diff --git a/clusters/cl01tl/applications/homepage/values.yaml b/clusters/cl01tl/applications/homepage/values.yaml index 3281c776b..d3a196ad0 100644 --- a/clusters/cl01tl/applications/homepage/values.yaml +++ b/clusters/cl01tl/applications/homepage/values.yaml @@ -236,7 +236,7 @@ homepage: - Web Design: icon: https://raw.githubusercontent.com/penpot/penpot/362d4ea47f06d169dd6e0a34cb9d141200e646e6/frontend/resources/images/icons/penpot-logo-icon.svg description: Penpot - href: https://penpot.alexlebens.net + href: https://penpot-cl01tl.boreal-beaufort.ts.net siteMonitor: http://penpot-frontend.penpot:80 statusStyle: dot - Calibre Server: @@ -455,7 +455,7 @@ homepage: - Object Storage (Penpot): icon: minio.png description: Minio Tenant - href: https://minio-penpot.alexlebens.net + href: https://minio-penpot-cl01tl.boreal-beaufort.ts.net siteMonitor: http://minio-penpot-console.penpot:9090 statusStyle: dot - Sonarr: diff --git a/clusters/cl01tl/applications/penpot/values.yaml b/clusters/cl01tl/applications/penpot/values.yaml index 3afbdf3c8..4703de1ad 100644 --- a/clusters/cl01tl/applications/penpot/values.yaml +++ b/clusters/cl01tl/applications/penpot/values.yaml @@ -26,7 +26,7 @@ penpot: pullPolicy: IfNotPresent env: - name: PENPOT_PUBLIC_URI - value: https://penpot.alexlebens.net + value: https://penpot-cl01tl.boreal-beaufort.ts.net - name: PENPOT_FLAGS value: enable-registration enable-insecure-register enable-login enable-login-with-oidc disable-demo-users disable-demo-warning - name: PENPOT_SECRET_KEY @@ -55,11 +55,11 @@ penpot: - name: PENPOT_STORAGE_ASSETS_S3_BUCKET value: penpot - name: PENPOT_STORAGE_ASSETS_S3_ENDPOINT - value: http://minio.penpot:80 + value: https://penpot-storage-cl01tl.boreal-beaufort.ts.net/penpot - name: PENPOT_TELEMETRY_ENABLED value: false - name: PENPOT_OIDC_BASE_URI - value: https://authentik.alexlebens.net/application/o/ + value: https://auth-cl01tl.boreal-beaufort.ts.net/application/o/ - name: PENPOT_OIDC_CLIENT_ID valueFrom: secretKeyRef: @@ -71,11 +71,11 @@ penpot: name: penpot-oidc-secret key: secret - name: PENPOT_OIDC_AUTH_URI - value: https://authentik.alexlebens.net/application/o/authorize/ + value: https://auth-cl01tl.boreal-beaufort.ts.net/application/o/authorize/ - name: PENPOT_OIDC_TOKEN_URI - value: https://authentik.alexlebens.net/application/o/token/ + value: https://auth-cl01tl.boreal-beaufort.ts.net/application/o/token/ - name: PENPOT_OIDC_USER_URI - value: https://authentik.alexlebens.net/application/o/userinfo/ + value: https://auth-cl01tl.boreal-beaufort.ts.net/application/o/userinfo/ - name: PENPOT_OIDC_SCOPES value: "openid profile email" - name: PENPOT_OIDC_NAME_ATTR @@ -102,7 +102,7 @@ penpot: pullPolicy: IfNotPresent env: - name: PENPOT_PUBLIC_URI - value: https://penpot.alexlebens.net + value: https://penpot-cl01tl.boreal-beaufort.ts.net - name: PENPOT_FLAGS value: enable-registration enable-insecure-register enable-login enable-login-with-oidc disable-demo-users disable-demo-warning - name: PENPOT_SECRET_KEY @@ -131,11 +131,11 @@ penpot: - name: PENPOT_STORAGE_ASSETS_S3_BUCKET value: penpot - name: PENPOT_STORAGE_ASSETS_S3_ENDPOINT - value: http://minio.penpot:80 + value: https://penpot-storage-cl01tl.boreal-beaufort.ts.net/penpot - name: PENPOT_TELEMETRY_ENABLED value: false - name: PENPOT_OIDC_BASE_URI - value: https://authentik.alexlebens.net/application/o/ + value: https://auth-cl01tl.boreal-beaufort.ts.net/application/o/ - name: