From 7ab5be6b82f10507acb81465fe0125535c7acc68 Mon Sep 17 00:00:00 2001 From: adam Date: Thu, 25 Apr 2024 16:44:57 +0100 Subject: [PATCH] Look through domains in ingress yaml --- helm_deploy/wordpress/templates/ingress.yaml | 584 ++----------------- 1 file changed, 40 insertions(+), 544 deletions(-) diff --git a/helm_deploy/wordpress/templates/ingress.yaml b/helm_deploy/wordpress/templates/ingress.yaml index 4aea8bbd..2621f96b 100644 --- a/helm_deploy/wordpress/templates/ingress.yaml +++ b/helm_deploy/wordpress/templates/ingress.yaml @@ -1,5 +1,4 @@ {{- if .Values.ingress.enabled }} ---- apiVersion: networking.k8s.io/v1 kind: Ingress metadata: @@ -9,558 +8,55 @@ metadata: external-dns.alpha.kubernetes.io/aws-weight: "100" nginx.ingress.kubernetes.io/enable-modsecurity: "true" nginx.ingress.kubernetes.io/modsecurity-snippet: | - SecRuleEngine On - SecDefaultAction "phase:2,pass,log,tag:github_team=hale-platform" - SecRuleRemoveById 949110 + SecRuleEngine On + SecDefaultAction "phase:2,pass,log,tag:github_team=hale-platform" + SecRuleRemoveById 949110 nginx.ingress.kubernetes.io/server-snippet: | - location = /.well-known/security.txt { + location = /.well-known/security.txt { auth_basic off; return 301 https://raw.githubusercontent.com/ministryofjustice/security-guidance/main/contact/vulnerability-disclosure-security.txt; - } - if ($host = 'victimscode.org.uk') { - return 301 https://victimandwitnessinformation.org.uk/your-rights/as-a-victim; - } - if ($host = 'cym.victimscode.org.uk') { - return 301 https://cym.victimandwitnessinformation.org.uk/your-rights/as-a-victim; - } + } + if ($host = 'victimscode.org.uk') { + return 301 https://victimandwitnessinformation.org.uk/your-rights/as-a-victim; + } + if ($host = 'cym.victimscode.org.uk') { + return 301 https://cym.victimandwitnessinformation.org.uk/your-rights/as-a-victim; + } spec: ingressClassName: modsec tls: - hosts: - {{ .Values.domain }} - {{- if eq .Values.configmap.envtype "prod" }} +{{- if eq .Values.configmap.envtype "prod" }} + {{- range .Values.ingress.hosts }} - hosts: - - magistrates.judiciary.uk - secretName: magistrates-cert - - hosts: - - victimscommissioner.org.uk - secretName: victimscommissioner-cert - - hosts: - - www.victimscommissioner.org.uk - secretName: victimscommissioner-www-cert - - hosts: - - publicdefenderservice.org.uk - secretName: publicdefenderservice-cert - - hosts: - - www.publicdefenderservice.org.uk - secretName: publicdefenderservice-www-cert - - hosts: - - ccrc.gov.uk - secretName: ccrc-cert - - hosts: - - www.ccrc.gov.uk - secretName: ccrc-www-cert - - hosts: - - icrir.independent-inquiry.uk - secretName: icrir-cert - - hosts: - - imb.org.uk - secretName: imb-cert - - hosts: - - www.imb.org.uk - secretName: imb-www-cert - - hosts: - - my.imb.org.uk - secretName: my-imb-cert - - hosts: - - brookhouseinquiry.org.uk - secretName: brookhouse-cert - - hosts: - - www.brookhouseinquiry.org.uk - secretName: brookhouse-www-cert - - hosts: - - prisonandprobationjobs.gov.uk - secretName: ppj-cert - - hosts: - - www.prisonandprobationjobs.gov.uk - secretName: ppj-www-cert - - hosts: - - nationalpreventivemechanism.org.uk - secretName: nationalpreventivemechanism-cert - - hosts: - - www.nationalpreventivemechanism.org.uk - secretName: nationalpreventivemechanism-www-cert - - hosts: - - lawcom.gov.uk - secretName: lawcom-cert - - hosts: - - www.lawcom.gov.uk - secretName: lawcom-www-cert - - hosts: - - jobs.justice.gov.uk - secretName: justicejobs-cert - - hosts: - - www.jobs.justice.gov.uk - secretName: justicejobs-www-cert - - hosts: - - ppo.gov.uk - secretName: ppo-cert - - hosts: - - www.ppo.gov.uk - secretName: ppo-www-cert - - hosts: - - sifocc.org - secretName: sifocc-cert - - hosts: - - www.sifocc.org - secretName: sifocc-www-cert - - hosts: - - layobservers.org - secretName: layobservers-cert - - hosts: - - www.layobservers.org - secretName: layobservers-www-cert - - hosts: - - members.layobservers.org - secretName: layobservers-members-cert - - hosts: - - victimandwitnessinformation.org.uk - secretName: