tony/homelab
1
0
Fork 0
Code Issues 12 Pull Requests Actions Packages Projects Releases Wiki Activity

chore: Protect wizarr

Browse Source
This commit is contained in:
Tony Du 2025-03-08 14:54:49 -08:00
parent a3f97b6d75
commit 1441ae0374
Signed by: tony
SSH Key Fingerprint: SHA256:kkfAzsJYE6sKPZtP7vfEN6zZEQxz6i8xb0Dzq5KD3PE
6 changed files with 30 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
k8s/apps/ingressroutes/external/build/kustomization.yaml vendored
View File

@ -6,7 +6,6 @@ resources:
- jellyfin-tonydu.yaml - jellyfin-tonydu.yaml
- seerr-mnke.yaml - seerr-mnke.yaml
- seerr-tonydu.yaml - seerr-tonydu.yaml
- wizarr-tonydu.yaml
- dns-dolo-mnke.yaml - dns-dolo-mnke.yaml
- gitea.yaml - gitea.yaml
- vaultwarden.yaml - vaultwarden.yaml

1
k8s/apps/ingressroutes/external/kustomization.yaml vendored
View File

@ -3,3 +3,4 @@ apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization kind: Kustomization
resources: resources:
- build - build
- manual

5
k8s/apps/ingressroutes/external/manual/kustomization.yaml vendored Normal file
View File

@ -0,0 +1,5 @@
---
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
- wizarr-tonydu.yaml

21
k8s/apps/ingressroutes/external/build/wizarr-tonydu.yaml → k8s/apps/ingressroutes/external/manual/wizarr-tonydu.yaml vendored
View File

@ -1,5 +1,4 @@
--- ---
# This file was automatically generated. Do not modify.
apiVersion: v1 apiVersion: v1
kind: Service kind: Service
metadata: metadata:
@ -14,7 +13,8 @@ spec:
targetPort: 443 targetPort: 443
--- ---
# This file was automatically generated. Do not modify. # TODO: Migrate this to redirect to mnke.org. Requires changing an env
# variable in the container
apiVersion: traefik.io/v1alpha1 apiVersion: traefik.io/v1alpha1
kind: IngressRoute kind: IngressRoute
metadata: metadata:
@ -24,8 +24,25 @@ spec:
entryPoints: entryPoints:
- websecure - websecure
routes: routes:
- match: >-
Host(`wizarr.tonydu.me`) &&
(PathPrefix(`/j`) ||
PathPrefix(`/join`) ||
PathPrefix(`/setup`) ||
PathPrefix(`/static`) ||
PathPrefix(`/guide`))
kind: Rule
services:
- kind: Service
name: wizarr-tonydu-external
port: 443
passHostHeader: False
- match: Host(`wizarr.tonydu.me`) - match: Host(`wizarr.tonydu.me`)
kind: Rule kind: Rule
middlewares:
- name: authentik
namespace: default
services: services:
- kind: Service - kind: Service
name: wizarr-tonydu-external name: wizarr-tonydu-external

9
k8s/apps/ingressroutes/external/templater/values.yaml vendored
View File

@ -39,15 +39,6 @@ proxies:
# - name: redirect-tonydu-me-mnke-org # - name: redirect-tonydu-me-mnke-org
# namespace: default # namespace: default
# TODO: Migrate this to redirect to mnke.org. Requires changing an env
# variable in the container
- service_name: wizarr-tonydu
tls_secret_name: wildcard-tonydu-me-tls
listen_host: wizarr.tonydu.me
upstream_host: wizarr.jumper.mnke.org
upstream_port: 443
pass_host_header: false
- service_name: dns-dolo-mnke - service_name: dns-dolo-mnke
tls_secret_name: wildcard-mnke-org-tls tls_secret_name: wildcard-mnke-org-tls
listen_host: dns.dolo.mnke.org listen_host: dns.dolo.mnke.org

6
k8s/apps/ingressroutes/internal/up-mnke-org.yaml
View File

@ -10,7 +10,11 @@ spec:
routes: routes:
- match: >- - match: >-
(Host(`up.mnke.org`) || Host(`up.dolo.mnke.org`)) && (Host(`up.mnke.org`) || Host(`up.dolo.mnke.org`)) &&
(PathRegexp(`^/status/*$`) || PathRegexp(`^/api/*`)) (PathPrefix(`/status`) ||
PathPrefix(`/api`) ||
PathPrefix(`/metrics`) ||
PathPrefix(`/assets`) ||
PathPrefix(`/upload`))
kind: Rule kind: Rule
services: services:
- kind: Service - kind: Service