add local fallback ingress for core apps

2024-08-22 21:33:51 -05:00
parent 7fa4789b1c
commit 1a3f4d90a8
5 changed files with 160 additions and 0 deletions
--- a/clusters/cl01tl/deployment/argocd/templates/ingress.yaml
+++ b/clusters/cl01tl/deployment/argocd/templates/ingress.yaml
@@ -0,0 +1,32 @@
+apiVersion: extensions/v1beta1
+kind: Ingress
+metadata:
+  name: argocd-local
+  namespace: {{ .Release.Namespace }}
+  labels:
+    app.kubernetes.io/name: argocd-local
+    app.kubernetes.io/instance: {{ .Release.Name }}
+    app.kubernetes.io/version: {{ .Chart.AppVersion }}
+    app.kubernetes.io/component: web
+    app.kubernetes.io/part-of: {{ .Release.Name }}
+  annotations:
+    traefik.ingress.kubernetes.io/router.entrypoints: websecure
+    traefik.ingress.kubernetes.io/router.tls: "true"
+    cert-manager.io/cluster-issuer: letsencrypt-issuer
+spec:
+  ingressClassName: traefik
+  tls:
+    - hosts:
+        - argocd.alexlebens.net
+      secretName: argocd-tls-secret
+  rules:
+    - host: argocd.alexlebens.net
+      http:
+        paths:
+          - path: /
+            pathType: Prefix
+            backend:
+              service:
+                name: argocd-server
+                port:
+                  number: 80
--- a/clusters/cl01tl/management/headlamp/templates/ingress.yaml
+++ b/clusters/cl01tl/management/headlamp/templates/ingress.yaml
@@ -0,0 +1,32 @@
+apiVersion: extensions/v1beta1
+kind: Ingress
+metadata:
+  name: headlamp-local
+  namespace: {{ .Release.Namespace }}
+  labels:
+    app.kubernetes.io/name: headlamp-local
+    app.kubernetes.io/instance: {{ .Release.Name }}
+    app.kubernetes.io/version: {{ .Chart.AppVersion }}
+    app.kubernetes.io/component: web
+    app.kubernetes.io/part-of: {{ .Release.Name }}
+  annotations:
+    traefik.ingress.kubernetes.io/router.entrypoints: websecure
+    traefik.ingress.kubernetes.io/router.tls: "true"
+    cert-manager.io/cluster-issuer: letsencrypt-issuer
+spec:
+  ingressClassName: traefik
+  tls:
+    - hosts:
+        - headlamp.alexlebens.net
+      secretName: headlamp-tls-secret
+  rules:
+    - host: headlamp-cl01tl
+      http:
+        paths:
+          - path: /
+            pathType: ImplementationSpecific
+            backend:
+              service:
+                name: headlamp
+                port:
+                  number: 80
--- a/clusters/cl01tl/platform/authentik/templates/ingress.yaml
+++ b/clusters/cl01tl/platform/authentik/templates/ingress.yaml
@@ -0,0 +1,32 @@
+apiVersion: extensions/v1beta1
+kind: Ingress
+metadata:
+  name: authentik-local
+  namespace: {{ .Release.Namespace }}
+  labels:
+    app.kubernetes.io/name: authentik-local
+    app.kubernetes.io/instance: {{ .Release.Name }}
+    app.kubernetes.io/version: {{ .Chart.AppVersion }}
+    app.kubernetes.io/component: web
+    app.kubernetes.io/part-of: {{ .Release.Name }}
+  annotations:
+    traefik.ingress.kubernetes.io/router.entrypoints: websecure
+    traefik.ingress.kubernetes.io/router.tls: "true"
+    cert-manager.io/cluster-issuer: letsencrypt-issuer
+spec:
+  ingressClassName: traefik
+  tls:
+    - hosts:
+        - authentik.alexlebens.net
+      secretName: authentik-tls-secret
+  rules:
+    - host: authentik.alexlebens.net
+      http:
+        paths:
+          - path: /
+            pathType: Prefix
+            backend:
+              service:
+                name: authentik-server
+                port:
+                  number: 80
--- a/clusters/cl01tl/platform/gitea/templates/ingress.yaml
+++ b/clusters/cl01tl/platform/gitea/templates/ingress.yaml
@@ -0,0 +1,32 @@
+apiVersion: extensions/v1beta1
+kind: Ingress
+metadata:
+  name: gitea-local
+  namespace: {{ .Release.Namespace }}
+  labels:
+    app.kubernetes.io/name: gitea-local
+    app.kubernetes.io/instance: {{ .Release.Name }}
+    app.kubernetes.io/version: {{ .Chart.AppVersion }}
+    app.kubernetes.io/component: web
+    app.kubernetes.io/part-of: {{ .Release.Name }}
+  annotations:
+    traefik.ingress.kubernetes.io/router.entrypoints: websecure
+    traefik.ingress.kubernetes.io/router.tls: "true"
+    cert-manager.io/cluster-issuer: letsencrypt-issuer
+spec:
+  ingressClassName: traefik
+  tls:
+    - hosts:
+        - gitea.alexlebens.net
+      secretName: gitea-tls-secret
+  rules:
+    - host: gitea.alexlebens.net
+      http:
+        paths:
+          - path: /
+            pathType: ImplementationSpecific
+            backend:
+              service:
+                name: gitea-http
+                port:
+                  number: 3000
--- a/clusters/cl01tl/platform/vault/templates/ingress.yaml
+++ b/clusters/cl01tl/platform/vault/templates/ingress.yaml
@@ -0,0 +1,32 @@
+apiVersion: extensions/v1beta1
+kind: Ingress
+metadata:
+  name: vault-local
+  namespace: {{ .Release.Namespace }}
+  labels:
+    app.kubernetes.io/name: vault-local
+    app.kubernetes.io/instance: {{ .Release.Name }}
+    app.kubernetes.io/version: {{ .Chart.AppVersion }}
+    app.kubernetes.io/component: web
+    app.kubernetes.io/part-of: {{ .Release.Name }}
+  annotations:
+    traefik.ingress.kubernetes.io/router.entrypoints: websecure
+    traefik.ingress.kubernetes.io/router.tls: "true"
+    cert-manager.io/cluster-issuer: letsencrypt-issuer
+spec:
+  ingressClassName: traefik
+  tls:
+    - hosts:
+        - vault.alexlebens.net
+      secretName: vault-tls-secret
+  rules:
+    - host: vault.alexlebens.net
+      http:
+        paths:
+          - path: /
+            pathType: Prefix
+            backend:
+              service:
+                name: vault-active
+                port:
+                  number: 8200