shpaq/auricom-home-cluster
1
0
Fork 0
mirror of https://github.com/auricom/home-cluster.git synced 2025-09-17 18:24:14 +02:00
Code Issues Packages Projects Releases Wiki Activity

feat: migrate ingresses to nginx

Browse Source
This commit is contained in:
auricom
2021-08-14 12:36:17 +02:00
parent 52141abd21
commit 248e40c05c
44 changed files with 328 additions and 198 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
cluster/apps/data/bookstack/helm-release.yaml
View File

@@ -59,9 +59,10 @@ spec:
ingress: ingress:
main: main:
enabled: true enabled: true
ingressClassName: "traefik" # ingressClassName: "traefik"
annotations: annotations:
traefik.ingress.kubernetes.io/router.entrypoints: "websecure" kubernetes.io/ingress.class: "nginx"
# traefik.ingress.kubernetes.io/router.entrypoints: "websecure"
hosts: hosts:
- host: bookstack.${SECRET_CLUSTER_DOMAIN} - host: bookstack.${SECRET_CLUSTER_DOMAIN}
paths: paths:

3
cluster/apps/data/freshrss/helm-release.yaml
View File

@@ -42,8 +42,9 @@ spec:
ingress: ingress:
main: main:
enabled: true enabled: true
ingressClassName: "traefik" # ingressClassName: "traefik"
annotations: annotations:
kubernetes.io/ingress.class: "nginx"
traefik.ingress.kubernetes.io/router.entrypoints: "websecure" traefik.ingress.kubernetes.io/router.entrypoints: "websecure"
hosts: hosts:
- host: freshrss.${SECRET_CLUSTER_DOMAIN} - host: freshrss.${SECRET_CLUSTER_DOMAIN}

14
cluster/apps/data/homer/helm-release.yaml
View File

@@ -40,10 +40,11 @@ spec:
ingress: ingress:
main: main:
enabled: true enabled: true
ingressClassName: "traefik" # ingressClassName: "traefik"
annotations: annotations:
traefik.ingress.kubernetes.io/router.entrypoints: "websecure" kubernetes.io/ingress.class: "nginx"
traefik.ingress.kubernetes.io/router.middlewares: networking-forward-auth@kubernetescrd # traefik.ingress.kubernetes.io/router.entrypoints: "websecure"
# traefik.ingress.kubernetes.io/router.middlewares: networking-forward-auth@kubernetescrd
hosts: hosts:
- host: "homer.${SECRET_CLUSTER_DOMAIN}" - host: "homer.${SECRET_CLUSTER_DOMAIN}"
paths: paths:
@@ -70,10 +71,11 @@ spec:
- "/www/assets/.vscode" - "/www/assets/.vscode"
ingress: ingress:
enabled: true enabled: true
ingressClassName: "traefik" # ingressClassName: "traefik"
annotations: annotations:
traefik.ingress.kubernetes.io/router.entrypoints: "websecure" kubernetes.io/ingress.class: "nginx"
traefik.ingress.kubernetes.io/router.middlewares: networking-forward-auth@kubernetescrd # traefik.ingress.kubernetes.io/router.entrypoints: "websecure"
# traefik.ingress.kubernetes.io/router.middlewares: networking-forward-auth@kubernetescrd
hosts: hosts:
- host: "homer-config.${SECRET_CLUSTER_DOMAIN}" - host: "homer-config.${SECRET_CLUSTER_DOMAIN}"
paths: paths:

5
cluster/apps/data/joplin-server/helm-release.yaml
View File

@@ -41,9 +41,10 @@ spec:
ingress: ingress:
main: main:
enabled: true enabled: true
ingressClassName: "traefik" # ingressClassName: "traefik"
annotations: annotations:
traefik.ingress.kubernetes.io/router.entrypoints: "websecure" kubernetes.io/ingress.class: "nginx"
# traefik.ingress.kubernetes.io/router.entrypoints: "websecure"
hosts: hosts:
- host: "joplin.${SECRET_CLUSTER_DOMAIN}" - host: "joplin.${SECRET_CLUSTER_DOMAIN}"
paths: paths:

25
cluster/apps/data/pgadmin/helm-release.yaml
View File

@@ -28,8 +28,9 @@ spec:
ingress: ingress:
enabled: true enabled: true
annotations: annotations:
traefik.ingress.kubernetes.io/router.entrypoints: "websecure" kubernetes.io/ingress.class: "nginx"
traefik.ingress.kubernetes.io/router.middlewares: networking-buffering-medium@kubernetescrd # traefik.ingress.kubernetes.io/router.entrypoints: "websecure"
# traefik.ingress.kubernetes.io/router.middlewares: networking-buffering-medium@kubernetescrd
hosts: hosts:
- host: "pgadmin.${SECRET_CLUSTER_DOMAIN}" - host: "pgadmin.${SECRET_CLUSTER_DOMAIN}"
paths: paths:
@@ -39,13 +40,13 @@ spec:
- hosts: - hosts:
- "pgadmin.${SECRET_CLUSTER_DOMAIN}" - "pgadmin.${SECRET_CLUSTER_DOMAIN}"
secretName: "${SECRET_CLUSTER_CERTIFICATE_DEFAULT}" secretName: "${SECRET_CLUSTER_CERTIFICATE_DEFAULT}"
postRenderers: # postRenderers:
- kustomize: # - kustomize:
patchesJson6902: # patchesJson6902:
- target: # - target:
kind: Ingress # kind: Ingress
name: pgadmin-pgadmin4 # name: pgadmin-pgadmin4
patch: # patch:
- op: add # - op: add
path: /spec/ingressClassName # path: /spec/ingressClassName
value: traefik # value: traefik

7
cluster/apps/data/recipes/helm-release.yaml
View File

@@ -62,10 +62,11 @@ spec:
ingress: ingress:
main: main:
enabled: true enabled: true
ingressClassName: "traefik" # ingressClassName: "traefik"
annotations: annotations:
traefik.ingress.kubernetes.io/router.entrypoints: "websecure" kubernetes.io/ingress.class: "nginx"
traefik.ingress.kubernetes.io/router.middlewares: networking-buffering-small@kubernetescrd # traefik.ingress.kubernetes.io/router.entrypoints: "websecure"
# traefik.ingress.kubernetes.io/router.middlewares: networking-buffering-small@kubernetescrd
hosts: hosts:
- host: "recipes.${SECRET_CLUSTER_DOMAIN}" - host: "recipes.${SECRET_CLUSTER_DOMAIN}"
paths: paths:

5
cluster/apps/data/resilio-sync/statefulset.yaml
View File

@@ -206,14 +206,15 @@ apiVersion: networking.k8s.io/v1
kind: Ingress kind: Ingress
metadata: metadata:
annotations: annotations:
traefik.ingress.kubernetes.io/router.entrypoints: "websecure" kubernetes.io/ingress.class: "nginx"
# traefik.ingress.kubernetes.io/router.entrypoints: "websecure"
labels: labels:
app.kubernetes.io/instance: resilio-sync app.kubernetes.io/instance: resilio-sync
app.kubernetes.io/name: resilio-sync app.kubernetes.io/name: resilio-sync
name: resilio-sync name: resilio-sync
namespace: data namespace: data
spec: spec:
ingressClassName: "traefik" # ingressClassName: "traefik"
tls: tls:
- hosts: - hosts:
- "resilio-sync-claude.${SECRET_CLUSTER_DOMAIN}" - "resilio-sync-claude.${SECRET_CLUSTER_DOMAIN}"

7
cluster/apps/data/sharry/helm-release.yaml
View File

@@ -114,10 +114,11 @@ spec:
ingress: ingress:
main: main:
enabled: true enabled: true
ingressClassName: "traefik" # ingressClassName: "traefik"
annotations: annotations:
traefik.ingress.kubernetes.io/router.entrypoints: "websecure" kubernetes.io/ingress.class: "nginx"
traefik.ingress.kubernetes.io/router.middlewares: networking-buffering-large@kubernetescrd # traefik.ingress.kubernetes.io/router.entrypoints: "websecure"
# traefik.ingress.kubernetes.io/router.middlewares: networking-buffering-large@kubernetescrd
hosts: hosts:
- host: "sharry.${SECRET_CLUSTER_DOMAIN}" - host: "sharry.${SECRET_CLUSTER_DOMAIN}"
paths: paths:

5
cluster/apps/data/vaultwarden/helm-release.yaml
View File

@@ -52,9 +52,10 @@ spec:
ingress: ingress:
main: main:
enabled: true enabled: true
ingressClassName: "traefik" # ingressClassName: "traefik"
annotations: annotations:
traefik.ingress.kubernetes.io/router.entrypoints: "websecure" kubernetes.io/ingress.class: "nginx"
# traefik.ingress.kubernetes.io/router.entrypoints: "websecure"
hosts: hosts:
- host: "vaultwarden.${SECRET_CLUSTER_DOMAIN}" - host: "vaultwarden.${SECRET_CLUSTER_DOMAIN}"
paths: paths:

5
cluster/apps/data/vikunja/helm-release.yaml
View File

@@ -42,9 +42,10 @@ spec:
ingress: ingress:
main: main:
enabled: true enabled: true
ingressClassName: "traefik" # ingressClassName: "traefik"
annotations: annotations:
traefik.ingress.kubernetes.io/router.entrypoints: "websecure" kubernetes.io/ingress.class: "nginx"
# traefik.ingress.kubernetes.io/router.entrypoints: "websecure"
hosts: hosts:
- host: "vikunja.${SECRET_CLUSTER_DOMAIN}" - host: "vikunja.${SECRET_CLUSTER_DOMAIN}"
paths: paths:

5
cluster/apps/data/wallabag/helm-release.yaml
View File

@@ -63,9 +63,10 @@ spec:
ingress: ingress:
main: main:
enabled: true enabled: true
ingressClassName: "traefik" # ingressClassName: "traefik"
annotations: annotations:
traefik.ingress.kubernetes.io/router.entrypoints: "websecure" kubernetes.io/ingress.class: "nginx"
# traefik.ingress.kubernetes.io/router.entrypoints: "websecure"
hosts: hosts:
- host: "wallabag.${SECRET_CLUSTER_DOMAIN}" - host: "wallabag.${SECRET_CLUSTER_DOMAIN}"
paths: paths:

28
cluster/apps/development/docker-registry/helm-release.yaml
View File

@@ -40,8 +40,12 @@ spec:
ingress: ingress:
enabled: true enabled: true
annotations: annotations:
traefik.ingress.kubernetes.io/router.entrypoints: "websecure" kubernetes.io/ingress.class: "nginx"
traefik.ingress.kubernetes.io/router.middlewares: networking-buffering-large@kubernetescrd nginx.ingress.kubernetes.io/proxy-body-size: "0"
nginx.ingress.kubernetes.io/proxy-read-timeout: "600"
nginx.ingress.kubernetes.io/proxy-send-timeout: "600"
# traefik.ingress.kubernetes.io/router.entrypoints: "websecure"
# traefik.ingress.kubernetes.io/router.middlewares: networking-buffering-large@kubernetescrd
hosts: hosts:
- "registry.${SECRET_CLUSTER_DOMAIN}" - "registry.${SECRET_CLUSTER_DOMAIN}"
tls: tls:
@@ -49,13 +53,13 @@ spec:
- "registry.${SECRET_CLUSTER_DOMAIN}" - "registry.${SECRET_CLUSTER_DOMAIN}"
secretName: "${SECRET_CLUSTER_CERTIFICATE_DEFAULT}" secretName: "${SECRET_CLUSTER_CERTIFICATE_DEFAULT}"
postRenderers: # postRenderers:
- kustomize: # - kustomize:
patchesJson6902: # patchesJson6902:
- target: # - target:
kind: Ingress # kind: Ingress
name: docker-registry # name: docker-registry
patch: # patch:
- op: add # - op: add
path: /spec/ingressClassName # path: /spec/ingressClassName
value: traefik # value: traefik

21
cluster/apps/development/drone/helm-release.yaml
View File

@@ -45,7 +45,8 @@ spec:
ingress: ingress:
enabled: true enabled: true
annotations: annotations:
traefik.ingress.kubernetes.io/router.entrypoints: "websecure" kubernetes.io/ingress.class: "nginx"
# traefik.ingress.kubernetes.io/router.entrypoints: "websecure"
hosts: hosts:
- host: "drone.${SECRET_CLUSTER_DOMAIN}" - host: "drone.${SECRET_CLUSTER_DOMAIN}"
paths: ["/"] paths: ["/"]
@@ -53,13 +54,11 @@ spec:
- hosts: - hosts:
- "wallabag.${SECRET_CLUSTER_DOMAIN}" - "wallabag.${SECRET_CLUSTER_DOMAIN}"
secretName: "${SECRET_CLUSTER_CERTIFICATE_DEFAULT}" secretName: "${SECRET_CLUSTER_CERTIFICATE_DEFAULT}"
postRenderers: # postRenderers:
- kustomize: # - kustomize:
patchesJson6902: # patchesJson6902:
- target: # name: drone
kind: Ingress # patch:
name: drone # - op: add
patch: # path: /spec/ingressClassName
- op: add # value: traefik
path: /spec/ingressClassName
value: traefik

