1apiVersion: networking.k8s.io/v1
 2kind: Ingress
 3metadata:
 4  name: icyphox.sh
 5  namespace: default
 6  annotations:
 7    cert-manager.io/cluster-issuer: "letsencrypt-prod"
 8    nginx.ingress.kubernetes.io/ssl-redirect: "true"
 9    nginx.ingress.kubernetes.io/configuration-snippet: |
10      if ($request_uri !~ "^/.well-known/webfinger") {
11        return 301 https://anirudh.fi$request_uri;
12      }      
13spec:
14  ingressClassName: nginx
15  tls:
16  - hosts:
17    - icyphox.sh
18    secretName: icyphox-sh-tls
19  rules:
20  - host: icyphox.sh
21    http:
22      paths:
23      - path: /.well-known/webfinger
24        pathType: ImplementationSpecific
25        backend:
26          service:
27            name: honk
28            port:
29              number: 8080
30  - host: icyphox.sh
31    http:
32      paths:
33      - path: /
34        pathType: Prefix
35        backend:
36          service:
37            name: garage
38            port:
39              number: 80
40---
41apiVersion: networking.k8s.io/v1
42kind: Ingress
43metadata:
44  name: anirudh.fi
45  namespace: default
46  annotations:
47    cert-manager.io/cluster-issuer: "letsencrypt-prod"
48    nginx.ingress.kubernetes.io/ssl-redirect: "true"
49spec:
50  ingressClassName: nginx
51  tls:
52  - hosts:
53    - anirudh.fi
54    secretName: anirudh-fi-tls
55  rules:
56  - host: anirudh.fi
57    http:
58      paths:
59      - path: /
60        pathType: Prefix
61        backend:
62          service:
63            name: garage
64            port:
65              number: 80
66