arvtiwar/gist:3ad714f7467071a17222dadc6b0a09ff Secret

## gistfile1.txt
### This ingress is for our frontend/UI ###
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
  name: myapp-ingress-ui
  namespace: myapp-dev
  annotations:
    kubernetes.io/ingress.class: "kong"
    cert-manager.io/cluster-issuer: myappui-letsencrypt-prod
    kubernetes.io/tls-acme: "true"
    configuration.konghq.com: myapp-kong-ingress
    plugins.konghq.com: user-kong-cors
    #plugins.konghq.com: http-ratelimit, http-auth
spec:
  tls:
  - secretName:  myappui-letsencrypt-prod
    hosts:
    - devui.myapp.net
    - www.devui.myapp.net
  rules:
    - host: devui.myapp.net
      http:
        paths:
          - path: /
            backend:
              serviceName: myapp-web
              servicePort: 3000
    - host: www.devui.myapp.net
      http:
        paths:
          - path: /
            backend:
              serviceName: myapp-web
              servicePort: 3000
---
### This ingress is for our backend/API ###
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
  name: myapp-ingress-api
  namespace: myapp-dev
  annotations:
    kubernetes.io/ingress.class: "kong"
    cert-manager.io/cluster-issuer: myappapi-letsencrypt-prod
    kubernetes.io/tls-acme: "true"
    configuration.konghq.com: myapp-kong-ingress
    plugins.konghq.com: user-kong-cors
    #plugins.konghq.com: http-auth
spec:
  tls:
  - secretName: myappapi-letsencrypt-prod
    hosts:
    - devapi.myapp.net
  rules:
    - host: devapi.myapp.net
      http:
        paths:
          - path: /
            backend:
              serviceName: myapp-api
              servicePort: 3333
-----
apiVersion: configuration.konghq.com/v1
kind: KongIngress
metadata:
    name: myapp-kong-ingress
    namespace: myapp-dev
route:
    protocols:
    - https
    https_redirect_status_code: 302
---
apiVersion: configuration.konghq.com/v1
kind: KongPlugin
metadata:
    name: user-kong-cors
    namespace: myapp-dev
enabled: true
plugin: cors
config:
    origins: https://devui.myapp.net
    methods:
        - GET
        - HEAD
        - PUT
        - PATCH
        - POST
        - DELETE
        - OPTIONS
    headers:
        - Origin
        - Access-Control-Request-Headers
        - Access-Control-Allow-Origin
    exposed_headers:
        - Origin
        - Access-Control-Request-Headers
        - Access-Control-Allow-Origin
    preflight_continue: true
    credentials: false
---
apiVersion: configuration.konghq.com/v1
kind: KongPlugin
metadata:
    name: http-add-header
    namespace: myapp-dev
enabled: true
config:
    add:
    headers:
        - "Access-Control-Allow-Origin: https://devui.myapp.net"
plugin: request-transformer
---
apiVersion: configuration.konghq.com/v1
kind: KongPlugin
metadata:
    name: https-redirect
    namespace: myapp-dev
plugin: pre-function
config:
    functions:
    - |
    local scheme = kong.request.get_scheme()
    if scheme == "http" then
        local host = kong.request.get_host()
        local query = kong.request.get_path_with_query()
        local url = "https://" .. host ..query
        kong.response.set_header("Location",url)
        return kong.response.exit(302,url)
    end
	### This ingress is for our frontend/UI ###
	apiVersion: extensions/v1beta1
	kind: Ingress
	metadata:
	name: myapp-ingress-ui
	namespace: myapp-dev
	annotations:
	kubernetes.io/ingress.class: "kong"
	cert-manager.io/cluster-issuer: myappui-letsencrypt-prod
	kubernetes.io/tls-acme: "true"
	configuration.konghq.com: myapp-kong-ingress
	plugins.konghq.com: user-kong-cors
	#plugins.konghq.com: http-ratelimit, http-auth
	spec:
	tls:
	- secretName: myappui-letsencrypt-prod
	hosts:
	- devui.myapp.net
	- www.devui.myapp.net
	rules:
	- host: devui.myapp.net
	http:
	paths:
	- path: /
	backend:
	serviceName: myapp-web
	servicePort: 3000
	- host: www.devui.myapp.net
	http:
	paths:
	- path: /
	backend:
	serviceName: myapp-web
	servicePort: 3000
	---
	### This ingress is for our backend/API ###
	apiVersion: extensions/v1beta1
	kind: Ingress
	metadata:
	name: myapp-ingress-api
	namespace: myapp-dev
	annotations:
	kubernetes.io/ingress.class: "kong"
	cert-manager.io/cluster-issuer: myappapi-letsencrypt-prod
	kubernetes.io/tls-acme: "true"
	configuration.konghq.com: myapp-kong-ingress
	plugins.konghq.com: user-kong-cors
	#plugins.konghq.com: http-auth
	spec:
	tls:
	- secretName: myappapi-letsencrypt-prod
	hosts:
	- devapi.myapp.net
	rules:
	- host: devapi.myapp.net
	http:
	paths:
	- path: /
	backend:
	serviceName: myapp-api
	servicePort: 3333
	-----
	apiVersion: configuration.konghq.com/v1
	kind: KongIngress
	metadata:
	name: myapp-kong-ingress
	namespace: myapp-dev
	route:
	protocols:
	- https
	https_redirect_status_code: 302
	---
	apiVersion: configuration.konghq.com/v1
	kind: KongPlugin
	metadata:
	name: user-kong-cors
	namespace: myapp-dev
	enabled: true
	plugin: cors
	config:
	origins: https://devui.myapp.net
	methods:
	- GET
	- HEAD
	- PUT
	- PATCH
	- POST
	- DELETE
	- OPTIONS
	headers:
	- Origin
	- Access-Control-Request-Headers
	- Access-Control-Allow-Origin
	exposed_headers:
	- Origin
	- Access-Control-Request-Headers
	- Access-Control-Allow-Origin
	preflight_continue: true
	credentials: false
	---
	apiVersion: configuration.konghq.com/v1
	kind: KongPlugin
	metadata:
	name: http-add-header
	namespace: myapp-dev
	enabled: true
	config:
	add:
	headers:
	- "Access-Control-Allow-Origin: https://devui.myapp.net"
	plugin: request-transformer
	---
	apiVersion: configuration.konghq.com/v1
	kind: KongPlugin
	metadata:
	name: https-redirect
	namespace: myapp-dev
	plugin: pre-function
	config:
	functions:
	- \|
	local scheme = kong.request.get_scheme()
	if scheme == "http" then
	local host = kong.request.get_host()
	local query = kong.request.get_path_with_query()
	local url = "https://" .. host ..query
	kong.response.set_header("Location",url)
	return kong.response.exit(302,url)
	end