add: ingress + cert

README.md

@@ -38,7 +38,11 @@ tobi
 # Smokeping changes
 
 ## TODO
-- enable our docker image to accept volume mounts for `config/config` so users of our image can provide their own configuration file or customise the default configuration file.
+- enable our docker image to accept volume mounts for `config/config` so users of our image can provide their own configuration file or customise the default configuration file
+- redirect / to /smokeping/smokeping.fcgi.dist
+
+## NOTES
+- followed https://atetux.com/how-to-build-and-install-latest-smokeping-on-ubuntu-20-04 as a base to creating this docker image
 
 ## Smokeping configuration defaults
 A default smokeping configuration can be found in `config/config`.

config/config

@@ -1,6 +1,6 @@
 *** General ***
-owner    = Atetux
-contact  = hello.darling@atetux.com
+owner    = sjultra
+contact  = alex+smokeping.ops@sjultra.com
 mailhost = my.mail.host
 imgcache = /usr/local/smokeping/cache
 imgurl   = cache

config/smokeping.conf

@@ -1,5 +1,6 @@
 Alias /smokeping/cache /usr/local/smokeping/cache
 Alias /smokeping /usr/local/smokeping/htdocs/
+Alias / /usr/local/smokeping/htdocs/smokeping.fcgi.dist
 
 
 <Directory "/usr/local/smokeping/cache">
@@ -11,4 +12,6 @@ Alias /smokeping /usr/local/smokeping/htdocs/
  Options FollowSymLinks ExecCGI
  AllowOverride all
  Require all granted
-</Directory>
+</Directory>
+
+RedirectMatch 301 ^/$ /smokeping/smokeping.fcgi.dist

docker-compose.yml

@@ -7,6 +7,7 @@ services:
       dockerfile: ./docker/Dockerfile
     volumes:
       - ./config/config:/usr/local/smokeping/etc/config
+      - ./config/smokeping.conf:/etc/apache2/conf-available/smokeping.conf
       - ./data:/data
     ports:
       - 8080:80

docker/Dockerfile

@@ -37,6 +37,7 @@ RUN echo "**** configure Smokeping GUI ****"
 RUN chown www-data:www-data -R /usr/local/smokeping
 RUN chmod 777 /usr/local/smokeping
 COPY ./config/smokeping.conf /etc/apache2/conf-available/smokeping.conf
+VOLUME /etc/apache2/conf-available
 
 RUN a2enconf smokeping
 RUN a2enmod cgi

helm/service/templates/cert.yaml

@@ -0,0 +1,12 @@
+apiVersion: cert-manager.io/v1
+kind: Certificate
+metadata:
+  name: {{ .Values.issuer.secretName }}
+  namespace: smokeping
+spec:
+  secretName: {{ .Values.issuer.secretName }}
+  issuerRef:
+    name: smokeping-issuer
+  commonName: {{ .Values.ingress.ingressDomain }}
+  dnsNames:
+  - {{ .Values.ingress.ingressDomain }}

helm/service/templates/ingress.yaml

@@ -0,0 +1,24 @@
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  name: smokeping-ingress
+  annotations:
+    kubernetes.io/ingress.class: "traefik"
+    cert-manager.io/issuer: "smokeping-issuer"
+    traefik.ingress.kubernetes.io/redirect-entry-point: "https"
+spec:
+  rules:
+    - host: {{ .Values.ingress.ingressDomain }}
+      http:
+        paths:
+          - backend:
+              service:
+                name: smokeping
+                port:
+                  number: 80
+            path: /
+            pathType: Prefix
+  tls:
+    - hosts:
+      - {{ .Values.ingress.ingressDomain }}
+      secretName: {{ .Values.issuer.secretName }}

helm/service/templates/issuer.yaml

@@ -0,0 +1,17 @@
+{{- if .Values.issuer }}
+apiVersion: cert-manager.io/v1
+kind: Issuer
+metadata:
+  name: smokeping-issuer
+  namespace: smokeping
+spec:
+  acme:
+    server: https://acme-v02.api.letsencrypt.org/directory
+    email: {{ .Values.issuer.issuerEmail }}
+    privateKeySecretRef:
+      name: {{ .Values.issuer.privateKeyName }}
+    solvers:
+    - http01:
+        ingress:
+          class: traefik
+{{- end }}

helm/service/values.yaml

@@ -18,3 +18,10 @@ smokeping:
   image: sjultra/smokeping:latest
   port: 8080
 
+issuer:
+  issuerEmail: ops@sjultra.com
+  secretName: smokeping-tls-prod
+  privateKeyName: smokeping-tls-pkey-prod
+
+ingress:
+  ingressDomain: smokepingkube.vzxy.net