switch to tailscale ingress

2024-08-16 21:41:39 -05:00
parent 67ee1996c7
commit 414e15e6a0
4 changed files with 3 additions and 73 deletions
--- a/clusters/cl01tl/applications/homepage/values.yaml
+++ b/clusters/cl01tl/applications/homepage/values.yaml
@@ -150,7 +150,7 @@ homepage:
              - Music:
                  icon: koel.png
                  description: Koel
-                  href: https://koel.alexlebens.net
+                  href: https://koel-cl01tl.boreal-beaufort.ts.net
                  siteMonitor: http://koel.koel:80
                  statusStyle: dot
              - Podcasts and Audiobooks:
--- a/clusters/cl01tl/applications/koel/templates/ingress-route.yaml
+++ b/clusters/cl01tl/applications/koel/templates/ingress-route.yaml
@@ -1,37 +0,0 @@
-apiVersion: traefik.io/v1alpha1
-kind: IngressRoute
-metadata:
-  name: koel
-  namespace: {{ .Release.Namespace }}
-  labels:
-    app.kubernetes.io/name: koel
-    app.kubernetes.io/instance: {{ .Release.Name }}
-    app.kubernetes.io/version: {{ .Chart.AppVersion }}
-    app.kubernetes.io/component: web
-    app.kubernetes.io/part-of: {{ .Release.Name }}
-  annotations:
-    external-dns.alpha.kubernetes.io/hostname: koel.alexlebens.net
-    external-dns.alpha.kubernetes.io/target: cl01tl-endpoint.alexlebens.net
-    kubernetes.io/ingress.class: traefik        
-spec:
-  entryPoints:
-    - websecure
-  routes:
-    - kind: Rule
-      match: Host(`koel.alexlebens.net`)
-      middlewares:
-        - name: authentik-koel
-          namespace: {{ .Release.Namespace }}
-      priority: 10
-      services:
-        - kind: Service
-          name: koel
-          port: 80
-    - kind: Rule
-      match: Host(`koel.alexlebens.net`) && PathPrefix(`/outpost.goauthentik.io/`)"
-      priority: 15
-      services:
-        - kind: Service
-          name: authentik-outpost-proxy
-          port: 9000
-          namespace: authentik
--- a/clusters/cl01tl/applications/koel/templates/middleware.yaml
+++ b/clusters/cl01tl/applications/koel/templates/middleware.yaml
@@ -1,27 +0,0 @@
-apiVersion: traefik.io/v1alpha1
-kind: Middleware
-metadata:
-  name: authentik-koel
-  namespace: {{ .Release.Namespace }}
-  labels:
-    app.kubernetes.io/name: authentik-koel
-    app.kubernetes.io/instance: {{ .Release.Name }}
-    app.kubernetes.io/version: {{ .Chart.AppVersion }}
-    app.kubernetes.io/component: auth
-    app.kubernetes.io/part-of: {{ .Release.Name }}
-spec:
-  forwardAuth:
-    address: http://authentik-outpost-proxy.authentik:9000/outpost.goauthentik.io/auth/traefik
-    trustForwardHeader: true
-    authResponseHeaders:
-      - X-authentik-username
-      - X-authentik-groups
-      - X-authentik-email
-      - X-authentik-name
-      - X-authentik-uid
-      - X-authentik-jwt
-      - X-authentik-meta-jwks
-      - X-authentik-meta-outpost
-      - X-authentik-meta-provider
-      - X-authentik-meta-app
-      - X-authentik-meta-version
--- a/clusters/cl01tl/applications/koel/values.yaml
+++ b/clusters/cl01tl/applications/koel/values.yaml
@@ -19,7 +19,7 @@ koel:
            - name: APP_DEBUG
              value: true
            - name: APP_URL
-              value: https://koel.alexlebens.dev:443
+              value: https://koel-cl01tl.boreal-beaufort.ts.net:443
            - name: APP_KEY
              valueFrom:
                secretKeyRef:
@@ -53,13 +53,7 @@ koel:
                  name: koel-config-secret
                  key: spotify-client-secret
            - name: PROXY_AUTH_ENABLED
-              value: true
-            - name: PROXY_AUTH_USER_HEADER
-              value: X-authentik-email
-            - name: PROXY_AUTH_PREFERRED_NAME_HEADER
-              value: X-authentik-username
-            - name: PROXY_AUTH_ALLOW_LIST
-              value: 10.244.0.0/16,10.96.0.0/12
+              value: false
            - name: DB_CONNECTION
              value: pgsql
            - name: DB_HOST