From 84f3e623b54f667bc9e5f7f844ffd88c545d69e1 Mon Sep 17 00:00:00 2001 From: Aaron Riedel Date: Fri, 21 Apr 2023 09:34:41 +0200 Subject: [PATCH] =?UTF-8?q?disable=20basicauth=20for=20acme=20challenges?= =?UTF-8?q?=20=F0=9F=8D=87?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- ingress/values.yaml | 3 ++- prometheus/ingress.yaml | 8 ++++++++ 2 files changed, 10 insertions(+), 1 deletion(-) diff --git a/ingress/values.yaml b/ingress/values.yaml index 1c06be3..5d1683d 100644 --- a/ingress/values.yaml +++ b/ingress/values.yaml @@ -1,6 +1,7 @@ controller: + enableSnippets: true hostNetwork: true - setAsDefaultIngress: true + setAsDefaultIngress: true service: create: false kind: daemonset \ No newline at end of file diff --git a/prometheus/ingress.yaml b/prometheus/ingress.yaml index 54cf08b..6b1be50 100644 --- a/prometheus/ingress.yaml +++ b/prometheus/ingress.yaml @@ -9,6 +9,10 @@ metadata: cert-manager.io/cluster-issuer: letsencrypt-prod acme.cert-manager.io/http01-edit-in-place: "true" ingress.kubernetes.io/ssl-redirect: "false" + nginx.org/server-snippets: | + location ^~ /.well-known/acme-challenge/ { + auth_basic off; + } nginx.org/basic-auth-secret: prometheus-basic-auth-secret #nginx.org/ssl-services: "prometheus-server" spec: @@ -38,6 +42,10 @@ metadata: cert-manager.io/cluster-issuer: letsencrypt-prod acme.cert-manager.io/http01-edit-in-place: "true" ingress.kubernetes.io/ssl-redirect: "false" + nginx.org/server-snippets: | + location ^~ /.well-known/acme-challenge/ { + auth_basic off; + } nginx.org/basic-auth-secret: prometheus-basic-auth-secret #nginx.org/ssl-services: "prometheus-server" spec: