--- kind: ConfigMap apiVersion: v1 metadata: namespace: riju name: riju-proxy-config data: default.conf: | underscores_in_headers on; server { resolver kube-dns.kube-system.svc.cluster.local; listen 1869 default_server; auth_basic "Riju administrative proxy"; auth_basic_user_file /etc/nginx/passwd; location ~ /(10\.[0-9]+\.[0-9]+\.[0-9]+)/health { proxy_pass http://$1:869/health; } location ~ /(10\.[0-9]+\.[0-9]+\.[0-9]+)/exec { proxy_pass http://$1:869/exec$is_args$args; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "Upgrade"; proxy_set_header Host $host; } location / { return 404; } } --- kind: Deployment apiVersion: apps/v1 metadata: namespace: riju name: riju-proxy spec: replicas: 1 selector: matchLabels: app: riju-proxy template: metadata: labels: app: riju-proxy spec: volumes: - name: config configMap: name: riju-proxy-config - name: auth secret: secretName: riju-proxy-auth containers: - name: nginx image: "nginx:1.23" resources: {} readinessProbe: tcpSocket: port: 1869 failureThreshold: 1 initialDelaySeconds: 2 periodSeconds: 10 successThreshold: 1 timeoutSeconds: 2 livenessProbe: tcpSocket: port: 1869 failureThreshold: 3 initialDelaySeconds: 2 periodSeconds: 10 successThreshold: 1 timeoutSeconds: 2 ports: - name: http containerPort: 1869 volumeMounts: - name: config mountPath: /etc/nginx/conf.d - name: auth mountPath: /etc/nginx/passwd subPath: htpasswd --- kind: Service apiVersion: v1 metadata: namespace: riju name: riju-proxy spec: selector: app: riju-proxy ports: - name: http port: 1869 targetPort: 1869 --- kind: IngressRoute apiVersion: traefik.containo.us/v1alpha1 metadata: namespace: riju name: riju-proxy spec: entryPoints: - proxy routes: - kind: Rule match: "PathPrefix(`/`)" services: - namespace: riju name: riju-proxy port: 1869