From 48b277a89f06f35912318c85400b22e103154273 Mon Sep 17 00:00:00 2001 From: Michael Thomson Date: Sat, 13 Jan 2024 10:07:34 -0500 Subject: [PATCH] gitea ssh through traefik --- gitea/helmrelease-gitea.yaml | 8 +++----- gitea/ingress-route-tcp.yaml | 13 +++++++++++++ traefik/helmrelease-traefik.yaml | 3 +++ 3 files changed, 19 insertions(+), 5 deletions(-) create mode 100644 gitea/ingress-route-tcp.yaml diff --git a/gitea/helmrelease-gitea.yaml b/gitea/helmrelease-gitea.yaml index 1d3a270..00dfea1 100644 --- a/gitea/helmrelease-gitea.yaml +++ b/gitea/helmrelease-gitea.yaml @@ -149,9 +149,9 @@ spec: ## @param service.ssh.loadBalancerSourceRanges Source range filter for ssh loadbalancer ## @param service.ssh.annotations SSH service annotations ssh: - type: LoadBalancer + type: ClusterIP port: 22 - clusterIP: None + clusterIP: loadBalancerIP: nodePort: externalTrafficPolicy: @@ -160,9 +160,7 @@ spec: ipFamilies: hostPort: loadBalancerSourceRanges: [] - annotations: - metallb.universe.tf/loadBalancerIPs: 192.168.2.202 - metallb.universe.tf/allow-shared-ip: gitea-ssh + annotations: {} ## @section Ingress ## @param ingress.enabled Enable ingress diff --git a/gitea/ingress-route-tcp.yaml b/gitea/ingress-route-tcp.yaml new file mode 100644 index 0000000..3006f51 --- /dev/null +++ b/gitea/ingress-route-tcp.yaml @@ -0,0 +1,13 @@ +apiVersion: traefik.containo.us/v1alpha1 +kind: IngressRouteTCP +metadata: + name: gitea-ssh + namespace: gitea +spec: + entryPoints: + - gitea-ssh + routes: + - match: HostSNI(`*`) + services: + - name: gitea-ssh + port: 22 diff --git a/traefik/helmrelease-traefik.yaml b/traefik/helmrelease-traefik.yaml index 56a84bd..a3ef362 100644 --- a/traefik/helmrelease-traefik.yaml +++ b/traefik/helmrelease-traefik.yaml @@ -754,6 +754,9 @@ spec: exposedPort: 9100 # -- The port protocol (TCP/UDP) protocol: TCP + gitea-ssh: + port: 55522 + expose: true # -- TLS Options are created as TLSOption CRDs # https://doc.traefik.io/traefik/https/tls/#tls-options