23
cluster/apps/development/gitea/helm-release.yaml
View File

@@ -88,7 +88,8 @@ spec:
ingress: ingress:
enabled: true enabled: true
annotations: annotations:
traefik.ingress.kubernetes.io/router.entrypoints: "websecure" kubernetes.io/ingress.class: "nginx"
# traefik.ingress.kubernetes.io/router.entrypoints: "websecure"
hosts: hosts:
- host: "gitea.${SECRET_CLUSTER_DOMAIN}" - host: "gitea.${SECRET_CLUSTER_DOMAIN}"
paths: paths:
@@ -99,13 +100,13 @@ spec:
- "gitea.${SECRET_CLUSTER_DOMAIN}" - "gitea.${SECRET_CLUSTER_DOMAIN}"
secretName: "${SECRET_CLUSTER_CERTIFICATE_DEFAULT}" secretName: "${SECRET_CLUSTER_CERTIFICATE_DEFAULT}"
postRenderers: # postRenderers:
- kustomize: # - kustomize:
patchesJson6902: # patchesJson6902:
- target: # - target:
kind: Ingress # kind: Ingress
name: gitea # name: gitea
patch: # patch:
- op: add # - op: add
path: /spec/ingressClassName # path: /spec/ingressClassName
value: traefik # value: traefik

17
cluster/apps/home-automation/emqx/helm-release.yaml
View File

@@ -61,7 +61,8 @@ spec:
dashboard: dashboard:
enabled: true enabled: true
annotations: annotations:
traefik.ingress.kubernetes.io/router.entrypoints: "websecure" kubernetes.io/ingress.class: "nginx"
# traefik.ingress.kubernetes.io/router.entrypoints: "websecure"
path: / path: /
hosts: hosts:
- emqx.${SECRET_CLUSTER_DOMAIN} - emqx.${SECRET_CLUSTER_DOMAIN}
@@ -102,10 +103,10 @@ spec:
path: /spec/externalIPs path: /spec/externalIPs
value: value:
- "${CLUSTER_LB_EMQX}" - "${CLUSTER_LB_EMQX}"
- target: # - target:
kind: Ingress # kind: Ingress
name: emqx-dashboard # name: emqx-dashboard
patch: # patch:
- op: add # - op: add
path: /spec/ingressClassName # path: /spec/ingressClassName
value: traefik # value: traefik

9
cluster/apps/home-automation/frigate/helm-release.yaml
View File

@@ -95,10 +95,13 @@ spec:
ingress: ingress:
main: main:
enabled: true enabled: true
ingressClassName: "traefik" # ingressClassName: "traefik"
annotations: annotations:
traefik.ingress.kubernetes.io/router.entrypoints: "websecure" kubernetes.io/ingress.class: "nginx"
traefik.ingress.kubernetes.io/router.middlewares: networking-forward-auth@kubernetescrd nginx.ingress.kubernetes.io/auth-url: "http://authelia.networking.svc.cluster.local/api/verify"
nginx.ingress.kubernetes.io/auth-signin: "https://login.${SECRET_CLUSTER_DOMAIN}"
# traefik.ingress.kubernetes.io/router.entrypoints: "websecure"
# traefik.ingress.kubernetes.io/router.middlewares: networking-forward-auth@kubernetescrd
hosts: hosts:
- host: "frigate.${SECRET_CLUSTER_DOMAIN}" - host: "frigate.${SECRET_CLUSTER_DOMAIN}"
paths: paths:

14
cluster/apps/home-automation/home-assistant/helm-release.yaml
View File

@@ -47,9 +47,10 @@ spec:
ingress: ingress:
main: main:
enabled: true enabled: true
ingressClassName: "traefik" # ingressClassName: "traefik"
annotations: annotations:
traefik.ingress.kubernetes.io/router.entrypoints: "websecure" kubernetes.io/ingress.class: "nginx"
# traefik.ingress.kubernetes.io/router.entrypoints: "websecure"
hosts: hosts:
- host: "hass.${SECRET_CLUSTER_DOMAIN}" - host: "hass.${SECRET_CLUSTER_DOMAIN}"
paths: paths:
@@ -101,10 +102,13 @@ spec:
- "/config/.vscode" - "/config/.vscode"
ingress: ingress:
enabled: true enabled: true
ingressClassName: "traefik" # ingressClassName: "traefik"
annotations: annotations:
traefik.ingress.kubernetes.io/router.entrypoints: "websecure" kubernetes.io/ingress.class: "nginx"
traefik.ingress.kubernetes.io/router.middlewares: networking-forward-auth@kubernetescrd nginx.ingress.kubernetes.io/auth-url: "http://authelia.networking.svc.cluster.local/api/verify"
nginx.ingress.kubernetes.io/auth-signin: "https://login.${SECRET_CLUSTER_DOMAIN}"
# traefik.ingress.kubernetes.io/router.entrypoints: "websecure"
# traefik.ingress.kubernetes.io/router.middlewares: networking-forward-auth@kubernetescrd
hosts: hosts:
- host: "hass-config.${SECRET_CLUSTER_DOMAIN}" - host: "hass-config.${SECRET_CLUSTER_DOMAIN}"
paths: paths:

9
cluster/apps/home-automation/zigbee2mqtt/helm-release.yaml
View File

@@ -73,10 +73,13 @@ spec:
ingress: ingress:
main: main:
enabled: true enabled: true
ingressClassName: "traefik" # ingressClassName: "traefik"
annotations: annotations:
traefik.ingress.kubernetes.io/router.entrypoints: "websecure" kubernetes.io/ingress.class: "nginx"
traefik.ingress.kubernetes.io/router.middlewares: networking-forward-auth@kubernetescrd nginx.ingress.kubernetes.io/auth-url: "http://authelia.networking.svc.cluster.local/api/verify"
nginx.ingress.kubernetes.io/auth-signin: "https://login.${SECRET_CLUSTER_DOMAIN}"
# traefik.ingress.kubernetes.io/router.entrypoints: "websecure"
# traefik.ingress.kubernetes.io/router.middlewares: networking-forward-auth@kubernetescrd
hosts: hosts:
- host: "zigbee.${SECRET_CLUSTER_DOMAIN}" - host: "zigbee.${SECRET_CLUSTER_DOMAIN}"
paths: paths:

9
cluster/apps/home-automation/zwavejs2mqtt/helm-release.yaml
View File

@@ -37,10 +37,13 @@ spec:
ingress: ingress:
main: main:
enabled: true enabled: true
ingressClassName: "traefik" # ingressClassName: "traefik"
annotations: annotations:
traefik.ingress.kubernetes.io/router.entrypoints: "websecure" kubernetes.io/ingress.class: "nginx"
traefik.ingress.kubernetes.io/router.middlewares: networking-forward-auth@kubernetescrd nginx.ingress.kubernetes.io/auth-url: "http://authelia.networking.svc.cluster.local/api/verify"
nginx.ingress.kubernetes.io/auth-signin: "https://login.${SECRET_CLUSTER_DOMAIN}"
# traefik.ingress.kubernetes.io/router.entrypoints: "websecure"
# traefik.ingress.kubernetes.io/router.middlewares: networking-forward-auth@kubernetescrd
hosts: hosts:
- host: zwave.${SECRET_CLUSTER_DOMAIN} - host: zwave.${SECRET_CLUSTER_DOMAIN}
paths: paths:

