Browse Source

Update docs to clarify certificates requirements

During the initial configuration it's required to
configure a set of valid certificates for ingress.
Make it more explicit so people don't miss this step.

Change-Id: Ie6477f934688467b7d5dfe1cc8191f6acff29a21
tags/v19.03.06
Evgeny 2 months ago
parent
commit
0aac1554cc

+ 11
- 0
doc/source/authoring_and_deployment.rst View File

@@ -351,6 +351,17 @@ with random generated ones:
351 351
 
352 352
     python3 -c "from crypt import *; print(crypt('<YOUR_PASSWORD>', METHOD_SHA512))"
353 353
 
354
+Configure certificates in ``site/${NEW_SITE}/secrets/certificates/ingress.yaml``,
355
+they need to be issued for domain configured in a section ``data.dns.ingress_domain``
356
+of a file ``./site/${NEW_SITE}/networks/common-addresses.yaml``. A list of endpoints
357
+which will be used with these certificates can be found in the following file
358
+``./site/${NEW_SITE}/software/config/endpoints.yaml``.
359
+
360
+.. caution::
361
+
362
+    It's required to configure valid certificates, self-signed certificates
363
+    are not supported.
364
+
354 365
 Manifest linting and combining layers
355 366
 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
356 367
 

+ 2
- 2
site/airship-seaworthy/secrets/certificates/ingress.yaml View File

@@ -1,7 +1,7 @@
1 1
 ---
2 2
 # Example manifest for ingress cert.
3
-# Shall be replaced with proper/valid set.
4
-# Self-signed certs are not supported.
3
+# NEWSITE-CHANGEME: must be replaced with proper/valid set,
4
+# self-signed certs are not supported.
5 5
 metadata:
6 6
   layeringDefinition:
7 7
     abstract: false

Loading…
Cancel
Save