如何使用 Nginx 入口 controller 为对讲机设置 SSL?
[英]How to setup SSL for Intercom using Nginx ingress controller?
问题描述
I'm trying to enable https for custom domain for Intercom setup.
我正在尝试为自定义域启用https以进行对讲设置。 The documentation tells:该文档告诉:
server {
listen 443 ssl;
server_name your-help-site.custom-domain.com; # replace this with your domain
ssl_certificate /path/to/your/fullchain.pem;
ssl_certificate_key /path/to/your/privatekey.pem;
location / {
# using "set" is important as IP addresses of Intercom servers
# changes dynamically. "set" enables nginx to follow dynamic IPs
set $intercom "https://custom.intercom.help:443";
proxy_set_header Host $host;
proxy_pass $intercom;
}
}
I've tried this approach:我试过这种方法:
resource kubernetes_ingress help_ingress {
metadata {
name = "help-ingress"
annotations = {
"certmanager.k8s.io/cluster-issuer" = "letsencrypt-prod"
"kubernetes.io/ingress.class" = "nginx"
"nginx.ingress.kubernetes.io/permanent-redirect" = "http://custom.intercom.help"
"nginx.ingress.kubernetes.io/rewrite-target" = "/"
"ingress.kubernetes.io/force-ssl-redirect" = false
"nginx.ingress.kubernetes.io/from-to-www-redirect" = true
}
}
spec {
tls {
secret_name = "help-cert"
hosts = [local.help_url, "www.${local.help_url}"]
}
rule {
host = "${local.help_url}"
http {
path {
path = ""
backend {
service_name = "fake"
service_port = 80
}
}
}
}
}
}
But it gives me just a redirect to https://custom.intercom.help How to achieve that proxy_path using k8s nginx ingress ?但它只给了我一个重定向到https://custom.intercom.help proxy_path使用k8s nginx ingress实现该代理路径?
1 个解决方案
解决方案1
0 已采纳 2021-04-13 10:11:00
I faced the same issue and found a solution that works for me.我遇到了同样的问题,并找到了适合我的解决方案。
Of course you need to first configure your custom domain in the intercom settings here: https://app.intercom.io/a/apps/_/articles/site/settings当然你需要先在此处的对讲设置中配置你的自定义域: https://app.intercom.io/a/apps/_/articles/site/settings
Then you need to create a "CNAME" service in your cluster like so:然后您需要在集群中创建一个“CNAME”服务,如下所示:
kind: Service
apiVersion: v1
metadata:
name: intercom-service
namespace: ingress-nginx
spec:
type: ExternalName
externalName: custom.intercom.help
Now you can link your ingress to this service and everything should work:现在您可以将您的入口链接到此服务,并且一切都应该正常工作:
apiVersion: networking.k8s.io/v1beta1
kind: Ingress
metadata:
name: intercom-ingress
namespace: ingress-nginx
annotations:
kubernetes.io/ingress.class: "nginx"
nginx.ingress.kubernetes.io/rewrite-target: /
cert-manager.io/cluster-issuer: "letsencrypt-prod"
spec:
tls:
- secretName: tls-intercom-secret
hosts:
- **replace.with.domain.com**
rules:
- host: **replace.with.domain.com**
http:
paths:
- path: /
backend:
serviceName: intercom-service
servicePort: 80
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.