From de7c9b5c137b7571f3ea304f1d4018f351b1f504 Mon Sep 17 00:00:00 2001 From: DeveloperDurp Date: Tue, 25 Feb 2025 06:16:17 -0600 Subject: [PATCH] update --- dmz/internalproxy/templates/authentik.yaml | 25 +++ dmz/internalproxy/templates/ollama.yaml | 202 ++++++++++----------- infra/argocd/templates/internalproxy.yaml | 21 +++ 3 files changed, 147 insertions(+), 101 deletions(-) create mode 100644 dmz/internalproxy/templates/authentik.yaml create mode 100644 infra/argocd/templates/internalproxy.yaml diff --git a/dmz/internalproxy/templates/authentik.yaml b/dmz/internalproxy/templates/authentik.yaml new file mode 100644 index 0000000..59ff185 --- /dev/null +++ b/dmz/internalproxy/templates/authentik.yaml @@ -0,0 +1,25 @@ +apiVersion: traefik.io/v1alpha1 +kind: IngressRoute +metadata: + name: authentik-ingress +spec: + entryPoints: + - websecure + routes: + - match: Host(`test.durp.info`) && PathPrefix(`/`) + kind: Rule + services: + - name: authentik-server + port: 443 + tls: + secretName: authentik-tls + +--- + +apiVersion: v1 +kind: Service +metadata: + name: authentik-server +spec: + type: ExternalName + externalName: authentik.infra.durp.info diff --git a/dmz/internalproxy/templates/ollama.yaml b/dmz/internalproxy/templates/ollama.yaml index 4834ff5..d5dc745 100644 --- a/dmz/internalproxy/templates/ollama.yaml +++ b/dmz/internalproxy/templates/ollama.yaml @@ -1,101 +1,101 @@ -apiVersion: external-secrets.io/v1beta1 -kind: ExternalSecret -metadata: - name: ollama-secret -spec: - secretStoreRef: - name: vault - kind: ClusterSecretStore - target: - name: ollama-secret - data: - - secretKey: users - remoteRef: - key: secrets/internalproxy/ollama - property: users - ---- - -apiVersion: traefik.containo.us/v1alpha1 -kind: Middleware -metadata: - name: ollama-basic-auth -spec: - basicAuth: - secret: ollama-secret - ---- - -apiVersion: v1 -kind: Service -metadata: - name: ollama -spec: - ports: - - name: app - port: 11435 - protocol: TCP - targetPort: 11435 - clusterIP: None - type: ClusterIP - ---- - -apiVersion: v1 -kind: Endpoints -metadata: - name: ollama -subsets: - - addresses: - - ip: 192.168.20.104 - ports: - - name: app - port: 11435 - protocol: TCP - ---- - -apiVersion: traefik.containo.us/v1alpha1 -kind: IngressRoute -metadata: - name: ollama-ingress -spec: - entryPoints: - - websecure - routes: - - match: Host(`ollama.durp.info`) && PathPrefix(`/`) - middlewares: - - name: ollama-basic-auth - kind: Rule - services: - - name: ollama - port: 11435 - tls: - secretName: ollama-tls - ---- - -apiVersion: cert-manager.io/v1 -kind: Certificate -metadata: - name: ollama-tls -spec: - secretName: ollama-tls - issuerRef: - name: letsencrypt-production - kind: ClusterIssuer - commonName: "ollama.durp.info" - dnsNames: - - "ollama.durp.info" - ---- - -kind: Service -apiVersion: v1 -metadata: - name: ollama-external-dns - annotations: - external-dns.alpha.kubernetes.io/hostname: ollama.durp.info -spec: - type: ExternalName - externalName: durp.info +#apiVersion: external-secrets.io/v1beta1 +#kind: ExternalSecret +#metadata: +# name: ollama-secret +#spec: +# secretStoreRef: +# name: vault +# kind: ClusterSecretStore +# target: +# name: ollama-secret +# data: +# - secretKey: users +# remoteRef: +# key: secrets/internalproxy/ollama +# property: users +# +#--- +# +#apiVersion: traefik.containo.us/v1alpha1 +#kind: Middleware +#metadata: +# name: ollama-basic-auth +#spec: +# basicAuth: +# secret: ollama-secret +# +#--- +# +#apiVersion: v1 +#kind: Service +#metadata: +# name: ollama +#spec: +# ports: +# - name: app +# port: 11435 +# protocol: TCP +# targetPort: 11435 +# clusterIP: None +# type: ClusterIP +# +#--- +# +#apiVersion: v1 +#kind: Endpoints +#metadata: +# name: ollama +#subsets: +# - addresses: +# - ip: 192.168.20.104 +# ports: +# - name: app +# port: 11435 +# protocol: TCP +# +#--- +# +#apiVersion: traefik.containo.us/v1alpha1 +#kind: IngressRoute +#metadata: +# name: ollama-ingress +#spec: +# entryPoints: +# - websecure +# routes: +# - match: Host(`ollama.durp.info`) && PathPrefix(`/`) +# middlewares: +# - name: ollama-basic-auth +# kind: Rule +# services: +# - name: ollama +# port: 11435 +# tls: +# secretName: ollama-tls +# +#--- +# +#apiVersion: cert-manager.io/v1 +#kind: Certificate +#metadata: +# name: ollama-tls +#spec: +# secretName: ollama-tls +# issuerRef: +# name: letsencrypt-production +# kind: ClusterIssuer +# commonName: "ollama.durp.info" +# dnsNames: +# - "ollama.durp.info" +# +#--- +# +#kind: Service +#apiVersion: v1 +#metadata: +# name: ollama-external-dns +# annotations: +# external-dns.alpha.kubernetes.io/hostname: ollama.durp.info +#spec: +# type: ExternalName +# externalName: durp.info diff --git a/infra/argocd/templates/internalproxy.yaml b/infra/argocd/templates/internalproxy.yaml new file mode 100644 index 0000000..57e2c60 --- /dev/null +++ b/infra/argocd/templates/internalproxy.yaml @@ -0,0 +1,21 @@ +apiVersion: argoproj.io/v1alpha1 +kind: Application +metadata: + name: internal-proxy + namespace: argocd +spec: + project: default + source: + repoURL: https://gitlab.com/developerdurp/homelab.git + targetRevision: main + path: dmz/internalproxy + destination: + namespace: internalproxy + name: dmz + syncPolicy: + automated: + prune: true + selfHeal: true + syncOptions: + - CreateNamespace=true +