From 639f7a40319129051d898d0b9b80b00002e3077b Mon Sep 17 00:00:00 2001 From: Alex Date: Tue, 13 Feb 2024 06:39:52 -0700 Subject: [PATCH] change to use ingress routes --- charts/home-assistant/Chart.yaml | 2 +- charts/home-assistant/README.md | 1 + .../templates/ingress-route.yaml | 62 ++++++++++++++ charts/home-assistant/templates/ingress.yaml | 82 ------------------- charts/home-assistant/templates/service.yaml | 20 ++--- charts/home-assistant/values.yaml | 6 +- 6 files changed, 76 insertions(+), 97 deletions(-) create mode 100644 charts/home-assistant/templates/ingress-route.yaml delete mode 100644 charts/home-assistant/templates/ingress.yaml diff --git a/charts/home-assistant/Chart.yaml b/charts/home-assistant/Chart.yaml index 49138b8..8043bb2 100644 --- a/charts/home-assistant/Chart.yaml +++ b/charts/home-assistant/Chart.yaml @@ -1,6 +1,6 @@ apiVersion: v2 name: home-assistant -version: 0.0.3 +version: 0.0.4 description: Chart for Home Assistant keywords: - home-automation diff --git a/charts/home-assistant/README.md b/charts/home-assistant/README.md index c5df653..d1a9d67 100644 --- a/charts/home-assistant/README.md +++ b/charts/home-assistant/README.md @@ -10,6 +10,7 @@ This chart bootstraps a [Home-Assistant](https://github.com/benphelps/homepage) - Kubernetes - Helm +- Traefik v2 / IngressRoute - Authentik / Auth ## Parameters diff --git a/charts/home-assistant/templates/ingress-route.yaml b/charts/home-assistant/templates/ingress-route.yaml new file mode 100644 index 0000000..7374d34 --- /dev/null +++ b/charts/home-assistant/templates/ingress-route.yaml @@ -0,0 +1,62 @@ +{{- if .Values.ingressRoute.enabled }} +apiVersion: traefik.io/v1alpha1 +kind: IngressRoute +metadata: + name: home-assistant + namespace: {{ .Release.Namespace }} + labels: + app.kubernetes.io/name: home-assistant + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/version: {{ .Chart.AppVersion }} + app.kubernetes.io/component: web + app.kubernetes.io/part-of: home-assistant + app.kubernetes.io/managed-by: helm +spec: + entryPoints: + - websecure + routes: + - kind: Rule + match: "Host(`{{ .Values.ingressRoute.host }}`)" + middlewares: + - name: authentik + namespace: {{ .Release.Namespace }} + priority: 10 + services: + - kind: Service + name: home-assistant + port: {{ .Values.service.http.port }} + - kind: Rule + match: "Host(`{{ .Values.ingressRoute.host }}`) && PathPrefix(`/outpost.goauthentik.io/`)" + priority: 15 + services: + - kind: Service + name: {{ .Values.ingressRoute.authentik.outpost }} + port: {{ .Values.ingressRoute.authentik.port }} +{{- end }} + +--- +{{- if and .Values.codeserver.ingressRoute.enabled .Values.codeserver.enabled }} +apiVersion: traefik.io/v1alpha1 +kind: IngressRoute +metadata: + name: home-assistant-codeserver + namespace: {{ .Release.Namespace }} + labels: + app.kubernetes.io/name: home-assistant + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/version: {{ .Chart.AppVersion }} + app.kubernetes.io/component: web + app.kubernetes.io/part-of: home-assistant + app.kubernetes.io/managed-by: helm +spec: + entryPoints: + - websecure + routes: + - kind: Rule + match: "Host(`{{ .Values.codeserver.ingressRoute.host }}`)" + priority: 10 + services: + - kind: Service + name: codeserver-http + port: {{ .Values.codeserver.service.http.port }} +{{- end }} diff --git a/charts/home-assistant/templates/ingress.yaml b/charts/home-assistant/templates/ingress.yaml deleted file mode 100644 index ff726b7..0000000 --- a/charts/home-assistant/templates/ingress.yaml +++ /dev/null @@ -1,82 +0,0 @@ -{{- if .Values.ingress.enabled }} -apiVersion: networking.k8s.io/v1 -kind: Ingress -metadata: - name: home-assistant - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: home-assistant - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: