change ingress to tailscale
This commit is contained in:
@@ -236,7 +236,7 @@ homepage:
|
||||
- Web Design:
|
||||
icon: https://raw.githubusercontent.com/penpot/penpot/362d4ea47f06d169dd6e0a34cb9d141200e646e6/frontend/resources/images/icons/penpot-logo-icon.svg
|
||||
description: Penpot
|
||||
href: https://penpot.alexlebens.net
|
||||
href: https://penpot-cl01tl.boreal-beaufort.ts.net
|
||||
siteMonitor: http://penpot-frontend.penpot:80
|
||||
statusStyle: dot
|
||||
- Calibre Server:
|
||||
@@ -455,7 +455,7 @@ homepage:
|
||||
- Object Storage (Penpot):
|
||||
icon: minio.png
|
||||
description: Minio Tenant
|
||||
href: https://minio-penpot.alexlebens.net
|
||||
href: https://minio-penpot-cl01tl.boreal-beaufort.ts.net
|
||||
siteMonitor: http://minio-penpot-console.penpot:9090
|
||||
statusStyle: dot
|
||||
- Sonarr:
|
||||
|
||||
@@ -26,7 +26,7 @@ penpot:
|
||||
pullPolicy: IfNotPresent
|
||||
env:
|
||||
- name: PENPOT_PUBLIC_URI
|
||||
value: https://penpot.alexlebens.net
|
||||
value: https://penpot-cl01tl.boreal-beaufort.ts.net
|
||||
- name: PENPOT_FLAGS
|
||||
value: enable-registration enable-insecure-register enable-login enable-login-with-oidc disable-demo-users disable-demo-warning
|
||||
- name: PENPOT_SECRET_KEY
|
||||
@@ -55,11 +55,11 @@ penpot:
|
||||
- name: PENPOT_STORAGE_ASSETS_S3_BUCKET
|
||||
value: penpot
|
||||
- name: PENPOT_STORAGE_ASSETS_S3_ENDPOINT
|
||||
value: http://minio.penpot:80
|
||||
value: https://penpot-storage-cl01tl.boreal-beaufort.ts.net/penpot
|
||||
- name: PENPOT_TELEMETRY_ENABLED
|
||||
value: false
|
||||
- name: PENPOT_OIDC_BASE_URI
|
||||
value: https://authentik.alexlebens.net/application/o/
|
||||
value: https://auth-cl01tl.boreal-beaufort.ts.net/application/o/
|
||||
- name: PENPOT_OIDC_CLIENT_ID
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
@@ -71,11 +71,11 @@ penpot:
|
||||
name: penpot-oidc-secret
|
||||
key: secret
|
||||
- name: PENPOT_OIDC_AUTH_URI
|
||||
value: https://authentik.alexlebens.net/application/o/authorize/
|
||||
value: https://auth-cl01tl.boreal-beaufort.ts.net/application/o/authorize/
|
||||
- name: PENPOT_OIDC_TOKEN_URI
|
||||
value: https://authentik.alexlebens.net/application/o/token/
|
||||
value: https://auth-cl01tl.boreal-beaufort.ts.net/application/o/token/
|
||||
- name: PENPOT_OIDC_USER_URI
|
||||
value: https://authentik.alexlebens.net/application/o/userinfo/
|
||||
value: https://auth-cl01tl.boreal-beaufort.ts.net/application/o/userinfo/
|
||||
- name: PENPOT_OIDC_SCOPES
|
||||
value: "openid profile email"
|
||||
- name: PENPOT_OIDC_NAME_ATTR
|
||||
@@ -102,7 +102,7 @@ penpot:
|
||||
pullPolicy: IfNotPresent
|
||||
env:
|
||||
- name: PENPOT_PUBLIC_URI
|
||||
value: https://penpot.alexlebens.net
|
||||
value: https://penpot-cl01tl.boreal-beaufort.ts.net
|
||||
- name: PENPOT_FLAGS
|
||||
value: enable-registration enable-insecure-register enable-login enable-login-with-oidc disable-demo-users disable-demo-warning
|
||||
- name: PENPOT_SECRET_KEY
|
||||
@@ -131,11 +131,11 @@ penpot:
|
||||
- name: PENPOT_STORAGE_ASSETS_S3_BUCKET
|
||||
value: penpot
|
||||
- name: PENPOT_STORAGE_ASSETS_S3_ENDPOINT
|
||||
value: http://minio.penpot:80
|
||||
value: https://penpot-storage-cl01tl.boreal-beaufort.ts.net/penpot
|
||||
- name: PENPOT_TELEMETRY_ENABLED
|
||||
value: false
|
||||
- name: PENPOT_OIDC_BASE_URI
|
||||
value: https://authentik.alexlebens.net/application/o/
|
||||
value: https://auth-cl01tl.boreal-beaufort.ts.net/application/o/
|
||||
- name: PENPOT_OIDC_CLIENT_ID
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
@@ -147,11 +147,11 @@ penpot:
|
||||
name: penpot-oidc-secret
|
||||
key: secret
|
||||
- name: PENPOT_OIDC_AUTH_URI
|
||||
value: https://authentik.alexlebens.net/application/o/authorize/
|
||||
value: https://auth-cl01tl.boreal-beaufort.ts.net/application/o/authorize/
|
