Upgrades to HTTPS and fixed bug with nefarious
This commit is contained in:
Aner Zakobar
@@ -81,7 +81,11 @@ metadata:
|
|||||||
name: gitea-ingress
|
name: gitea-ingress
|
||||||
annotations:
|
annotations:
|
||||||
kubernetes.io/ingress.allow-http: "false"
|
kubernetes.io/ingress.allow-http: "false"
|
||||||
|
traefik.ingress.kubernetes.io/router.middlewares: {{ .Release.Namespace }}-redirect@kubernetescrd
|
||||||
spec:
|
spec:
|
||||||
|
tls:
|
||||||
|
- hosts:
|
||||||
|
- git.{{ .Values.homey.url }}
|
||||||
rules:
|
rules:
|
||||||
- host: git.{{ .Values.homey.url }}
|
- host: git.{{ .Values.homey.url }}
|
||||||
http:
|
http:
|
||||||
|
|||||||
@@ -49,6 +49,7 @@ metadata:
|
|||||||
kubernetes.io/ingress.allow-http: "false"
|
kubernetes.io/ingress.allow-http: "false"
|
||||||
ingress.kubernetes.io/auth-type: forward
|
ingress.kubernetes.io/auth-type: forward
|
||||||
ingress.kubernetes.io/auth-url: http://ldap-auth.{{ .Release.Namespace }}.svc.cluster.local:80
|
ingress.kubernetes.io/auth-url: http://ldap-auth.{{ .Release.Namespace }}.svc.cluster.local:80
|
||||||
|
traefik.ingress.kubernetes.io/router.middlewares: {{ .Release.Namespace }}-redirect@kubernetescrd
|
||||||
spec:
|
spec:
|
||||||
tls:
|
tls:
|
||||||
- hosts:
|
- hosts:
|
||||||
|
|||||||
@@ -86,7 +86,12 @@ kind: Ingress
|
|||||||
metadata:
|
metadata:
|
||||||
name: jellyfin-ingress
|
name: jellyfin-ingress
|
||||||
annotations:
|
annotations:
|
||||||
|
kubernetes.io/ingress.allow-http: "false"
|
||||||
|
traefik.ingress.kubernetes.io/router.middlewares: {{ .Release.Namespace }}-redirect@kubernetescrd
|
||||||
spec:
|
spec:
|
||||||
|
tls:
|
||||||
|
- hosts:
|
||||||
|
- jellyfin.{{ .Values.homey.internal_url }}
|
||||||
rules:
|
rules:
|
||||||
- host: jellyfin.{{ .Values.homey.internal_url }}
|
- host: jellyfin.{{ .Values.homey.internal_url }}
|
||||||
http:
|
http:
|
||||||
|
|||||||
@@ -4,7 +4,14 @@ kind: Secret
|
|||||||
metadata:
|
metadata:
|
||||||
name: nefarious-admin
|
name: nefarious-admin
|
||||||
annotations:
|
annotations:
|
||||||
secret-generator.v1.mittwald.de/autogenerate: password
|
"helm.sh/resource-policy": "keep"
|
||||||
|
type: Opaque
|
||||||
|
data:
|
||||||
|
{{- $secretObj := (lookup "v1" "Secret" .Release.Namespace "nefarious-admin") | default dict }}
|
||||||
|
{{- $secretData := (get $secretObj "data") | default dict }}
|
||||||
|
{{- $pass := (get $secretData "password") | default (randAlphaNum 32 | b64enc) }}
|
||||||
|
password: {{ $pass | quote }}
|
||||||
|
|
||||||
---
|
---
|
||||||
apiVersion: apps/v1
|
apiVersion: apps/v1
|
||||||
kind: Deployment
|
kind: Deployment
|
||||||
|
|||||||
@@ -112,6 +112,8 @@ spec:
|
|||||||
secretKeyRef:
|
secretKeyRef:
|
||||||
name: nextcloud-postgres-pass
|
name: nextcloud-postgres-pass
|
||||||
key: password
|
key: password
|
||||||
|
- name: OVERWRITEPROTOCOL
|
||||||
|
value: "https"
|
||||||
volumes:
|
volumes:
|
||||||
- name: nextcloud-volume
|
- name: nextcloud-volume
|
||||||
persistentVolumeClaim:
|
persistentVolumeClaim:
|
||||||
@@ -134,7 +136,12 @@ kind: Ingress
|
|||||||
metadata:
|
metadata:
|
||||||
name: nextcloud-ingress
|
name: nextcloud-ingress
|
||||||
annotations:
|
annotations:
|
||||||
|
kubernetes.io/ingress.allow-http: "false"
|
||||||
|
traefik.ingress.kubernetes.io/router.middlewares: {{ .Release.Namespace }}-redirect@kubernetescrd
|
||||||
spec:
|
spec:
|
||||||
|
tls:
|
||||||
|
- hosts:
|
||||||
|
- nextcloud.{{ .Values.homey.url }}
|
||||||
rules:
|
rules:
|
||||||
- host: nextcloud.{{ .Values.homey.url }}
|
- host: nextcloud.{{ .Values.homey.url }}
|
||||||
http:
|
http:
|
||||||
|
|||||||
Reference in New Issue
Block a user