diff --git a/internalproxy/templates/minio-ingress.yaml b/internalproxy/templates/minio-ingress.yaml index 8fdb9a7..80d9bb1 100644 --- a/internalproxy/templates/minio-ingress.yaml +++ b/internalproxy/templates/minio-ingress.yaml @@ -25,33 +25,6 @@ subsets: port: 9769 protocol: TCP -#--- -# -#apiVersion: networking.k8s.io/v1 -#kind: Ingress -#metadata: -# name: minio-ingress -# annotations: -# kubernetes.io/ingress.class: nginx -# cert-manager.io/cluster-issuer: letsencrypt-production -# nginx.ingress.kubernetes.io/whitelist-source-range: "192.168.0.0/16" -#spec: -# rules: -# - host: minio.internal.durp.info -# http: -# paths: -# - path: / -# pathType: Prefix -# backend: -# service: -# name: minio -# port: -# number: 9769 -# tls: -# - hosts: -# - minio.internal.durp.info -# secretName: minio-tls - --- apiVersion: traefik.containo.us/v1alpha1 diff --git a/internalproxy/templates/mothership-ingress.yaml b/internalproxy/templates/mothership-ingress.yaml index 072543b..0298b67 100644 --- a/internalproxy/templates/mothership-ingress.yaml +++ b/internalproxy/templates/mothership-ingress.yaml @@ -25,35 +25,74 @@ subsets: port: 8006 protocol: TCP ---- +#--- +# +#apiVersion: networking.k8s.io/v1 +#kind: Ingress +#metadata: +# name: mothership-ingress +# annotations: +# kubernetes.io/ingress.class: nginx +# cert-manager.io/cluster-issuer: letsencrypt-production +# nginx.ingress.kubernetes.io/whitelist-source-range: "192.168.0.0/16" +# nginx.ingress.kubernetes.io/backend-protocol: "HTTPS" +# nginx.ingress.kubernetes.io/proxy-buffering: "off" +# nginx.ingress.kubernetes.io/proxy-connect-timeout: "3600s" +# nginx.ingress.kubernetes.io/proxy_read_timeout: "3600s" +# nginx.ingress.kubernetes.io/proxy_send_timeout: "3600s" +# nginx.ingress.kubernetes.io/client_max_body_size: "5120m" +#spec: +# rules: +# - host: mothership.internal.durp.info +# http: +# paths: +# - path: / +# pathType: Prefix +# backend: +# service: +# name: mothership +# port: +# number: 8006 +# tls: +# - hosts: +# - mothership.internal.durp.info +# secretName: mothership-tls +# +--- -apiVersion: networking.k8s.io/v1 -kind: Ingress +apiVersion: traefik.containo.us/v1alpha1 +kind: IngressRoute metadata: name: mothership-ingress annotations: - kubernetes.io/ingress.class: nginx - cert-manager.io/cluster-issuer: letsencrypt-production - nginx.ingress.kubernetes.io/whitelist-source-range: "192.168.0.0/16" - nginx.ingress.kubernetes.io/backend-protocol: "HTTPS" - nginx.ingress.kubernetes.io/proxy-buffering: "off" - nginx.ingress.kubernetes.io/proxy-connect-timeout: "3600s" - nginx.ingress.kubernetes.io/proxy_read_timeout: "3600s" - nginx.ingress.kubernetes.io/proxy_send_timeout: "3600s" - nginx.ingress.kubernetes.io/client_max_body_size: "5120m" + cert-manager.io/cluster-issuer: letsencrypt-production spec: - rules: - - host: mothership.internal.durp.info - http: - paths: - - path: / - pathType: Prefix - backend: - service: - name: mothership - port: - number: 8006 + entryPoints: + - websecure + routes: + - match: Host(`mothership.internal.durp.info`) + middlewares: + - name: whitelist + namespace: traefik + kind: Rule + services: + - name: mothership + port: 8006 + scheme: https tls: - - hosts: - - mothership.internal.durp.info - secretName: mothership-tls + secretName: mothership-tls + +--- + +apiVersion: cert-manager.io/v1 +kind: Certificate +metadata: + name: mothership-tls +spec: + secretName: mothership-tls + issuerRef: + name: letsencrypt-production + kind: ClusterIssuer + commonName: "mothership.internal.durp.info" + dnsNames: + - "mothership.internal.durp.info" \ No newline at end of file