rogerscuall/ingress-config-protected-service-using-vouch

## ingress-config-protected-service-using-vouch
---
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
  annotations:
    cert-manager.io/issuer: letsencrypt-dev
    kubernetes.io/ingress.class: nginx
    nginx.ingress.kubernetes.io/proxy-buffer-size: "8k"
    #nginx.ingress.kubernetes.io/cors-allow-headers: "X-Forwarded-For"
    nginx.ingress.kubernetes.io/auth-signin: "https://vouch.mydomain.com.org/login?url=$scheme://$http_host$request_uri&vouch-failcount=$auth_resp_failcount&X-Vouch-Token=$auth_resp_jwt&error=$auth_resp_err"
    nginx.ingress.kubernetes.io/auth-url: https://vouch.mydomain.com.org/validate
    nginx.ingress.kubernetes.io/auth-response-headers: x-vouch-user, X-Vouch-IdP-Claims-Groups
    nginx.ingress.kubernetes.io/auth-snippet: |
      # these return values are used by the @error401 call
      auth_request_set $auth_resp_jwt $upstream_http_x_vouch_jwt;
      auth_request_set $auth_resp_err $upstream_http_x_vouch_err;
      auth_request_set $auth_resp_failcount $upstream_http_x_vouch_failcount;
  name: httpbin
  namespace: engine-dev
spec:
  rules:
  - host: httpbin.mydomain.com.org
    http:
      paths:
      - backend:
          serviceName: httpbin
          servicePort: http
  tls:
  - hosts:
    - httpbin.mydomain.com.org
    secretName: httpbin-tls
	---
	apiVersion: extensions/v1beta1
	kind: Ingress
	metadata:
	annotations:
	cert-manager.io/issuer: letsencrypt-dev
	kubernetes.io/ingress.class: nginx
	nginx.ingress.kubernetes.io/proxy-buffer-size: "8k"
	#nginx.ingress.kubernetes.io/cors-allow-headers: "X-Forwarded-For"
	nginx.ingress.kubernetes.io/auth-signin: "https://vouch.mydomain.com.org/login?url=$scheme://$http_host$request_uri&vouch-failcount=$auth_resp_failcount&X-Vouch-Token=$auth_resp_jwt&error=$auth_resp_err"
	nginx.ingress.kubernetes.io/auth-url: https://vouch.mydomain.com.org/validate
	nginx.ingress.kubernetes.io/auth-response-headers: x-vouch-user, X-Vouch-IdP-Claims-Groups
	nginx.ingress.kubernetes.io/auth-snippet: \|
	# these return values are used by the @error401 call
	auth_request_set $auth_resp_jwt $upstream_http_x_vouch_jwt;
	auth_request_set $auth_resp_err $upstream_http_x_vouch_err;
	auth_request_set $auth_resp_failcount $upstream_http_x_vouch_failcount;
	name: httpbin
	namespace: engine-dev
	spec:
	rules:
	- host: httpbin.mydomain.com.org
	http:
	paths:
	- backend:
	serviceName: httpbin
	servicePort: http
	tls:
	- hosts:
	- httpbin.mydomain.com.org
	secretName: httpbin-tls