From 2e448a536774a4845275cb8166da2789079c3587 Mon Sep 17 00:00:00 2001
From: Michael Thomson <mthomson@konradgroup.com>
Date: Fri, 1 Dec 2023 11:44:54 -0500
Subject: [PATCH] expose traefik dash

---
 traefik/helmrelease-traefik.yaml | 12 ++++++++----
 1 file changed, 8 insertions(+), 4 deletions(-)

diff --git a/traefik/helmrelease-traefik.yaml b/traefik/helmrelease-traefik.yaml
index 16bf3d7..83783ae 100644
--- a/traefik/helmrelease-traefik.yaml
+++ b/traefik/helmrelease-traefik.yaml
@@ -168,15 +168,19 @@ spec:
         # -- Additional ingressRoute labels (e.g. for filtering IngressRoute by custom labels)
         labels: {}
         # -- The router match rule used for the dashboard ingressRoute
-        matchRule: PathPrefix(`/dashboard`) || PathPrefix(`/api`)
+        matchRule: Host(`server.michaelthomson.dev`) && PathPrefix(`/dashboard`)
         # -- Specify the allowed entrypoints to use for the dashboard ingress route, (e.g. traefik, web, websecure).
         # By default, it's using traefik entrypoint, which is not exposed.
         # /!\ Do not expose your dashboard without any protection over the internet /!\
-        entryPoints: ["traefik"]
+        entryPoints: ["websecure"]
         # -- Additional ingressRoute middlewares (e.g. for authentication)
-        middlewares: []
+        middlewares:
+          - name: authentik
         # -- TLS options (e.g. secret containing certificate)
-        tls: {}
+        tls:
+          secretName: letsencrypt-wildcard-cert-michaelthomson.dev
+          domains:
+            - main: server.michaelthomson.dev
       healthcheck:
         # -- Create an IngressRoute for the healthcheck probe
         enabled: false