feat: Add external reverse proxies
This commit is contained in:
parent
44a8b44b45
commit
b2e579f88e
@ -1,7 +1,6 @@
|
||||
x-jellyfin: &jellyfin
|
||||
upstream_host: jellyfin.home.mnke.org
|
||||
upstream_port: 8096
|
||||
pass_host_header: false
|
||||
|
||||
proxies:
|
||||
- <<: *jellyfin
|
||||
@ -10,8 +9,23 @@ proxies:
|
||||
listen_hosts:
|
||||
- media.mnke.org
|
||||
- jellyfin.mnke.org
|
||||
pass_host_header: false
|
||||
|
||||
- <<: *jellyfin
|
||||
service_name: jellyfin-tonydu
|
||||
tls_secret_name: wildcard-tonydu-me-tls
|
||||
listen_host: media.tonydu.me
|
||||
|
||||
- service_name: seerr-tonydu
|
||||
tls_secret_name: wildcard-tonydu-me-tls
|
||||
listen_host: seerr.tonydu.me
|
||||
upstream_host: seerr.jumper.mnke.org
|
||||
upstream_port: 443
|
||||
pass_host_header: false
|
||||
|
||||
- service_name: seerr-mnke
|
||||
tls_secret_name: wildcard-mnke-org-tls
|
||||
listen_host: seerr.mnke.org
|
||||
upstream_host: seerr.jumper.mnke.org
|
||||
upstream_port: 443
|
||||
pass_host_header: false
|
||||
|
@ -24,7 +24,7 @@ def write_file(filename, content, dry_run):
|
||||
with open(filename, 'w') as f:
|
||||
f.write(content)
|
||||
|
||||
kustomize_template = Template('''---
|
||||
kustomization_template = Template('''---
|
||||
apiVersion: kustomize.config.k8s.io/v1beta1
|
||||
kind: Kustomization
|
||||
resources:
|
||||
@ -56,9 +56,9 @@ def main(args):
|
||||
filenames.append(path.basename(generated_filename))
|
||||
write_file(generated_filename, content, dry_run)
|
||||
|
||||
kustomize_filename = path.join(output_path, 'kustomize.yaml')
|
||||
kustomize_content = kustomize_template.render(filenames=filenames)
|
||||
write_file(kustomize_filename, kustomize_content, dry_run)
|
||||
kustomization_filename = path.join(output_path, 'kustomization.yaml')
|
||||
kustomization_content = kustomization_template.render(filenames=filenames)
|
||||
write_file(kustomization_filename, kustomization_content, dry_run)
|
||||
|
||||
if __name__ == '__main__':
|
||||
default_config_path = path.join(path.dirname(__file__), 'config', 'config.yaml')
|
||||
|
@ -31,7 +31,7 @@ spec:
|
||||
- kind: Service
|
||||
name: {{ service_name }}-external
|
||||
port: {{ upstream_port }}
|
||||
passHostHeader: {{ pass_host_header }}
|
||||
passHostHeader: {{ pass_host_header | default('true') }}
|
||||
{%- endfor %}
|
||||
tls:
|
||||
secretName: {{ tls_secret_name }}
|
||||
|
@ -1,4 +1,5 @@
|
||||
---
|
||||
# This file was automatically generated. Do not modify.
|
||||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
@ -13,6 +14,7 @@ spec:
|
||||
targetPort: 8096
|
||||
|
||||
---
|
||||
# This file was automatically generated. Do not modify.
|
||||
apiVersion: traefik.io/v1alpha1
|
||||
kind: IngressRoute
|
||||
metadata:
|
||||
|
@ -1,4 +1,5 @@
|
||||
---
|
||||
# This file was automatically generated. Do not modify.
|
||||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
@ -13,6 +14,7 @@ spec:
