⚡️ :: cert 설정

team-xquare · Aug 27, 2023 · c58bb90 · c58bb90
1 parent 9d69344
commit c58bb90
Show file tree

Hide file tree

Showing 4 changed files with 55 additions and 7 deletions.
diff --git a/charts/istio/Chart.yaml b/charts/istio/Chart.yaml
@@ -1,6 +1,6 @@
 apiVersion: v2
 type: application
 name: istio
-version: 1.0.1
+version: 1.0.2
 appVersion: "1.18.1"
 description: Istio setting for xquare
diff --git a/charts/istio/values.yaml b/charts/istio/values.yaml
@@ -32,6 +32,35 @@ operator:
     service.beta.kubernetes.io/aws-load-balancer-ssl-ports: "443"
     service.beta.kubernetes.io/aws-load-balancer-cross-zone-load-balancing-enabled: "true"
 
+gateway:
+  - hosts:
+      - '*.xquare.app'
+    port:
+      name: https
+      number: 443
+      protocol: HTTPS
+    tls:
+      mode: SIMPLE
+      credentialName: xquare-cert
+  - hosts:
+      - '*.dsm-pick.com'
+    port:
+      name: https
+      number: 443
+      protocol: HTTPS
+    tls:
+      mode: SIMPLE
+      credentialName: pick-cert
+  - hosts:
+      - '*.dsm-repo.con'
+    port:
+      name: https
+      number: 443
+      protocol: HTTPS
+    tls:
+      mode: SIMPLE
+      credentialName: repo-cert
+
 virtualServices:
   - name: argocd-server
     host: argo-cd.xquare.app

diff --git a/charts/xquare-certificate/templates/xquare-cert.yaml b/charts/xquare-certificate/templates/xquare-cert.yaml
@@ -1,13 +1,14 @@
+{{- range .Values.certificates }}
 apiVersion: cert-manager.io/v1
 kind: Certificate
 metadata:
-  name: xquare-cert
+  name: {{ .name }}
   namespace: istio-system
 spec:
   isCA: true
   duration: 87600h # 10 years
-  secretName: xquare-cert
-  commonName: 'xquare.app'
+  secretName: {{ .name }}
+  commonName: {{ .commonName }}
   privateKey:
     algorithm: ECDSA
     size: 256
@@ -16,9 +17,11 @@ spec:
     - cluster.local
     - cert-manager
   dnsNames:
-    - '*.xquare.app'
-    - 'xquare.app'
+    {{- range .dnsNames }}
+    - {{ . }}
+    {{- end }}
   issuerRef:
     name: letsencrypt-issuer
     kind: ClusterIssuer
-  secretName: xquare-cert
+  secretName: {{ .name }}
+{{- end }}
diff --git a/charts/xquare-certificate/values.yaml b/charts/xquare-certificate/values.yaml
@@ -0,0 +1,16 @@
+certificates:
+  - name: xquare-cert
+    commonName: xquare.app
+    dnsNames: 
+    - '*.xquare.app'
+    - 'xquare.app'
+  - name: pick-cert
+    commonName: dsm-pick.com
+    dnsNames: 
+    - '*.dsm-pick.com'
+    - 'dsm-pick.com'
+  - name: repo-cert
+    commoNname: dsm-repo.com
+    dnsNames: 
+    - '*.dsm-repo.com'
+    - 'dsm-repo.com'