DeveloperDurp/homelab
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Update folder location

Browse Source
This commit is contained in:
DeveloperDurp
2025-01-06 05:01:00 -06:00
parent dc324a2d8b
commit c39f20e371
170 changed files with 8461 additions and 25 deletions
Download Patch File Download Diff File Expand all files Collapse all files

46
master/internalproxy/templates/argocd.yaml Normal file
View File

@@ -0,0 +1,46 @@
#apiVersion: traefik.io/v1alpha1
#kind: IngressRoute
#metadata:
# name: argocd-ingress
# annotations:
# cert-manager.io/cluster-issuer: letsencrypt-production
#spec:
# entryPoints:
# - websecure
# routes:
# - match: Host(`argocd.internal.durp.info`)
# middlewares:
# - name: whitelist
# namespace: traefik
# kind: Rule
# services:
# - name: argocd-server
# port: 443
# scheme: https
# tls:
# secretName: argocd-tls
#
#---
#
#kind: Service
#apiVersion: v1
#metadata:
# name: argocd-server
#spec:
# type: ExternalName
# externalName: argocd-server.argocd.svc.cluster.local
#
#---
#
#apiVersion: cert-manager.io/v1
#kind: Certificate
#metadata:
# name: argocd-tls
#spec:
# secretName: argocd-tls
# issuerRef:
# name: letsencrypt-production
# kind: ClusterIssuer
# commonName: "argocd.internal.durp.info"
# dnsNames:
# - "argocd.internal.durp.info"

63
master/internalproxy/templates/blueiris.yaml Normal file
View File

@@ -0,0 +1,63 @@
apiVersion: v1
kind: Service
metadata:
name: blueiris
spec:
ports:
- name: app
port: 81
protocol: TCP
targetPort: 81
clusterIP: None
type: ClusterIP
---
apiVersion: v1
kind: Endpoints
metadata:
name: blueiris
subsets:
- addresses:
- ip: 192.168.99.2
ports:
- name: app
port: 81
protocol: TCP
---
apiVersion: traefik.containo.us/v1alpha1
kind: IngressRoute
metadata:
name: blueiris-ingress
spec:
entryPoints:
- websecure
routes:
- match: Host(`blueiris.internal.durp.info`) && PathPrefix(`/`)
middlewares:
- name: whitelist
namespace: traefik
kind: Rule
services:
- name: blueiris
port: 81
scheme: http
tls:
secretName: blueiris-tls
---
apiVersion: cert-manager.io/v1
kind: Certificate
metadata:
name: blueiris-tls
spec:
secretName: blueiris-tls
issuerRef:
name: letsencrypt-production
kind: ClusterIssuer
commonName: "blueiris.internal.durp.info"
dnsNames:
- "blueiris.internal.durp.info"

70
master/internalproxy/templates/duplicati-ingress.yaml Normal file
View File

@@ -0,0 +1,70 @@
apiVersion: v1
kind: Service
metadata:
name: duplicati
spec:
ports:
- name: app
port: 8200
protocol: TCP
targetPort: 8200
clusterIP: None
type: ClusterIP
---
apiVersion: v1
kind: Endpoints
metadata:
name: duplicati
subsets:
- addresses:
- ip: 192.168.20.253
ports:
- name: app
port: 8200
protocol: TCP
---
apiVersion: traefik.containo.us/v1alpha1
kind: IngressRoute
metadata:
name: duplicati-ingress
spec:
entryPoints:
- websecure
routes:
- match: Host(`duplicati.internal.durp.info`) && PathPrefix(`/`)
middlewares:
- name: whitelist
namespace: traefik
- name: authentik-proxy-provider
namespace: traefik
kind: Rule
services:
- name: duplicati
port: 8200
- match: Host(`duplicati.internal.durp.info`) && PathPrefix(`/outpost.goauthentik.io`)
kind: Rule
services:
- name: ak-outpost-authentik-embedded-outpost
namespace: authentik
port: 9000
tls:
secretName: duplicati-tls
---
apiVersion: cert-manager.io/v1
kind: Certificate
metadata:
name: duplicati-tls
spec:
secretName: duplicati-tls
issuerRef:
name: letsencrypt-production
kind: ClusterIssuer
commonName: "duplicati.internal.durp.info"
dnsNames:
- "duplicati.internal.durp.info"

