Fix dashboard.

infra/build-services.sh

@@ -168,19 +168,26 @@ else
 		echo "Dashboard auth configs..."
 
 		rm -rf dashboard/
-		mkdir -p dashboard/dashboard-auth
-		cp sources/dashboard-auth/*.yaml dashboard/dashboard-auth/
+		mkdir -p dashboard
+		cp ./sources/dashboard/*.yaml ./dashboard
 
-		COOKIE_SECRET=$(dd if=/dev/urandom bs=16 count=1 2>/dev/null | base64)
+		# mkdir -p dashboard/dashboard-auth
+		# cp sources/dashboard-auth/*.yaml dashboard/dashboard-auth/
 
-		sed -i -e "s#__OAUTH2_PROXY_COOKIE_SECRET__#$COOKIE_SECRET#g" dashboard/dashboard-auth/oauth2-proxy.yaml
-		sed -i -e "s#__OAUTH2_PROXY_CLIENT_SECRET__#$OAUTH2_PROXY_CLIENT_SECRET#g" dashboard/dashboard-auth/oauth2-proxy.yaml
+		# COOKIE_SECRET=$(dd if=/dev/urandom bs=16 count=1 2>/dev/null | base64)
+
+		# sed -i -e "s#__OAUTH2_PROXY_COOKIE_SECRET__#$COOKIE_SECRET#g" dashboard/dashboard-auth/oauth2-proxy.yaml
+		# sed -i -e "s#__OAUTH2_PROXY_CLIENT_SECRET__#$OAUTH2_PROXY_CLIENT_SECRET#g" dashboard/dashboard-auth/oauth2-proxy.yaml
 
 		DASHBOARD_TOKEN=$(kubectl -n kube-system describe secret $(kubectl -n kube-system get secret | grep admin-user | awk '{print $1}') | grep token: )
 		DASHBOARD_TOKEN="${DASHBOARD_TOKEN:7:${#DASHBOARD_TOKEN}}"
 
-		sed -i -e "s#__DASHBOARD_TOKEN__#$DASHBOARD_TOKEN#g" dashboard/dashboard-auth/ingreses.yaml
-		sed -i -e "s#Bearer      #Bearer #g" dashboard/dashboard-auth/ingreses.yaml
+		# sed -i -e "s#__DASHBOARD_TOKEN__#$DASHBOARD_TOKEN#g" dashboard/dashboard-auth/ingreses.yaml
+		# sed -i -e "s#Bearer      #Bearer #g" dashboard/dashboard-auth/ingreses.yaml
+
+		sed -i -e "s#__DASHBOARD_TOKEN__#$DASHBOARD_TOKEN#g" dashboard/ingress.yaml
+		sed -i -e "s#Bearer      #Bearer #g" dashboard/ingress.yaml
+		
 	else
 		echo "~/.secrets/ does not exist. Probably running from CI. Skipping dashboard configs..."
 	fi

infra/script.sh

@@ -164,7 +164,7 @@ kubectl apply -R -f sources/nginx/
 
 kubectl apply -R -f services/
 
-kubectl apply -R -f dashboard/
+kubectl apply -R -f ./dashboard/
 
 echo "Deploying status site"
 

infra/sources/dashboard/ingress.yaml

+apiVersion: extensions/v1beta1
+kind: Ingress
+metadata:
+  annotations:
+    kubernetes.io/ingress.class: "public"
+    nginx.ingress.kubernetes.io/backend-protocol: "HTTPS"
+    nginx.ingress.kubernetes.io/auth-secret: basic-auth
+    nginx.ingress.kubernetes.io/auth-realm: "Authentication Required!"
+    nginx.ingress.kubernetes.io/auth-type: basic
+    nginx.ingress.kubernetes.io/configuration-snippet: |
+      proxy_set_header Authorization "Bearer __DASHBOARD_TOKEN__";
+  name: dashboard
+  namespace: kube-system
+spec:
+  rules:
+  - host: dashboard-dbogatov-org.cluster.dbogatov.org
+    http:
+      paths:
+      - backend:
+          serviceName: kubernetes-dashboard
+          servicePort: 443
+        path: /
+  - host: dashboard.dbogatov.org
+    http:
+      paths:
+      - backend:
+          serviceName: kubernetes-dashboard
+          servicePort: 443
+        path: /
+  tls:
+  - hosts:
+    - dashboard-dbogatov-org.cluster.dbogatov.org
+    - dashboard.dbogatov.org
+    secretName: lets-encrypt