earl-warren/k8s-cluster
1
0
Fork 0
forked from infrastructure/k8s-cluster
Code Pull requests Activity

feat: configuable git-mirror ingress ()

Browse source 
Reviewed-on: https://code.forgejo.org/infrastructure/k8s-cluster/pulls/389
Reviewed-by: earl-warren <earl-warren@noreply.code.forgejo.org>
Co-authored-by: Michael Kriese <michael.kriese@visualon.de>
Co-committed-by: Michael Kriese <michael.kriese@visualon.de>
This commit is contained in:
Michael Kriese 2025-03-28 09:21:26 +00:00 committed by Michael Kriese
parent 6eb25136dc
commit 8729f5f594
No known key found for this signature in database
GPG key ID: F128CBE6AB3A7201
5 changed files with 73 additions and 10 deletions
.prettierignore
flux/apps
charts/git-mirror
Chart.yaml
templates
ingress.yaml
values.yaml
forgejo-code
git-mirror.yaml

1
.prettierignore
View file

@ -14,3 +14,4 @@ gotk-components.yaml
# helm templates
#**/templates/**/*.yaml
flux/apps/charts/git-mirror/templates/git-mirror-sh.yaml
flux/apps/charts/git-mirror/templates/ingress.yaml

2
flux/apps/charts/git-mirror/Chart.yaml
View file

@ -1,4 +1,4 @@
apiVersion: v2
name: git-mirror
version: 2.0.0 # need increment on any manifest change
version: 3.0.0 # need increment on any manifest change
description: Git mirror

32
flux/apps/charts/git-mirror/templates/ingress.yaml
View file

@ -1,3 +1,4 @@
{{- if .Values.ingress.enabled -}}
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
@ -10,21 +11,38 @@ metadata:
cert-manager.io/private-key-rotation-policy: Always
cert-manager.io/private-key-algorithm: ECDSA
cert-manager.io/private-key-size: '384'
kubernetes.io/ingress.class: traefik
traefik.ingress.kubernetes.io/router.entrypoints: websecure
{{- range $key, $value := .Values.ingress.annotations }}
{{ $key }}: {{ $value | quote }}
{{- end }}
spec:
{{- if .Values.ingress.className }}
ingressClassName: {{ tpl .Values.ingress.className . }}
{{- end }}
{{- if .Values.ingress.tls }}
tls:
{{- range .Values.ingress.tls }}
- hosts:
- {{.Values.host}}
secretName: tls-git-mirror-{{ .Release.Name }}-http
{{- range .hosts }}
- {{ tpl . $ | quote }}
{{- end }}
secretName: {{ .secretName }}
{{- end }}
{{- end }}
rules:
- host: {{.Values.host}}
{{- range .Values.ingress.hosts }}
- host: {{ tpl .host $ | quote }}
http:
paths:
- pathType: Prefix
path: /
{{- range .paths }}
- path: {{ .path }}
{{- if .pathType }}
pathType: {{ .pathType }}
{{- end }}
backend:
service:
name: git-mirror-{{ .Release.Name }}
port:
name: http
{{- end }}
{{- end }}
{{- end }}

27
flux/apps/charts/git-mirror/values.yaml
View file

@ -1,3 +1,28 @@
host: 'example.com'
pvc: 'sample-pvc'
replicas: 1
## @section Ingress
## @param ingress.enabled Enable ingress
## @param ingress.className Ingress class name
## @param ingress.annotations Ingress annotations
## @param ingress.hosts[0].host Default Ingress host
## @param ingress.hosts[0].paths[0].path Default Ingress path
## @param ingress.hosts[0].paths[0].pathType Ingress path type
## @param ingress.tls Ingress tls settings
ingress:
enabled: false
# className: nginx
className:
annotations:
{}
# kubernetes.io/ingress.class: nginx
# kubernetes.io/tls-acme: "true"
hosts:
- host: git.example.com
paths:
- path: /
pathType: Prefix
tls: []
# - secretName: chart-example-tls
# hosts:
# - git.example.com

21
flux/apps/forgejo-code/git-mirror.yaml
View file

@ -15,7 +15,6 @@ spec:
namespace: flux-system
interval: 12h
values:
host: git-mirror.forgejo.org
pvc: git-mirror
replicas: 2
urls:
@ -70,3 +69,23 @@ spec:
- https://github.com/sigstore/cosign-installer.git
- https://github.com/tj-actions/changed-files.git
- https://github.com/webfactory/ssh-agent.git
ingress:
enabled: true
className: traefik
annotations:
traefik.ingress.kubernetes.io/router.entrypoints: websecure
hosts:
- host: git-mirror.forgejo.org
paths:
- path: /
pathType: Prefix
# - host: data.forgejo.org
# paths:
# - path: /forgejo/
# pathType: Prefix
tls:
- hosts:
- git-mirror.forgejo.org
# - data.forgejo.org
secretName: tls-git-mirror-http