feat(openbao): enable bao.coulomb.social ingress and Traefik middlewares
Expose OpenBao UI via TLS ingress with rate-limit and HSTS middlewares. Track netkingdom OIDC mount in authenticated verify checks.
This commit is contained in:
@@ -31,7 +31,23 @@ server:
|
||||
memory: 512Mi
|
||||
|
||||
ingress:
|
||||
enabled: false
|
||||
enabled: true
|
||||
annotations:
|
||||
cert-manager.io/cluster-issuer: letsencrypt-prod
|
||||
traefik.ingress.kubernetes.io/router.middlewares: >-
|
||||
openbao-openbao-rate-limit@kubernetescrd,
|
||||
openbao-openbao-hsts@kubernetescrd
|
||||
ingressClassName: traefik
|
||||
pathType: Prefix
|
||||
activeService: true
|
||||
hosts:
|
||||
- host: bao.coulomb.social
|
||||
paths:
|
||||
- /
|
||||
tls:
|
||||
- secretName: bao-tls
|
||||
hosts:
|
||||
- bao.coulomb.social
|
||||
|
||||
authDelegator:
|
||||
enabled: true
|
||||
|
||||
Reference in New Issue
Block a user