diff --git a/flux/cluster/apps/misc/kustomization.yaml b/flux/cluster/apps/misc/kustomization.yaml index 0e250b8..99dbddd 100644 --- a/flux/cluster/apps/misc/kustomization.yaml +++ b/flux/cluster/apps/misc/kustomization.yaml @@ -3,3 +3,4 @@ kind: Kustomization resources: - pinbot - registry-creds.yaml + - whoami diff --git a/flux/cluster/apps/misc/whoami/deployment.yaml b/flux/cluster/apps/misc/whoami/deployment.yaml new file mode 100644 index 0000000..993a4d5 --- /dev/null +++ b/flux/cluster/apps/misc/whoami/deployment.yaml @@ -0,0 +1,25 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: whoami-deployment + namespace: misc + labels: + app: whoami-deployment + keel.sh/policy: force + keel.sh/match-tag: "true" +spec: + replicas: 1 + selector: + matchLabels: + app: whoami-deployment + template: + metadata: + labels: + app: whoami-deployment + spec: + containers: + - name: whoami-deployment + imagePullPolicy: Always + image: containous/whoami + ports: + - containerPort: 80 diff --git a/flux/cluster/apps/misc/whoami/ingress.yaml b/flux/cluster/apps/misc/whoami/ingress.yaml new file mode 100644 index 0000000..120178d --- /dev/null +++ b/flux/cluster/apps/misc/whoami/ingress.yaml @@ -0,0 +1,17 @@ +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: whoami-deployment-ingress + namespace: misc +spec: + rules: + - host: "whoami.asraphiel.dev" + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: whoami-deployment-service + port: + number: 80 diff --git a/flux/cluster/apps/misc/whoami/kustomization.yaml b/flux/cluster/apps/misc/whoami/kustomization.yaml new file mode 100644 index 0000000..ef7dbba --- /dev/null +++ b/flux/cluster/apps/misc/whoami/kustomization.yaml @@ -0,0 +1,6 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +resources: + - deployment.yaml + - ingress.yaml + - service.yaml diff --git a/flux/cluster/apps/misc/whoami/service.yaml b/flux/cluster/apps/misc/whoami/service.yaml new file mode 100644 index 0000000..db27117 --- /dev/null +++ b/flux/cluster/apps/misc/whoami/service.yaml @@ -0,0 +1,12 @@ +apiVersion: v1 +kind: Service +metadata: + name: whoami-deployment-service + namespace: misc +spec: + selector: + app: whoami-deployment + ports: + - protocol: TCP + port: 80 + targetPort: 80 diff --git a/flux/cluster/apps/networking/traefik/helm.yaml b/flux/cluster/apps/networking/traefik/helm.yaml index 1b1ba59..9ce33cf 100644 --- a/flux/cluster/apps/networking/traefik/helm.yaml +++ b/flux/cluster/apps/networking/traefik/helm.yaml @@ -27,9 +27,9 @@ spec: globalArguments: [] additionalArguments: - "--entryPoints.web.forwardedHeaders.insecure=true" - - "--entryPoints.web.forwardedHeaders.trustedIPs=127.0.0.1/32,10.42.0.0/16" + - "--entryPoints.web.forwardedHeaders.trustedIPs=127.0.0.1/32,10.0.0.0/8" - "--entryPoints.websecure.forwardedHeaders.insecure=true" - - "--entryPoints.websecure.forwardedHeaders.trustedIPs=127.0.0.1/32,10.42.0.0/16" + - "--entryPoints.websecure.forwardedHeaders.trustedIPs=127.0.0.1/32,10.0.0.0/8" ports: traefik: port: 9000 diff --git a/nixos/machines/nginx/default.nix b/nixos/machines/nginx/default.nix index b8d0afa..18a5757 100644 --- a/nixos/machines/nginx/default.nix +++ b/nixos/machines/nginx/default.nix @@ -64,6 +64,7 @@ in { virtualHosts."vaultwarden.asraphiel.dev" = proxy "http://vaultwarden.lxd:8000/"; virtualHosts."analytics.asraphiel.dev" = k8sProxy; + virtualHosts."whoami.asraphiel.dev" = k8sProxy; virtualHosts."groenehartansichtkaarten.nl" = k8sProxy; virtualHosts."ansichtkaarten.asraphiel.dev" = k8sProxy; @@ -79,6 +80,8 @@ in { globalRedirect = "galerievanslagmaat.nl"; }; + virtualHosts."test.asraphiel.dev" = proxy "http://hosting-test.lxd:8080/"; + }; security.acme.email = "acme@voidcorp.nl";