From 06075d0a201dbcd6879092ad7d9609173f22f5d5 Mon Sep 17 00:00:00 2001 From: Ruben van der Linde Date: Tue, 10 Dec 2019 22:20:19 +0100 Subject: [PATCH 1/2] Domain to domains An array should make it possible to obtain several security certificates --- .env | 1 + api/config/packages/twig.yaml | 11 +++++++++++ api/helm/values.yaml | 7 +++++++ api/templates/helm/Values.yaml.twig | 4 ++++ docker-compose.yml | 1 + 5 files changed, 24 insertions(+) diff --git a/.env b/.env index d2f0c4c3..dc31d8a8 100644 --- a/.env +++ b/.env @@ -45,6 +45,7 @@ ORGANIZATION_UNIT_NAME=Common-Ground ################################################## APP_DOMAIN=conduction.nl +APP_DOMAINS=["conduction.nl","zaakonline.nl","larping.eu","common-ground.dev","trouwplanner.online","huwelijksplanner.online"] APP_DEMO=pc.zaakonline.nl APP_REPRO=https://github.com/ConductionNL/Proto-component-commonground diff --git a/api/config/packages/twig.yaml b/api/config/packages/twig.yaml index 26f06175..ee6c1853 100644 --- a/api/config/packages/twig.yaml +++ b/api/config/packages/twig.yaml @@ -1,3 +1,13 @@ +parameters: + env(APP_DOMAINS): '[]' + # Organisation stuff + env(ORGANIZATION_NAME): '' + env(ORGANIZATION_EMAIL_ADDRESS): '' + env(ORGANIZATION_COUNTRY_NAME): '' + env(ORGANIZATION_STATE): '' + env(ORGANIZATION_LOCALITY): '' + env(ORGANIZATION_UNIT_NAME): '' + twig: default_path: '%kernel.project_dir%/templates' debug: '%kernel.debug%' @@ -22,6 +32,7 @@ twig: app_env: '%env(APP_ENV)%' app_debug: '%env(APP_DEBUG)%' app_domain: '%env(APP_DOMAIN)%' + app_domains: '%env(json:APP_DOMAINS)%' app_demo: '%env(APP_DEMO)%' app_repro: '%env(APP_REPRO)%' app_description: '%env(APP_DESCRIPTION)%' diff --git a/api/helm/values.yaml b/api/helm/values.yaml index 18c2d9e3..93067cb8 100644 --- a/api/helm/values.yaml +++ b/api/helm/values.yaml @@ -11,6 +11,13 @@ settings: description: ''Naast deze JSON rest API is er ook een [graphql](/graphql) interface beschikbaar.'' repro: 'https://github.com/ConductionNL/Proto-component-commonground' domain: conduction.nl + domains: + - conduction.nl + - zaakonline.nl + - larping.eu + - common-ground.dev + - trouwplanner.online + - huwelijksplanner.online organisationName: Conduction email: info@conduction.nl country: Netherlands diff --git a/api/templates/helm/Values.yaml.twig b/api/templates/helm/Values.yaml.twig index 37ec6129..aade15ab 100644 --- a/api/templates/helm/Values.yaml.twig +++ b/api/templates/helm/Values.yaml.twig @@ -11,6 +11,10 @@ settings: description: '{{ app_description }}' repro: '{{ app_repro }}' domain: {{ app_domain }} + domains: +{% for domain in app_domains %} + - {{ domain }} +{% endfor %} organisationName: {{ organization_name }} email: {{ organization_email }} country: {{ organization_country }} diff --git a/docker-compose.yml b/docker-compose.yml index 4d7436b7..3c8a82c8 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -37,6 +37,7 @@ services: - APP_NAME=${APP_NAME} - APP_TITLE=${APP_TITLE} - APP_DOMAIN=${APP_DOMAIN} + - APP_DOMAINS=${APP_DOMAINS} - APP_DEMO=${APP_DEMO} - APP_REPRO=${APP_REPRO} - APP_DESCRIPTION=${APP_DESCRIPTION} From ed9f8a5e0df8eff18d522dfd6fe61f7d4eaa389a Mon Sep 17 00:00:00 2001 From: Ruben van der Linde Date: Wed, 11 Dec 2019 09:19:58 +0100 Subject: [PATCH 2/2] Fix on conflicting secrets --- api/helm/templates/certificate.yaml | 9 ++------- api/helm/templates/ingress.yaml | 5 ++++- api/templates/helm/Values.yaml.twig | 2 +- 3 files changed, 7 insertions(+), 9 deletions(-) diff --git a/api/helm/templates/certificate.yaml b/api/helm/templates/certificate.yaml index 43dacaf8..85095579 100644 --- a/api/helm/templates/certificate.yaml +++ b/api/helm/templates/certificate.yaml @@ -1,16 +1,11 @@ apiVersion: cert-manager.io/v1alpha2 kind: Certificate metadata: - name: {{ include "name" . }}-acme-cert + name: {{ include "name" . }}-{{ .Values.settings.env }}-cert spec: - secretName: {{ include "name" . }}-tls-cert + secretName: {{ include "name" . }}-{{ .Values.settings.env }}-cert duration: 24h renewBefore: 12h - {{- if eq .Values.settings.env "prod" }} - commonName: {{ .Values.settings.name }}.{{ .Values.settings.domain }} - {{- else }} - commonName: {{ .Values.settings.name }}.{{ .Values.settings.env }}.{{ .Values.settings.domain }} - {{- end }} dnsNames: {{- if eq .Values.settings.env "prod" }} - {{ .Values.settings.name }}.{{ .Values.settings.domain }} diff --git a/api/helm/templates/ingress.yaml b/api/helm/templates/ingress.yaml index 5c76e036..45380689 100644 --- a/api/helm/templates/ingress.yaml +++ b/api/helm/templates/ingress.yaml @@ -19,8 +19,11 @@ metadata: spec: tls: - hosts: + # {{- range .Values.settings.domains }} + # - {{ .domain | quote }} + # {{- end }} - {{ .Values.settings.domain }} - secretName: {{ include "name" . }}-tls-cert + secretName: {{ include "name" . }}-{{ .Values.settings.env }}-cert rules: # - host: {{ .Values.settings.name }}.{{ .Values.settings.env }}.{{ .Values.settings.domain }} # http: diff --git a/api/templates/helm/Values.yaml.twig b/api/templates/helm/Values.yaml.twig index aade15ab..c44953a6 100644 --- a/api/templates/helm/Values.yaml.twig +++ b/api/templates/helm/Values.yaml.twig @@ -13,7 +13,7 @@ settings: domain: {{ app_domain }} domains: {% for domain in app_domains %} - - {{ domain }} + - domain: {{ domain }} {% endfor %} organisationName: {{ organization_name }} email: {{ organization_email }}