72
master/internalproxy/templates/gitea.yaml Normal file
View File

@@ -0,0 +1,72 @@
apiVersion: v1
kind: Service
metadata:
name: gitea
spec:
ports:
- name: app
port: 3000
protocol: TCP
targetPort: 3000
clusterIP: None
type: ClusterIP
---
apiVersion: v1
kind: Endpoints
metadata:
name: gitea
subsets:
- addresses:
- ip: 192.168.20.253
ports:
- name: app
port: 3000
protocol: TCP
---
apiVersion: traefik.containo.us/v1alpha1
kind: IngressRoute
metadata:
name: gitea-ingress
spec:
entryPoints:
- websecure
routes:
- match: Host(`gitea.durp.info`) && PathPrefix(`/`)
kind: Rule
services:
- name: gitea
port: 3000
scheme: http
tls:
secretName: gitea-tls
---
apiVersion: cert-manager.io/v1
kind: Certificate
metadata:
name: gitea-tls
spec:
secretName: gitea-tls
issuerRef:
name: letsencrypt-production
kind: ClusterIssuer
commonName: "gitea.durp.info"
dnsNames:
- "gitea.durp.info"
---
kind: Service
apiVersion: v1
metadata:
name: gitea-external-dns
annotations:
external-dns.alpha.kubernetes.io/hostname: gitea.durp.info
spec:
type: ExternalName
externalName: durp.info

72
master/internalproxy/templates/jellyfin.yaml Normal file
View File

@@ -0,0 +1,72 @@
apiVersion: v1
kind: Service
metadata:
name: jellyfin
spec:
ports:
- name: app
port: 8096
protocol: TCP
targetPort: 8096
clusterIP: None
type: ClusterIP
---
apiVersion: v1
kind: Endpoints
metadata:
name: jellyfin
subsets:
- addresses:
- ip: 192.168.20.253
ports:
- name: app
port: 8096
protocol: TCP
---
apiVersion: traefik.containo.us/v1alpha1
kind: IngressRoute
metadata:
name: jellyfin-ingress
spec:
entryPoints:
- websecure
routes:
- match: Host(`jellyfin.durp.info`) && PathPrefix(`/`)
kind: Rule
services:
- name: jellyfin
port: 8096
scheme: http
tls:
secretName: jellyfin-tls
---
apiVersion: cert-manager.io/v1
kind: Certificate
metadata:
name: jellyfin-tls
spec:
secretName: jellyfin-tls
issuerRef:
name: letsencrypt-production
kind: ClusterIssuer
commonName: "jellyfin.durp.info"
dnsNames:
- "jellyfin.durp.info"
---
kind: Service
apiVersion: v1
metadata:
name: jellyfin-external-dns
annotations:
external-dns.alpha.kubernetes.io/hostname: jellyfin.durp.info
spec:
type: ExternalName
externalName: durp.info

72
master/internalproxy/templates/kasm.yaml Normal file
View File

@@ -0,0 +1,72 @@
apiVersion: v1
kind: Service
metadata:
name: kasm
spec:
ports:
- name: app
port: 443
protocol: TCP
targetPort: 443
clusterIP: None
type: ClusterIP
---
apiVersion: v1
kind: Endpoints
metadata:
name: kasm
subsets:
- addresses:
- ip: 192.168.20.104
ports:
- name: app
port: 443
protocol: TCP
---
apiVersion: traefik.containo.us/v1alpha1
kind: IngressRoute
metadata:
name: kasm-ingress
spec:
entryPoints:
- websecure
routes:
- match: Host(`kasm.durp.info`) && PathPrefix(`/`)
kind: Rule
services:
- name: kasm
port: 443
scheme: https
tls:
secretName: kasm-tls
---
apiVersion: cert-manager.io/v1
kind: Certificate
metadata:
name: kasm-tls
spec:
secretName: kasm-tls
issuerRef:
name: letsencrypt-production
kind: ClusterIssuer
commonName: "kasm.durp.info"
dnsNames:
- "kasm.durp.info"
---
kind: Service
apiVersion: v1
metadata:
name: kasm-external-dns
annotations:
external-dns.alpha.kubernetes.io/hostname: kasm.durp.info
spec:
type: ExternalName
externalName: durp.info

