Commit fac059ff authored by Craig Russell's avatar Craig Russell
Browse files

Added cert manager and certificates for binder.

parent 5a16759b
......@@ -13,4 +13,16 @@ jupyterhub:
ingress:
enabled: true
hosts:
- "binder.bioimagearchive.org"
\ No newline at end of file
- "binder.bioimagearchive.org"
annotations:
kubernetes.io/ingress.class: nginx
kubernetes.io/tls-acme: "true"
cert-manager.k8s.io/acme-challenge-type: http01
cert-manager.io/cluster-issuer: letsencrypt-production
https:
enabled: true
type: nginx
tls:
- secretName: binder-bioimagearchive-org-cert
hosts:
- binder.bioimagearchive.org
\ No newline at end of file
......@@ -2,7 +2,7 @@ config:
BinderHub:
hub_url: http://beta.binder.bioimagearchive.org/binderhub/
banner_message: |
<div style="text-align: center;">Beta service with more RAM and CPU</div>
<div style="text-align: center;">Beta service with more RAM and CPU (no DIND atm)</div>
jupyterhub:
hub:
baseUrl: /binderhub
......
......@@ -19,7 +19,7 @@ config:
BinderHub:
hub_url: http://gpu.beta.binder.bioimagearchive.org/binderhub/
banner_message: |
<div style="text-align: center;">Beta service with more RAM and CPU and GPU Support (no DIND atm) </div>
<div style="text-align: center;">Beta service with more RAM and CPU and GPU Support </div>
ingress:
......
apiVersion: cert-manager.io/v1
kind: ClusterIssuer
metadata:
name: letsencrypt-production
spec:
acme:
# You must replace this email address with your own.
# Let's Encrypt will use this to contact you about expiring
# certificates, and issues related to your account.
email: ctr26@ebi.ac.uk
server: https://acme-v02.api.letsencrypt.org/directory
privateKeySecretRef:
# Secret resource that will be used to store the account's private key.
name: letsencrypt-production
# Add a single challenge solver, HTTP01 using nginx
solvers:
- http01:
ingress:
class: nginx
\ No newline at end of file
......@@ -15,7 +15,9 @@ namespaces:
protected: false
daskgateway-production:
protected: false
# binderhub-staging-gpu:
# protected: false
# binderhub-production-gpu:
# protected: false
\ No newline at end of file
binderhub-production-gpu:
protected: false
binderhub-staging-gpu:
protected: false
cert-manager:
protected: false
......@@ -31,6 +31,7 @@ metadata:
helmRepos:
jupyterhub: "https://jupyterhub.github.io/helm-chart/"
daskgateway: "https://dask.org/dask-gateway-helm-repo/"
jetstack: "https://charts.jetstack.io"
appsTemplates:
binderhub: &binderhub
......@@ -239,6 +240,23 @@ apps:
# - "jupyterhub/persistentVolumes.yaml"
- "jupyterhub/github.yaml"
# - "jupyterhub/production/github.yaml"
cert-manager-production:
name: "cert-manager"
chart: "jetstack/cert-manager"
enabled: true
priority: 0
# timeout: 120
version: "v1.1.0"
group: "production"
namespace: "cert-manager"
set:
installCRDs: "true"
ingressShim.defaultIssuerKind: "ClusterIssuer"
ingressShim.defaultIssuerName: "letsencrypt-production"
hooks:
postUpgrade: "cert-managment/cluster_issuer.yaml"
# -------------------- JUNK ----------------------------------
# jupyterhub-test:
# valuesFiles:
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment