Fixed certs, better URLs

2022-05-10 15:48:31 +03:00
parent cb8b024d40
commit cbb307b124
8 changed files with 43 additions and 19 deletions
@@ -22,7 +22,7 @@ spec:
          imagePullPolicy: "Always"
          env:
            - name: DNS_A
-              value: "*.{{ .Values.homey.url }}={{ .Values.homey.ip }}, {{ .Values.homey.url }}={{ .Values.homey.ip }}, *.{{ .Values.homey.internal_url }}={{ .Values.homey.ip }}, {{ .Values.homey.internal_url }}={{ .Values.homey.ip}}"
+              value: "*.{{ .Values.homey.url }}={{ .Values.homey.ip }}, {{ .Values.homey.url }}={{ .Values.homey.ip }}"
            - name: DNS_FORWARDER
              value: "8.8.8.8,8.8.4.4"
            - name: ALLOW_RECURSION
@@ -46,15 +46,17 @@ kind: Ingress
 metadata:
  name: jackett-ingress
  annotations:
-    ingress.kubernetes.io/auth-type: forward
+    # ingress.kubernetes.io/auth-type: forward
-    ingress.kubernetes.io/auth-url: http://ldap-auth.{{ .Release.Namespace }}.svc.cluster.local:80
+    # ingress.kubernetes.io/auth-url: http://ldap-auth.{{ .Release.Namespace }}.svc.cluster.local:80
    nginx.ingress.kubernetes.io/whitelist-source-range: "192.168.1.0/24"
 spec:
  ingressClassName: {{ .Values.homey.ingress_class }}
  tls:
    - hosts:
-      - jackett.{{ .Values.homey.internal_url }}
+      - jackett.{{ .Values.homey.url }}
      secretName: {{ .Values.homey.certname }}
  rules:
-   - host: jackett.{{ .Values.homey.internal_url }}
+   - host: jackett.{{ .Values.homey.url }}
     http:
       paths:
       - path: /
@@ -86,6 +86,7 @@ kind: Ingress
 metadata:
  name: jellyfin-ingress
  annotations:
    nginx.ingress.kubernetes.io/whitelist-source-range: "192.168.0.0/16"
 spec:
  ingressClassName: {{ .Values.homey.ingress_class }}
  tls:
@@ -59,8 +59,11 @@ spec:
          mountPath: /nefarious-db
          subPath: backup/nefarious/nefarious-db
        - name: nefarious-persistent-storage
-          mountPath: /downloads
+          mountPath: /downloads/complete/movies
-          subPath: nobackup/downloads
+          subPath: nobackup/downloads/complete/movies
        - name: nefarious-persistent-storage
          mountPath: /downloads/complete/tvshows
          subPath: nobackup/downloads/complete/tvshows
      volumes:
      - name: nefarious-persistent-storage
        persistentVolumeClaim:
@@ -132,13 +135,15 @@ kind: Ingress
 metadata:
  name: nefarious-ingress
  annotations:
    nginx.ingress.kubernetes.io/whitelist-source-range: "192.168.0.0/8"
 spec:
  ingressClassName: {{ .Values.homey.ingress_class }}
  tls:
    - hosts:
-      - nefarious.{{ .Values.homey.internal_url }}
+      - nefarious.{{ .Values.homey.url }}
      secretName: {{ .Values.homey.certname }}
  rules:
-   - host: nefarious.{{ .Values.homey.internal_url }}
+   - host: nefarious.{{ .Values.homey.url }}
     http:
       paths:
       - path: /
@@ -62,7 +62,7 @@ spec:
        - name: PHOTOPRISM_DATABASE_DRIVER
          value: "sqlite"
        - name: PHOTOPRISM_SITE_URL
-          value: "http://gallery.{{ .Values.homey.internal_url }}"
+          value: "http://gallery.{{ .Values.homey.url }}"
        - name: PHOTOPRISM_SITE_TITLE
          value: "PhotoPrism"
        - name: PHOTOPRISM_SITE_CAPTION
@@ -106,13 +106,15 @@ metadata:
  annotations:
    ingress.kubernetes.io/auth-type: forward
    ingress.kubernetes.io/auth-url: http://ldap-auth.{{ .Release.Namespace }}.svc.cluster.local:80
    nginx.ingress.kubernetes.io/whitelist-source-range: "192.168.0.0/16"
 spec:
  ingressClassName: {{ .Values.homey.ingress_class }}
  tls:
    - hosts:
-      - album.{{ .Values.homey.internal_url }}
+      - album.{{ .Values.homey.url }}
      secretName: {{ .Values.homey.certname }}
  rules:
-  - host: album.{{ .Values.homey.internal_url }}
+  - host: album.{{ .Values.homey.url }}
    http:
      paths:
      - path: /
@@ -43,13 +43,16 @@ apiVersion: networking.k8s.io/v1
 kind: Ingress
 metadata:
  name: phpldapadmin
  annotations:
    nginx.ingress.kubernetes.io/whitelist-source-range: "192.168.0.0/16"
 spec:
  ingressClassName: {{ .Values.homey.ingress_class }}
  tls:
    - hosts:
-      - ldapadmin.{{ .Values.homey.internal_url }}
+      - ldapadmin.{{ .Values.homey.url }}
      secretName: {{ .Values.homey.certname }}
  rules:
-  - host: ldapadmin.{{ .Values.homey.internal_url }}
+  - host: ldapadmin.{{ .Values.homey.url }}
    http:
      paths:
      - path: /
@@ -21,6 +21,10 @@ spec:
        image: linuxserver/transmission
        imagePullPolicy: Always
        env:
        - name: PUID
          value: "0"
        - name: PGID
          value: "0"
        - name: TRANSMISSION_DOWNLOAD_DIR
          value: "/downloads"
        volumeMounts:
@@ -28,8 +32,14 @@ spec:
          mountPath: /config
          subPath: backup/transmission/config
        - name: transmission-persistent
-          mountPath: /downloads
+          mountPath: /downloads/complete/movies
-          subPath: nobackup/downloads
+          subPath: nobackup/downloads/complete/movies
        - name: transmission-persistent
          mountPath: /downloads/complete/tvshows
          subPath: nobackup/downloads/complete/tvshows
        - name: transmission-persistent
          mountPath: /downloads/incomplete
          subPath: nobackup/downloads/incomplete
      volumes:
      - name: transmission-persistent
        persistentVolumeClaim:
@@ -54,13 +64,15 @@ metadata:
  annotations:
    ingress.kubernetes.io/auth-type: forward
    ingress.kubernetes.io/auth-url: http://ldap-auth.{{ .Release.Namespace }}.svc.cluster.local:80
    nginx.ingress.kubernetes.io/whitelist-source-range: "192.168.0.0/16"
 spec:
  ingressClassName: {{ .Values.homey.ingress_class }}
  tls:
    - hosts:
-      - torrent.{{ .Values.homey.internal_url }}
+      - torrent.{{ .Values.homey.url }}
      secretName: {{ .Values.homey.certname }}
  rules:
-   - host: torrent.{{ .Values.homey.internal_url }}
+   - host: torrent.{{ .Values.homey.url }}
     http:
       paths:
       - path: /
@@ -62,7 +62,6 @@ homey:
        ip: "192.168.1.2"
        storageCapacity: 450Gi
    url: zakobar.com
    internal_url: zakobar.home
    ip: 192.168.1.2
    certname: zakobarcert
    ingress_class: nginx