63
master/internalproxy/templates/minio.yaml Normal file
View File

@@ -0,0 +1,63 @@
apiVersion: v1
kind: Service
metadata:
name: minio
spec:
ports:
- name: app
port: 9769
protocol: TCP
targetPort: 9769
clusterIP: None
type: ClusterIP
---
apiVersion: v1
kind: Endpoints
metadata:
name: minio
subsets:
- addresses:
- ip: 192.168.20.253
ports:
- name: app
port: 9769
protocol: TCP
---
apiVersion: traefik.containo.us/v1alpha1
kind: IngressRoute
metadata:
name: minio-ingress
spec:
entryPoints:
- websecure
routes:
- match: Host(`minio.internal.durp.info`) && PathPrefix(`/`)
middlewares:
- name: whitelist
namespace: traefik
kind: Rule
services:
- name: minio
port: 9769
scheme: http
tls:
secretName: minio-tls
---
apiVersion: cert-manager.io/v1
kind: Certificate
metadata:
name: minio-tls
spec:
secretName: minio-tls
issuerRef:
name: letsencrypt-production
kind: ClusterIssuer
commonName: "minio.internal.durp.info"
dnsNames:
- "minio.internal.durp.info"

71
master/internalproxy/templates/nexus.yaml Normal file
View File

@@ -0,0 +1,71 @@
apiVersion: v1
kind: Service
metadata:
name: nexus
spec:
ports:
- name: app
port: 8081
protocol: TCP
targetPort: 8081
clusterIP: None
type: ClusterIP
---
apiVersion: v1
kind: Endpoints
metadata:
name: nexus
subsets:
- addresses:
- ip: 192.168.20.253
ports:
- name: app
port: 8081
protocol: TCP
---
apiVersion: traefik.containo.us/v1alpha1
kind: IngressRoute
metadata:
name: nexus-ingress
spec:
entryPoints:
- websecure
routes:
- match: Host(`nexus.durp.info`) && PathPrefix(`/`)
kind: Rule
services:
- name: nexus
port: 8081
tls:
secretName: nexus-tls
---
apiVersion: cert-manager.io/v1
kind: Certificate
metadata:
name: nexus-tls
spec:
secretName: nexus-tls
issuerRef:
name: letsencrypt-production
kind: ClusterIssuer
commonName: "nexus.durp.info"
dnsNames:
- "nexus.durp.info"
---
kind: Service
apiVersion: v1
metadata:
name: nexus-external-dns
annotations:
external-dns.alpha.kubernetes.io/hostname: nexus.durp.info
spec:
type: ExternalName
externalName: durp.info

63
master/internalproxy/templates/octopus.yaml Normal file
View File

@@ -0,0 +1,63 @@
apiVersion: v1
kind: Service
metadata:
name: octopus
spec:
ports:
- name: app
port: 443
protocol: TCP
targetPort: 443
clusterIP: None
type: ClusterIP
---
apiVersion: v1
kind: Endpoints
metadata:
name: octopus
subsets:
- addresses:
- ip: 192.168.20.105
ports:
- name: app
port: 443
protocol: TCP
---
apiVersion: traefik.containo.us/v1alpha1
kind: IngressRoute
metadata:
name: octopus-ingress
spec:
entryPoints:
- websecure
routes:
- match: Host(`octopus.internal.durp.info`) && PathPrefix(`/`)
middlewares:
- name: whitelist
namespace: traefik
kind: Rule
services:
- name: octopus
port: 443
scheme: https
tls:
secretName: octopus-tls
---
apiVersion: cert-manager.io/v1
kind: Certificate
metadata:
name: octopus-tls
spec:
secretName: octopus-tls
issuerRef:
name: letsencrypt-production
kind: ClusterIssuer
commonName: "octopus.internal.durp.info"
dnsNames:
- "octopus.internal.durp.info"

102
master/internalproxy/templates/ollama.yaml Normal file
View File

@@ -0,0 +1,102 @@
apiVersion: external-secrets.io/v1beta1
kind: ExternalSecret
metadata:
name: ollama-secret
spec:
secretStoreRef:
name: vault
kind: ClusterSecretStore
target:
name: ollama-secret
data:
- secretKey: users
remoteRef:
key: secrets/internalproxy/ollama
property: users
---
apiVersion: traefik.containo.us/v1alpha1
kind: Middleware
metadata:
name: ollama-basic-auth
spec:
basicAuth:
headerField: x-api-key
secret: ollama-secret
---
apiVersion: v1
kind: Service
metadata:
name: ollama
spec:
ports:
- name: app
port: 11435
protocol: TCP
targetPort: 11435
clusterIP: None
type: ClusterIP
---
apiVersion: v1
kind: Endpoints
metadata:
name: ollama
subsets:
- addresses:
- ip: 192.168.20.104
ports:
- name: app
port: 11435
protocol: TCP
---
apiVersion: traefik.containo.us/v1alpha1
kind: IngressRoute
metadata:
name: ollama-ingress
spec:
entryPoints:
- websecure
routes:
- match: Host(`ollama.durp.info`) && PathPrefix(`/`)
middlewares:
- name: ollama-basic-auth
kind: Rule
services:
- name: ollama
port: 11435
tls:
secretName: ollama-tls
---
apiVersion: cert-manager.io/v1
kind: Certificate
metadata:
name: ollama-tls
spec:
secretName: ollama-tls
issuerRef:
name: letsencrypt-production
kind: ClusterIssuer
commonName: "ollama.durp.info"
dnsNames:
- "ollama.durp.info"
---
kind: Service
apiVersion: v1
metadata:
name: ollama-external-dns
annotations:
external-dns.alpha.kubernetes.io/hostname: ollama.durp.info
spec:
type: ExternalName
externalName: durp.info

63
master/internalproxy/templates/pfsense.yaml Normal file
View File

@@ -0,0 +1,63 @@
apiVersion: v1
kind: Service
metadata:
name: pfsense
spec:
ports:
- name: app
port: 10443
protocol: TCP
targetPort: 10443
clusterIP: None
type: ClusterIP
---
apiVersion: v1
kind: Endpoints
metadata:
name: pfsense
subsets:
- addresses:
- ip: 192.168.20.1
ports:
- name: app
port: 10443
protocol: TCP
---
apiVersion: traefik.containo.us/v1alpha1
kind: IngressRoute
metadata:
name: pfsense-ingress
spec:
entryPoints:
- websecure
routes:
- match: Host(`pfsense.internal.durp.info`) && PathPrefix(`/`)
middlewares:
- name: whitelist
namespace: traefik
kind: Rule
services:
- name: pfsense
port: 10443
scheme: https
tls:
secretName: pfsense-tls
---
apiVersion: cert-manager.io/v1
kind: Certificate
metadata:
name: pfsense-tls
spec:
secretName: pfsense-tls
issuerRef:
name: letsencrypt-production
kind: ClusterIssuer
commonName: "pfsense.internal.durp.info"
dnsNames:
- "pfsense.internal.durp.info"

