init cluster

2025-11-02 18:13:46 +01:00
parent 915d40cdce
commit d5d0958502
18 changed files with 922 additions and 10 deletions
--- a/ingress.yaml
+++ b/ingress.yaml
@@ -2,7 +2,7 @@ apiVersion: networking.k8s.io/v1
 kind: Ingress
 metadata:
  name: rogicasa-ingress
-  namespace: default  # Change to your preferred namespace
+  namespace: default
  annotations:
    # Use Traefik as the ingress controller (default in k3s)
    kubernetes.io/ingress.class: "traefik"
@@ -69,4 +69,193 @@ spec:
              port:
                number: 80
          path: /
-
+  - host: phoenix.rogi.casa
+    http:
+      paths:
+        - path: /
+          pathType: Prefix
+          backend:
+            service:
+              name: phoenix-service
+              port:
+                number: 80
+  - host: gym.rogi.casa
+    http:
+      paths:
+        - path: /
+          pathType: Prefix
+          backend:
+            service:
+              name: gym-tracker
+              port:
+                number: 80
+---
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  name: gitea-ingress
+  namespace: gitea
+  annotations:
+    # Use Traefik as the ingress controller (default in k3s)
+    kubernetes.io/ingress.class: "traefik"
+    # Enable SSL redirect
+    traefik.ingress.kubernetes.io/redirect-entry-point: https
+    # Optional: enable compression
+    traefik.ingress.kubernetes.io/compress: "true"
+    cert-manager.io/issuer: prod-issuer
+    cert-manager.io/issuer-kind: OriginIssuer
+    cert-manager.io/issuer-group: cert-manager.k8s.cloudflare.com
+spec:
+  tls:
+    - hosts:
+      - "*.rogi.casa"
+      secretName: rogicasa-tls
+  rules:
+  - host: gitea.rogi.casa
+    http:
+      paths:
+        - path: /
+          pathType: Prefix
+          backend:
+            service:
+              name: gitea
+              port:
+                number: 80
+---
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  name: monitoring-ingress
+  namespace: monitoring
+  annotations:
+    # Use Traefik as the ingress controller (default in k3s)
+    kubernetes.io/ingress.class: "traefik"
+    # Enable SSL redirect
+    traefik.ingress.kubernetes.io/redirect-entry-point: https
+    # Optional: enable compression
+    traefik.ingress.kubernetes.io/compress: "true"
+    cert-manager.io/issuer: prod-issuer
+    cert-manager.io/issuer-kind: OriginIssuer
+    cert-manager.io/issuer-group: cert-manager.k8s.cloudflare.com
+spec:
+  tls:
+    - hosts:
+      - "*.rogi.casa"
+      secretName: rogicasa-tls
+  rules:
+  - host: grafana.rogi.casa
+    http:
+      paths:
+        - path: /
+          pathType: Prefix
+          backend:
+            service:
+              name: grafana
+              port:
+                number: 80
+  - host: prometheus.rogi.casa
+    http:
+      paths:
+        - path: /
+          pathType: Prefix
+          backend:
+            service:
+              name: prometheus-k8s
+              port:
+                number: 80
+---
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  name: vaultwarden-ingress
+  namespace: vaultwarden
+  annotations:
+    # Use Traefik as the ingress controller (default in k3s)
+    kubernetes.io/ingress.class: "traefik"
+    # Enable SSL redirect
+    traefik.ingress.kubernetes.io/redirect-entry-point: https
+    # Optional: enable compression
+    traefik.ingress.kubernetes.io/compress: "true"
+    cert-manager.io/issuer: prod-issuer
+    cert-manager.io/issuer-kind: OriginIssuer
+    cert-manager.io/issuer-group: cert-manager.k8s.cloudflare.com
+spec:
+  tls:
+    - hosts:
+      - "*.rogi.casa"
+      secretName: rogicasa-tls
+  rules:
+  - host: vaultwarden.rogi.casa
+    http:
+      paths:
+        - path: /
+          pathType: Prefix
+          backend:
+            service:
+              name: vaultwarden
+              port:
+                number: 80
+---
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  name: homeassistant-ingress
+  namespace: home-assistant
+  annotations:
+    # Use Traefik as the ingress controller (default in k3s)
+    kubernetes.io/ingress.class: "traefik"
+    # Enable SSL redirect
+    traefik.ingress.kubernetes.io/redirect-entry-point: https
+    # Optional: enable compression
+    traefik.ingress.kubernetes.io/compress: "true"
+    cert-manager.io/issuer: prod-issuer
+    cert-manager.io/issuer-kind: OriginIssuer
+    cert-manager.io/issuer-group: cert-manager.k8s.cloudflare.com
+spec:
+  tls:
+    - hosts:
+      - "*.rogi.casa"
+      secretName: rogicasa-tls
+  rules:
+  - host: homeassistant.rogi.casa
+    http:
+      paths:
+        - path: /
+          pathType: Prefix
+          backend:
+            service:
+              name: home-assistant
+              port:
+                number: 80
+---
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  name: minecraft-ingress
+  namespace: minecraft
+  annotations:
+    # Use Traefik as the ingress controller (default in k3s)
+    kubernetes.io/ingress.class: "traefik"
+    # Enable SSL redirect
+    traefik.ingress.kubernetes.io/redirect-entry-point: https
+    # Optional: enable compression
+    traefik.ingress.kubernetes.io/compress: "true"
+    cert-manager.io/issuer: prod-issuer
+    cert-manager.io/issuer-kind: OriginIssuer
+    cert-manager.io/issuer-group: cert-manager.k8s.cloudflare.com
+spec:
+  tls:
+    - hosts:
+      - "*.rogi.casa"
+      secretName: rogicasa-tls
+  rules:
+  - host: minecraft.rogi.casa
+    http:
+      paths:
+        - path: /
+          pathType: Prefix
+          backend:
+            service:
+              name: minecraft-server
+              port:
+                number: 25565