Add support for more origin service configuration

STRRL / cloudflare-tunnel-ingress-controller

🚀 Expose the website directly into the internet! The Kuberntes Ingress Controller based on Cloudflare Tunnel.

MIT License

644 stars 37 forks source link

Add support for more origin service configuration #67

Closed UnstoppableMango closed 4 months ago

UnstoppableMango commented 9 months ago

Adds support for a few more origin service settings via annotations similar to proxy ssl verify.

https://developers.cloudflare.com/cloudflare-one/connections/connect-networks/configure-tunnels/origin-configuration/

I tried to follow the existing conventions, but I did make a minor refactor around ProxySSLVerify/NoTLSVerify. Let me know if there's anything you want changed!

I believe this should resolve #11 and #16

UnstoppableMango commented 9 months ago

I completely forgot the certificate mounting portion... be right back!

UnstoppableMango commented 9 months ago

Ok, I've updated with the ability to mount certificates from either secrets or config maps. I went with CLI options to provide a more opinionated out-of-the-box configuration, but perhaps its better to allow arbitrary volume mounts in the controlled container? That might make it easier to integrate with i.e. the cert-manager CSI.

Let me know if you'd like any changes!