72
master/internalproxy/templates/plex.yaml Normal file
View File

@@ -0,0 +1,72 @@
apiVersion: v1
kind: Service
metadata:
name: plex
spec:
ports:
- name: app
port: 32400
protocol: TCP
targetPort: 32400
clusterIP: None
type: ClusterIP
---
apiVersion: v1
kind: Endpoints
metadata:
name: plex
subsets:
- addresses:
- ip: 192.168.20.253
ports:
- name: app
port: 32400
protocol: TCP
---
apiVersion: traefik.containo.us/v1alpha1
kind: IngressRoute
metadata:
name: plex-ingress
spec:
entryPoints:
- websecure
routes:
- match: Host(`plex.durp.info`) && PathPrefix(`/`)
kind: Rule
services:
- name: plex
port: 32400
scheme: https
tls:
secretName: plex-tls
---
apiVersion: cert-manager.io/v1
kind: Certificate
metadata:
name: plex-tls
spec:
secretName: plex-tls
issuerRef:
name: letsencrypt-production
kind: ClusterIssuer
commonName: "plex.durp.info"
dnsNames:
- "plex.durp.info"
---
kind: Service
apiVersion: v1
metadata:
name: plex-external-dns
annotations:
external-dns.alpha.kubernetes.io/hostname: plex.durp.info
spec:
type: ExternalName
externalName: durp.info

63
master/internalproxy/templates/portainer.yaml Normal file
View File

@@ -0,0 +1,63 @@
apiVersion: v1
kind: Service
metadata:
name: portainer
spec:
ports:
- name: app
port: 9443
protocol: TCP
targetPort: 9443
clusterIP: None
type: ClusterIP
---
apiVersion: v1
kind: Endpoints
metadata:
name: portainer
subsets:
- addresses:
- ip: 192.168.20.104
ports:
- name: app
port: 9443
protocol: TCP
---
apiVersion: traefik.containo.us/v1alpha1
kind: IngressRoute
metadata:
name: portainer-ingress
spec:
entryPoints:
- websecure
routes:
- match: Host(`portainer.internal.durp.info`) && PathPrefix(`/`)
middlewares:
- name: whitelist
namespace: traefik
kind: Rule
services:
- name: portainer
port: 9443
scheme: https
tls:
secretName: portainer-tls
---
apiVersion: cert-manager.io/v1
kind: Certificate
metadata:
name: portainer-tls
spec:
secretName: portainer-tls
issuerRef:
name: letsencrypt-production
kind: ClusterIssuer
commonName: "portainer.internal.durp.info"
dnsNames:
- "portainer.internal.durp.info"

63
master/internalproxy/templates/proxmox.yaml Normal file
View File

@@ -0,0 +1,63 @@
apiVersion: v1
kind: Service
metadata:
name: proxmox
spec:
ports:
- name: app
port: 8006
protocol: TCP
targetPort: 8006
clusterIP: None
type: ClusterIP
---
apiVersion: v1
kind: Endpoints
metadata:
name: proxmox
subsets:
- addresses:
- ip: 192.168.21.252
ports:
- name: app
port: 8006
protocol: TCP
---
apiVersion: traefik.containo.us/v1alpha1
kind: IngressRoute
metadata:
name: proxmox-ingress
spec:
entryPoints:
- websecure
routes:
- match: Host(`proxmox.internal.durp.info`) && PathPrefix(`/`)
middlewares:
- name: whitelist
namespace: traefik
kind: Rule
services:
- name: proxmox
port: 8006
scheme: https
tls:
secretName: proxmox-tls
---
apiVersion: cert-manager.io/v1
kind: Certificate
metadata:
name: proxmox-tls
spec:
secretName: proxmox-tls
issuerRef:
name: letsencrypt-production
kind: ClusterIssuer
commonName: "proxmox.internal.durp.info"
dnsNames:
- "proxmox.internal.durp.info"

