apps/contour/resources/default_gateway.yaml
Peter Kurfer 7f1008bf0d
All checks were successful
Renovate / renovate (push) Successful in 57s
feat(contour): ente listener & TLS
2024-05-13 16:35:55 +02:00

142 lines
No EOL
3.4 KiB
YAML

---
kind: Gateway
apiVersion: gateway.networking.k8s.io/v1
metadata:
name: contour
namespace: projectcontour
annotations:
cert-manager.io/cluster-issuer: letsencrypt-production
spec:
gatewayClassName: contour
listeners:
- name: ssh
protocol: TCP
port: 22
allowedRoutes:
kinds:
- kind: TCPRoute
namespaces:
from: All
- name: snips-ssh
protocol: TCP
port: 2222
allowedRoutes:
kinds:
- kind: TCPRoute
namespaces:
from: All
- name: http
protocol: HTTP
port: 80
allowedRoutes:
namespaces:
from: All
- name: https
hostname: "*.icb4dc0.de"
port: 443
protocol: HTTPS
allowedRoutes:
namespaces:
from: All
tls:
mode: Terminate
certificateRefs:
- name: wildcard-icb4dc0-de-tls
- name: forgejo
hostname: "code.icb4dc0.de"
port: 443
protocol: HTTPS
allowedRoutes:
namespaces:
from: Selector
selector:
matchLabels:
kubernetes.io/metadata.name: forgejo
tls:
mode: Terminate
certificateRefs:
- name: forgejo-tls
- name: ente-endpoints
hostname: "*.ente.icb4dc0.de"
port: 443
protocol: HTTPS
allowedRoutes:
namespaces:
from: Selector
selector:
matchLabels:
kubernetes.io/metadata.name: ente
tls:
mode: Terminate
certificateRefs:
- name: ente-tls
- name: coder-port-forwards
hostname: "*.ide.icb4dc0.de"
port: 443
protocol: HTTPS
allowedRoutes:
namespaces:
from: Selector
selector:
matchLabels:
kubernetes.io/metadata.name: coder
tls:
mode: Terminate
certificateRefs:
- name: coder-port-forwards-tls
- name: garage-s3-subdomains
hostname: "*.s3.icb4dc0.de"
port: 443
protocol: HTTPS
allowedRoutes:
namespaces:
from: Selector
selector:
matchLabels:
kubernetes.io/metadata.name: garage
tls:
mode: Terminate
certificateRefs:
- name: garage-s3-subdomains-tls
- name: buildr-fider-community
hostname: community.buildr.icb4dc0.de
port: 443
protocol: HTTPS
allowedRoutes:
namespaces:
from: Selector
selector:
matchLabels:
kubernetes.io/metadata.name: fider
tls:
mode: Terminate
certificateRefs:
- name: buildr-fider-community-tls
- name: inetmock-fider-community
hostname: community.inetmock.icb4dc0.de
port: 443
protocol: HTTPS
allowedRoutes:
namespaces:
from: Selector
selector:
matchLabels:
kubernetes.io/metadata.name: fider
tls:
mode: Terminate
certificateRefs:
- name: inetmock-fider-community-tls
- name: fider-login
hostname: login.fider.icb4dc0.de
port: 443
protocol: HTTPS
allowedRoutes:
namespaces:
from: Selector
selector:
matchLabels:
kubernetes.io/metadata.name: fider
tls:
mode: Terminate
certificateRefs:
- name: fider-login-tls