SeanOMik
/
k3s-cluster
1
0
Fork 0
Code Issues 2 Pull Requests 33 Packages Projects Releases Wiki Activity

Use wildcard cert for everything in download

This commit is contained in:
SeanOMik 2023-04-13 01:13:18 -04:00
parent 82a3d02cfe
commit f2252bd6c8
Signed by: SeanOMik
GPG Key ID: 568F326C7EB33ACB
8 changed files with 33 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
cluster/apps/download/bazarr/helm-release.yaml
View File

@ -32,14 +32,17 @@ spec:
main: main:
enabled: true enabled: true
annotations: annotations:
cert-manager.io/cluster-issuer: "letsencrypt-production"
traefik.ingress.kubernetes.io/router.entrypoints: websecure traefik.ingress.kubernetes.io/router.entrypoints: websecure
traefik.ingress.kubernetes.io/router.middlewares: traefik-authentik@kubernetescrd traefik.ingress.kubernetes.io/router.middlewares: traefik-authentik@kubernetescrd
hosts: hosts:
- host: "subs.${SECRET_NEW_DOMAIN}" - host: &host "subs.${SECRET_NEW_DOMAIN}"
paths: paths:
- path: / - path: /
pathType: Prefix pathType: Prefix
tls:
- hosts:
- *host
secretName: wildcard-main-tls
persistence: persistence:
config: config:
enabled: true enabled: true

7
cluster/apps/download/mylar3/helm-release.yaml
View File

@ -36,14 +36,17 @@ spec:
main: main:
enabled: true enabled: true
annotations: annotations:
cert-manager.io/cluster-issuer: "letsencrypt-production"
traefik.ingress.kubernetes.io/router.entrypoints: websecure traefik.ingress.kubernetes.io/router.entrypoints: websecure
traefik.ingress.kubernetes.io/router.middlewares: traefik-authentik@kubernetescrd traefik.ingress.kubernetes.io/router.middlewares: traefik-authentik@kubernetescrd
hosts: hosts:
- host: "mylar.${SECRET_NEW_DOMAIN}" - host: &host "mylar.${SECRET_NEW_DOMAIN}"
paths: paths:
- path: / - path: /
pathType: Prefix pathType: Prefix
tls:
- hosts:
- *host
secretName: wildcard-main-tls
persistence: persistence:
config: config:
enabled: true enabled: true

7
cluster/apps/download/prowlarr/helm-release.yaml
View File

@ -43,14 +43,17 @@ spec:
main: main:
enabled: true enabled: true
annotations: annotations:
cert-manager.io/cluster-issuer: "letsencrypt-production"
traefik.ingress.kubernetes.io/router.entrypoints: websecure traefik.ingress.kubernetes.io/router.entrypoints: websecure
traefik.ingress.kubernetes.io/router.middlewares: traefik-authentik@kubernetescrd traefik.ingress.kubernetes.io/router.middlewares: traefik-authentik@kubernetescrd
hosts: hosts:
- host: "prowlarr.${SECRET_NEW_DOMAIN}" - host: &host "prowlarr.${SECRET_NEW_DOMAIN}"
paths: paths:
- path: / - path: /
pathType: Prefix pathType: Prefix
tls:
- hosts:
- *host
secretName: wildcard-main-tls
persistence: persistence:
config: config:
enabled: true enabled: true

6
cluster/apps/download/qbittorrent/ingress.yaml
View File

@ -4,12 +4,11 @@ metadata:
name: qbittorrent-ingress name: qbittorrent-ingress
namespace: download namespace: download
annotations: annotations:
cert-manager.io/cluster-issuer: "letsencrypt-production"
traefik.ingress.kubernetes.io/router.entrypoints: websecure traefik.ingress.kubernetes.io/router.entrypoints: websecure
traefik.ingress.kubernetes.io/router.middlewares: traefik-authentik@kubernetescrd traefik.ingress.kubernetes.io/router.middlewares: traefik-authentik@kubernetescrd
spec: spec:
rules: rules:
- host: "qbit.${SECRET_NEW_DOMAIN}" - host: &host "qbit.${SECRET_NEW_DOMAIN}"
http: http:
paths: paths:
- path: / - path: /
@ -21,4 +20,5 @@ spec:
name: http name: http
tls: tls:
- hosts: - hosts:
- ${SECRET_DOMAIN} - *host
secretName: wildcard-main-tls

7
cluster/apps/download/radarr/helm-release.yaml
View File

@ -45,14 +45,17 @@ spec:
main: main:
enabled: true enabled: true
annotations: annotations:
cert-manager.io/cluster-issuer: "letsencrypt-production"
traefik.ingress.kubernetes.io/router.entrypoints: websecure traefik.ingress.kubernetes.io/router.entrypoints: websecure
traefik.ingress.kubernetes.io/router.middlewares: traefik-authentik@kubernetescrd traefik.ingress.kubernetes.io/router.middlewares: traefik-authentik@kubernetescrd
hosts: hosts:
- host: "radarr.${SECRET_NEW_DOMAIN}" - host: &host "radarr.${SECRET_NEW_DOMAIN}"
paths: paths:
- path: / - path: /
pathType: Prefix pathType: Prefix
tls:
- hosts:
- *host
secretName: wildcard-main-tls
persistence: persistence:
config: config:
enabled: true enabled: true

7
cluster/apps/download/readarr/audiobook-helm.yaml
View File

@ -43,14 +43,17 @@ spec:
main: main:
enabled: true enabled: true
annotations: annotations:
cert-manager.io/cluster-issuer: "letsencrypt-production"
traefik.ingress.kubernetes.io/router.entrypoints: websecure traefik.ingress.kubernetes.io/router.entrypoints: websecure
traefik.ingress.kubernetes.io/router.middlewares: traefik-authentik@kubernetescrd traefik.ingress.kubernetes.io/router.middlewares: traefik-authentik@kubernetescrd
hosts: hosts:
- host: "readarr-audiobooks.${SECRET_NEW_DOMAIN}" - host: &host "readarr-audiobooks.${SECRET_NEW_DOMAIN}"
paths: paths:
- path: / - path: /
pathType: Prefix pathType: Prefix
tls:
- hosts:
- *host
secretName: wildcard-main-tls
persistence: persistence:
config: config:
enabled: true enabled: true

7
cluster/apps/download/readarr/ebook-helm.yaml
View File

@ -43,14 +43,17 @@ spec:
main: main:
enabled: true enabled: true
annotations: annotations:
cert-manager.io/cluster-issuer: "letsencrypt-production"
traefik.ingress.kubernetes.io/router.entrypoints: websecure traefik.ingress.kubernetes.io/router.entrypoints: websecure
traefik.ingress.kubernetes.io/router.middlewares: traefik-authentik@kubernetescrd traefik.ingress.kubernetes.io/router.middlewares: traefik-authentik@kubernetescrd
hosts: hosts:
- host: "readarr-ebooks.${SECRET_NEW_DOMAIN}" - host: &host "readarr-ebooks.${SECRET_NEW_DOMAIN}"
paths: paths:
- path: / - path: /
pathType: Prefix pathType: Prefix
tls:
- hosts:
- *host
secretName: wildcard-main-tls
persistence: persistence:
config: config:
enabled: true enabled: true

1
cluster/apps/download/sonarr/helm-release.yaml
View File

@ -45,7 +45,6 @@ spec:
main: main:
enabled: true enabled: true
annotations: annotations:
cert-manager.io/cluster-issuer: "letsencrypt-production"
traefik.ingress.kubernetes.io/router.entrypoints: websecure traefik.ingress.kubernetes.io/router.entrypoints: websecure
traefik.ingress.kubernetes.io/router.middlewares: traefik-authentik@kubernetescrd traefik.ingress.kubernetes.io/router.middlewares: traefik-authentik@kubernetescrd
hosts: hosts: