wip: Gateway Setup

values/gatus/manifests/gatus.yaml

@@ -26,6 +26,7 @@ spec:
     managedNamespaceMetadata:
       labels:
         component: sys
+        shared-gateway-access: "true"
     syncOptions:
       - CreateNamespace=true
       - ApplyOutOfSyncOnly=true

values/gatus/manifests/ingress.yaml

@@ -1,8 +1,48 @@
+{{- if .Values.clusterConfig.gatewayAPI.enabled }}
+apiVersion: gateway.networking.k8s.io/v1
+kind: HTTPRoute
+metadata:
+  name: gatus
+  namespace: uptime
+spec:
+  parentRefs:
+  - name: shared-gateway
+    namespace: kube-system
+    sectionName: https-internal
+  hostnames:
+  - uptime.{{ .Values.clusterConfig.domain }}
+  rules:
+  - matches:
+    - path:
+        type: PathPrefix
+        value: "/"
+    backendRefs:
+    - name: gatus
+      port: 80
+---
+apiVersion: cilium.io/v2
+kind: CiliumNetworkPolicy
+metadata:
+  name: allow-gateway-to-gatus
+  namespace: uptime
+spec:
+  endpointSelector:
+    matchLabels:
+      app.kubernetes.io/name: gatus
+  ingress:
+  - fromCIDRSet:
+    {{- range .Values.clusterConfig.ingress_whitelist }}
+    - cidr: {{ . }}
+    {{- end }}
+  - fromEndpoints:
+    - matchLabels:
+        "k8s:io.kubernetes.pod.namespace": uptime
+{{- else }}
 apiVersion: networking.k8s.io/v1
 kind: Ingress
 metadata:
   annotations:
-    cert-manager.io/cluster-issuer: ca-issuer
+    cert-manager.io/cluster-issuer: {{ .Values.clusterConfig.ingress_clusterissuer }}
     nginx.ingress.kubernetes.io/backend-protocol: HTTP
     nginx.ingress.kubernetes.io/cors-allow-headers: Content-Type, x-gatus-cache
     nginx.ingress.kubernetes.io/enable-cors: "true"
@@ -15,7 +55,7 @@ metadata:
 spec:
   ingressClassName: nginx
   rules:
-    - host: uptime.adm.hel1.obx
+    - host: uptime.{{ .Values.clusterConfig.domain }}
       http:
         paths:
           - backend:
@@ -27,5 +67,6 @@ spec:
             pathType: ImplementationSpecific
   tls:
     - hosts:
-        - uptime.adm.hel1.obx
+        - uptime.{{ .Values.clusterConfig.domain }}
       secretName: gatus-tls
+{{- end }}