migrate ingress to tailscale
This commit is contained in:
@@ -1,37 +0,0 @@
|
||||
apiVersion: traefik.io/v1alpha1
|
||||
kind: IngressRoute
|
||||
metadata:
|
||||
name: book-bounty
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: book-bounty
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/version: {{ .Chart.AppVersion }}
|
||||
app.kubernetes.io/component: web
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
annotations:
|
||||
external-dns.alpha.kubernetes.io/hostname: bookbounty.alexlebens.net
|
||||
external-dns.alpha.kubernetes.io/target: cl01tl-endpoint.alexlebens.net
|
||||
kubernetes.io/ingress.class: traefik
|
||||
spec:
|
||||
entryPoints:
|
||||
- websecure
|
||||
routes:
|
||||
- kind: Rule
|
||||
match: Host(`bookbounty.alexlebens.net`)
|
||||
middlewares:
|
||||
- name: authentik-book-bounty
|
||||
namespace: {{ .Release.Namespace }}
|
||||
priority: 10
|
||||
services:
|
||||
- kind: Service
|
||||
name: book-bounty
|
||||
port: 80
|
||||
- kind: Rule
|
||||
match: Host(`bookbounty.alexlebens.net`) && PathPrefix(`/outpost.goauthentik.io/`)"
|
||||
priority: 15
|
||||
services:
|
||||
- kind: Service
|
||||
name: authentik-outpost-proxy
|
||||
port: 9000
|
||||
namespace: authentik
|
||||
@@ -1,27 +0,0 @@
|
||||
apiVersion: traefik.io/v1alpha1
|
||||
kind: Middleware
|
||||
metadata:
|
||||
name: authentik-book-bounty
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: authentik-book-bounty
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/version: {{ .Chart.AppVersion }}
|
||||
app.kubernetes.io/component: auth
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
forwardAuth:
|
||||
address: http://authentik-outpost-proxy.authentik:9000/outpost.goauthentik.io/auth/traefik
|
||||
trustForwardHeader: true
|
||||
authResponseHeaders:
|
||||
- X-authentik-username
|
||||
- X-authentik-groups
|
||||
- X-authentik-email
|
||||
- X-authentik-name
|
||||
- X-authentik-uid
|
||||
- X-authentik-jwt
|
||||
- X-authentik-meta-jwks
|
||||
- X-authentik-meta-outpost
|
||||
- X-authentik-meta-provider
|
||||
- X-authentik-meta-app
|
||||
- X-authentik-meta-version
|
||||
@@ -43,7 +43,7 @@ homepage:
|
||||
- Media:
|
||||
tab: Applications
|
||||
icon: mdi-multimedia-#ffffff
|
||||
- External:
|
||||
- Public:
|
||||
tab: Applications
|
||||
icon: mdi-application-#ffffff
|
||||
- Internal:
|
||||
@@ -70,10 +70,10 @@ homepage:
|
||||
- Radarr:
|
||||
tab: Servarr
|
||||
icon: mdi-filmstrip-#ffffff
|
||||
- Otharr:
|
||||
- Other:
|
||||
tab: Servarr
|
||||
icon: mdi-music-box-multiple-#ffffff
|
||||
- Media Services:
|
||||
- Services (Servarr):
|
||||
tab: Servarr
|
||||
icon: mdi-radar-#ffffff
|
||||
- External Services:
|
||||
@@ -165,7 +165,7 @@ homepage:
|
||||
href: https://calibre.alexlebens.net
|
||||
siteMonitor: http://calibre-web-automated.calibre-web-automated:80
|
||||
statusStyle: dot
|
||||
- External:
|
||||
- Public:
|
||||
- Passwords:
|
||||
icon: vaultwarden.png
|
||||
description: Vaultwarden
|
||||
@@ -246,7 +246,7 @@ homepage:
|
||||
siteMonitor: http://calibre-server-web.calibre-server:8080
|
||||
statusStyle: dot
|
||||
- Code:
|
||||
- Code (External):
|
||||
