308 lines
7.9 KiB
YAML
308 lines
7.9 KiB
YAML
apiVersion: networking.k8s.io/v1
|
|
kind: Ingress
|
|
metadata:
|
|
name: rogicasa-ingress
|
|
namespace: default
|
|
annotations:
|
|
# Use Traefik as the ingress controller (default in k3s)
|
|
kubernetes.io/ingress.class: "traefik"
|
|
# Enable SSL redirect
|
|
traefik.ingress.kubernetes.io/redirect-entry-point: https
|
|
# Optional: enable compression
|
|
traefik.ingress.kubernetes.io/compress: "true"
|
|
cert-manager.io/issuer: prod-issuer
|
|
cert-manager.io/issuer-kind: OriginIssuer
|
|
cert-manager.io/issuer-group: cert-manager.k8s.cloudflare.com
|
|
spec:
|
|
tls:
|
|
- hosts:
|
|
- "*.rogi.casa"
|
|
secretName: rogicasa-tls
|
|
rules:
|
|
- host: glance.rogi.casa
|
|
http:
|
|
paths:
|
|
- path: /
|
|
pathType: Prefix
|
|
backend:
|
|
service:
|
|
name: glance-service
|
|
port:
|
|
number: 80
|
|
- host: pihole.rogi.casa
|
|
http:
|
|
paths:
|
|
- path: /
|
|
pathType: Prefix
|
|
backend:
|
|
service:
|
|
name: pihole-web
|
|
port:
|
|
number: 80
|
|
- host: litellm.rogi.casa
|
|
http:
|
|
paths:
|
|
- path: /
|
|
pathType: Prefix
|
|
backend:
|
|
service:
|
|
name: litellm-service
|
|
port:
|
|
number: 80
|
|
- host: openai.rogi.casa
|
|
http:
|
|
paths:
|
|
- path: /
|
|
pathType: Prefix
|
|
backend:
|
|
service:
|
|
name: open-webui-service
|
|
port:
|
|
number: 80
|
|
- host: gym.rogi.casa
|
|
http:
|
|
paths:
|
|
- path: /
|
|
pathType: Prefix
|
|
backend:
|
|
service:
|
|
name: gym-tracker
|
|
port:
|
|
number: 80
|
|
---
|
|
apiVersion: networking.k8s.io/v1
|
|
kind: Ingress
|
|
metadata:
|
|
name: gitea-ingress
|
|
namespace: gitea
|
|
annotations:
|
|
# Use Traefik as the ingress controller (default in k3s)
|
|
kubernetes.io/ingress.class: "traefik"
|
|
# Enable SSL redirect
|
|
traefik.ingress.kubernetes.io/redirect-entry-point: https
|
|
# Optional: enable compression
|
|
traefik.ingress.kubernetes.io/compress: "true"
|
|
cert-manager.io/issuer: prod-issuer
|
|
cert-manager.io/issuer-kind: OriginIssuer
|
|
cert-manager.io/issuer-group: cert-manager.k8s.cloudflare.com
|
|
spec:
|
|
tls:
|
|
- hosts:
|
|
- "*.rogi.casa"
|
|
secretName: rogicasa-tls
|
|
rules:
|
|
- host: gitea.rogi.casa
|
|
http:
|
|
paths:
|
|
- path: /
|
|
pathType: Prefix
|
|
backend:
|
|
service:
|
|
name: gitea
|
|
port:
|
|
number: 80
|
|
---
|
|
apiVersion: networking.k8s.io/v1
|
|
kind: Ingress
|
|
metadata:
|
|
name: monitoring-ingress
|
|
namespace: monitoring
|
|
annotations:
|
|
# Use Traefik as the ingress controller (default in k3s)
|
|
kubernetes.io/ingress.class: "traefik"
|
|
# Enable SSL redirect
|
|
traefik.ingress.kubernetes.io/redirect-entry-point: https
|
|
# Optional: enable compression
|
|
traefik.ingress.kubernetes.io/compress: "true"
|
|
cert-manager.io/issuer: prod-issuer
|
|
cert-manager.io/issuer-kind: OriginIssuer
|
|
cert-manager.io/issuer-group: cert-manager.k8s.cloudflare.com
|
|
spec:
|
|
tls:
|
|
- hosts:
|
|
- "*.rogi.casa"
|
|
secretName: rogicasa-tls
|
|
rules:
|
|
- host: grafana.rogi.casa
|
|
http:
|
|
paths:
|
|
- path: /
|
|
pathType: Prefix
|
|
backend:
|
|
service:
|
|
name: grafana
|
|
port:
|
|
number: 80
|
|
- host: prometheus.rogi.casa
|
|
http:
|
|
paths:
|
|
- path: /
|
|
pathType: Prefix
|
|
backend:
|
|
service:
|
|
name: prometheus-k8s
|
|
port:
|
|
number: 80
|
|
---
|
|
apiVersion: networking.k8s.io/v1
|
|
kind: Ingress
|
|
metadata:
|
|
name: vaultwarden-ingress
|
|
namespace: vaultwarden
|
|
annotations:
|
|
# Use Traefik as the ingress controller (default in k3s)
|
|
kubernetes.io/ingress.class: "traefik"
|
|
# Enable SSL redirect
|
|
traefik.ingress.kubernetes.io/redirect-entry-point: https
|
|
# Optional: enable compression
|
|
traefik.ingress.kubernetes.io/compress: "true"
|
|
cert-manager.io/issuer: prod-issuer
|
|
