change to use ingress routes

2024-02-13 06:39:52 -07:00
parent ba3e6551e2
commit 639f7a4031
6 changed files with 76 additions and 97 deletions
--- a/charts/home-assistant/Chart.yaml
+++ b/charts/home-assistant/Chart.yaml
@@ -1,6 +1,6 @@
 apiVersion: v2
 name: home-assistant
-version: 0.0.3
+version: 0.0.4
 description: Chart for Home Assistant
 keywords:
  - home-automation
--- a/charts/home-assistant/README.md
+++ b/charts/home-assistant/README.md
@@ -10,6 +10,7 @@ This chart bootstraps a [Home-Assistant](https://github.com/benphelps/homepage)

 - Kubernetes
 - Helm
+- Traefik v2 / IngressRoute
 - Authentik / Auth

 ## Parameters
--- a/charts/home-assistant/templates/ingress-route.yaml
+++ b/charts/home-assistant/templates/ingress-route.yaml
@@ -0,0 +1,62 @@
+{{- if .Values.ingressRoute.enabled }}
+apiVersion: traefik.io/v1alpha1
+kind: IngressRoute
+metadata:
+  name: home-assistant
+  namespace: {{ .Release.Namespace }}
+  labels:
+    app.kubernetes.io/name: home-assistant
+    app.kubernetes.io/instance: {{ .Release.Name }}
+    app.kubernetes.io/version: {{ .Chart.AppVersion }}
+    app.kubernetes.io/component: web
+    app.kubernetes.io/part-of: home-assistant
+    app.kubernetes.io/managed-by: helm
+spec:
+  entryPoints:
+    - websecure
+  routes:
+    - kind: Rule
+      match: "Host(`{{ .Values.ingressRoute.host }}`)"
+      middlewares:
+        - name: authentik
+          namespace: {{ .Release.Namespace }}
+      priority: 10
+      services:
+        - kind: Service
+          name: home-assistant
+          port: {{ .Values.service.http.port }}
+    - kind: Rule
+      match: "Host(`{{ .Values.ingressRoute.host }}`) && PathPrefix(`/outpost.goauthentik.io/`)"
+      priority: 15
+      services:
+        - kind: Service
+          name: {{ .Values.ingressRoute.authentik.outpost }}
+          port: {{ .Values.ingressRoute.authentik.port }}
+{{- end }}
+
+---
+{{- if and .Values.codeserver.ingressRoute.enabled .Values.codeserver.enabled }}
+apiVersion: traefik.io/v1alpha1
+kind: IngressRoute
+metadata:
+  name: home-assistant-codeserver
+  namespace: {{ .Release.Namespace }}
+  labels:
+    app.kubernetes.io/name: home-assistant
+    app.kubernetes.io/instance: {{ .Release.Name }}
+    app.kubernetes.io/version: {{ .Chart.AppVersion }}
+    app.kubernetes.io/component: web
+    app.kubernetes.io/part-of: home-assistant
+    app.kubernetes.io/managed-by: helm
+spec:
+  entryPoints:
+    - websecure
+  routes:
+    - kind: Rule
+      match: "Host(`{{ .Values.codeserver.ingressRoute.host }}`)"
+      priority: 10
+      services:
+        - kind: Service
+          name: codeserver-http
+          port: {{ .Values.codeserver.service.http.port }}
+{{- end }}          
--- a/charts/home-assistant/templates/ingress.yaml
+++ b/charts/home-assistant/templates/ingress.yaml
@@ -1,82 +0,0 @@
-{{- if .Values.ingress.enabled }}
-apiVersion: networking.k8s.io/v1
-kind: Ingress
-metadata:
-  name: home-assistant
-  namespace: {{ .Release.Namespace }}
-  labels:
-    app.kubernetes.io/name: home-assistant
-    app.kubernetes.io/instance: {{ .Release.Name }}
-    app.kubernetes.io/version: {{ .Chart.AppVersion }}
-    app.kubernetes.io/component: web
-    app.kubernetes.io/part-of: {{ .Release.Name }}
-    app.kubernetes.io/managed-by: helm
-  annotations:
-    cert-manager.io/cluster-issuer: letsencrypt-issuer
-    traefik.ingress.kubernetes.io/router.entrypoints: websecure
-    traefik.ingress.kubernetes.io/router.tls: "true"
-spec:
-  ingressClassName: "{{ .Values.ingress.ingressClassName }}"
-  tls:
-    - hosts:
-        - "{{ .Values.ingress.host }}"
-      secretName: "{{ .Release.Name }}-secret-tls"
-  rules:
