#apiVersion: networking.k8s.io/v1 #kind: Ingress #metadata: # annotations: # kubernetes.io/ingress.class: nginx # cert-manager.io/cluster-issuer: letsencrypt-production # nginx.ingress.kubernetes.io/auth-url: |- # http://ak-outpost-authentik-embedded-outpost.authentik.svc.cluster.local:9000/outpost.goauthentik.io/auth/nginx # nginx.ingress.kubernetes.io/auth-signin: |- # https://kuma.durp.info/outpost.goauthentik.io/start?rd=$escaped_request_uri # nginx.ingress.kubernetes.io/auth-response-headers: |- # Set-Cookie,X-authentik-username,X-authentik-groups,X-authentik-email,X-authentik-name,X-authentik-uid # nginx.ingress.kubernetes.io/auth-snippet: | # proxy_set_header X-Forwarded-Host $http_host; # name: ingress #spec: # tls: # - hosts: # - kuma.durp.info # secretName: kuma-tls # rules: # - host: kuma.durp.info # http: # paths: # - path: / # pathType: Prefix # backend: # service: # name: service # port: # number: 3001 # - path: /outpost.goauthentik.io # pathType: Prefix # backend: # service: # name: ak-outpost-authentik-embedded-outpost # port: # number: 9000 # #--- # #kind: Service #apiVersion: v1 #metadata: # name: ak-outpost-authentik-embedded-outpost #spec: # type: ExternalName # externalName: ak-outpost-authentik-embedded-outpost.authentik.svc.cluster.local apiVersion: traefik.containo.us/v1alpha1 kind: IngressRoute metadata: name: kuma-ingress spec: entryPoints: - websecure routes: - match: Host(`kuma.durp.info`) && PathPrefix(`/`) middlewares: - name: authentik-proxy-provider namespace: traefik kind: Rule services: - name: service port: 3001 tls: secretName: kuma-tls --- apiVersion: cert-manager.io/v1 kind: Certificate metadata: name: kuma-tls spec: secretName: kuma-tls issuerRef: name: letsencrypt-production kind: ClusterIssuer commonName: "kuma.durp.info" dnsNames: - "kuma.durp.info"