- ssl_certificate = None
- ssl_certificate_key = None
- ssl_enabled = False
-
- if "ssl_certificate" in config and "ssl_certificate_key" in config:
- # Get bytes of cert and key
- cert_b = base64.b64decode(config["ssl_certificate"])
- key_b = base64.b64decode(config["ssl_certificate_key"])
- # Decode key and cert
- ssl_certificate = cert_b.decode("utf-8")
- ssl_certificate_key = key_b.decode("utf-8")
- # Get paths
- cert_path = "{}/{}".format(self.ssl_folder, self.ssl_crt_name)
- key_path = "{}/{}".format(self.ssl_folder, self.ssl_key_name)
-
- config_spec["port"] = "{} ssl".format(config["https_port"])
- config_spec["ssl_crt"] = "ssl_certificate {};".format(cert_path)
- config_spec["ssl_crt_key"] = "ssl_certificate_key {};".format(key_path)
- ssl_enabled = True
- else:
- config_spec["ssl_crt"] = ""
- config_spec["ssl_crt_key"] = ""
-
- files = [
- {
- "name": "configuration",
- "mountPath": "/etc/nginx/sites-available/",
- "files": {
- Path(filename)
- .name: Template(Path(filename).read_text())
- .substitute(config_spec)
- for filename in glob("files/*")
- },
- }
- ]
- port = config["https_port"] if ssl_enabled else config["port"]
- ports = [
- {"name": "port", "containerPort": port, "protocol": "TCP", },
- ]
-
- kubernetes = {
- "readinessProbe": {
- "tcpSocket": {"port": port},
- "timeoutSeconds": 5,
- "periodSeconds": 5,
- "initialDelaySeconds": 10,
- },
- "livenessProbe": {
- "tcpSocket": {"port": port},
- "timeoutSeconds": 5,
- "initialDelaySeconds": 45,
- },
- }