23
cluster/apps/kasten-io/k10/helm-release.yaml
View File

@@ -33,17 +33,18 @@ spec:
create: true create: true
host: "k10.${SECRET_CLUSTER_DOMAIN}" host: "k10.${SECRET_CLUSTER_DOMAIN}"
annotations: annotations:
traefik.ingress.kubernetes.io/router.entrypoints: "websecure" kubernetes.io/ingress.class: "nginx"
# traefik.ingress.kubernetes.io/router.entrypoints: "websecure"
urlPath: k10 urlPath: k10
hosts: hosts:
- "k10.${SECRET_CLUSTER_DOMAIN}" - "k10.${SECRET_CLUSTER_DOMAIN}"
postRenderers: # postRenderers:
- kustomize: # - kustomize:
patchesJson6902: # patchesJson6902:
- target: # - target:
kind: Ingress # kind: Ingress
name: k10-ingress # name: k10-ingress
patch: # patch:
- op: add # - op: add
path: /spec/ingressClassName # path: /spec/ingressClassName
value: traefik # value: traefik

13
cluster/apps/media/bazarr/helm-release.yaml
View File

@@ -48,10 +48,17 @@ spec:
ingress: ingress:
main: main:
enabled: true enabled: true
ingressClassName: "traefik" # ingressClassName: "traefik"
annotations: annotations:
traefik.ingress.kubernetes.io/router.entrypoints: "websecure" kubernetes.io/ingress.class: "nginx"
traefik.ingress.kubernetes.io/router.middlewares: networking-forward-auth@kubernetescrd, networking-buffering-small@kubernetescrd nginx.ingress.kubernetes.io/auth-url: "http://authelia.networking.svc.cluster.local/api/verify"
nginx.ingress.kubernetes.io/auth-signin: "https://login.${SECRET_CLUSTER_DOMAIN}"
nginx.ingress.kubernetes.io/configuration-snippet: |
proxy_set_header Accept-Encoding "";
sub_filter '</head>' '<link rel="stylesheet" type="text/css" href="https://gilbn.github.io/theme.park/CSS/themes/bazarr/space-gray.css"></head>';
sub_filter_once on;
# traefik.ingress.kubernetes.io/router.entrypoints: "websecure"
# traefik.ingress.kubernetes.io/router.middlewares: networking-forward-auth@kubernetescrd, networking-buffering-small@kubernetescrd
hosts: hosts:
- host: "bazarr.${SECRET_CLUSTER_DOMAIN}" - host: "bazarr.${SECRET_CLUSTER_DOMAIN}"
paths: paths:

13
cluster/apps/media/flood/helm-release.yaml
View File

@@ -48,10 +48,17 @@ spec:
ingress: ingress:
main: main:
enabled: true enabled: true
ingressClassName: "traefik" # ingressClassName: "traefik"
annotations: annotations:
traefik.ingress.kubernetes.io/router.entrypoints: "websecure" kubernetes.io/ingress.class: "nginx"
traefik.ingress.kubernetes.io/router.middlewares: networking-forward-auth@kubernetescrd nginx.ingress.kubernetes.io/auth-url: "http://authelia.networking.svc.cluster.local/api/verify"
nginx.ingress.kubernetes.io/auth-signin: "https://login.${SECRET_CLUSTER_DOMAIN}"
nginx.ingress.kubernetes.io/configuration-snippet: |
proxy_set_header Accept-Encoding "";
sub_filter '</head>' '<link rel="stylesheet" type="text/css" href="https://gilbn.github.io/theme.park/CSS/themes/flood/space-gray.css"></head>';
sub_filter_once on;
# traefik.ingress.kubernetes.io/router.entrypoints: "websecure"
# traefik.ingress.kubernetes.io/router.middlewares: networking-forward-auth@kubernetescrd
hosts: hosts:
- host: flood.${SECRET_CLUSTER_DOMAIN} - host: flood.${SECRET_CLUSTER_DOMAIN}
paths: paths:

5
cluster/apps/media/jellyfin/helm-release.yaml
View File

@@ -48,9 +48,10 @@ spec:
ingress: ingress:
main: main:
enabled: true enabled: true
ingressClassName: "traefik" # ingressClassName: "traefik"
annotations: annotations:
traefik.ingress.kubernetes.io/router.entrypoints: "websecure" kubernetes.io/ingress.class: "nginx"
# traefik.ingress.kubernetes.io/router.entrypoints: "websecure"
hosts: hosts:
- host: "jellyfin.${SECRET_CLUSTER_DOMAIN}" - host: "jellyfin.${SECRET_CLUSTER_DOMAIN}"
paths: paths:

18
cluster/apps/media/lidarr/helm-release.yaml
View File

@@ -56,10 +56,17 @@ spec:
ingress: ingress:
main: main:
enabled: true enabled: true
ingressClassName: "traefik" # ingressClassName: "traefik"
annotations: annotations:
traefik.ingress.kubernetes.io/router.entrypoints: "websecure" kubernetes.io/ingress.class: "nginx"
traefik.ingress.kubernetes.io/router.middlewares: networking-forward-auth@kubernetescrd, networking-buffering-small@kubernetescrd nginx.ingress.kubernetes.io/auth-url: "http://authelia.networking.svc.cluster.local/api/verify"
nginx.ingress.kubernetes.io/auth-signin: "https://login.${SECRET_CLUSTER_DOMAIN}"
nginx.ingress.kubernetes.io/configuration-snippet: |
proxy_set_header Accept-Encoding "";
sub_filter '</head>' '<link rel="stylesheet" type="text/css" href="https://gilbn.github.io/theme.park/CSS/themes/lidarr/space-gray.css"></head>';
sub_filter_once on;
# traefik.ingress.kubernetes.io/router.entrypoints: "websecure"
# traefik.ingress.kubernetes.io/router.middlewares: networking-forward-auth@kubernetescrd, networking-buffering-small@kubernetescrd
hosts: hosts:
- host: "lidarr.${SECRET_CLUSTER_DOMAIN}" - host: "lidarr.${SECRET_CLUSTER_DOMAIN}"
paths: paths:
@@ -70,9 +77,10 @@ spec:
- "lidarr.${SECRET_CLUSTER_DOMAIN}" - "lidarr.${SECRET_CLUSTER_DOMAIN}"
api: api:
enabled: true enabled: true
ingressClassName: "traefik" # ingressClassName: "traefik"
annotations: annotations:
traefik.ingress.kubernetes.io/router.entrypoints: "websecure" kubernetes.io/ingress.class: "nginx"
# traefik.ingress.kubernetes.io/router.entrypoints: "websecure"
hosts: hosts:
- host: "lidarr.${SECRET_CLUSTER_DOMAIN}" - host: "lidarr.${SECRET_CLUSTER_DOMAIN}"
paths: paths:

