From b8790e00513d7543dc829088e5c4a78efd8d0caa Mon Sep 17 00:00:00 2001
From: Peter Kurfer <peter@icb4dc0.de>
Date: Wed, 26 Mar 2025 08:03:25 +0100
Subject: [PATCH] feat(argo): add individual listener

---
 argocd/resources/http_routes.yaml      | 52 ++++++++++++++++++--------
 contour/resources/default_gateway.yaml | 15 ++++++++
 2 files changed, 51 insertions(+), 16 deletions(-)

diff --git a/argocd/resources/http_routes.yaml b/argocd/resources/http_routes.yaml
index 01ffa4b..215bd0f 100644
--- a/argocd/resources/http_routes.yaml
+++ b/argocd/resources/http_routes.yaml
@@ -5,17 +5,17 @@ metadata:
   name: argo-cd-http
 spec:
   parentRefs:
-  - name: contour
-    sectionName: http
-    namespace: projectcontour
+    - name: contour
+      sectionName: http
+      namespace: projectcontour
   hostnames:
-  - argocd.icb4dc0.de
+    - argocd.icb4dc0.de
   rules:
-  - filters:
-    - type: RequestRedirect
-      requestRedirect:
-        scheme: https
-        statusCode: 301
+    - filters:
+        - type: RequestRedirect
+          requestRedirect:
+            scheme: https
+            statusCode: 301
 ---
 apiVersion: gateway.networking.k8s.io/v1
 kind: HTTPRoute
@@ -23,12 +23,32 @@ metadata:
   name: argo-cd-https
 spec:
   parentRefs:
-  - name: contour
-    sectionName: https
-    namespace: projectcontour
+    - name: contour
+      sectionName: argocd
+      namespace: projectcontour
   hostnames:
-  - argocd.icb4dc0.de
+    - argocd.icb4dc0.de
   rules:
-  - backendRefs:
-    - name: argo-cd-argocd-server
-      port: 443
\ No newline at end of file
+    - backendRefs:
+        - name: argo-cd-argocd-server
+          port: 443
+---
+apiVersion: gateway.networking.k8s.io/v1
+kind: GRPCRoute
+metadata:
+  name: argo-cd-grpc
+spec:
+  parentRefs:
+    - name: contour
+      sectionName: argocd
+      namespace: projectcontour
+  hostnames:
+    - argocd.icb4dc0.de
+  rules:
+    - matches:
+        - headers:
+            - name: Content-Type
+              value: application/grpc
+      backendRefs:
+        - name: argo-cd-argocd-server
+          port: 443
diff --git a/contour/resources/default_gateway.yaml b/contour/resources/default_gateway.yaml
index aff722d..0fe1a7b 100644
--- a/contour/resources/default_gateway.yaml
+++ b/contour/resources/default_gateway.yaml
@@ -52,6 +52,21 @@ spec:
         certificateRefs:
           - name: forgejo-tls
 
+    - name: argocd
+      hostname: "argocd.icb4dc0.de"
+      port: 443
+      protocol: HTTPS
+      allowedRoutes:
+        namespaces:
+          from: Selector
+          selector:
+            matchLabels:
+              kubernetes.io/metadata.name: argo-system
+      tls:
+        mode: Terminate
+        certificateRefs:
+          - name: argocd-tls
+
     - name: ssh
       protocol: TCP
       port: 22