From b06e6506a8db2b3e620467bf040b12ecccd48b3b Mon Sep 17 00:00:00 2001
From: auricom <27022259+auricom@users.noreply.github.com>
Date: Sat, 25 Jun 2022 02:09:21 +0200
Subject: [PATCH] feat: external-dns ingress

---
 .../apps/data/joplin-server/helm-release.yaml  |  5 +++--
 cluster/apps/data/sharry/helm-release.yaml     |  4 ++--
 .../apps/data/vaultwarden/helm-release.yaml    |  5 +++--
 cluster/apps/data/vikunja/helm-release.yaml    |  5 +++--
 cluster/apps/data/wallabag/helm-release.yaml   |  5 +++--
 cluster/apps/media/jellyfin/helm-release.yaml  |  5 +++--
 cluster/apps/media/lychee/helm-release.yaml    |  5 +++--
 .../monitoring/healthchecks/helm-release.yaml  |  5 +++--
 .../apps/networking/authelia/helm-release.yaml | 18 ++++--------------
 9 files changed, 27 insertions(+), 30 deletions(-)

diff --git a/cluster/apps/data/joplin-server/helm-release.yaml b/cluster/apps/data/joplin-server/helm-release.yaml
index 5006d3f1f..1de3bca73 100644
--- a/cluster/apps/data/joplin-server/helm-release.yaml
+++ b/cluster/apps/data/joplin-server/helm-release.yaml
@@ -42,8 +42,9 @@ spec:
       main:
         enabled: true
         ingressClassName: "nginx"
-        # annotations:
-          # traefik.ingress.kubernetes.io/router.entrypoints: "websecure"
+        annotations:
+          external-dns.alpha.kubernetes.io/target: "services.${SECRET_CLUSTER_DOMAIN_ROOT}."
+          external-dns/is-public: "true"
         hosts:
           - host: "joplin.${SECRET_CLUSTER_DOMAIN}"
             paths:
diff --git a/cluster/apps/data/sharry/helm-release.yaml b/cluster/apps/data/sharry/helm-release.yaml
index f3a3a10ff..02604c097 100644
--- a/cluster/apps/data/sharry/helm-release.yaml
+++ b/cluster/apps/data/sharry/helm-release.yaml
@@ -116,9 +116,9 @@ spec:
         enabled: true
         ingressClassName: "nginx"
         annotations:
+          external-dns.alpha.kubernetes.io/target: "services.${SECRET_CLUSTER_DOMAIN_ROOT}."
+          external-dns/is-public: "true"
           nginx.ingress.kubernetes.io/proxy-body-size: "0"
-          # traefik.ingress.kubernetes.io/router.entrypoints: "websecure"
-          # traefik.ingress.kubernetes.io/router.middlewares: networking-buffering-large@kubernetescrd
         hosts:
           - host: "sharry.${SECRET_CLUSTER_DOMAIN}"
             paths:
diff --git a/cluster/apps/data/vaultwarden/helm-release.yaml b/cluster/apps/data/vaultwarden/helm-release.yaml
index 1589597b9..8ba533942 100644
--- a/cluster/apps/data/vaultwarden/helm-release.yaml
+++ b/cluster/apps/data/vaultwarden/helm-release.yaml
@@ -53,8 +53,9 @@ spec:
       main:
         enabled: true
         ingressClassName: "nginx"
-        # annotations:
-        # traefik.ingress.kubernetes.io/router.entrypoints: "websecure"
+        annotations:
+          external-dns.alpha.kubernetes.io/target: "services.${SECRET_CLUSTER_DOMAIN_ROOT}."
+          external-dns/is-public: "true"
         hosts:
           - host: "vaultwarden.${SECRET_CLUSTER_DOMAIN}"
             paths:
diff --git a/cluster/apps/data/vikunja/helm-release.yaml b/cluster/apps/data/vikunja/helm-release.yaml
index 48975ffc6..913eeebd2 100644
--- a/cluster/apps/data/vikunja/helm-release.yaml
+++ b/cluster/apps/data/vikunja/helm-release.yaml
@@ -43,8 +43,9 @@ spec:
       main:
         enabled: true
         ingressClassName: "nginx"
-        # annotations:
-          # traefik.ingress.kubernetes.io/router.entrypoints: "websecure"
+        annotations:
+          external-dns.alpha.kubernetes.io/target: "services.${SECRET_CLUSTER_DOMAIN_ROOT}."
+          external-dns/is-public: "true"
         hosts:
           - host: "vikunja.${SECRET_CLUSTER_DOMAIN}"
             paths:
diff --git a/cluster/apps/data/wallabag/helm-release.yaml b/cluster/apps/data/wallabag/helm-release.yaml
index 5252d9381..348d54b9a 100644
--- a/cluster/apps/data/wallabag/helm-release.yaml
+++ b/cluster/apps/data/wallabag/helm-release.yaml
@@ -64,8 +64,9 @@ spec:
       main:
         enabled: true
         ingressClassName: "nginx"
-        # annotations:
-          # traefik.ingress.kubernetes.io/router.entrypoints: "websecure"
+        annotations:
+          external-dns.alpha.kubernetes.io/target: "services.${SECRET_CLUSTER_DOMAIN_ROOT}."
+          external-dns/is-public: "true"
         hosts:
           - host: "wallabag.${SECRET_CLUSTER_DOMAIN}"
             paths:
diff --git a/cluster/apps/media/jellyfin/helm-release.yaml b/cluster/apps/media/jellyfin/helm-release.yaml
index f5b068022..8799581e5 100644
--- a/cluster/apps/media/jellyfin/helm-release.yaml
+++ b/cluster/apps/media/jellyfin/helm-release.yaml
@@ -55,8 +55,9 @@ spec:
       main:
         enabled: true
         ingressClassName: "nginx"
-        # annotations:
-        #  traefik.ingress.kubernetes.io/router.entrypoints: "websecure"
+        annotations:
+          external-dns.alpha.kubernetes.io/target: "services.${SECRET_CLUSTER_DOMAIN_ROOT}."
+          external-dns/is-public: "true"
         hosts:
           - host: "jellyfin.${SECRET_CLUSTER_DOMAIN}"
             paths:
diff --git a/cluster/apps/media/lychee/helm-release.yaml b/cluster/apps/media/lychee/helm-release.yaml
index de451b7cf..cfe47677d 100644
--- a/cluster/apps/media/lychee/helm-release.yaml
+++ b/cluster/apps/media/lychee/helm-release.yaml
@@ -54,8 +54,9 @@ spec:
       main:
         enabled: true
         ingressClassName: "nginx"
-        # annotations:
-        #   traefik.ingress.kubernetes.io/router.entrypoints: "websecure"
+        annotations:
+          external-dns.alpha.kubernetes.io/target: "services.${SECRET_CLUSTER_DOMAIN_ROOT}."
+          external-dns/is-public: "true"
         hosts:
           - host: "lychee.${SECRET_CLUSTER_DOMAIN}"
             paths:
diff --git a/cluster/apps/monitoring/healthchecks/helm-release.yaml b/cluster/apps/monitoring/healthchecks/helm-release.yaml
index 83cc990c0..acfcc1c15 100644
--- a/cluster/apps/monitoring/healthchecks/helm-release.yaml
+++ b/cluster/apps/monitoring/healthchecks/helm-release.yaml
@@ -55,8 +55,9 @@ spec:
       main:
         enabled: true
         ingressClassName: "nginx"
-        # annotations:
-          # traefik.ingress.kubernetes.io/router.entrypoints: "websecure"
+        annotations:
+          external-dns.alpha.kubernetes.io/target: "services.${SECRET_CLUSTER_DOMAIN_ROOT}."
+          external-dns/is-public: "true"
         hosts:
           - host: "healthchecks.${SECRET_CLUSTER_DOMAIN}"
             paths:
diff --git a/cluster/apps/networking/authelia/helm-release.yaml b/cluster/apps/networking/authelia/helm-release.yaml
index f04f8f9a4..8ae36e0d2 100644
--- a/cluster/apps/networking/authelia/helm-release.yaml
+++ b/cluster/apps/networking/authelia/helm-release.yaml
@@ -8,7 +8,6 @@ spec:
   interval: 5m
   chart:
     spec:
-      # renovate: registryUrl=https://charts.authelia.com
       chart: authelia
       version: 0.8.34
       sourceRef:
@@ -27,8 +26,10 @@ spec:
 
     ingress:
       enabled: true
-      # annotations:
-      # traefik.ingress.kubernetes.io/router.entrypoints: "websecure"
+      className: nginx
+      annotations:
+        external-dns.alpha.kubernetes.io/target: "services.${SECRET_CLUSTER_DOMAIN_ROOT}."
+        external-dns/is-public: "true"
       subdomain: login
 
       tls:
@@ -163,14 +164,3 @@ spec:
         key: STORAGE_ENCRYPTION_KEY
         value: "${SECRET_AUTHELIA_STORAGE_ENCRYPTION_KEY}"
         filename: STORAGE_ENCRYPTION_KEY
-
-  postRenderers:
-    - kustomize:
-        patchesJson6902:
-          - target:
-              kind: Ingress
-              name: authelia
-            patch:
-              - op: add
-                path: /spec/ingressClassName
-                value: nginx