||||
- name: PENPOT_OIDC_TOKEN_URI
|
||||
value: https://authentik.alexlebens.net/application/o/token/
|
||||
value: https://auth-cl01tl.boreal-beaufort.ts.net/application/o/token/
|
||||
- name: PENPOT_OIDC_USER_URI
|
||||
value: https://authentik.alexlebens.net/application/o/userinfo/
|
||||
value: https://auth-cl01tl.boreal-beaufort.ts.net/application/o/userinfo/
|
||||
- name: PENPOT_OIDC_SCOPES
|
||||
value: "openid profile email"
|
||||
- name: PENPOT_OIDC_NAME_ATTR
|
||||
@@ -186,7 +186,7 @@ penpot:
|
||||
pullPolicy: IfNotPresent
|
||||
env:
|
||||
- name: PENPOT_PUBLIC_URI
|
||||
value: https://penpot.alexlebens.net
|
||||
value: https://penpot-cl01tl.boreal-beaufort.ts.net
|
||||
- name: PENPOT_FLAGS
|
||||
value: enable-registration enable-insecure-register enable-login enable-login-with-oidc disable-demo-users disable-demo-warning
|
||||
- name: PENPOT_SECRET_KEY
|
||||
@@ -215,11 +215,11 @@ penpot:
|
||||
- name: PENPOT_STORAGE_ASSETS_S3_BUCKET
|
||||
value: penpot
|
||||
- name: PENPOT_STORAGE_ASSETS_S3_ENDPOINT
|
||||
value: http://minio.penpot:80
|
||||
value: https://penpot-storage-cl01tl.boreal-beaufort.ts.net/penpot
|
||||
- name: PENPOT_TELEMETRY_ENABLED
|
||||
value: false
|
||||
- name: PENPOT_OIDC_BASE_URI
|
||||
value: https://authentik.alexlebens.net/application/o/
|
||||
value: https://auth-cl01tl.boreal-beaufort.ts.net/application/o/
|
||||
- name: PENPOT_OIDC_CLIENT_ID
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
@@ -231,11 +231,11 @@ penpot:
|
||||
name: penpot-oidc-secret
|
||||
key: secret
|
||||
- name: PENPOT_OIDC_AUTH_URI
|
||||
value: https://authentik.alexlebens.net/application/o/authorize/
|
||||
value: https://auth-cl01tl.boreal-beaufort.ts.net/application/o/authorize/
|
||||
- name: PENPOT_OIDC_TOKEN_URI
|
||||
value: https://authentik.alexlebens.net/application/o/token/
|
||||
value: https://auth-cl01tl.boreal-beaufort.ts.net/application/o/token/
|
||||
- name: PENPOT_OIDC_USER_URI
|
||||
value: https://authentik.alexlebens.net/application/o/userinfo/
|
||||
value: https://auth-cl01tl.boreal-beaufort.ts.net/application/o/userinfo/
|
||||
- name: PENPOT_OIDC_SCOPES
|
||||
value: "openid profile email"
|
||||
- name: PENPOT_OIDC_NAME_ATTR
|
||||
@@ -282,24 +282,6 @@ penpot:
|
||||
targetPort: 6061
|
||||
protocol: HTTP
|
||||
ingress:
|
||||
main:
|
||||
className: traefik
|
||||
annotations:
|
||||
traefik.ingress.kubernetes.io/router.entrypoints: websecure
|
||||
traefik.ingress.kubernetes.io/router.tls: "true"
|
||||
cert-manager.io/cluster-issuer: letsencrypt-issuer
|
||||
hosts:
|
||||
- host: penpot.alexlebens.net
|
||||
paths:
|
||||
- path: /
|
||||
pathType: Prefix
|
||||
service:
|
||||
name: penpot-frontend
|
||||
port: 80
|
||||
tls:
|
||||
- secretName: penpot-secret-tls
|
||||
hosts:
|
||||
- penpot.alexlebens.net
|
||||
tailscale:
|
||||
enabled: true
|
||||
className: tailscale
|
||||
@@ -367,19 +349,21 @@ minio:
|
||||
requestAutoCert: false
|
||||
ingress:
|
||||
api:
|
||||
enabled: false
|
||||
enabled: true
|
||||
ingressClassName: tailscale
|
||||
tls:
|
||||
- hosts:
|
||||
- penpot-storage-cl01tl
|
||||
host: penpot-storage-cl01tl
|
||||
path: /
|
||||
pathType: Prefix
|
||||
console:
|
||||
enabled: true
|
||||
ingressClassName: traefik
|
||||
annotations:
|
||||
traefik.ingress.kubernetes.io/router.entrypoints: websecure
|
||||
traefik.ingress.kubernetes.io/router.tls: "true"
|
||||
cert-manager.io/cluster-issuer: letsencrypt-issuer
|
||||
ingressClassName: tailscale
|
||||
tls:
|
||||
- secretName: minio-penpot-console-secret-tls
|
||||
hosts:
|
||||
- minio-penpot.alexlebens.net
|
||||
host: minio-penpot.alexlebens.net
|
||||
- hosts:
|
||||
- minio-penpot-cl01tl
|
||||
host: minio-penpot-cl01tl
|
||||
path: /
|
||||
pathType: Prefix
|
||||
postgres-16-cluster:
|
||||
|
||||
Reference in New Issue
Block a user