59
master/internalproxy/templates/registry-internal.yaml Normal file
View File

@@ -0,0 +1,59 @@
apiVersion: v1
kind: Service
metadata:
name: registry-internal
spec:
ports:
- name: app
port: 5000
protocol: TCP
targetPort: 5000
clusterIP: None
type: ClusterIP
---
apiVersion: v1
kind: Endpoints
metadata:
name: registry-internal
subsets:
- addresses:
- ip: 192.168.20.253
ports:
- name: app
port: 5000
protocol: TCP
---
apiVersion: traefik.containo.us/v1alpha1
kind: IngressRoute
metadata:
name: registry-internal-ingress
spec:
entryPoints:
- websecure
routes:
- match: Host(`registry.internal.durp.info`) && PathPrefix(`/`)
kind: Rule
services:
- name: registry-internal
port: 5000
tls:
secretName: registry-internal-tls
---
apiVersion: cert-manager.io/v1
kind: Certificate
metadata:
name: registry-internal-tls
spec:
secretName: registry-internal-tls
issuerRef:
name: letsencrypt-production
kind: ClusterIssuer
commonName: "registry.internal.durp.info"
dnsNames:
- "registry.internal.durp.info"

71
master/internalproxy/templates/registry.yaml Normal file
View File

@@ -0,0 +1,71 @@
apiVersion: v1
kind: Service
metadata:
name: registry
spec:
ports:
- name: app
port: 5000
protocol: TCP
targetPort: 5000
clusterIP: None
type: ClusterIP
---
apiVersion: v1
kind: Endpoints
metadata:
name: registry
subsets:
- addresses:
- ip: 192.168.20.253
ports:
- name: app
port: 5000
protocol: TCP
---
apiVersion: traefik.containo.us/v1alpha1
kind: IngressRoute
metadata:
name: registry-ingress
spec:
entryPoints:
- websecure
routes:
- match: Host(`registry.durp.info`) && PathPrefix(`/`)
kind: Rule
services:
- name: registry
port: 5000
tls:
secretName: registry-tls
---
apiVersion: cert-manager.io/v1
kind: Certificate
metadata:
name: registry-tls
spec:
secretName: registry-tls
issuerRef:
name: letsencrypt-production
kind: ClusterIssuer
commonName: "registry.durp.info"
dnsNames:
- "registry.durp.info"
---
kind: Service
apiVersion: v1
metadata:
name: registry-external-dns
annotations:
external-dns.alpha.kubernetes.io/hostname: registry.durp.info
spec:
type: ExternalName
externalName: durp.info

63
master/internalproxy/templates/s3.yaml Normal file
View File

@@ -0,0 +1,63 @@
apiVersion: v1
kind: Service
metadata:
name: s3
spec:
ports:
- name: app
port: 9768
protocol: TCP
targetPort: 9768
clusterIP: None
type: ClusterIP
---
apiVersion: v1
kind: Endpoints
metadata:
name: s3
subsets:
- addresses:
- ip: 192.168.20.253
ports:
- name: app
port: 9768
protocol: TCP
---
apiVersion: traefik.containo.us/v1alpha1
kind: IngressRoute
metadata:
name: s3-ingress
spec:
entryPoints:
- websecure
routes:
- match: Host(`s3.internal.durp.info`) && PathPrefix(`/`)
middlewares:
- name: whitelist
namespace: traefik
kind: Rule
services:
- name: s3
port: 9768
scheme: http
tls:
secretName: s3-tls
---
apiVersion: cert-manager.io/v1
kind: Certificate
metadata:
name: s3-tls
spec:
secretName: s3-tls
issuerRef:
name: letsencrypt-production
kind: ClusterIssuer
commonName: "s3.internal.durp.info"
dnsNames:
- "s3.internal.durp.info"

