change to tailscale ingress

This commit is contained in:
2024-08-15 18:38:09 -05:00
parent 0d4230f98b
commit 7b877784d0
17 changed files with 102 additions and 695 deletions

View File

@@ -1,37 +0,0 @@
apiVersion: traefik.io/v1alpha1
kind: IngressRoute
metadata:
name: homepage
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: homepage
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/version: {{ .Chart.AppVersion }}
app.kubernetes.io/component: web
app.kubernetes.io/part-of: {{ .Release.Name }}
annotations:
external-dns.alpha.kubernetes.io/hostname: home.alexlebens.net
external-dns.alpha.kubernetes.io/target: cl01tl-endpoint.alexlebens.net
kubernetes.io/ingress.class: traefik
spec:
entryPoints:
- websecure
routes:
- kind: Rule
match: Host(`home.alexlebens.net`)
middlewares:
- name: "authentik-{{ .Release.Name }}"
namespace: authentik
priority: 10
services:
- kind: Service
name: homepage
port: 80
- kind: Rule
match: Host(`home.alexlebens.net`) && PathPrefix(`/outpost.goauthentik.io/`)
priority: 15
services:
- kind: Service
name: authentik-outpost-proxy
port: 9000
namespace: authentik

View File

@@ -1,27 +0,0 @@
apiVersion: traefik.io/v1alpha1
kind: Middleware
metadata:
name: "authentik-{{ .Release.Name }}"
namespace: authentik
labels:
app.kubernetes.io/name: "authentik-{{ .Release.Name }}"
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/version: {{ .Chart.AppVersion }}
app.kubernetes.io/component: auth
app.kubernetes.io/part-of: {{ .Release.Name }}
spec:
forwardAuth:
address: http://authentik-outpost-proxy.authentik:9000/outpost.goauthentik.io/auth/traefik
trustForwardHeader: true
authResponseHeaders:
- X-authentik-username
- X-authentik-groups
- X-authentik-email
- X-authentik-name
- X-authentik-uid
- X-authentik-jwt
- X-authentik-meta-jwks
- X-authentik-meta-outpost
- X-authentik-meta-provider
- X-authentik-meta-app
- X-authentik-meta-version

View File

@@ -440,10 +440,10 @@ homepage:
href: https://pgadmin.alexlebens.net
siteMonitor: http://pgadmin.pgadmin:80
statusStyle: dot
- Secret Management:
- Secrets:
icon: vault.png
description: Vault
href: https://vault.alexlebens.net
href: https://vault-cl01tl.boreal-beaufort.ts.net
siteMonitor: http://vault.vault:8200
statusStyle: dot
- Object Storage (Outline):
@@ -462,7 +462,7 @@ homepage:
- Sonarr:
icon: sonarr.png
description: TV Shows
href: https://sonarr.alexlebens.net
href: https://sonarr-cl01tl.boreal-beaufort.ts.net
siteMonitor: http://sonarr4.sonarr4:80
statusStyle: dot
widget:
@@ -474,7 +474,7 @@ homepage:
- Sonarr 4K:
icon: sonarr.png
description: TV Shows 4K
href: https://sonarr-4k.alexlebens.net
href: https://sonarr-4k-cl01tl.boreal-beaufort.ts.net
siteMonitor: http://sonarr4-4k.sonarr4-4k:80
statusStyle: dot
widget:
@@ -487,7 +487,7 @@ homepage:
- Radarr:
icon: radarr.png
description: Movies
href: https://radarr.alexlebens.net
href: https://radarr-cl01tl.boreal-beaufort.ts.net
siteMonitor: http://radarr5.radarr5:80
statusStyle: dot
widget:
@@ -499,7 +499,7 @@ homepage:
- Radarr 4K:
icon: radarr.png
description: Movies 4K
href: https://radarr-4k.alexlebens.net
href: https://radarr-4k-cl01tl.boreal-beaufort.ts.net
siteMonitor: http://radarr5-4k.radarr5-4k:80
statusStyle: dot
widget:
@@ -615,9 +615,6 @@ homepage:
- Dev:
- abbr: DV
href: https://home.alexlebens.dev
- Tailscale:
- abbr: TS
href: https://home-cl01tl.boreal-beaufort.ts.net
- Lebens Home:
- abbr: LH
href: https://www.lebens-home.net
@@ -648,6 +645,21 @@ homepage:
port: 80
targetPort: 3000
protocol: HTTP
ingress:
tailscale:
enabled: true
className: tailscale
hosts:
- host: home-cl01tl
paths:
- path: /
pathType: Prefix
service:
name: homepage
port: 80
tls:
- hosts:
- home-cl01tl
persistence:
config:
enabled: true