35 lines
1 KiB
YAML
35 lines
1 KiB
YAML
apiVersion: networking.k8s.io/v1
|
|
kind: Ingress
|
|
metadata:
|
|
name: proxy-detection-ingress
|
|
annotations:
|
|
cert-manager.io/cluster-issuer: letsencrypt-prod
|
|
nginx.ingress.kubernetes.io/ssl-redirect: "true"
|
|
nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
|
|
# Aggressive real IP configuration
|
|
nginx.ingress.kubernetes.io/configuration-snippet: |
|
|
more_set_headers "X-Real-IP $remote_addr";
|
|
more_set_headers "X-Forwarded-For $proxy_add_x_forwarded_for";
|
|
nginx.ingress.kubernetes.io/server-snippet: |
|
|
set_real_ip_from 0.0.0.0/0;
|
|
real_ip_header X-Forwarded-For;
|
|
real_ip_recursive on;
|
|
labels:
|
|
app: proxy-detection-api
|
|
spec:
|
|
ingressClassName: nginx
|
|
tls:
|
|
- hosts:
|
|
- proxy-detection.stare.gg
|
|
secretName: proxy-detection-stare-gg-tls
|
|
rules:
|
|
- host: proxy-detection.stare.gg
|
|
http:
|
|
paths:
|
|
- path: /
|
|
pathType: Prefix
|
|
backend:
|
|
service:
|
|
name: proxy-detection-service
|
|
port:
|
|
number: 80
|