63
master/internalproxy/templates/semaphore.yaml Normal file
View File

@@ -0,0 +1,63 @@
apiVersion: v1
kind: Service
metadata:
name: semaphore
spec:
ports:
- name: app
port: 3001
protocol: TCP
targetPort: 3001
clusterIP: None
type: ClusterIP
---
apiVersion: v1
kind: Endpoints
metadata:
name: semaphore
subsets:
- addresses:
- ip: 192.168.20.253
ports:
- name: app
port: 3001
protocol: TCP
---
apiVersion: traefik.containo.us/v1alpha1
kind: IngressRoute
metadata:
name: semaphore-ingress
spec:
entryPoints:
- websecure
routes:
- match: Host(`semaphore.internal.durp.info`) && PathPrefix(`/`)
middlewares:
- name: whitelist
namespace: traefik
kind: Rule
services:
- name: semaphore
port: 3001
scheme: http
tls:
secretName: semaphore-tls
---
apiVersion: cert-manager.io/v1
kind: Certificate
metadata:
name: semaphore-tls
spec:
secretName: semaphore-tls
issuerRef:
name: letsencrypt-production
kind: ClusterIssuer
commonName: "semaphore.internal.durp.info"
dnsNames:
- "semaphore.internal.durp.info"

82
master/internalproxy/templates/smokeping.yaml Normal file
View File

@@ -0,0 +1,82 @@
apiVersion: v1
kind: Service
metadata:
name: smokeping
spec:
ports:
- name: app
port: 81
protocol: TCP
targetPort: 81
clusterIP: None
type: ClusterIP
---
apiVersion: v1
kind: Endpoints
metadata:
name: smokeping
subsets:
- addresses:
- ip: 192.168.20.253
ports:
- name: app
port: 81
protocol: TCP
---
apiVersion: traefik.containo.us/v1alpha1
kind: IngressRoute
metadata:
name: smokeping-ingress
spec:
entryPoints:
- websecure
routes:
- match: Host(`smokeping.durp.info`) && PathPrefix(`/`)
middlewares:
- name: whitelist
namespace: traefik
- name: authentik-proxy-provider
namespace: traefik
kind: Rule
services:
- name: smokeping
port: 81
- match: Host(`smokeping.durp.info`) && PathPrefix(`/outpost.goauthentik.io`)
kind: Rule
services:
- name: ak-outpost-authentik-embedded-outpost
namespace: authentik
port: 9000
tls:
secretName: smokeping-tls
---
apiVersion: cert-manager.io/v1
kind: Certificate
metadata:
name: smokeping-tls
spec:
secretName: smokeping-tls
issuerRef:
name: letsencrypt-production
kind: ClusterIssuer
commonName: "smokeping.durp.info"
dnsNames:
- "smokeping.durp.info"
---
kind: Service
apiVersion: v1
metadata:
name: smokeping-external-dns
annotations:
external-dns.alpha.kubernetes.io/hostname: smokeping.durp.info
spec:
type: ExternalName
externalName: durp.info

74
master/internalproxy/templates/speedtest.yaml Normal file
View File

@@ -0,0 +1,74 @@
apiVersion: v1
kind: Service
metadata:
name: speedtest
spec:
ports:
- name: app
port: 6580
protocol: TCP
targetPort: 6580
clusterIP: None
type: ClusterIP
---
apiVersion: v1
kind: Endpoints
metadata:
name: speedtest
subsets:
- addresses:
- ip: 192.168.20.253
ports:
- name: app
port: 6580
protocol: TCP
---
apiVersion: traefik.containo.us/v1alpha1
kind: IngressRoute
metadata:
name: speedtest-ingress
spec:
entryPoints:
- websecure
routes:
- match: Host(`speedtest.durp.info`) && PathPrefix(`/`)
kind: Rule
middlewares:
- name: authentik-proxy-provider
namespace: traefik
services:
- name: speedtest
port: 6580
tls:
secretName: speedtest-tls
---
apiVersion: cert-manager.io/v1
kind: Certificate
metadata:
name: speedtest-tls
spec:
secretName: speedtest-tls
issuerRef:
name: letsencrypt-production
kind: ClusterIssuer
commonName: "speedtest.durp.info"
dnsNames:
- "speedtest.durp.info"
---
kind: Service
apiVersion: v1
metadata:
name: speedtest-external-dns
annotations:
external-dns.alpha.kubernetes.io/hostname: speedtest.durp.info
spec:
type: ExternalName
externalName: durp.info

67
master/internalproxy/templates/tdarr.yaml Normal file
View File

@@ -0,0 +1,67 @@
apiVersion: v1
kind: Service
metadata:
name: tdarr
spec:
ports:
- name: app
port: 8267
protocol: TCP
targetPort: 8267
clusterIP: None
type: ClusterIP
---
apiVersion: v1
kind: Endpoints
metadata:
name: tdarr
subsets:
- addresses:
- ip: 192.168.20.253
ports:
- name: app
port: 8267
protocol: TCP
---
apiVersion: traefik.containo.us/v1alpha1
kind: IngressRoute
metadata:
name: tdarr-ingress
annotations:
cert-manager.io/cluster-issuer: letsencrypt-production
spec:
entryPoints:
- websecure
routes:
- match: Host(`tdarr.internal.durp.info`)
middlewares:
- name: whitelist
namespace: traefik
- name: authentik-proxy-provider
namespace: traefik
kind: Rule
services:
- name: tdarr
port: 8267
scheme: http
tls:
secretName: tdarr-tls
---
apiVersion: cert-manager.io/v1
kind: Certificate
metadata:
name: tdarr-tls
spec:
secretName: tdarr-tls
issuerRef:
name: letsencrypt-production
kind: ClusterIssuer
commonName: "tdarr.internal.durp.info"
dnsNames:
- "tdarr.internal.durp.info"

63
master/internalproxy/templates/unraid.yaml Normal file
View File

@@ -0,0 +1,63 @@
apiVersion: v1
kind: Service
metadata:
name: unraid
spec:
ports:
- name: app
port: 443
protocol: TCP
targetPort: 443
clusterIP: None
type: ClusterIP
---
apiVersion: v1
kind: Endpoints
metadata:
name: unraid
subsets:
- addresses:
- ip: 192.168.20.253
ports:
- name: app
port: 443
protocol: TCP
---
apiVersion: traefik.containo.us/v1alpha1
kind: IngressRoute
metadata:
name: unraid-ingress
spec:
entryPoints:
- websecure
routes:
- match: Host(`unraid.internal.durp.info`) && PathPrefix(`/`)
middlewares:
- name: whitelist
namespace: traefik
kind: Rule
services:
- name: unraid
port: 443
scheme: https
tls:
secretName: unraid-tls
---
apiVersion: cert-manager.io/v1
kind: Certificate
metadata:
name: unraid-tls
spec:
secretName: unraid-tls
issuerRef:
name: letsencrypt-production
kind: ClusterIssuer
commonName: "unraid.internal.durp.info"
dnsNames:
- "unraid.internal.durp.info"

63
master/internalproxy/templates/wazuh.yaml Normal file
View File

@@ -0,0 +1,63 @@
apiVersion: v1
kind: Service
metadata:
name: wazuh
spec:
ports:
- name: app
port: 443
protocol: TCP
targetPort: 443
clusterIP: None
type: ClusterIP
---
apiVersion: v1
kind: Endpoints
metadata:
name: wazuh
subsets:
- addresses:
- ip: 192.168.20.102
ports:
- name: app
port: 443
protocol: TCP
---
apiVersion: traefik.containo.us/v1alpha1
kind: IngressRoute
metadata:
name: wazuh-ingress
spec:
entryPoints:
- websecure
routes:
- match: Host(`wazuh.internal.durp.info`) && PathPrefix(`/`)
middlewares:
- name: whitelist
namespace: traefik
kind: Rule
services:
- name: wazuh
port: 443
scheme: https
tls:
secretName: wazuh-tls
---
apiVersion: cert-manager.io/v1
kind: Certificate
metadata:
name: wazuh-tls
spec:
secretName: wazuh-tls
issuerRef:
name: letsencrypt-production
kind: ClusterIssuer
commonName: "wazuh.internal.durp.info"
dnsNames:
- "wazuh.internal.durp.info"