diff --git a/src/main/cljc/dda/c4k_shynet/shynet.cljc b/src/main/cljc/dda/c4k_shynet/shynet.cljc index edc6bc0..e3b9b3b 100644 --- a/src/main/cljc/dda/c4k_shynet/shynet.cljc +++ b/src/main/cljc/dda/c4k_shynet/shynet.cljc @@ -27,7 +27,8 @@ (let [{:keys [fqdn django-secret-key postgres-db-user postgres-db-password]} config] (-> (yaml/from-string (yaml/load-resource "shynet/secret.yaml")) - (assoc-in [:stringData :ALLOWED_HOSTS] fqdn) + ; See comment in secret.yaml + ;(assoc-in [:stringData :ALLOWED_HOSTS] fqdn) (assoc-in [:stringData :DJANGO_SECRET_KEY] django-secret-key) (assoc-in [:stringData :DB_USER] postgres-db-user) (assoc-in [:stringData :DB_PASSWORD] postgres-db-password)))) diff --git a/src/main/resources/shynet/ingress.yaml b/src/main/resources/shynet/ingress.yaml index f1228ac..08fd7ac 100644 --- a/src/main/resources/shynet/ingress.yaml +++ b/src/main/resources/shynet/ingress.yaml @@ -4,7 +4,6 @@ metadata: name: shynet-webserver-ingress annotations: cert-manager.io/cluster-issuer: letsencrypt-staging-issuer - kubernetes.io/ingress.class: addon-http-application-routing nginx.ingress.kubernetes.io/proxy-body-size: "256m" nginx.ingress.kubernetes.io/ssl-redirect: "true" nginx.ingress.kubernetes.io/rewrite-target: / diff --git a/src/main/resources/shynet/secret.yaml b/src/main/resources/shynet/secret.yaml index b729779..e97554d 100644 --- a/src/main/resources/shynet/secret.yaml +++ b/src/main/resources/shynet/secret.yaml @@ -6,7 +6,11 @@ type: Opaque stringData: # Django settings DEBUG: "False" - ALLOWED_HOSTS: fqdn # For better security, set this to your deployment's domain. Comma separated. + + # This is hidden behind ingress and (presumably) only works if it has access to + # all shynet pods and services + # If this is not set to '*' there is 404 on every webpage + ALLOWED_HOSTS: "*" # For better security, set this to your deployment's domain. Comma separated. DJANGO_SECRET_KEY: django-secret-key ACCOUNT_SIGNUPS_ENABLED: "False" TIME_ZONE: "America/New_York"