cert-manager.io/issuer-kind: OriginIssuer
|
|
cert-manager.io/issuer-group: cert-manager.k8s.cloudflare.com
|
|
spec:
|
|
tls:
|
|
- hosts:
|
|
- "*.rogi.casa"
|
|
secretName: rogicasa-tls
|
|
rules:
|
|
- host: vaultwarden.rogi.casa
|
|
http:
|
|
paths:
|
|
- path: /
|
|
pathType: Prefix
|
|
backend:
|
|
service:
|
|
name: vaultwarden
|
|
port:
|
|
number: 80
|
|
---
|
|
apiVersion: networking.k8s.io/v1
|
|
kind: Ingress
|
|
metadata:
|
|
name: homeassistant-ingress
|
|
namespace: home-assistant
|
|
annotations:
|
|
# Use Traefik as the ingress controller (default in k3s)
|
|
kubernetes.io/ingress.class: "traefik"
|
|
# Enable SSL redirect
|
|
traefik.ingress.kubernetes.io/redirect-entry-point: https
|
|
# Optional: enable compression
|
|
traefik.ingress.kubernetes.io/compress: "true"
|
|
cert-manager.io/issuer: prod-issuer
|
|
cert-manager.io/issuer-kind: OriginIssuer
|
|
cert-manager.io/issuer-group: cert-manager.k8s.cloudflare.com
|
|
spec:
|
|
tls:
|
|
- hosts:
|
|
- "*.rogi.casa"
|
|
secretName: rogicasa-tls
|
|
rules:
|
|
- host: homeassistant.rogi.casa
|
|
http:
|
|
paths:
|
|
- path: /
|
|
pathType: Prefix
|
|
backend:
|
|
service:
|
|
name: home-assistant
|
|
port:
|
|
number: 80
|
|
---
|
|
apiVersion: networking.k8s.io/v1
|
|
kind: Ingress
|
|
metadata:
|
|
name: minecraft-ingress
|
|
namespace: minecraft
|
|
annotations:
|
|
# Use Traefik as the ingress controller (default in k3s)
|
|
kubernetes.io/ingress.class: "traefik"
|
|
# Enable SSL redirect
|
|
traefik.ingress.kubernetes.io/redirect-entry-point: https
|
|
# Optional: enable compression
|
|
traefik.ingress.kubernetes.io/compress: "true"
|
|
cert-manager.io/issuer: prod-issuer
|
|
cert-manager.io/issuer-kind: OriginIssuer
|
|
cert-manager.io/issuer-group: cert-manager.k8s.cloudflare.com
|
|
spec:
|
|
tls:
|
|
- hosts:
|
|
- "*.rogi.casa"
|
|
secretName: rogicasa-tls
|
|
rules:
|
|
- host: minecraft.rogi.casa
|
|
http:
|
|
paths:
|
|
- path: /
|
|
pathType: Prefix
|
|
backend:
|
|
service:
|
|
name: minecraft-server
|
|
port:
|
|
number: 25565
|
|
---
|
|
apiVersion: networking.k8s.io/v1
|
|
kind: Ingress
|
|
metadata:
|
|
name: argocd-ingress
|
|
namespace: argocd
|
|
annotations:
|
|
# Use Traefik as the ingress controller (default in k3s)
|
|
kubernetes.io/ingress.class: "traefik"
|
|
# Enable SSL redirect
|
|
traefik.ingress.kubernetes.io/redirect-entry-point: https
|
|
# Optional: enable compression
|
|
traefik.ingress.kubernetes.io/compress: "true"
|
|
cert-manager.io/issuer: prod-issuer
|
|
cert-manager.io/issuer-kind: OriginIssuer
|
|
cert-manager.io/issuer-group: cert-manager.k8s.cloudflare.com
|
|
spec:
|
|
tls:
|
|
- hosts:
|
|
- "*.rogi.casa"
|
|
secretName: rogicasa-tls
|
|
rules:
|
|
- host: argocd.rogi.casa
|
|
http:
|
|
paths:
|
|
- path: /
|
|
pathType: Prefix
|
|
backend:
|
|
service:
|
|
name: argocd-server
|
|
port:
|
|
number: 80
|
|
---
|
|
apiVersion: networking.k8s.io/v1
|
|
kind: Ingress
|
|
metadata:
|
|
name: nas-ingress
|
|
namespace: default
|
|
annotations:
|
|
# Use Traefik as the ingress controller (default in k3s)
|
|
kubernetes.io/ingress.class: "traefik"
|
|
# Enable SSL redirect
|
|
traefik.ingress.kubernetes.io/redirect-entry-point: https
|
|
# Optional: enable compression
|
|
traefik.ingress.kubernetes.io/compress: "true"
|
|
# Allow large file uploads (5GB) for NAS
|
|
traefik.ingress.kubernetes.io/max-request-body-bytes: "5368709120"
|
|
cert-manager.io/issuer: prod-issuer
|
|
cert-manager.io/issuer-kind: OriginIssuer
|
|
cert-manager.io/issuer-group: cert-manager.k8s.cloudflare.com
|
|
spec:
|
|
tls:
|
|
- hosts:
|
|
- "*.rogi.casa"
|
|
secretName: rogicasa-tls
|
|
rules:
|
|
- host: nas.rogi.casa
|
|
http:
|
|
paths:
|
|
- path: /
|
|
pathType: Prefix
|
|
backend:
|
|
service:
|
|
name: external-ip
|
|
port:
|
|
number: 80
|