platform/manifests
1
1
Fork 0
Code Issues 7 Pull Requests 7 Actions Packages Projects Releases Wiki Activity

wip: Gateway Setup

Browse Source
This commit is contained in:
Moritz Jörg
2026-03-13 16:05:15 +01:00
parent 6dc57af5ae
commit ae01e69fc2
32 changed files with 638 additions and 77 deletions
Download Patch File Download Diff File Expand all files Collapse all files
values/cilium/cilium-manifests/gateway.yaml
+55 -1
View File
@@ -13,7 +13,7 @@ spec:
annotations:
load-balancer.hetzner.cloud/location: hel1
load-balancer.hetzner.cloud/type: lb11
load-balancer.hetzner.cloud/name: load-balancer-2
load-balancer.hetzner.cloud/name: load-balancer-1
load-balancer.hetzner.cloud/use-private-ip: "true"
load-balancer.hetzner.cloud/uses-proxyprotocol: "true"
load-balancer.hetzner.cloud/http-redirect-https: "false"
@@ -42,6 +42,36 @@ spec:
selector:
matchLabels:
shared-gateway-access: "true"
- name: https-hel1
protocol: HTTPS
port: 443
hostname: "*.hel1.oceanbox.io"
tls:
certificateRefs:
- group: ''
kind: Secret
name: wildcard-hel1-oceanbox-io
allowedRoutes:
namespaces:
from: Selector
selector:
matchLabels:
shared-gateway-access: "true"
- name: https-internal
protocol: HTTPS
port: 443
hostname: "*.adm.hel1.obx"
tls:
certificateRefs:
- group: ''
kind: Secret
name: wildcard-adm-hel1-obx
allowedRoutes:
namespaces:
from: Selector
selector:
matchLabels:
shared-gateway-access: "true"
- name: ssh
protocol: TCP
port: 22
@@ -65,4 +95,28 @@ spec:
issuerRef:
name: letsencrypt-prod-dns01
kind: ClusterIssuer
---
apiVersion: cert-manager.io/v1
kind: Certificate
metadata:
name: wildcard-hel1-oceanbox-io
spec:
secretName: wildcard-hel1-oceanbox-io
dnsNames:
- "*.hel1.oceanbox.io"
issuerRef:
name: letsencrypt-prod-dns01
kind: ClusterIssuer
---
apiVersion: cert-manager.io/v1
kind: Certificate
metadata:
name: wildcard-adm-hel1-obx
spec:
secretName: wildcard-adm-hel1-obx
dnsNames:
- "*.adm.hel1.obx"
issuerRef:
name: ca-issuer
kind: ClusterIssuer
{{- end}}