fix

2023-07-24 09:41:32 +02:00
parent e0a4e9118d
commit caa438e434
13 changed files with 280 additions and 265 deletions
--- a/apps/gitea/ingress.tf
+++ b/apps/gitea/ingress.tf
@@ -1,22 +1,27 @@
-
 locals {
    dns-names = ["${var.sub-domain}.${var.domain-name}"]
    middlewares = [{"name" = "${var.instance}-https"}]
-    services = [{
-      "kind" = "Service"
-      "name" = "gitea-http"
-      "namespace"  = var.namespace
-      "port"       = 3000
-    }]
-    routes = [ for v in local.dns-names : {
-      "kind"         = "Rule"
-      "match"        = "Host(`${v}`)"
-      "middlewares"  = local.middlewares
-      "services"     = local.services
+    service = {
+      "name"  = "gitea-http"
+      "port" = {
+        "number" = 3000
+      }
+    }
+    rules = [ for v in local.dns-names : {
+      "host" = "${v}"
+      "http" = {
+        "paths" = [{
+          "backend"  = {
+            "service" = local.service
+          }
+          "path"     = "/"
+          "pathType" = "Prefix"
+        }]
+      }
    }]
 }

-resource "kubectl_manifest" "gitea_certificate" {
+resource "kubectl_manifest" "prj_certificate" {
  yaml_body  = <<-EOF
    apiVersion: "cert-manager.io/v1"
    kind: "Certificate"
@@ -34,7 +39,7 @@ resource "kubectl_manifest" "gitea_certificate" {
  EOF
 }

-resource "kubectl_manifest" "gitea_https_redirect" {
+resource "kubectl_manifest" "prj_https_redirect" {
  yaml_body  = <<-EOF
    apiVersion: "traefik.containo.us/v1alpha1"
    kind: "Middleware"
@@ -49,21 +54,22 @@ resource "kubectl_manifest" "gitea_https_redirect" {
  EOF
 }

-resource "kubectl_manifest" "gitea_ingress" {
+resource "kubectl_manifest" "prj_ingress" {
  force_conflicts = true
  yaml_body  = <<-EOF
-    apiVersion: "traefik.containo.us/v1alpha1"
-    kind: "IngressRoute"
+    apiVersion: "networking.k8s.io/v1"
+    kind: "Ingress"
    metadata:
      name: "${var.instance}"
      namespace: "${var.namespace}"
      labels: ${jsonencode(local.common-labels)}
-      # annotations:
-      #   "kubernetes.io/ingress.class": "${var.ingress-class}"
+      annotations:
+        "traefik.ingress.kubernetes.io/router.middlewares": "${join(",", [for m in local.middlewares : format("%s-%s@kubernetescrd", var.namespace, m)])}"
    spec:
-      entryPoints: ["web","websecure"]
-      routes: ${jsonencode(local.routes)}
+      ingressClassName: "${var.ingress-class}"
+      rules: ${jsonencode(local.rules)}
      tls:
+      - hosts: ${jsonencode(local.dns-names)}
        secretName: "${var.instance}-cert"
  EOF
 }