-    - host: "{{ .Values.ingress.host }}"
-      http:
-        paths:
-          - path: /outpost.goauthentik.io/
-            pathType: Prefix
-            backend:
-              service:
-                name: "{{ .Values.ingress.authentik.outpost }}"
-                port:
-                  number: {{ .Values.ingress.authentik.port }}
-    - host: "{{ .Values.ingress.host }}"
-      http:
-        paths:
-          - path: /
-            pathType: Prefix
-            backend:
-              service:
-                name: http
-                port:
-                  number: {{ .Values.service.http.port }}
-{{- end }}
-
---
-{{- if and .Values.codeserver.ingress.enabled .Values.codeserver.enabled }}
-apiVersion: networking.k8s.io/v1
-kind: Ingress
-metadata:
-  name: codeserver-home-assistant
-  namespace: {{ .Release.Namespace }}
-  labels:
-    app.kubernetes.io/name: codeserver
-    app.kubernetes.io/instance: {{ .Release.Name }}
-    app.kubernetes.io/version: {{ .Chart.AppVersion }}
-    app.kubernetes.io/component: web
-    app.kubernetes.io/part-of: {{ .Release.Name }}
-    app.kubernetes.io/managed-by: helm
-  annotations:
-    cert-manager.io/cluster-issuer: letsencrypt-issuer
-    traefik.ingress.kubernetes.io/router.entrypoints: websecure
-    traefik.ingress.kubernetes.io/router.tls: "true"
-spec:
-  ingressClassName: "{{ .Values.codeserver.ingress.ingressClassName }}"
-  tls:
-    - hosts:
-        - "{{ .Values.codeserver.ingress.host }}"
-      secretName: "codeserver-{{ .Release.Name }}-secret-tls"
-  rules:
-    - host: "{{ .Values.codeserver.ingress.host }}"
-      http:
-        paths:
-          - path: /
-            pathType: Prefix
-            backend:
-              service:
-                name: codeserver-http
-                port:
-                  number: {{ .Values.codeserver.service.http.port }}
-{{- end }}
--- a/charts/home-assistant/templates/service.yaml
+++ b/charts/home-assistant/templates/service.yaml
@@ -13,10 +13,10 @@ metadata:
 spec:
  type: ClusterIP
  ports:
-  - port: {{ .Values.service.http.port }}
-    targetPort: http
-    protocol: TCP
-    name: http
+    - port: {{ .Values.service.http.port }}
+      targetPort: http
+      protocol: TCP
+      name: http
  selector:
    app.kubernetes.io/name: home-assistant
    app.kubernetes.io/instance: {{ .Release.Name }}
@@ -29,7 +29,7 @@ metadata:
  name: home-assistant-codeserver
  namespace: {{ .Release.Namespace }}  
  labels:
-    app.kubernetes.io/name: code-server
+    app.kubernetes.io/name: home-assistant
    app.kubernetes.io/instance: {{ .Release.Name }}
    app.kubernetes.io/version: {{ .Chart.AppVersion }}
    app.kubernetes.io/component: web
@@ -38,11 +38,11 @@ metadata:
 spec:
  type: ClusterIP
  ports:
-  - port: {{ .Values.codeserver.service.http.port }}
-    targetPort: codeserver-http
-    protocol: TCP
-    name: codeserver-http
+    - port: {{ .Values.codeserver.service.http.port }}
+      targetPort: codeserver-http
+      protocol: TCP
+      name: codeserver-http
  selector:
-    app.kubernetes.io/name: codeserver
+    app.kubernetes.io/name: home-assistant
    app.kubernetes.io/instance: {{ .Release.Name }}
 {{- end }}
--- a/charts/home-assistant/values.yaml
+++ b/charts/home-assistant/values.yaml
@@ -18,9 +18,8 @@ deployment:
 service:
  http:
    port: 8123
-ingress:
+ingressRoute:
  enabled: true
-  ingressClassName: traefik
  host: homeassistant.alexlebens.net
  authentik:
    outpost: authentik-proxy-outpost
@@ -70,7 +69,6 @@ codeserver:
  service:
    http:
      port: 8443
-  ingress:
+  ingressRoute:
    enabled: true
-    ingressClassName: traefik
    host: codeserver.homeassistant.alexlebens.net