- Code (Public):
|
||||
icon: gitea.png
|
||||
description: Gitea
|
||||
href: https://gitea.alexlebens.dev
|
||||
@@ -258,7 +258,7 @@ homepage:
|
||||
href: https://gitea.lebens-home.net
|
||||
siteMonitor: https://gitea.lebens-home.net
|
||||
statusStyle: dot
|
||||
- IDE (External):
|
||||
- IDE (Public):
|
||||
icon: code-server.png
|
||||
description: VS Code
|
||||
href: https://codeserver.alexlebens.dev
|
||||
@@ -345,7 +345,7 @@ homepage:
|
||||
siteMonitor: http://jellystat.jellystat:80
|
||||
statusStyle: dot
|
||||
- Services:
|
||||
- Auth (External):
|
||||
- Auth (Public):
|
||||
icon: authentik.png
|
||||
description: Authentik
|
||||
href: https://auth.alexlebens.dev
|
||||
@@ -508,7 +508,7 @@ homepage:
|
||||
key: {{ "{{HOMEPAGE_VAR_RADARR4K_KEY}}" }}
|
||||
fields: ["wanted", "queued", "movies"]
|
||||
enableQueue: false
|
||||
- Otharr:
|
||||
- Other:
|
||||
- Lidarr:
|
||||
icon: lidarr.png
|
||||
description: Music
|
||||
@@ -538,11 +538,11 @@ homepage:
|
||||
href: https://readarr-audiobooks.alexlebens.net
|
||||
siteMonitor: http://readarr-audiobooks.readarr-audiobooks:80
|
||||
statusStyle: dot
|
||||
- Media Services:
|
||||
- Services (Servarr):
|
||||
- qBittorrent:
|
||||
icon: qbittorrent.png
|
||||
description: P2P Downloads
|
||||
href: https://qbittorrent.alexlebens.net
|
||||
href: https://qbittorrent-cl01tl.boreal-beaufort.ts.net
|
||||
siteMonitor: http://qbittorrent.qbittorrent:8080
|
||||
statusStyle: dot
|
||||
widget:
|
||||
@@ -551,7 +551,7 @@ homepage:
|
||||
- Tdarr:
|
||||
icon: tdarr.png
|
||||
description: Media transcoding and health checks
|
||||
href: https://tdarr.alexlebens.net
|
||||
href: https://tdarr-cl01tl.boreal-beaufort.ts.net
|
||||
siteMonitor: http://tdarr-web.tdarr:8265
|
||||
statusStyle: dot
|
||||
widget:
|
||||
@@ -560,7 +560,7 @@ homepage:
|
||||
- Prowlarr:
|
||||
icon: prowlarr.png
|
||||
description: Indexers
|
||||
href: https://prowlarr.alexlebens.net
|
||||
href: https://prowlarr-cl01tl.boreal-beaufort.ts.net
|
||||
siteMonitor: http://prowlarr.prowlarr:80
|
||||
statusStyle: dot
|
||||
widget:
|
||||
@@ -570,13 +570,13 @@ homepage:
|
||||
- Book Bounty:
|
||||
icon: https://raw.githubusercontent.com/TheWicklowWolf/BookBounty/main/src/static/bookbounty.png
|
||||
description: Searches for Books
|
||||
href: https://bookbounty.alexlebens.net
|
||||
href: https://bookbounty-cl01tl.boreal-beaufort.ts.net
|
||||
siteMonitor: http://book-bounty.book-bounty:80
|
||||
statusStyle: dot
|
||||
- LidaTube:
|
||||
icon: https://raw.githubusercontent.com/TheWicklowWolf/LidaTube/main/src/static/lidatube.png
|
||||
description: Searches for Music
|
||||
href: https://lidatube.alexlebens.net
|
||||
href: https://lidatube-cl01tl.boreal-beaufort.ts.net
|
||||
siteMonitor: http://lidatube.lidatube:80
|
||||
statusStyle: dot
|
||||
bookmarks.yaml: |
|
||||
|
||||
@@ -1,37 +0,0 @@
|
||||
apiVersion: traefik.io/v1alpha1
|
||||
kind: IngressRoute
|
||||
metadata:
|
||||
name: lidatube
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: lidatube
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/version: {{ .Chart.AppVersion }}
|
||||
