Browse Source

Update docs to clarify certificates requirements

During the initial configuration it's required to
configure a set of valid certificates for ingress.
Make it more explicit so people don't miss this step.

Change-Id: Ie6477f934688467b7d5dfe1cc8191f6acff29a21
changes/85/639185/2
Evgeny 2 years ago
committed by Kaspars Skels
parent
commit
0aac1554cc
2 changed files with 13 additions and 2 deletions
  1. +11
    -0
      doc/source/authoring_and_deployment.rst
  2. +2
    -2
      site/airship-seaworthy/secrets/certificates/ingress.yaml

+ 11
- 0
doc/source/authoring_and_deployment.rst View File

@ -351,6 +351,17 @@ with random generated ones:
python3 -c "from crypt import *; print(crypt('<YOUR_PASSWORD>', METHOD_SHA512))"
Configure certificates in ``site/${NEW_SITE}/secrets/certificates/ingress.yaml``,
they need to be issued for domain configured in a section ``data.dns.ingress_domain``
of a file ``./site/${NEW_SITE}/networks/common-addresses.yaml``. A list of endpoints
which will be used with these certificates can be found in the following file
``./site/${NEW_SITE}/software/config/endpoints.yaml``.
.. caution::
It's required to configure valid certificates, self-signed certificates
are not supported.
Manifest linting and combining layers
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


+ 2
- 2
site/airship-seaworthy/secrets/certificates/ingress.yaml View File

@ -1,7 +1,7 @@
---
# Example manifest for ingress cert.
# Shall be replaced with proper/valid set.
# Self-signed certs are not supported.
# NEWSITE-CHANGEME: must be replaced with proper/valid set,
# self-signed certs are not supported.
metadata:
layeringDefinition:
abstract: false


Loading…
Cancel
Save