From 464553f65ead7985011de847de318f14db3d0c30 Mon Sep 17 00:00:00 2001
From: alexlebens <alexanderlebens@gmail.com>
Date: Wed, 21 Aug 2024 19:27:22 -0500
Subject: [PATCH] add http redirect

---
 .../platform/authentik/templates/gateway.yaml |  4 +++
 .../authentik/templates/http-route.yaml       | 28 +++++++++++++++++++
 2 files changed, 32 insertions(+)

diff --git a/clusters/cl01tl/platform/authentik/templates/gateway.yaml b/clusters/cl01tl/platform/authentik/templates/gateway.yaml
index eb3d591a4..74042f7b4 100644
--- a/clusters/cl01tl/platform/authentik/templates/gateway.yaml
+++ b/clusters/cl01tl/platform/authentik/templates/gateway.yaml
@@ -12,11 +12,15 @@ metadata:
 spec:
   gatewayClassName: cilium
   listeners:
+    - name: http
+      protocol: HTTP
+      port: 80  
     - name: https
       protocol: HTTPS
       port: 443
       hostname: auth.alexlebens.net
       tls:
+        mode: Terminate
         certificateRefs:
           - kind: Secret
             name: authentik-tls-gateway
diff --git a/clusters/cl01tl/platform/authentik/templates/http-route.yaml b/clusters/cl01tl/platform/authentik/templates/http-route.yaml
index 17b97fd4f..fddcad658 100644
--- a/clusters/cl01tl/platform/authentik/templates/http-route.yaml
+++ b/clusters/cl01tl/platform/authentik/templates/http-route.yaml
@@ -14,6 +14,7 @@ spec:
     - group: gateway.networking.k8s.io
       kind: Gateway
       name: authentik-tls-gateway
+      sectionName: https
   hostnames:
     - auth.alexlebens.net
   rules:
@@ -31,3 +32,30 @@ spec:
         - path:
             type: PathPrefix
             value: /
+
+---
+apiVersion: gateway.networking.k8s.io/v1
+kind: HTTPRoute
+metadata:
+  name: authentik-http-redirect
+  namespace: {{ .Release.Namespace }}
+  labels:
+    app.kubernetes.io/name: authentik-http-redirect
+    app.kubernetes.io/instance: {{ .Release.Name }}
+    app.kubernetes.io/version: {{ .Chart.AppVersion }}
+    app.kubernetes.io/component: network
+    app.kubernetes.io/part-of: {{ .Release.Name }}
+spec:
+  parentRefs:
+    - group: gateway.networking.k8s.io
+      kind: Gateway
+      name: authentik-tls-gateway
+      sectionName: http
+  hostnames:
+    - auth.alexlebens.net
+  rules:
+    - filters:
+      - type: RequestRedirect
+        requestRedirect:
+          scheme: https
+          statusCode: 301