diff --git a/clusters/cl01tl/platform/authentik/templates/http-route.yaml b/clusters/cl01tl/platform/authentik/templates/http-route.yaml index c359c89ea..aa13c3dde 100644 --- a/clusters/cl01tl/platform/authentik/templates/http-route.yaml +++ b/clusters/cl01tl/platform/authentik/templates/http-route.yaml @@ -1,67 +1,67 @@ -apiVersion: gateway.networking.k8s.io/v1 -kind: HTTPRoute -metadata: - name: authentik-https-app-route - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: authentik-https-app-route - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: network - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - parentRefs: - - group: gateway.networking.k8s.io - kind: Gateway - name: cilium-tls-gateway - namespace: cilium - sectionName: https - hostnames: - - auth.alexlebens.net - rules: - - matches: - - path: - type: PathPrefix - value: / - - backendRefs: - - group: '' - kind: Service - name: authentik-server - port: 80 - weight: 1 - matches: - - path: - type: PathPrefix - value: / +# apiVersion: gateway.networking.k8s.io/v1 +# kind: HTTPRoute +# metadata: +# name: authentik-https-app-route +# namespace: {{ .Release.Namespace }} +# labels: +# app.kubernetes.io/name: authentik-https-app-route +# app.kubernetes.io/instance: {{ .Release.Name }} +# app.kubernetes.io/version: {{ .Chart.AppVersion }} +# app.kubernetes.io/component: network +# app.kubernetes.io/part-of: {{ .Release.Name }} +# spec: +# parentRefs: +# - group: gateway.networking.k8s.io +# kind: Gateway +# name: cilium-tls-gateway +# namespace: cilium +# sectionName: https +# hostnames: +# - auth.alexlebens.net +# rules: +# - matches: +# - path: +# type: PathPrefix +# value: / +# - backendRefs: +# - group: '' +# kind: Service +# name: authentik-server +# port: 80 +# weight: 1 +# matches: +# - path: +# type: PathPrefix +# value: / ---- -apiVersion: gateway.networking.k8s.io/v1 -kind: HTTPRoute -metadata: - name: authentik-http-redirect - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: authentik-http-redirect - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: network - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - parentRefs: - - group: gateway.networking.k8s.io - kind: Gateway - name: cilium-tls-gateway - namespace: cilium - sectionName: http - hostnames: - - auth.alexlebens.net - rules: - - filters: - - requestRedirect: - scheme: https - statusCode: 301 - type: RequestRedirect - matches: - - path: - type: PathPrefix - value: / +# --- +# apiVersion: gateway.networking.k8s.io/v1 +# kind: HTTPRoute +# metadata: +# name: authentik-http-redirect +# namespace: {{ .Release.Namespace }} +# labels: +# app.kubernetes.io/name: authentik-http-redirect +# app.kubernetes.io/instance: {{ .Release.Name }} +# app.kubernetes.io/version: {{ .Chart.AppVersion }} +# app.kubernetes.io/component: network +# app.kubernetes.io/part-of: {{ .Release.Name }} +# spec: +# parentRefs: +# - group: gateway.networking.k8s.io +# kind: Gateway +# name: cilium-tls-gateway +# namespace: cilium +# sectionName: http +# hostnames: +# - auth.alexlebens.net +# rules: +# - filters: +# - requestRedirect: +# scheme: https +# statusCode: 301 +# type: RequestRedirect +# matches: +# - path: +# type: PathPrefix +# value: / diff --git a/clusters/cl01tl/standalone/cilium/templates/gateway.yaml b/clusters/cl01tl/standalone/cilium/templates/gateway.yaml index b386c54f6..0dd482030 100644 --- a/clusters/cl01tl/standalone/cilium/templates/gateway.yaml +++ b/clusters/cl01tl/standalone/cilium/templates/gateway.yaml @@ -1,36 +1,36 @@ -apiVersion: gateway.networking.k8s.io/v1 -kind: Gateway -metadata: - name: cilium-tls-gateway - namespace: cilium - labels: - app.kubernetes.io/name: cilium-tls-gateway - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: network - app.kubernetes.io/part-of: {{ .Release.Name }} - annotations: - cert-manager.io/cluster-issuer: letsencrypt-issuer -spec: - gatewayClassName: cilium - listeners: - - name: http - protocol: HTTP - port: 80 - hostname: "*.alexlebens.net" - allowedRoutes: - namespaces: - from: All - - name: https - protocol: HTTPS - port: 443 - hostname: "*.alexlebens.net" - allowedRoutes: - namespaces: - from: All - tls: - mode: Terminate - certificateRefs: - - kind: Secret - group: core - name: wildcard-tls-alexlebens-net +# apiVersion: gateway.networking.k8s.io/v1 +# kind: Gateway +# metadata: +# name: cilium-tls-gateway +# namespace: cilium +# labels: +# app.kubernetes.io/name: cilium-tls-gateway +# app.kubernetes.io/instance: {{ .Release.Name }} +# app.kubernetes.io/version: {{ .Chart.AppVersion }} +# app.kubernetes.io/component: network +# app.kubernetes.io/part-of: {{ .Release.Name }} +# annotations: +# cert-manager.io/cluster-issuer: letsencrypt-issuer +# spec: +# gatewayClassName: cilium +# listeners: +# - name: http +# protocol: HTTP +# port: 80 +# hostname: "*.alexlebens.net" +# allowedRoutes: +# namespaces: +# from: All +# - name: https +# protocol: HTTPS +# port: 443 +# hostname: "*.alexlebens.net" +# allowedRoutes: +# namespaces: +# from: All +# tls: +# mode: Terminate +# certificateRefs: +# - kind: Secret +# group: core +# name: wildcard-tls-alexlebens-net