imfreedom/k8s-cluster

Turn on hsts for pidgin.im and friends and fix some redirects for pidg.in

2020-09-08, Gary Kramlich
28ba6fd6eea3
Parents 5a25e19e2352
Children 3d11aff373b0
Turn on hsts for pidgin.im and friends and fix some redirects for pidg.in
2 files changed, 39 insertions(+), 0 deletions(-)
  • +9 -0
    40-roost-middleware.yaml
  • +30 -0
    50-nest.pidgin.im.yaml
    • --- a/40-roost-middleware.yaml Tue Sep 08 21:59:13 2020 -0500
    +++ b/40-roost-middleware.yaml Tue Sep 08 22:28:41 2020 -0500
    @@ -20,3 +20,12 @@
    scheme: https
    permanent: true
    ---
    +apiVersion: traefik.containo.us/v1alpha1
    +kind: Middleware
    +metadata:
    + name: hsts-headers
    + namespace: roost
    +spec:
    + headers:
    + stsSeconds: 31536000
    +---
    --- a/50-nest.pidgin.im.yaml Tue Sep 08 21:59:13 2020 -0500
    +++ b/50-nest.pidgin.im.yaml Tue Sep 08 22:28:41 2020 -0500
    @@ -1,3 +1,14 @@
    +---
    +apiVersion: traefik.containo.us/v1alpha1
    +kind: Middleware
    +metadata:
    + name: newissue-redirect
    + namespace: roost
    +spec:
    + redirectRegex:
    + regex: ^https?:\/\/[^\/]+(\/.+)?
    + replacement: |
    + https://issues.imfreedom.org/newIssue?project=PIDGIN&description=What%20version%20of%20pidgin%20are%20you%20using%3F%20(please%20provide%20the%20actual%20version%20number%20from%20Help%20-%3E%20About%3B%20latest%20is%20not%20a%20version%20number).%0A%0AWhat%20operating%20system%20are%20you%20running%20(for%20example%20Debian%20Buster%2C%20Fedora%2032%2C%20Ubuntu%20Focal)%3F%0A%0AHow%20did%20you%20install%20Pidgin%20(from%20source%2C%20package%20manager%2C%20appimage%2C%20flatpak%2C%20snap%2C%20other)%3F%0A%0A%5BPlease%20describe%20your%20issue%20in%20more%20detail%5D
    ---
    apiVersion: traefik.containo.us/v1alpha1
    kind: Middleware
    @@ -25,6 +36,7 @@
    - name: nest
    port: 3000
    middlewares:
    + - name: hsts-headers
    - name: nest-redirects
    tls:
    secretName: nest-redirects-tls
    @@ -101,6 +113,13 @@
    port: 80
    middlewares:
    - name: common-headers
    + - match: (Host(`pidgin.im`) || Host(`www.pidgin.im`)) && Path(`/newissue`)
    + kind: Rule
    + services:
    + - name: nest
    + port: 3000
    + middlewares:
    + - name: newissue-redirect
    - match: (Host(`pidg.in`) || Host(`www.pidg.in`))
    kind: Rule
    services:
    @@ -127,6 +146,7 @@
    - name: nest-redirect-documentation
    - name: nest-redirect-pipermail-support
    - name: common-headers
    + - name: hsts-headers
    - match: (Host(`pidgin.im`) || Host(`www.pidgin.im`)) && PathPrefix(`/win32`)
    kind: Rule
    services:
    @@ -134,6 +154,7 @@
    port: 80
    middlewares:
    - name: common-headers
    + - name: hsts-headers
    - match: (Host(`pidgin.im`) || Host(`www.pidgin.im`)) && Path(`/version.php`)
    kind: Rule
    services:
    @@ -141,6 +162,15 @@
    port: 80
    middlewares:
    - name: common-headers
    + - name: hsts-headers
    + - match: (Host(`pidgin.im`) || Host(`www.pidgin.im`)) && Path(`/newissue`)
    + kind: Rule
    + services:
    + - name: nest
    + port: 3000
    + middlewares:
    + - name: newissue-redirect
    + - name: hsts-header
    tls:
    secretName: nest-tls
    options: