From 31743a7f0510cf7d8cd2afd7f0e41576f358df69 Mon Sep 17 00:00:00 2001
From: Lalith Kota <kotalalith@gmail.com>
Date: Fri, 5 Jul 2024 16:58:14 +0530
Subject: [PATCH] Deployment Rancher Istio: Fixed TLS

Signed-off-by: Lalith Kota <kotalalith@gmail.com>
---
 kubernetes/keycloak/install.sh                 | 7 ++++++-
 kubernetes/rancher/install.sh                  | 7 ++++++-
 kubernetes/rancher/istio-gateway.template.yaml | 4 ++--
 3 files changed, 14 insertions(+), 4 deletions(-)

diff --git a/kubernetes/keycloak/install.sh b/kubernetes/keycloak/install.sh
index a83c59a..5b389f3 100755
--- a/kubernetes/keycloak/install.sh
+++ b/kubernetes/keycloak/install.sh
@@ -4,6 +4,7 @@ export KEYCLOAK_HOSTNAME=${KEYCLOAK_HOSTNAME:-keycloak.openg2p.net}
 export KEYCLOAK_ISTIO_GATEWAY=${KEYCLOAK_ISTIO_GATEWAY:-true}
 export KEYCLOAK_ISTIO_VIRTUALSERVICE=${KEYCLOAK_ISTIO_VIRTUALSERVICE:-true}
 export KEYCLOAK_GATEWAY_NAME=${KEYCLOAK_GATEWAY_NAME:-keycloak}
+export TLS=${TLS:-false}
 export NS=${NS:-keycloak-system}
 
 kubectl create ns $NS
@@ -13,7 +14,11 @@ helm -n $NS upgrade --install keycloak oci://registry-1.docker.io/bitnamicharts/
     $@
 
 if [[ "$KEYCLOAK_ISTIO_GATEWAY" == "true" ]]; then
-    envsubst < istio-gateway.template.yaml | kubectl -n $NS apply -f -
+    if [[ "$TLS" == "true" ]]; then
+        envsubst < istio-gateway-tls.template.yaml | kubectl -n $NS apply -f -
+    else
+        envsubst < istio-gateway.template.yaml | kubectl -n $NS apply -f -
+    fi
 fi
 
 if [[ "$KEYCLOAK_ISTIO_VIRTUALSERVICE" == "true" ]]; then
diff --git a/kubernetes/rancher/install.sh b/kubernetes/rancher/install.sh
index 3500510..74dd516 100755
--- a/kubernetes/rancher/install.sh
+++ b/kubernetes/rancher/install.sh
@@ -4,6 +4,7 @@ export RANCHER_HOSTNAME=${RANCHER_HOSTNAME:-rancher.openg2p.net}
 export RANCHER_ISTIO_GATEWAY=${RANCHER_ISTIO_GATEWAY:-true}
 export RANCHER_ISTIO_VIRTUALSERVICE=${RANCHER_ISTIO_VIRTUALSERVICE:-true}
 export RANCHER_GATEWAY_NAME=${RANCHER_GATEWAY_NAME:-rancher}
+export TLS=${TLS:-false}
 export NS=${NS:-cattle-system}
 
 kubectl create ns $NS
@@ -17,7 +18,11 @@ helm -n $NS upgrade --install rancher rancher-latest/rancher \
     $@
 
 if [[ "$RANCHER_ISTIO_GATEWAY" == "true" ]]; then
-    envsubst < istio-gateway.template.yaml | kubectl -n $NS apply -f -
+    if [[ "$TLS" == "true" ]]; then
+        envsubst < istio-gateway-tls.template.yaml | kubectl -n $NS apply -f -
+    else
+        envsubst < istio-gateway.template.yaml | kubectl -n $NS apply -f -
+    fi
 fi
 
 if [[ "$RANCHER_ISTIO_VIRTUALSERVICE" == "true" ]]; then
diff --git a/kubernetes/rancher/istio-gateway.template.yaml b/kubernetes/rancher/istio-gateway.template.yaml
index d5cba2b..6432fc4 100644
--- a/kubernetes/rancher/istio-gateway.template.yaml
+++ b/kubernetes/rancher/istio-gateway.template.yaml
@@ -9,6 +9,6 @@ spec:
   - hosts:
     - ${RANCHER_HOSTNAME}
     port:
-      name: http2-redirect-https
-      number: 8081
+      name: http2
+      number: 8080
       protocol: HTTP2