biondizzle
a6c59d6a65
- Remove m3coordinator LoadBalancer service (was using deprecated AutoSSL) - Add Traefik ingress controller with Let's Encrypt ACME - Add basic auth middleware for external access - Update test scripts with auth support and fixed protobuf encoding - Add multi-tenancy documentation (label-based isolation) - Update README with Traefik deployment instructions
33 lines
783 B
YAML
33 lines
783 B
YAML
##############################################################################
|
|
# Basic Auth Middleware for Traefik
|
|
# CHANGE THE PASSWORD BEFORE PRODUCTION USE!
|
|
#
|
|
# To generate a new htpasswd entry:
|
|
# htpasswd -nb <username> <password>
|
|
# Then base64 encode it:
|
|
# echo -n '<htpasswd-output>' | base64
|
|
# Update the secret below with the new value.
|
|
##############################################################################
|
|
|
|
---
|
|
apiVersion: v1
|
|
kind: Secret
|
|
metadata:
|
|
name: basic-auth-secret
|
|
namespace: m3db
|
|
type: Opaque
|
|
# htpasswd -nb example example
|
|
stringData:
|
|
users: |-
|
|
example:$apr1$oMBgtfpd$CBTS17sDq7GN58qaoIMvh.
|
|
|
|
---
|
|
apiVersion: traefik.io/v1alpha1
|
|
kind: Middleware
|
|
metadata:
|
|
name: basic-auth
|
|
namespace: m3db
|
|
spec:
|
|
basicAuth:
|
|
secret: basic-auth-secret
|