5
cluster/apps/media/lychee/helm-release.yaml
View File

@@ -51,8 +51,9 @@ spec:
ingress: ingress:
main: main:
enabled: true enabled: true
ingressClassName: "nginx" # ingressClassName: "traefik"
# annotations: annotations:
kubernetes.io/ingress.class: "nginx"
# traefik.ingress.kubernetes.io/router.entrypoints: "websecure" # traefik.ingress.kubernetes.io/router.entrypoints: "websecure"
hosts: hosts:
- host: "lychee.${SECRET_CLUSTER_DOMAIN}" - host: "lychee.${SECRET_CLUSTER_DOMAIN}"

5
cluster/apps/media/navidrome/helm-release.yaml
View File

@@ -48,9 +48,10 @@ spec:
ingress: ingress:
main: main:
enabled: true enabled: true
ingressClassName: "traefik" # ingressClassName: "traefik"
annotations: annotations:
traefik.ingress.kubernetes.io/router.entrypoints: "websecure" kubernetes.io/ingress.class: "nginx"
# traefik.ingress.kubernetes.io/router.entrypoints: "websecure"
hosts: hosts:
- host: "navidrome.${SECRET_CLUSTER_DOMAIN}" - host: "navidrome.${SECRET_CLUSTER_DOMAIN}"
paths: paths:

13
cluster/apps/media/prowlarr/helm-release.yaml
View File

@@ -39,10 +39,17 @@ spec:
ingress: ingress:
main: main:
enabled: true enabled: true
ingressClassName: "traefik" # ingressClassName: "traefik"
annotations: annotations:
traefik.ingress.kubernetes.io/router.entrypoints: "websecure" kubernetes.io/ingress.class: "nginx"
traefik.ingress.kubernetes.io/router.middlewares: networking-forward-auth@kubernetescrd, networking-buffering-small@kubernetescrd nginx.ingress.kubernetes.io/auth-url: "http://authelia.networking.svc.cluster.local/api/verify"
nginx.ingress.kubernetes.io/auth-signin: "https://login.${SECRET_CLUSTER_DOMAIN}"
nginx.ingress.kubernetes.io/configuration-snippet: |
proxy_set_header Accept-Encoding "";
sub_filter '</head>' '<link rel="stylesheet" type="text/css" href="https://gilbn.github.io/theme.park/CSS/themes/prowlarr/space-gray.css"></head>';
sub_filter_once on;
# traefik.ingress.kubernetes.io/router.entrypoints: "websecure"
# traefik.ingress.kubernetes.io/router.middlewares: networking-forward-auth@kubernetescrd, networking-buffering-small@kubernetescrd
hosts: hosts:
- host: "prowlarr.${SECRET_CLUSTER_DOMAIN}" - host: "prowlarr.${SECRET_CLUSTER_DOMAIN}"
paths: paths:

7
cluster/apps/media/pyload/helm-release.yaml
View File

@@ -43,9 +43,12 @@ spec:
ingress: ingress:
main: main:
enabled: true enabled: true
ingressClassName: "traefik" # ingressClassName: "traefik"
annotations: annotations:
traefik.ingress.kubernetes.io/router.entrypoints: "websecure" kubernetes.io/ingress.class: "nginx"
nginx.ingress.kubernetes.io/auth-url: "http://authelia.networking.svc.cluster.local/api/verify"
nginx.ingress.kubernetes.io/auth-signin: "https://login.${SECRET_CLUSTER_DOMAIN}"
# traefik.ingress.kubernetes.io/router.entrypoints: "websecure"
hosts: hosts:
- host: "pyload.${SECRET_CLUSTER_DOMAIN}" - host: "pyload.${SECRET_CLUSTER_DOMAIN}"
paths: paths:

9
cluster/apps/media/qbittorrent/helm-release.yaml
View File

@@ -63,9 +63,14 @@ spec:
ingress: ingress:
main: main:
enabled: true enabled: true
ingressClassName: "traefik" # ingressClassName: "traefik"
annotations: annotations:
traefik.ingress.kubernetes.io/router.entrypoints: "websecure" kubernetes.io/ingress.class: "nginx"
nginx.ingress.kubernetes.io/configuration-snippet: |
proxy_set_header Accept-Encoding "";
sub_filter '</head>' '<link rel="stylesheet" type="text/css" href="https://gilbn.github.io/theme.park/CSS/themes/qbittorrent/space-gray.css"></head>';
sub_filter_once on;
# traefik.ingress.kubernetes.io/router.entrypoints: "websecure"
hosts: hosts:
- host: "qbittorrent.${SECRET_CLUSTER_DOMAIN}" - host: "qbittorrent.${SECRET_CLUSTER_DOMAIN}"
paths: paths:

18
cluster/apps/media/radarr/helm-release.yaml
View File

@@ -53,10 +53,17 @@ spec:
ingress: ingress:
main: main:
enabled: true enabled: true
ingressClassName: "traefik" # ingressClassName: "traefik"
annotations: annotations:
traefik.ingress.kubernetes.io/router.entrypoints: "websecure" kubernetes.io/ingress.class: "nginx"
traefik.ingress.kubernetes.io/router.middlewares: networking-forward-auth@kubernetescrd, networking-buffering-small@kubernetescrd nginx.ingress.kubernetes.io/auth-url: "http://authelia.networking.svc.cluster.local/api/verify"
nginx.ingress.kubernetes.io/auth-signin: "https://login.${SECRET_CLUSTER_DOMAIN}"
nginx.ingress.kubernetes.io/configuration-snippet: |
proxy_set_header Accept-Encoding "";
sub_filter '</head>' '<link rel="stylesheet" type="text/css" href="https://gilbn.github.io/theme.park/CSS/themes/radarr/space-gray.css"></head>';
sub_filter_once on;
# traefik.ingress.kubernetes.io/router.entrypoints: "websecure"
# traefik.ingress.kubernetes.io/router.middlewares: networking-forward-auth@kubernetescrd, networking-buffering-small@kubernetescrd
hosts: hosts:
- host: "radarr.${SECRET_CLUSTER_DOMAIN}" - host: "radarr.${SECRET_CLUSTER_DOMAIN}"
paths: paths:
@@ -67,9 +74,10 @@ spec:
- "radarr.${SECRET_CLUSTER_DOMAIN}" - "radarr.${SECRET_CLUSTER_DOMAIN}"
api: api:
enabled: true enabled: true
ingressClassName: "traefik" # ingressClassName: "traefik"
annotations: annotations:
traefik.ingress.kubernetes.io/router.entrypoints: "websecure" kubernetes.io/ingress.class: "nginx"
# traefik.ingress.kubernetes.io/router.entrypoints: "websecure"
hosts: hosts:
- host: "radarr.${SECRET_CLUSTER_DOMAIN}" - host: "radarr.${SECRET_CLUSTER_DOMAIN}"
paths: paths:

