Cloudfront policies, couchdb ingress

2022-09-24 01:01:12 -07:00 · 2022-09-24 01:01:12 -07:00 · b13ebfb409
parent 724eb61976
commit b13ebfb409
2 changed files with 16 additions and 13 deletions
--- a/terraform/cloudfront.tf
+++ b/terraform/cloudfront.tf
@ -14,18 +14,9 @@ resource "aws_cloudfront_distribution" "api-by-becki" {
    allowed_methods        = ["DELETE", "GET", "HEAD", "OPTIONS", "PATCH", "POST", "PUT"]
    cached_methods         = ["GET", "HEAD"]
    target_origin_id       = "abb.gmem.ca"
-    viewer_protocol_policy = "allow-all"
-    min_ttl                = 0
-    default_ttl            = 3600
-    max_ttl                = 86400
-
-    forwarded_values {
-      query_string = true
-
-      cookies {
-        forward = "all"
-      }
-    }
+    viewer_protocol_policy = "redirect-to-https"
+    cache_policy_id = "658327ea-f89d-4fab-a63d-7e88639e58f6"
+    response_headers_policy_id = "eaab4381-ed33-4a86-88ca-d9558dc6cd63"
  }


--- a/vps/couchdb.yaml
+++ b/vps/couchdb.yaml
@ -4,4 +4,16 @@ couchdbConfig:
 clusterSize: 1
 persistentVolume:
  enabled: true
-  size: 3Gi
+  size: 3Gi
+ingress:
+  enabled: true
+  hosts:
+    -  abb.gmem.ca
+  annotations:
+    kubernetes.io/ingress.class: nginx
+    cert-manager.io/issuer: "letsencrypt-prod"
+    nginx.ingress.kubernetes.io/proxy-body-size: 10m
+  tls:
+    - secretName: couch-tls
+      hosts:
+        - abb.gmem.ca