enable gateway

clusters/cl01tl/standalone/cilium/templates/certificate.yaml

@@ -1,21 +1,22 @@
-# apiVersion: cert-manager.io/v1
-# kind: Certificate
-# metadata:
-#   name: wildcard-tls-alexlebens-net
-#   namespace: cilium
-#   labels:
-#     app.kubernetes.io/name: wildcard-tls-alexlebens-net
-#     app.kubernetes.io/instance: {{ .Release.Name }}
-#     app.kubernetes.io/version: {{ .Chart.AppVersion }}
-#     app.kubernetes.io/component: network
-#     app.kubernetes.io/part-of: {{ .Release.Name }}
-# spec:
-#   secretName: wildcard-tls-alexlebens-net
-#   duration: 2160h0m0s
-#   renewBefore: 360h0m0s
-#   dnsNames:
-#     - "*.alexlebens.net"
-#   issuerRef:
-#     name: letsencrypt-issuer
-#     kind: ClusterIssuer
-#   commonName: "*.alexlebens.net"
+apiVersion: cert-manager.io/v1
+kind: Certificate
+metadata:
+  name: wildcard-tls-alexlebens-net
+  namespace: cilium
+  labels:
+    app.kubernetes.io/name: wildcard-tls-alexlebens-net
+    app.kubernetes.io/instance: {{ .Release.Name }}
+    app.kubernetes.io/version: {{ .Chart.AppVersion }}
+    app.kubernetes.io/component: network
+    app.kubernetes.io/part-of: {{ .Release.Name }}
+spec:
+  secretName: wildcard-tls-alexlebens-net
+  duration: 2160h0m0s
+  renewBefore: 360h0m0s
+  dnsNames:
+    - "alexlebens.net"
+    - "*.alexlebens.net"
+  issuerRef:
+    name: letsencrypt-issuer
+    kind: ClusterIssuer
+  commonName: "*.alexlebens.net"

clusters/cl01tl/standalone/cilium/templates/gateway.yaml

@@ -1,39 +1,23 @@
-# apiVersion: gateway.networking.k8s.io/v1
-# kind: Gateway
-# metadata:
-#   name: cilium-tls-gateway
-#   namespace: cilium
-#   labels:
-#     app.kubernetes.io/name: cilium-tls-gateway
-#     app.kubernetes.io/instance: {{ .Release.Name }}
-#     app.kubernetes.io/version: {{ .Chart.AppVersion }}
-#     app.kubernetes.io/component: network
-#     app.kubernetes.io/part-of: {{ .Release.Name }}
-#   annotations:
-#     cert-manager.io/cluster-issuer: letsencrypt-issuer
-# spec:
-#   gatewayClassName: cilium
-#   infrastructure:
-#     annotations:
-#       io.cilium/lb-ipam-ips: 192.168.1.15
-#   listeners:
-#     - name: http
-#       protocol: HTTP
-#       port: 80
-#       hostname: "*.alexlebens.net"
-#       allowedRoutes:
-#         namespaces:
-#           from: All
-#     - name: https
-#       protocol: HTTPS
-#       port: 443
-#       hostname: "*.alexlebens.net"
-#       allowedRoutes:
-#         namespaces:
-#           from: All
-#       tls:
-#         mode: Terminate
-#         certificateRefs:
-#           - kind: Secret
-#             group: core
-#             name: wildcard-tls-alexlebens-net
+apiVersion: gateway.networking.k8s.io/v1
+kind: Gateway
+metadata:
+  name: cilium-http-gateway
+  namespace: cilium
+  labels:
+    app.kubernetes.io/name: cilium-http-gateway
+    app.kubernetes.io/instance: {{ .Release.Name }}
+    app.kubernetes.io/version: {{ .Chart.AppVersion }}
+    app.kubernetes.io/component: network
+    app.kubernetes.io/part-of: {{ .Release.Name }}
+  annotations:
+    cert-manager.io/cluster-issuer: letsencrypt-issuer
+spec:
+  gatewayClassName: cilium
+  listeners:
+    - name: http
+      protocol: HTTP
+      port: 80
+      hostname: "*.alexlebens.net"
+      allowedRoutes:
+        namespaces:
+          from: All

clusters/cl01tl/standalone/cilium/values.yaml

@@ -31,7 +31,7 @@ cilium:
   ingressController:
     enabled: false
   gatewayAPI:
-    enabled: false
+    enabled: true
   hubble:
     enabled: true
     metrics: