + { back1+: { @@ -122,6 +113,14 @@ } } } + }, + ingress+: { + spec+: { + tls+: [{ + hosts: ["api1-"+url], + secretName: "certificate-tls" + }] + } } }, back2+: {