18
cluster/apps/media/readarr/helm-release.yaml
View File

@@ -48,10 +48,17 @@ spec:
ingress: ingress:
main: main:
enabled: true enabled: true
ingressClassName: "traefik" # ingressClassName: "traefik"
annotations: annotations:
traefik.ingress.kubernetes.io/router.entrypoints: "websecure" kubernetes.io/ingress.class: "nginx"
traefik.ingress.kubernetes.io/router.middlewares: networking-forward-auth@kubernetescrd, networking-buffering-small@kubernetescrd nginx.ingress.kubernetes.io/auth-url: "http://authelia.networking.svc.cluster.local/api/verify"
nginx.ingress.kubernetes.io/auth-signin: "https://login.${SECRET_CLUSTER_DOMAIN}"
nginx.ingress.kubernetes.io/configuration-snippet: |
proxy_set_header Accept-Encoding "";
sub_filter '</head>' '<link rel="stylesheet" type="text/css" href="https://gilbn.github.io/theme.park/CSS/themes/readarr/space-gray.css"></head>';
sub_filter_once on;
# traefik.ingress.kubernetes.io/router.entrypoints: "websecure"
# traefik.ingress.kubernetes.io/router.middlewares: networking-forward-auth@kubernetescrd, networking-buffering-small@kubernetescrd
hosts: hosts:
- host: "readarr.${SECRET_CLUSTER_DOMAIN}" - host: "readarr.${SECRET_CLUSTER_DOMAIN}"
paths: paths:
@@ -62,9 +69,10 @@ spec:
- "readarr.${SECRET_CLUSTER_DOMAIN}" - "readarr.${SECRET_CLUSTER_DOMAIN}"
api: api:
enabled: true enabled: true
ingressClassName: "traefik" # ingressClassName: "traefik"
annotations: annotations:
traefik.ingress.kubernetes.io/router.entrypoints: "websecure" kubernetes.io/ingress.class: "nginx"
# traefik.ingress.kubernetes.io/router.entrypoints: "websecure"
hosts: hosts:
- host: "readarr.${SECRET_CLUSTER_DOMAIN}" - host: "readarr.${SECRET_CLUSTER_DOMAIN}"
paths: paths:

18
cluster/apps/media/sabnzbd/helm-release.yaml
View File

@@ -46,10 +46,17 @@ spec:
ingress: ingress:
main: main:
enabled: true enabled: true
ingressClassName: "traefik" # ingressClassName: "traefik"
annotations: annotations:
traefik.ingress.kubernetes.io/router.entrypoints: "websecure" kubernetes.io/ingress.class: "nginx"
traefik.ingress.kubernetes.io/router.middlewares: networking-forward-auth@kubernetescrd, networking-buffering-small@kubernetescrd nginx.ingress.kubernetes.io/auth-url: "http://authelia.networking.svc.cluster.local/api/verify"
nginx.ingress.kubernetes.io/auth-signin: "https://login.${SECRET_CLUSTER_DOMAIN}"
nginx.ingress.kubernetes.io/configuration-snippet: |
proxy_set_header Accept-Encoding "";
sub_filter '</head>' '<link rel="stylesheet" type="text/css" href="https://gilbn.github.io/theme.park/CSS/themes/sabnzbd/space-gray.css"></head>';
sub_filter_once on;
# traefik.ingress.kubernetes.io/router.entrypoints: "websecure"
# traefik.ingress.kubernetes.io/router.middlewares: networking-forward-auth@kubernetescrd, networking-buffering-small@kubernetescrd
hosts: hosts:
- host: "sabnzbd.${SECRET_CLUSTER_DOMAIN}" - host: "sabnzbd.${SECRET_CLUSTER_DOMAIN}"
paths: paths:
@@ -60,10 +67,11 @@ spec:
- "sabnzbd.${SECRET_CLUSTER_DOMAIN}" - "sabnzbd.${SECRET_CLUSTER_DOMAIN}"
api: api:
enabled: true enabled: true
ingressClassName: "traefik" # ingressClassName: "traefik"
nameSuffix: "api" nameSuffix: "api"
annotations: annotations:
traefik.ingress.kubernetes.io/router.entrypoints: "websecure" kubernetes.io/ingress.class: "nginx"
# traefik.ingress.kubernetes.io/router.entrypoints: "websecure"
hosts: hosts:
- host: "sabnzbd.${SECRET_CLUSTER_DOMAIN}" - host: "sabnzbd.${SECRET_CLUSTER_DOMAIN}"
paths: paths:

18
cluster/apps/media/sonarr/helm-release.yaml
View File

@@ -51,10 +51,17 @@ spec:
ingress: ingress:
main: main:
enabled: true enabled: true
ingressClassName: "traefik" # ingressClassName: "traefik"
annotations: annotations:
traefik.ingress.kubernetes.io/router.entrypoints: "websecure" kubernetes.io/ingress.class: "nginx"
traefik.ingress.kubernetes.io/router.middlewares: networking-forward-auth@kubernetescrd, networking-buffering-small@kubernetescrd nginx.ingress.kubernetes.io/auth-url: "http://authelia.networking.svc.cluster.local/api/verify"
nginx.ingress.kubernetes.io/auth-signin: "https://login.${SECRET_CLUSTER_DOMAIN}"
nginx.ingress.kubernetes.io/configuration-snippet: |
proxy_set_header Accept-Encoding "";
sub_filter '</head>' '<link rel="stylesheet" type="text/css" href="https://gilbn.github.io/theme.park/CSS/themes/sonarr/space-gray.css"></head>';
sub_filter_once on;
# traefik.ingress.kubernetes.io/router.entrypoints: "websecure"
# traefik.ingress.kubernetes.io/router.middlewares: networking-forward-auth@kubernetescrd, networking-buffering-small@kubernetescrd
hosts: hosts:
- host: "sonarr.${SECRET_CLUSTER_DOMAIN}" - host: "sonarr.${SECRET_CLUSTER_DOMAIN}"
paths: paths:
@@ -65,9 +72,10 @@ spec:
- "sonarr.${SECRET_CLUSTER_DOMAIN}" - "sonarr.${SECRET_CLUSTER_DOMAIN}"
api: api:
enabled: true enabled: true
ingressClassName: "traefik" # ingressClassName: "traefik"
annotations: annotations:
traefik.ingress.kubernetes.io/router.entrypoints: "websecure" kubernetes.io/ingress.class: "nginx"
# traefik.ingress.kubernetes.io/router.entrypoints: "websecure"
hosts: hosts:
- host: "sonarr.${SECRET_CLUSTER_DOMAIN}" - host: "sonarr.${SECRET_CLUSTER_DOMAIN}"
paths: paths:

9
cluster/apps/media/tdarr/helm-release.yaml
View File

@@ -62,10 +62,13 @@ spec:
ingress: ingress:
main: main:
enabled: true enabled: true
ingressClassName: "traefik" # ingressClassName: "traefik"
annotations: annotations:
traefik.ingress.kubernetes.io/router.entrypoints: "websecure" kubernetes.io/ingress.class: "nginx"
traefik.ingress.kubernetes.io/router.middlewares: networking-forward-auth@kubernetescrd nginx.ingress.kubernetes.io/auth-url: "http://authelia.networking.svc.cluster.local/api/verify"
nginx.ingress.kubernetes.io/auth-signin: "https://login.${SECRET_CLUSTER_DOMAIN}"
# traefik.ingress.kubernetes.io/router.entrypoints: "websecure"
# traefik.ingress.kubernetes.io/router.middlewares: networking-forward-auth@kubernetescrd
hosts: hosts:
- host: "tdarr.${SECRET_CLUSTER_DOMAIN}" - host: "tdarr.${SECRET_CLUSTER_DOMAIN}"
paths: paths:

9
cluster/apps/media/travelstories/deployment.yaml
View File

@@ -75,15 +75,18 @@ apiVersion: networking.k8s.io/v1
kind: Ingress kind: Ingress
metadata: metadata:
annotations: annotations:
traefik.ingress.kubernetes.io/router.entrypoints: "websecure" kubernetes.io/ingress.class: "nginx"
traefik.ingress.kubernetes.io/router.middlewares: networking-forward-auth@kubernetescrd, networking-buffering-small@kubernetescrd nginx.ingress.kubernetes.io/auth-url: "http://authelia.networking.svc.cluster.local/api/verify"
nginx.ingress.kubernetes.io/auth-signin: "https://login.${SECRET_CLUSTER_DOMAIN}"
# traefik.ingress.kubernetes.io/router.entrypoints: "websecure"
# traefik.ingress.kubernetes.io/router.middlewares: networking-forward-auth@kubernetescrd, networking-buffering-small@kubernetescrd
labels: labels:
app.kubernetes.io/instance: travelstories app.kubernetes.io/instance: travelstories
app.kubernetes.io/name: travelstories app.kubernetes.io/name: travelstories
name: travelstories name: travelstories
namespace: media namespace: media
spec: spec:
ingressClassName: "traefik" # ingressClassName: "traefik"
rules: rules:
- host: "travelstories.${SECRET_CLUSTER_DOMAIN}" - host: "travelstories.${SECRET_CLUSTER_DOMAIN}"
http: http:

27
cluster/apps/monitoring/blackbox-exporter/helm-release.yaml
View File

@@ -91,8 +91,11 @@ spec:
ingress: ingress:
enabled: true enabled: true
annotations: annotations:
traefik.ingress.kubernetes.io/router.entrypoints: "websecure" kubernetes.io/ingress.class: "nginx"
traefik.ingress.kubernetes.io/router.middlewares: networking-forward-auth@kubernetescrd nginx.ingress.kubernetes.io/auth-url: "http://authelia.networking.svc.cluster.local/api/verify"
nginx.ingress.kubernetes.io/auth-signin: "https://login.${SECRET_CLUSTER_DOMAIN}"
# traefik.ingress.kubernetes.io/router.entrypoints: "websecure"
# traefik.ingress.kubernetes.io/router.middlewares: networking-forward-auth@kubernetescrd
hosts: hosts:
- host: "blackbox.${SECRET_CLUSTER_DOMAIN}" - host: "blackbox.${SECRET_CLUSTER_DOMAIN}"
paths: paths:
@@ -103,13 +106,13 @@ spec:
- "blackbox.${SECRET_CLUSTER_DOMAIN}" - "blackbox.${SECRET_CLUSTER_DOMAIN}"
secretName: "${SECRET_CLUSTER_CERTIFICATE_DEFAULT}" secretName: "${SECRET_CLUSTER_CERTIFICATE_DEFAULT}"
postRenderers: # postRenderers:
- kustomize: # - kustomize:
patchesJson6902: # patchesJson6902:
- target: # - target:
kind: Ingress # kind: Ingress
name: blackbox-exporter-prometheus-blackbox-exporter # name: blackbox-exporter-prometheus-blackbox-exporter
patch: # patch:
- op: add # - op: add
path: /spec/ingressClassName # path: /spec/ingressClassName
value: traefik # value: traefik

7
cluster/apps/monitoring/healthchecks/helm-release.yaml
View File

@@ -54,9 +54,12 @@ spec:
ingress: ingress:
main: main:
enabled: true enabled: true
ingressClassName: "traefik" # ingressClassName: "traefik"
annotations: annotations:
traefik.ingress.kubernetes.io/router.entrypoints: "websecure" kubernetes.io/ingress.class: "nginx"
nginx.ingress.kubernetes.io/auth-url: "http://authelia.networking.svc.cluster.local/api/verify"
nginx.ingress.kubernetes.io/auth-signin: "https://login.${SECRET_CLUSTER_DOMAIN}"
# traefik.ingress.kubernetes.io/router.entrypoints: "websecure"
hosts: hosts:
- host: "healthchecks.${SECRET_CLUSTER_DOMAIN}" - host: "healthchecks.${SECRET_CLUSTER_DOMAIN}"
paths: paths:

23
cluster/apps/monitoring/kube-prometheus-stack/helm-release.yaml
View File

@@ -32,10 +32,13 @@ spec:
ingress: ingress:
enabled: true enabled: true
pathType: Prefix pathType: Prefix
ingressClassName: "traefik" # ingressClassName: "traefik"
annotations: annotations:
traefik.ingress.kubernetes.io/router.entrypoints: "websecure" kubernetes.io/ingress.class: "nginx"
traefik.ingress.kubernetes.io/router.middlewares: networking-forward-auth@kubernetescrd nginx.ingress.kubernetes.io/auth-url: "http://authelia.networking.svc.cluster.local/api/verify"
nginx.ingress.kubernetes.io/auth-signin: "https://login.${SECRET_CLUSTER_DOMAIN}"
# traefik.ingress.kubernetes.io/router.entrypoints: "websecure"
# traefik.ingress.kubernetes.io/router.middlewares: networking-forward-auth@kubernetescrd
hosts: ["alert-manager.${SECRET_CLUSTER_DOMAIN}"] hosts: ["alert-manager.${SECRET_CLUSTER_DOMAIN}"]
config: config:
global: global:
@@ -194,9 +197,10 @@ spec:
ingress: ingress:
enabled: true enabled: true
pathType: Prefix pathType: Prefix
ingressClassName: "traefik" # ingressClassName: "traefik"
annotations: annotations:
traefik.ingress.kubernetes.io/router.entrypoints: "websecure" kubernetes.io/ingress.class: "nginx"
# traefik.ingress.kubernetes.io/router.entrypoints: "websecure"
hosts: ["grafana.${SECRET_CLUSTER_DOMAIN}"] hosts: ["grafana.${SECRET_CLUSTER_DOMAIN}"]
kubeEtcd: kubeEtcd:
enabled: false enabled: false
@@ -210,10 +214,13 @@ spec:
ingress: ingress:
enabled: true enabled: true
pathType: Prefix pathType: Prefix
ingressClassName: "traefik" # ingressClassName: "traefik"
annotations: annotations:
traefik.ingress.kubernetes.io/router.entrypoints: "websecure" kubernetes.io/ingress.class: "nginx"
traefik.ingress.kubernetes.io/router.middlewares: networking-forward-auth@kubernetescrd nginx.ingress.kubernetes.io/auth-url: "http://authelia.networking.svc.cluster.local/api/verify"
nginx.ingress.kubernetes.io/auth-signin: "https://login.${SECRET_CLUSTER_DOMAIN}"
# traefik.ingress.kubernetes.io/router.entrypoints: "websecure"
# traefik.ingress.kubernetes.io/router.middlewares: networking-forward-auth@kubernetescrd
hosts: ["prometheus.${SECRET_CLUSTER_DOMAIN}"] hosts: ["prometheus.${SECRET_CLUSTER_DOMAIN}"]
prometheusSpec: prometheusSpec:
replicas: 2 replicas: 2