|
||||
targetPort: 8096
|
||||
|
||||
---
|
||||
# This file was automatically generated. Do not modify.
|
||||
apiVersion: traefik.io/v1alpha1
|
||||
kind: IngressRoute
|
||||
metadata:
|
||||
@ -28,6 +30,6 @@ spec:
|
||||
- kind: Service
|
||||
name: jellyfin-tonydu-external
|
||||
port: 8096
|
||||
passHostHeader: False
|
||||
passHostHeader: true
|
||||
tls:
|
||||
secretName: wildcard-tonydu-me-tls
|
||||
|
@ -3,4 +3,6 @@ apiVersion: kustomize.config.k8s.io/v1beta1
|
||||
kind: Kustomization
|
||||
resources:
|
||||
- jellyfin-mnke.yaml
|
||||
- jellyfin-tonydu.yaml
|
||||
- jellyfin-tonydu.yaml
|
||||
- seerr-tonydu.yaml
|
||||
- seerr-mnke.yaml
|
35
k8s/apps/external-reverse-proxies/generated/seerr-mnke.yaml
Normal file
35
k8s/apps/external-reverse-proxies/generated/seerr-mnke.yaml
Normal file
@ -0,0 +1,35 @@
|
||||
---
|
||||
# This file was automatically generated. Do not modify.
|
||||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
name: seerr-mnke-external
|
||||
namespace: default
|
||||
spec:
|
||||
type: ExternalName
|
||||
externalName: seerr.jumper.mnke.org
|
||||
ports:
|
||||
- name: seerr-mnke-external
|
||||
port: 443
|
||||
targetPort: 443
|
||||
|
||||
---
|
||||
# This file was automatically generated. Do not modify.
|
||||
apiVersion: traefik.io/v1alpha1
|
||||
kind: IngressRoute
|
||||
metadata:
|
||||
name: seerr-mnke-external
|
||||
namespace: default
|
||||
spec:
|
||||
entryPoints:
|
||||
- websecure
|
||||
routes:
|
||||
- match: Host(`seerr.mnke.org`)
|
||||
kind: Rule
|
||||
services:
|
||||
- kind: Service
|
||||
name: seerr-mnke-external
|
||||
port: 443
|
||||
passHostHeader: False
|
||||
tls:
|
||||
secretName: wildcard-mnke-org-tls
|
@ -0,0 +1,35 @@
|
||||
---
|
||||
# This file was automatically generated. Do not modify.
|
||||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
name: seerr-tonydu-external
|
||||
namespace: default
|
||||
spec:
|
||||
type: ExternalName
|
||||
externalName: seerr.jumper.mnke.org
|
||||
ports:
|
||||
- name: seerr-tonydu-external
|
||||
port: 443
|
||||
targetPort: 443
|
||||
|
||||
---
|
||||
# This file was automatically generated. Do not modify.
|
||||
apiVersion: traefik.io/v1alpha1
|
||||
kind: IngressRoute
|
||||
metadata:
|
||||
name: seerr-tonydu-external
|
||||
namespace: default
|
||||
spec:
|
||||
entryPoints:
|
||||
- websecure
|
||||
routes:
|
||||
- match: Host(`seerr.tonydu.me`)
|
||||
kind: Rule
|
||||
services:
|
||||
- kind: Service
|
||||
name: seerr-tonydu-external
|
||||
port: 443
|
||||
passHostHeader: False
|
||||
tls:
|
||||
secretName: wildcard-tonydu-me-tls
|
@ -3,4 +3,4 @@ apiVersion: kustomize.config.k8s.io/v1beta1
|
||||
kind: Kustomization
|
||||
resources:
|
||||
- generated
|
||||
- middlewares
|
||||
# - middlewares
|
||||
|
@ -5,3 +5,4 @@ resources:
|
||||
- common
|
||||
- uptime-kuma
|
||||
- ghost
|
||||
- external-reverse-proxies
|
||||
|
@ -16,8 +16,10 @@ spec:
|
||||
# reflector.v1.k8s.emberstack.com/reflection-allowed-namespaces: "dev,staging,prod" # Control destination namespaces
|
||||
# reflector.v1.k8s.emberstack.com/reflection-auto-namespaces: "dev,staging,prod" # Control auto-reflection namespaces
|
||||
dnsNames:
|
||||
- "mnke.org"
|
||||
- "*.mnke.org"
|
||||
- "*.dolo.mnke.org"
|
||||
commonName: "*.mnke.org"
|
||||
issuerRef:
|
||||
name: le-cf-issuer
|
||||
kind: ClusterIssuer
|
||||
|
Loading…
x
Reference in New Issue
Block a user