跳到主要内容

Http 重定向到 https

参考以下配置

apiVersion: cert-manager.io/v1
kind: Certificate
metadata:
  name: gogs-wildcard-cert
  namespace: common-namespace
spec:
  secretName: gogs-cert-secret
  dnsNames:
    - "gogs.example.com"
  issuerRef:
    name: internal-ca-issuer
    kind: ClusterIssuer
---
apiVersion: traefik.containo.us/v1alpha1
kind: IngressRoute
metadata:
  name: gogs-http-redirection
  namespace: common-namespace
spec:
  entryPoints:
    - web
  routes:
    - match: Host(`gogs.example.com`)
      kind: Rule
      middlewares:
        - name: redirect-to-https
      services:
        - name: dummy-service
          port: 80
---
apiVersion: traefik.containo.us/v1alpha1
kind: Middleware
metadata:
  name: redirect-to-https
  namespace: common-namespace
spec:
  redirectScheme:
    scheme: https
    permanent: true
---
# Dummy Service - 只是为了满足IngressRoute的要求,但实际上不会被使用
apiVersion: v1
kind: Service
metadata:
  name: dummy-service
  namespace: common-namespace
spec:
  ports:
    - name: http
      protocol: TCP
      port: 80

---
apiVersion: v1
kind: Endpoints
metadata:
  name: dummy-service
  namespace: common-namespace
subsets:
  - addresses:
      - ip: 10.200.0.1
    ports:
      - name: http
        port: 43123
---
apiVersion: traefik.containo.us/v1alpha1
kind: IngressRoute
metadata:
  name: gogs-ingressroute
  namespace: common-namespace
spec:
  entryPoints:
    - websecure
  routes:
    - match: Host(`gogs.example.com`) && PathPrefix(`/`)
      kind: Rule
      services:
        - name: gogs-external-service
          port: 8080
  tls:
    secretName: gogs-cert-secret
    domains:
      - main: "gogs.example.com"
---
apiVersion: v1
kind: Endpoints
metadata:
  name: gogs-external-service
  namespace: common-namespace
subsets:
  - addresses:
      - ip: 10.200.0.1
    ports:
      - port: 43123
---
apiVersion: v1
kind: Service
metadata:
  name: gogs-external-service
  namespace: common-namespace
spec:
  ports:
    - protocol: TCP
      port: 8080
      targetPort: 43123
编辑此页
最后alsritter.mac 更新