# Ingress - only add ingress if 'host' is defined
{{ if .Values.ingress.host }}

---
apiVersion: networking.k8s.io/v1beta1
kind: Ingress
metadata:
  name: ingress-{{ .Values.name }}
  namespace: {{ .Release.Namespace }}
  annotations:
    kubernetes.io/ingress.class: "nginx"
    nginx.ingress.kubernetes.io/enable-cors: "true"
    nginx.ingress.kubernetes.io/cors-allow-origin: "*"
    cert-manager.io/cluster-issuer: "cert-{{ .Values.name }}"
    nginx.ingress.kubernetes.io/upstream-vhost: "{{ .Values.ingress.host }}"
    nginx.ingress.kubernetes.io/configuration-snippet: |
      proxy_set_header X-Forwarded-Proto {{ .Values.scheme | default "https" }};

spec:
  tls:
    - hosts:
      - {{ .Values.ingress.host }}
      secretName: cert-{{ .Values.name }}

  rules:
  - host: {{ .Values.ingress.host }}
    http:
      paths:
      - path: /
        backend:
          serviceName: {{ .Values.name }}
          servicePort: 80

---

apiVersion: cert-manager.io/v1alpha2
kind: ClusterIssuer
metadata:
  name: cert-{{ .Values.name }}
  namespace: cert-manager
spec:
  acme:
    # The ACME server URL
    server: https://acme-v02.api.letsencrypt.org/directory
    # Email address used for ACME registration
    email: {{ .Values.ingress.cert_email }}
    # Name of a secret used to store the ACME account private key
    privateKeySecretRef:
      name: cert-{{ .Values.name }}
    # Enable the HTTP-01 challenge provider
    solvers:
    - http01:
        ingress:
          class: nginx

{{ end }}