From 1a3f4d90a8e57deedf73f67260e82d62947530a6 Mon Sep 17 00:00:00 2001 From: alexlebens Date: Thu, 22 Aug 2024 21:33:51 -0500 Subject: [PATCH] add local fallback ingress for core apps --- .../deployment/argocd/templates/ingress.yaml | 32 +++++++++++++++++++ .../headlamp/templates/ingress.yaml | 32 +++++++++++++++++++ .../platform/authentik/templates/ingress.yaml | 32 +++++++++++++++++++ .../platform/gitea/templates/ingress.yaml | 32 +++++++++++++++++++ .../platform/vault/templates/ingress.yaml | 32 +++++++++++++++++++ 5 files changed, 160 insertions(+) create mode 100644 clusters/cl01tl/deployment/argocd/templates/ingress.yaml create mode 100644 clusters/cl01tl/management/headlamp/templates/ingress.yaml create mode 100644 clusters/cl01tl/platform/authentik/templates/ingress.yaml create mode 100644 clusters/cl01tl/platform/gitea/templates/ingress.yaml create mode 100644 clusters/cl01tl/platform/vault/templates/ingress.yaml diff --git a/clusters/cl01tl/deployment/argocd/templates/ingress.yaml b/clusters/cl01tl/deployment/argocd/templates/ingress.yaml new file mode 100644 index 000000000..f447b6e81 --- /dev/null +++ b/clusters/cl01tl/deployment/argocd/templates/ingress.yaml @@ -0,0 +1,32 @@ +apiVersion: extensions/v1beta1 +kind: Ingress +metadata: + name: argocd-local + namespace: {{ .Release.Namespace }} + labels: + app.kubernetes.io/name: argocd-local + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/version: {{ .Chart.AppVersion }} + app.kubernetes.io/component: web + app.kubernetes.io/part-of: {{ .Release.Name }} + annotations: + traefik.ingress.kubernetes.io/router.entrypoints: websecure + traefik.ingress.kubernetes.io/router.tls: "true" + cert-manager.io/cluster-issuer: letsencrypt-issuer +spec: + ingressClassName: traefik + tls: + - hosts: + - argocd.alexlebens.net + secretName: argocd-tls-secret + rules: + - host: argocd.alexlebens.net + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: argocd-server + port: + number: 80 diff --git a/clusters/cl01tl/management/headlamp/templates/ingress.yaml b/clusters/cl01tl/management/headlamp/templates/ingress.yaml new file mode 100644 index 000000000..b916442f3 --- /dev/null +++ b/clusters/cl01tl/management/headlamp/templates/ingress.yaml @@ -0,0 +1,32 @@ +apiVersion: extensions/v1beta1 +kind: Ingress +metadata: + name: headlamp-local + namespace: {{ .Release.Namespace }} + labels: + app.kubernetes.io/name: headlamp-local + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/version: {{ .Chart.AppVersion }} + app.kubernetes.io/component: web + app.kubernetes.io/part-of: {{ .Release.Name }} + annotations: + traefik.ingress.kubernetes.io/router.entrypoints: websecure + traefik.ingress.kubernetes.io/router.tls: "true" + cert-manager.io/cluster-issuer: letsencrypt-issuer +spec: + ingressClassName: traefik + tls: + - hosts: + - headlamp.alexlebens.net + secretName: headlamp-tls-secret + rules: + - host: headlamp-cl01tl + http: + paths: + - path: / + pathType: ImplementationSpecific + backend: + service: + name: headlamp + port: + number: 80 diff --git a/clusters/cl01tl/platform/authentik/templates/ingress.yaml b/clusters/cl01tl/platform/authentik/templates/ingress.yaml new file mode 100644 index 000000000..e19a87956 --- /dev/null +++ b/clusters/cl01tl/platform/authentik/templates/ingress.yaml @@ -0,0 +1,32 @@ +apiVersion: extensions/v1beta1 +kind: Ingress +metadata: + name: authentik-local + namespace: {{ .Release.Namespace }} + labels: + app.kubernetes.io/name: authentik-local + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/version: {{ .Chart.AppVersion }} + app.kubernetes.io/component: web + app.kubernetes.io/part-of: {{ .Release.Name }} + annotations: + traefik.ingress.kubernetes.io/router.entrypoints: websecure + traefik.ingress.kubernetes.io/router.tls: "true" + cert-manager.io/cluster-issuer: letsencrypt-issuer +spec: + ingressClassName: traefik + tls: + - hosts: + - authentik.alexlebens.net + secretName: authentik-tls-secret + rules: + - host: authentik.alexlebens.net + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: authentik-server + port: + number: 80 diff --git a/clusters/cl01tl/platform/gitea/templates/ingress.yaml b/clusters/cl01tl/platform/gitea/templates/ingress.yaml new file mode 100644 index 000000000..fe9334167 --- /dev/null +++ b/clusters/cl01tl/platform/gitea/templates/ingress.yaml @@ -0,0 +1,32 @@ +apiVersion: extensions/v1beta1 +kind: Ingress +metadata: + name: gitea-local + namespace: {{ .Release.Namespace }} + labels: + app.kubernetes.io/name: gitea-local + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/version: {{ .Chart.AppVersion }} + app.kubernetes.io/component: web + app.kubernetes.io/part-of: {{ .Release.Name }} + annotations: + traefik.ingress.kubernetes.io/router.entrypoints: websecure + traefik.ingress.kubernetes.io/router.tls: "true" + cert-manager.io/cluster-issuer: letsencrypt-issuer +spec: + ingressClassName: traefik + tls: + - hosts: + - gitea.alexlebens.net + secretName: gitea-tls-secret + rules: + - host: gitea.alexlebens.net + http: + paths: + - path: / + pathType: ImplementationSpecific + backend: + service: + name: gitea-http + port: + number: 3000 diff --git a/clusters/cl01tl/platform/vault/templates/ingress.yaml b/clusters/cl01tl/platform/vault/templates/ingress.yaml new file mode 100644 index 000000000..233052d64 --- /dev/null +++ b/clusters/cl01tl/platform/vault/templates/ingress.yaml @@ -0,0 +1,32 @@ +apiVersion: extensions/v1beta1 +kind: Ingress +metadata: + name: vault-local + namespace: {{ .Release.Namespace }} + labels: + app.kubernetes.io/name: vault-local + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/version: {{ .Chart.AppVersion }} + app.kubernetes.io/component: web + app.kubernetes.io/part-of: {{ .Release.Name }} + annotations: + traefik.ingress.kubernetes.io/router.entrypoints: websecure + traefik.ingress.kubernetes.io/router.tls: "true" + cert-manager.io/cluster-issuer: letsencrypt-issuer +spec: + ingressClassName: traefik + tls: + - hosts: + - vault.alexlebens.net + secretName: vault-tls-secret + rules: + - host: vault.alexlebens.net + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: vault-active + port: + number: 8200