web - app.kubernetes.io/part-of: {{ .Release.Name }} - app.kubernetes.io/managed-by: helm - annotations: - cert-manager.io/cluster-issuer: letsencrypt-issuer - traefik.ingress.kubernetes.io/router.entrypoints: websecure - traefik.ingress.kubernetes.io/router.tls: "true" -spec: - ingressClassName: "{{ .Values.ingress.ingressClassName }}" - tls: - - hosts: - - "{{ .Values.ingress.host }}" - secretName: "{{ .Release.Name }}-secret-tls" - rules: - - host: "{{ .Values.ingress.host }}" - http: - paths: - - path: /outpost.goauthentik.io/ - pathType: Prefix - backend: - service: - name: "{{ .Values.ingress.authentik.outpost }}" - port: - number: {{ .Values.ingress.authentik.port }} - - host: "{{ .Values.ingress.host }}" - http: - paths: - - path: / - pathType: Prefix - backend: - service: - name: http - port: - number: {{ .Values.service.http.port }} -{{- end }} - ---- -{{- if and .Values.codeserver.ingress.enabled .Values.codeserver.enabled }} -apiVersion: networking.k8s.io/v1 -kind: Ingress -metadata: - name: codeserver-home-assistant - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: codeserver - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: web - app.kubernetes.io/part-of: {{ .Release.Name }} - app.kubernetes.io/managed-by: helm - annotations: - cert-manager.io/cluster-issuer: letsencrypt-issuer - traefik.ingress.kubernetes.io/router.entrypoints: websecure - traefik.ingress.kubernetes.io/router.tls: "true" -spec: - ingressClassName: "{{ .Values.codeserver.ingress.ingressClassName }}" - tls: - - hosts: - - "{{ .Values.codeserver.ingress.host }}" - secretName: "codeserver-{{ .Release.Name }}-secret-tls" - rules: - - host: "{{ .Values.codeserver.ingress.host }}" - http: - paths: - - path: / - pathType: Prefix - backend: - service: - name: codeserver-http - port: - number: {{ .Values.codeserver.service.http.port }} -{{- end }} diff --git a/charts/home-assistant/templates/service.yaml b/charts/home-assistant/templates/service.yaml index 467484e..0dafd80 100644 --- a/charts/home-assistant/templates/service.yaml +++ b/charts/home-assistant/templates/service.yaml @@ -13,10 +13,10 @@ metadata: spec: type: ClusterIP ports: - - port: {{ .Values.service.http.port }} - targetPort: http - protocol: TCP - name: http + - port: {{ .Values.service.http.port }} + targetPort: http + protocol: TCP + name: http selector: app.kubernetes.io/name: home-assistant app.kubernetes.io/instance: {{ .Release.Name }} @@ -29,7 +29,7 @@ metadata: name: home-assistant-codeserver namespace: {{ .Release.Namespace }} labels: - app.kubernetes.io/name: code-server + app.kubernetes.io/name: home-assistant app.kubernetes.io/instance: {{ .Release.Name }} app.kubernetes.io/version: {{ .Chart.AppVersion }} app.kubernetes.io/component: web @@ -38,11 +38,11 @@ metadata: spec: type: ClusterIP ports: - - port: {{ .Values.codeserver.service.http.port }} - targetPort: codeserver-http - protocol: TCP - name: codeserver-http + - port: {{ .Values.codeserver.service.http.port }} + targetPort: codeserver-http + protocol: TCP + name: codeserver-http selector: - app.kubernetes.io/name: codeserver + app.kubernetes.io/name: home-assistant app.kubernetes.io/instance: {{ .Release.Name }} {{- end }} diff --git a/charts/home-assistant/values.yaml b/charts/home-assistant/values.yaml index 332134e..1d1079b 100644 --- a/charts/home-assistant/values.yaml +++ b/charts/home-assistant/values.yaml @@ -18,9 +18,8 @@ deployment: service: http: port: 8123 -ingress: +ingressRoute: enabled: true - ingressClassName: traefik host: homeassistant.alexlebens.net authentik: outpost: authentik-proxy-outpost @@ -70,7 +69,6 @@ codeserver: service: http: port: 8443 - ingress: + ingressRoute: enabled: true - ingressClassName: traefik host: codeserver.homeassistant.alexlebens.net