feat: TLS support for web (#301)

* Added TLS support for web - Added optional configurations `cert_file` and `key_file` to run web server with https Signed-off-by: Dmytro Bondar <git@bonddim.com> * Helm chart update - Refactored Ingress to use one host only (`config.web.external_url` is required) - Added Certificate resource template (secret is mounted to container into `/app/certs/`) - Added support for service with mixed protocols (exposes UI and Wireguard ports on same IP) - Added helm-docs target to makefile - Changed pod labels to use selectorLabels - Removed default probes (app runs without healthy web) - Removed sections from README Signed-off-by: Dmytro Bondar <git@bonddim.com> * Fix chart workflow path filter * Fix chart lint issue * Skip clean-up tested chart * Try k3d cluster --------- Signed-off-by: Dmytro Bondar <git@bonddim.com>
2025-09-15 07:11:15 +00:00 · 2024-09-22 13:25:08 +02:00
parent e3d05a4678
commit 6ffe1a90ae
17 changed files with 289 additions and 274 deletions
--- a/deploy/helm/templates/secret.yaml
+++ b/deploy/helm/templates/secret.yaml
@@ -32,10 +32,6 @@ stringData:
    {{- end }}
    web:
      listening_address: :{{ .Values.service.web.port }}
-      {{- if and .Values.ingress.enabled (not (hasKey .Values.config.web "external_url")) }}
-      {{- $proto := ternary "http" "https" (empty .Values.ingress.tls) }}
-      external_url: {{ trimSuffix "/" (printf "%s://%s%s" $proto .Values.ingress.host .Values.ingress.path) }}
-      {{- end }}
      {{- with .Values.config.web }}
      {{- tpl (toYaml (omit . "listening_address")) $ | nindent 6 }}
      {{- end }}