victimandwitnessinformation-cert - - hosts: - - www.victimandwitnessinformation.org.uk - secretName: victimandwitnessinformation-www-cert - - hosts: - - cym.victimandwitnessinformation.org.uk - secretName: victimandwitnessinformation-cym-cert - - hosts: - - victimscode.org.uk - secretName: victimscode-cert - - hosts: - - cym.victimscode.org.uk - secretName: victimscode-cym-cert - - hosts: - - omagh.independent-inquiry.uk - secretName: obi-cert - - hosts: - - www.omagh.independent-inquiry.uk - secretName: obi-www-cert - - hosts: - - newfuturesnetwork.gov.uk - secretName: newfuturesnetwork-cert - - hosts: - - www.newfuturesnetwork.gov.uk - secretName: newfuturesnetwork-www-cert - - hosts: - - andrewmalkinson.independent-inquiry.uk - secretName: andrewmalkinson-cert - - hosts: - - www.andrewmalkinson.independent-inquiry.uk - secretName: andrewmalkinson-www-cert - - hosts: - - hmiprisons.justiceinspectorates.gov.uk - secretName: justiceinspectorates-hmiprisons-cert - {{- end }} + - {{ .name }} + secretName: {{ .certName }} + {{- end }} +{{- end }} rules: - - host: {{ .Values.domain }} - http: - paths: - - path: / - pathType: ImplementationSpecific - backend: - service: - name: wordpress - port: - number: 8080 + - host: {{ .Values.domain }} + http: + paths: + - path: / + pathType: ImplementationSpecific + backend: + service: + name: wordpress + port: + number: 8080 {{- if eq .Values.configmap.envtype "prod" }} - - host: magistrates.judiciary.uk - http: - paths: - - path: / - pathType: ImplementationSpecific - backend: - service: - name: wordpress - port: - number: 8080 - - host: victimscommissioner.org.uk - http: - paths: - - path: / - pathType: ImplementationSpecific - backend: - service: - name: wordpress - port: - number: 8080 - - host: www.victimscommissioner.org.uk - http: - paths: - - path: / - pathType: ImplementationSpecific - backend: - service: - name: wordpress - port: - number: 8080 - - host: publicdefenderservice.org.uk - http: - paths: - - path: / - pathType: ImplementationSpecific - backend: - service: - name: wordpress - port: - number: 8080 - - host: www.publicdefenderservice.org.uk - http: - paths: - - path: / - pathType: ImplementationSpecific - backend: - service: - name: wordpress - port: - number: 8080 - - host: ccrc.gov.uk - http: - paths: - - path: / - pathType: ImplementationSpecific - backend: - service: - name: wordpress - port: - number: 8080 - - host: www.ccrc.gov.uk - http: - paths: - - path: / - pathType: ImplementationSpecific - backend: - service: - name: wordpress - port: - number: 8080 - - host: icrir.independent-inquiry.uk - http: - paths: - - path: / - pathType: ImplementationSpecific - backend: - service: - name: wordpress - port: - number: 8080 - - host: imb.org.uk - http: - paths: - - path: / - pathType: ImplementationSpecific - backend: - service: - name: wordpress - port: - number: 8080 - - host: www.imb.org.uk - http: - paths: - - path: / - pathType: ImplementationSpecific - backend: - service: - name: wordpress - port: - number: 8080 - - host: my.imb.org.uk - http: - paths: - - path: / - pathType: ImplementationSpecific - backend: - service: - name: wordpress - port: - number: 8080 - - host: brookhouseinquiry.org.uk - http: - paths: - - path: / - pathType: ImplementationSpecific - backend: - service: - name: wordpress - port: - number: 8080 - - host: www.brookhouseinquiry.org.uk - http: - paths: - - path: / - pathType: ImplementationSpecific - backend: - service: - name: wordpress - port: - number: 8080 - - host: prisonandprobationjobs.gov.uk - http: - paths: - - path: / - pathType: ImplementationSpecific - backend: - service: - name: wordpress - port: - number: 8080 - - host: www.prisonandprobationjobs.gov.uk - http: - paths: - - path: / - pathType: ImplementationSpecific - backend: - service: - name: wordpress - port: - number: 8080 - - host: nationalpreventivemechanism.org.uk - http: - paths: - - path: / - pathType: ImplementationSpecific - backend: - service: - name: wordpress - port: - number: 8080 - - host: www.nationalpreventivemechanism.org.uk - http: - paths: - - path: / - pathType: ImplementationSpecific - backend: - service: - name: wordpress - port: - number: 8080 - - host: lawcom.gov.uk - http: - paths: - - path: / - pathType: ImplementationSpecific - backend: - service: - name: wordpress - port: - number: 8080 - - host: www.lawcom.gov.uk - http: - paths: - - path: / - pathType: ImplementationSpecific - backend: - service: - name: wordpress - port: - number: 8080 - - host: jobs.justice.gov.uk - http: - paths: - - path: / - pathType: ImplementationSpecific - backend: - service: - name: wordpress - port: - number: 8080 - - host: www.jobs.justice.gov.uk - http: - paths: - - path: / - pathType: ImplementationSpecific - backend: - service: - name: wordpress - port: - number: 8080 - - host: ppo.gov.uk - http: - paths: - - path: / - pathType: ImplementationSpecific - backend: - service: - name: wordpress - port: - number: 8080 - - host: www.ppo.gov.uk - http: - paths: - - path: / - pathType: ImplementationSpecific - backend: - service: - name: wordpress - port: - number: 8080 - - host: sifocc.org - http: - paths: - - path: / - pathType: ImplementationSpecific - backend: - service: - name: wordpress - port: - number: 8080 - - host: www.sifocc.org - http: - paths: - - path: / - pathType: ImplementationSpecific - backend: - service: - name: wordpress - port: - number: 8080 - - host: layobservers.org - http: - paths: - - path: / - pathType: ImplementationSpecific - backend: - service: - name: wordpress - port: - number: 8080 - - host: www.layobservers.org - http: - paths: - - path: / - pathType: ImplementationSpecific - backend: - service: - name: wordpress - port: - number: 8080 - - host: members.layobservers.org - http: - paths: - - path: / - pathType: ImplementationSpecific - backend: - service: - name: wordpress - port: - number: 8080 - - host: victimandwitnessinformation.org.uk - http: - paths: - - path: / - pathType: ImplementationSpecific - backend: - service: - name: wordpress - port: - number: 8080 - - host: www.victimandwitnessinformation.org.uk - http: - paths: - - path: / - pathType: ImplementationSpecific - backend: - service: - name: wordpress - port: - number: 8080 - - host: cym.victimandwitnessinformation.org.uk - http: - paths: - - path: / - pathType: ImplementationSpecific - backend: - service: - name: wordpress - port: - number: 8080 - - host: victimscode.org.uk - http: - paths: - - path: / - pathType: ImplementationSpecific - backend: - service: - name: wordpress - port: - number: 8080 - - host: cym.victimscode.org.uk - http: - paths: - - path: / - pathType: ImplementationSpecific - backend: - service: - name: wordpress - port: - number: 8080 - - host: omagh.independent-inquiry.uk - http: - paths: - - path: / - pathType: ImplementationSpecific - backend: - service: - name: wordpress - port: - number: 8080 - - host: www.omagh.independent-inquiry.uk - http: - paths: - - path: / - pathType: ImplementationSpecific - backend: - service: - name: wordpress - port: - number: 8080 - - host: newfuturesnetwork.gov.uk - http: - paths: - - path: / - pathType: ImplementationSpecific - backend: - service: - name: wordpress - port: - number: 8080 - - host: www.newfuturesnetwork.gov.uk - http: - paths: - - path: / - pathType: ImplementationSpecific - backend: - service: - name: wordpress - port: - number: 8080 - - host: andrewmalkinson.independent-inquiry.uk - http: - paths: - - path: / - pathType: ImplementationSpecific - backend: - service: - name: wordpress - port: - number: 8080 - - host: www.andrewmalkinson.independent-inquiry.uk - http: - paths: - - path: / - pathType: ImplementationSpecific - backend: - service: - name: wordpress - port: - number: 8080 - - host: hmiprisons.justiceinspectorates.gov.uk - http: - paths: - - path: / - pathType: ImplementationSpecific - backend: - service: - name: wordpress - port: - number: 8080 - {{- end }} + {{- range .Values.ingress.hosts }} + - host: {{ .name }} + http: + paths: + - path: / + pathType: ImplementationSpecific + backend: + service: + name: wordpress + port: + number: 8080 + {{- end }} + {{- end }} {{- end }}