27
cluster/apps/monitoring/thanos/helm-release.yaml
View File

@@ -29,8 +29,11 @@ spec:
enabled: true enabled: true
hostname: "thanos.${SECRET_CLUSTER_DOMAIN}" hostname: "thanos.${SECRET_CLUSTER_DOMAIN}"
annotations: annotations:
traefik.ingress.kubernetes.io/router.entrypoints: "websecure" kubernetes.io/ingress.class: "nginx"
traefik.ingress.kubernetes.io/router.middlewares: networking-forward-auth@kubernetescrd nginx.ingress.kubernetes.io/auth-url: "http://authelia.networking.svc.cluster.local/api/verify"
nginx.ingress.kubernetes.io/auth-signin: "https://login.${SECRET_CLUSTER_DOMAIN}"
# traefik.ingress.kubernetes.io/router.entrypoints: "websecure"
# traefik.ingress.kubernetes.io/router.middlewares: networking-forward-auth@kubernetescrd
tls: false tls: false
queryFrontend: queryFrontend:
enabled: false enabled: false
@@ -58,13 +61,13 @@ spec:
secret_key: "${SECRET_MINIO_SECRET_KEY}" secret_key: "${SECRET_MINIO_SECRET_KEY}"
insecure: false insecure: false
postRenderers: # postRenderers:
- kustomize: # - kustomize:
patchesJson6902: # patchesJson6902:
- target: # - target:
kind: Ingress # kind: Ingress
name: thanos-query # name: thanos-query
patch: # patch:
- op: add # - op: add
path: /spec/ingressClassName # path: /spec/ingressClassName
value: traefik # value: traefik

5
cluster/apps/monitoring/uptime-kuma/statefulset.yaml
View File

@@ -68,14 +68,15 @@ apiVersion: networking.k8s.io/v1
kind: Ingress kind: Ingress
metadata: metadata:
annotations: annotations:
traefik.ingress.kubernetes.io/router.entrypoints: "websecure" kubernetes.io/ingress.class: "nginx"
# traefik.ingress.kubernetes.io/router.entrypoints: "websecure"
labels: labels:
app.kubernetes.io/instance: uptime-kuma app.kubernetes.io/instance: uptime-kuma
app.kubernetes.io/name: uptime-kuma app.kubernetes.io/name: uptime-kuma
name: uptime-kuma name: uptime-kuma
namespace: monitoring namespace: monitoring
spec: spec:
ingressClassName: "traefik" # ingressClassName: "traefik"
rules: rules:
- host: "uptime-kuma.${SECRET_CLUSTER_DOMAIN}" - host: "uptime-kuma.${SECRET_CLUSTER_DOMAIN}"
http: http:

3
cluster/apps/networking/authelia/helm-release.yaml
View File

@@ -28,7 +28,8 @@ spec:
ingress: ingress:
enabled: true enabled: true
annotations: annotations:
traefik.ingress.kubernetes.io/router.entrypoints: "websecure" kubernetes.io/ingress.class: "nginx"
# traefik.ingress.kubernetes.io/router.entrypoints: "websecure"
subdomain: login subdomain: login
tls: tls:

5
cluster/apps/networking/authentik/helm-release.yaml
View File

@@ -23,9 +23,10 @@ spec:
ingress: ingress:
enabled: true enabled: true
ingressClassName: "traefik" # ingressClassName: "traefik"
annotations: annotations:
traefik.ingress.kubernetes.io/router.entrypoints: "websecure" kubernetes.io/ingress.class: "nginx"
# traefik.ingress.kubernetes.io/router.entrypoints: "websecure"
hosts: hosts:
- host: "id.${SECRET_CLUSTER_DOMAIN}" - host: "id.${SECRET_CLUSTER_DOMAIN}"
paths: paths:

7
cluster/apps/networking/unifi/helm-release.yaml
View File

@@ -38,10 +38,11 @@ spec:
ingress: ingress:
main: main:
enabled: true enabled: true
ingressClassName: "traefik" # ingressClassName: "traefik"
annotations: annotations:
traefik.ingress.kubernetes.io/router.entrypoints: "websecure" kubernetes.io/ingress.class: "nginx"
traefik.ingress.kubernetes.io/router.middlewares: networking-buffering-medium@kubernetescrd # traefik.ingress.kubernetes.io/router.entrypoints: "websecure"
# traefik.ingress.kubernetes.io/router.middlewares: networking-buffering-medium@kubernetescrd
hosts: hosts:
- host: "unifi.${SECRET_CLUSTER_DOMAIN}" - host: "unifi.${SECRET_CLUSTER_DOMAIN}"
paths: paths:

5
cluster/core/rook-ceph/dashboard/ingress.yaml
View File

@@ -5,12 +5,13 @@ metadata:
name: rook-ceph-mgr-dashboard name: rook-ceph-mgr-dashboard
namespace: rook-ceph namespace: rook-ceph
annotations: annotations:
traefik.ingress.kubernetes.io/router.entrypoints: "websecure" kubernetes.io/ingress.class: "nginx"
# traefik.ingress.kubernetes.io/router.entrypoints: "websecure"
labels: labels:
app.kubernetes.io/instance: rook-ceph-mgr-dashboard app.kubernetes.io/instance: rook-ceph-mgr-dashboard
app.kubernetes.io/name: rook-ceph-mgr-dashboard app.kubernetes.io/name: rook-ceph-mgr-dashboard
spec: spec:
ingressClassName: "traefik" # ingressClassName: "traefik"
rules: rules:
- host: "rook.${SECRET_CLUSTER_DOMAIN}" - host: "rook.${SECRET_CLUSTER_DOMAIN}"
http: http: