feat: envoy-gateway

2025-09-17 18:24:14 +02:00 · 2025-08-19 00:13:40 +02:00
parent 5b82fd7742
commit c0dde8be0a
119 changed files with 998 additions and 1563 deletions
--- a/kubernetes/apps/default/lidarr/app/helmrelease.yaml
+++ b/kubernetes/apps/default/lidarr/app/helmrelease.yaml
@@ -39,6 +39,8 @@ spec:
              TZ: "${TIMEZONE}"
              LIDARR__APP__INSTANCENAME: Lidarr
              LIDARR__SERVER__PORT: &port 8080
+              LIDARR__AUTH__METHOD: External
+              LIDARR__AUTH__REQUIRED: DisabledForLocalAddresses
              LIDARR__LOG__LEVEL: info
              PUSHOVER_APP_URL: &host "{{ .Release.Name }}.${SECRET_EXTERNAL_DOMAIN}"
              PUSHOVER_PRIORITY: "0"
@@ -59,26 +61,17 @@ spec:
        ports:
          http:
            port: *port
-    ingress:
+    route:
      app:
-        enabled: true
-        className: internal
-        annotations:
-          nginx.ingress.kubernetes.io/auth-method: GET
-          nginx.ingress.kubernetes.io/auth-url: http://authelia.default.svc.cluster.local.:8888/api/verify
-          nginx.ingress.kubernetes.io/auth-signin: https://auth.${SECRET_EXTERNAL_DOMAIN}?rm=$request_method
-          nginx.ingress.kubernetes.io/auth-response-headers: Remote-User,Remote-Name,Remote-Groups,Remote-Email
-          nginx.ingress.kubernetes.io/auth-snippet: proxy_set_header X-Forwarded-Method $request_method;
-        hosts:
-          - host: *host
-            paths:
-              - path: /
-                service:
-                  identifier: app
-                  port: http
-        tls:
-          - hosts:
-              - *host
+        hostnames: ["{{ .Release.Name }}.${SECRET_EXTERNAL_DOMAIN}"]
+        parentRefs:
+          - name: internal
+            namespace: network
+            sectionName: https
+        rules:
+          - backendRefs:
+              - name: *app
+                port: *port
    persistence:
      config:
        enabled: true