|
|
|
@ -36,8 +36,8 @@
|
|
|
|
|
(cut/generate-ingress {:fqdn "test.de"}))))
|
|
|
|
|
|
|
|
|
|
(deftest should-generate-nginx-configmap
|
|
|
|
|
(is (= {:website.conf-c1 "server {\n listen 80 default_server;\n listen [::]:80 default_server;\n listen 443 ssl;\n ssl_certificate /etc/certs/tls.crt;\n ssl_certificate_key /etc/certs/tls.key;\n server_name test.de;\n # security headers\n add_header Strict-Transport-Security 'max-age=31536000; includeSubDomains; preload';\n add_header Content-Security-Policy \"default-src 'self'; font-src *;img-src * data:; script-src *; style-src *\";\n add_header X-XSS-Protection \"1; mode=block\";\n add_header X-Frame-Options \"SAMEORIGIN\";\n add_header X-Content-Type-Options nosniff;\n add_header Referrer-Policy \"strict-origin\";\n # maybe need to add:\n # add_header Permissions-Policy \"permissions here\";\n root /var/www/html/website/;\n # root /usr/share/nginx/html/; # testing purposes\n index index.html;\n location / { \n try_files $uri $uri/ /index.html =404; \n }\n}",
|
|
|
|
|
:website.conf-c2 "server {\n listen 80 default_server;\n listen [::]:80 default_server;\n listen 443 ssl;\n ssl_certificate /etc/certs/tls.crt;\n ssl_certificate_key /etc/certs/tls.key;\n server_name test.com;\n # security headers\n add_header Strict-Transport-Security 'max-age=31536000; includeSubDomains; preload';\n add_header Content-Security-Policy \"default-src 'self'; font-src *;img-src * data:; script-src *; style-src *\";\n add_header X-XSS-Protection \"1; mode=block\";\n add_header X-Frame-Options \"SAMEORIGIN\";\n add_header X-Content-Type-Options nosniff;\n add_header Referrer-Policy \"strict-origin\";\n # maybe need to add:\n # add_header Permissions-Policy \"permissions here\";\n root /var/www/html/website/;\n # root /usr/share/nginx/html/; # testing purposes\n index index.html;\n location / { \n try_files $uri $uri/ /index.html =404; \n }\n}",
|
|
|
|
|
(is (= {:website.conf-c1 "server {\n listen 80 default_server;\n listen [::]:80 default_server;\n listen 443 ssl;\n ssl_certificate /etc/certs/tls.crt;\n ssl_certificate_key /etc/certs/tls.key;\n server_name test.de; \n add_header Strict-Transport-Security 'max-age=31536000; includeSubDomains; preload';\n add_header Content-Security-Policy \"default-src 'self'; font-src *;img-src * data:; script-src *; style-src *\";\n add_header X-XSS-Protection \"1; mode=block\";\n add_header X-Frame-Options \"SAMEORIGIN\";\n add_header X-Content-Type-Options nosniff;\n add_header Referrer-Policy \"strict-origin\";\n # add_header Permissions-Policy \"permissions here\";\n root /var/www/html/website/;\n index index.html;\n location / {\n try_files $uri $uri/ /index.html =404;\n }\n}\n",
|
|
|
|
|
:website.conf-c2 "server {\n listen 80 default_server;\n listen [::]:80 default_server;\n listen 443 ssl;\n ssl_certificate /etc/certs/tls.crt;\n ssl_certificate_key /etc/certs/tls.key;\n server_name test.com; \n add_header Strict-Transport-Security 'max-age=31536000; includeSubDomains; preload';\n add_header Content-Security-Policy \"default-src 'self'; font-src *;img-src * data:; script-src *; style-src *\";\n add_header X-XSS-Protection \"1; mode=block\";\n add_header X-Frame-Options \"SAMEORIGIN\";\n add_header X-Content-Type-Options nosniff;\n add_header Referrer-Policy \"strict-origin\";\n # add_header Permissions-Policy \"permissions here\";\n root /var/www/html/website/;\n index index.html;\n location / {\n try_files $uri $uri/ /index.html =404;\n }\n}\n",
|
|
|
|
|
:name-c1 "test-de-configmap",
|
|
|
|
|
:name-c2 "test-com-configmap"}
|
|
|
|
|
(th/map-diff (cut/generate-nginx-configmap {:fqdn "test.de"})
|
|
|
|
@ -61,7 +61,7 @@
|
|
|
|
|
:volumeMounts
|
|
|
|
|
[{:mountPath "/etc/nginx", :readOnly true, :name "nginx-config-volume"}
|
|
|
|
|
{:mountPath "/var/log/nginx", :name "log"}
|
|
|
|
|
{:mountPath "/var/www/html/website", :name "website-content-volume"}
|
|
|
|
|
{:mountPath "/var/www/html/website", :name "website-content-volume", :readOnly true}
|
|
|
|
|
{:mountPath "/etc/certs", :name "website-cert", :readOnly true}]}],
|
|
|
|
|
:volumes
|
|
|
|
|
[{:name "nginx-config-volume",
|
|
|
|
|