PENPOT_OIDC_CLIENT_ID valueFrom: secretKeyRef: @@ -147,11 +147,11 @@ penpot: name: penpot-oidc-secret key: secret - name: PENPOT_OIDC_AUTH_URI - value: https://authentik.alexlebens.net/application/o/authorize/ + value: https://auth-cl01tl.boreal-beaufort.ts.net/application/o/authorize/ - name: PENPOT_OIDC_TOKEN_URI - value: https://authentik.alexlebens.net/application/o/token/ + value: https://auth-cl01tl.boreal-beaufort.ts.net/application/o/token/ - name: PENPOT_OIDC_USER_URI - value: https://authentik.alexlebens.net/application/o/userinfo/ + value: https://auth-cl01tl.boreal-beaufort.ts.net/application/o/userinfo/ - name: PENPOT_OIDC_SCOPES value: "openid profile email" - name: PENPOT_OIDC_NAME_ATTR @@ -186,7 +186,7 @@ penpot: pullPolicy: IfNotPresent env: - name: PENPOT_PUBLIC_URI - value: https://penpot.alexlebens.net + value: https://penpot-cl01tl.boreal-beaufort.ts.net - name: PENPOT_FLAGS value: enable-registration enable-insecure-register enable-login enable-login-with-oidc disable-demo-users disable-demo-warning - name: PENPOT_SECRET_KEY @@ -215,11 +215,11 @@ penpot: - name: PENPOT_STORAGE_ASSETS_S3_BUCKET value: penpot - name: PENPOT_STORAGE_ASSETS_S3_ENDPOINT - value: http://minio.penpot:80 + value: https://penpot-storage-cl01tl.boreal-beaufort.ts.net/penpot - name: PENPOT_TELEMETRY_ENABLED value: false - name: PENPOT_OIDC_BASE_URI - value: https://authentik.alexlebens.net/application/o/ + value: https://auth-cl01tl.boreal-beaufort.ts.net/application/o/ - name: PENPOT_OIDC_CLIENT_ID valueFrom: secretKeyRef: @@ -231,11 +231,11 @@ penpot: name: penpot-oidc-secret key: secret - name: PENPOT_OIDC_AUTH_URI - value: https://authentik.alexlebens.net/application/o/authorize/ + value: https://auth-cl01tl.boreal-beaufort.ts.net/application/o/authorize/ - name: PENPOT_OIDC_TOKEN_URI - value: https://authentik.alexlebens.net/application/o/token/ + value: https://auth-cl01tl.boreal-beaufort.ts.net/application/o/token/ - name: PENPOT_OIDC_USER_URI - value: https://authentik.alexlebens.net/application/o/userinfo/ + value: https://auth-cl01tl.boreal-beaufort.ts.net/application/o/userinfo/ - name: PENPOT_OIDC_SCOPES value: "openid profile email" - name: PENPOT_OIDC_NAME_ATTR @@ -282,24 +282,6 @@ penpot: targetPort: 6061 protocol: HTTP ingress: - main: - className: traefik - annotations: - traefik.ingress.kubernetes.io/router.entrypoints: websecure - traefik.ingress.kubernetes.io/router.tls: "true" - cert-manager.io/cluster-issuer: letsencrypt-issuer - hosts: - - host: penpot.alexlebens.net - paths: - - path: / - pathType: Prefix - service: - name: penpot-frontend - port: 80 - tls: - - secretName: penpot-secret-tls - hosts: - - penpot.alexlebens.net tailscale: enabled: true className: tailscale @@ -367,19 +349,21 @@ minio: requestAutoCert: false ingress: api: - enabled: false + enabled: true + ingressClassName: tailscale + tls: + - hosts: + - penpot-storage-cl01tl + host: penpot-storage-cl01tl + path: / + pathType: Prefix console: enabled: true - ingressClassName: traefik - annotations: - traefik.ingress.kubernetes.io/router.entrypoints: websecure - traefik.ingress.kubernetes.io/router.tls: "true" - cert-manager.io/cluster-issuer: letsencrypt-issuer + ingressClassName: tailscale tls: - - secretName: minio-penpot-console-secret-tls - hosts: - - minio-penpot.alexlebens.net - host: minio-penpot.alexlebens.net + - hosts: + - minio-penpot-cl01tl + host: minio-penpot-cl01tl path: / pathType: Prefix postgres-16-cluster: