auricom-home-cluster/.archive/kubernetes/cilium/gateway/internal.yaml

---
# yaml-language-server: $schema=https://kubernetes-schemas.pages.dev/gateway.networking.k8s.io/gateway_v1.json
apiVersion: gateway.networking.k8s.io/v1
kind: Gateway
metadata:
  name: internal
  annotations:
    external-dns.alpha.kubernetes.io/target: &hostname internal.${SECRET_EXTERNAL_DOMAIN}
spec:
  gatewayClassName: cilium
  addresses:
    - type: IPAddress
      value: 192.168.169.121
  infrastructure:
    annotations:
      external-dns.alpha.kubernetes.io/hostname: *hostname
  listeners:
    - name: http
      protocol: HTTP
      port: 80
      hostname: "*.${SECRET_EXTERNAL_DOMAIN}"
      allowedRoutes:
        namespaces:
          from: Same
    - name: https
      protocol: HTTPS
      port: 443
      hostname: "*.${SECRET_EXTERNAL_DOMAIN}"
      allowedRoutes:
        namespaces:
          from: All
      tls:
        certificateRefs:
          - kind: Secret
            name: ${SECRET_EXTERNAL_DOMAIN//./-}-tls