app.kubernetes.io/component: web
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
annotations:
|
||||
external-dns.alpha.kubernetes.io/hostname: lidatube.alexlebens.net
|
||||
external-dns.alpha.kubernetes.io/target: cl01tl-endpoint.alexlebens.net
|
||||
kubernetes.io/ingress.class: traefik
|
||||
spec:
|
||||
entryPoints:
|
||||
- websecure
|
||||
routes:
|
||||
- kind: Rule
|
||||
match: Host(`lidatube.alexlebens.net`)
|
||||
middlewares:
|
||||
- name: authentik-lidatube
|
||||
namespace: {{ .Release.Namespace }}
|
||||
priority: 10
|
||||
services:
|
||||
- kind: Service
|
||||
name: lidatube
|
||||
port: 80
|
||||
- kind: Rule
|
||||
match: Host(`lidatube.alexlebens.net`) && PathPrefix(`/outpost.goauthentik.io/`)"
|
||||
priority: 15
|
||||
services:
|
||||
- kind: Service
|
||||
name: authentik-outpost-proxy
|
||||
port: 9000
|
||||
namespace: authentik
|
||||
@@ -1,27 +0,0 @@
|
||||
apiVersion: traefik.io/v1alpha1
|
||||
kind: Middleware
|
||||
metadata:
|
||||
name: authentik-lidatube
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: authentik-lidatube
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/version: {{ .Chart.AppVersion }}
|
||||
app.kubernetes.io/component: auth
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
forwardAuth:
|
||||
address: http://authentik-outpost-proxy.authentik:9000/outpost.goauthentik.io/auth/traefik
|
||||
trustForwardHeader: true
|
||||
authResponseHeaders:
|
||||
- X-authentik-username
|
||||
- X-authentik-groups
|
||||
- X-authentik-email
|
||||
- X-authentik-name
|
||||
- X-authentik-uid
|
||||
- X-authentik-jwt
|
||||
- X-authentik-meta-jwks
|
||||
- X-authentik-meta-outpost
|
||||
- X-authentik-meta-provider
|
||||
- X-authentik-meta-app
|
||||
- X-authentik-meta-version
|
||||
@@ -19,4 +19,4 @@ dependencies:
|
||||
repository: https://bjw-s.github.io/helm-charts/
|
||||
version: 3.3.2
|
||||
icon: https://raw.githubusercontent.com/walkxcode/dashboard-icons/main/png/prowlarr.png
|
||||
appVersion: 1.18.0.4543
|
||||
appVersion: 1.21.2.4649
|
||||
|
||||
@@ -57,25 +57,25 @@ prowlarr:
|
||||
targetPort: 9696
|
||||
protocol: HTTP
|
||||
ingress:
|
||||
main:
|
||||
enabled: true
|
||||
className: traefik
|
||||
annotations:
|
||||
traefik.ingress.kubernetes.io/router.entrypoints: websecure
|
||||
traefik.ingress.kubernetes.io/router.tls: "true"
|
||||
cert-manager.io/cluster-issuer: letsencrypt-issuer
|
||||
hosts:
|
||||
- host: prowlarr.alexlebens.net
|
||||
paths:
|
||||
- path: /
|
||||
pathType: Prefix
|
||||
service:
|
||||
name: prowlarr
|
||||
port: 80
|
||||
tls:
|
||||
- secretName: prowlarr-secret-tls
|
||||
hosts:
|
||||
- prowlarr.alexlebens.net
|
||||
# main:
|
||||
# enabled: true
|
||||
# className: traefik
|
||||
# annotations:
|
||||
# traefik.ingress.kubernetes.io/router.entrypoints: websecure
|
||||
# traefik.ingress.kubernetes.io/router.tls: "true"
|
||||
# cert-manager.io/cluster-issuer: letsencrypt-issuer
|
||||
# hosts:
|
||||
# - host: prowlarr.alexlebens.net
|
||||
# paths:
|
||||
# - path: /
|
||||
# pathType: Prefix
|
||||
# service:
|
||||
# name: prowlarr
|
||||
# port: 80
|
||||
# tls:
|
||||
# - secretName: prowlarr-secret-tls
|
||||
# hosts:
|
||||
# - prowlarr.alexlebens.net
|
||||
tailscale:
|
||||
enabled: true
|
||||
className: tailscale
|
||||
|
||||
@@ -26,4 +26,4 @@ dependencies:
|
||||
version: 1.1.2
|
||||
repository: https://homeylab.github.io/helm-charts/
|
||||
icon: https://raw.githubusercontent.com/walkxcode/dashboard-icons/main/png/tdarr.png
|
||||
appVersion: 2.20.01
|
||||
appVersion: 2.24.03
|
||||
|
||||
@@ -96,24 +96,24 @@ tdarr:
|
||||
targetPort: 8265
|
||||
protocol: HTTP
|
||||
ingress:
|
||||
main:
|
||||
className: traefik
|
||||
annotations:
|
||||
traefik.ingress.kubernetes.io/router.entrypoints: websecure
|
||||
traefik.ingress.kubernetes.io/router.tls: "true"
|
||||
cert-manager.io/cluster-issuer: letsencrypt-issuer
|
||||
hosts:
|
||||
- host: tdarr.alexlebens.net
|
||||
paths:
|
||||
- path: /
|
||||
pathType: Prefix
|
||||
service:
|
||||
name: tdarr-web
|
||||
port: 8265
|
||||
tls:
|
||||
- secretName: tdarr-secret-tls
|
||||
hosts:
|
||||
- tdarr.alexlebens.net
|
||||
# main:
|
||||
# className: traefik
|
||||
# annotations:
|
||||
# traefik.ingress.kubernetes.io/router.entrypoints: websecure
|
||||
# traefik.ingress.kubernetes.io/router.tls: "true"
|
||||
# cert-manager.io/cluster-issuer: letsencrypt-issuer
|
||||
# hosts:
|
||||
# - host: tdarr.alexlebens.net
|
||||
# paths:
|
||||
# - path: /
|
||||
# pathType: Prefix
|
||||
# service:
|
||||
# name: tdarr-web
|
||||
# port: 8265
|
||||
# tls:
|
||||
# - secretName: tdarr-secret-tls
|
||||
# hosts:
|
||||
# - tdarr.alexlebens.net
|
||||
tailscale:
|
||||
enabled: true
|
||||
className: tailscale
|
||||
|
||||
@@ -25,4 +25,4 @@ dependencies:
|
||||
repository: https://bjw-s.github.io/helm-charts/
|
||||
version: 3.3.2
|
||||
icon: https://raw.githubusercontent.com/walkxcode/dashboard-icons/main/png/qbittorrent.png
|
||||
appVersion: 4.6.5
|
||||
appVersion: 4.6.5-r0-ls335
|
||||
|
||||
@@ -124,24 +124,24 @@ qbittorrent:
|
||||
targetPort: 9022
|
||||
protocol: HTTP
|
||||
ingress:
|
||||
main:
|
||||
className: traefik
|
||||
annotations:
|
||||
traefik.ingress.kubernetes.io/router.entrypoints: websecure
|
||||
traefik.ingress.kubernetes.io/router.tls: "true"
|
||||
cert-manager.io/cluster-issuer: letsencrypt-issuer
|
||||
hosts:
|
||||
- host: qbittorrent.alexlebens.net
|
||||
paths:
|
||||
- path: /
|
||||
pathType: Prefix
|
||||
service:
|
||||
name: qbittorrent
|
||||
port: 8080
|
||||
tls:
|
||||
- secretName: qbittorrent-secret-tls
|
||||
hosts:
|
||||
- qbittorrent.alexlebens.net
|
||||
# main:
|
||||
# className: traefik
|
||||
# annotations:
|
||||
# traefik.ingress.kubernetes.io/router.entrypoints: websecure
|
||||
# traefik.ingress.kubernetes.io/router.tls: "true"
|
||||
# cert-manager.io/cluster-issuer: letsencrypt-issuer
|
||||
# hosts:
|
||||
# - host: qbittorrent.alexlebens.net
|
||||
# paths:
|
||||
# - path: /
|
||||
# pathType: Prefix
|
||||
# service:
|
||||
# name: qbittorrent
|
||||
# port: 8080
|
||||
# tls:
|
||||
# - secretName: qbittorrent-secret-tls
|
||||
# hosts:
|
||||
# - qbittorrent.alexlebens.net
|
||||
tailscale:
|
||||
enabled: true
|
||||
className: tailscale
|
||||
|
||||
Reference in New Issue
Block a user