From 007c6e76d06431993b1d65b53e638e742b563e4b Mon Sep 17 00:00:00 2001 From: Scrublord MacBad Date: Tue, 21 Apr 2026 22:48:28 +0200 Subject: [PATCH] fix: use JSON6902 patches to inject secretName into ingress TLS --- apps/production/element-server-suite.yaml | 5 -- apps/production/ingress-tls-patch.yaml | 49 ------------------ apps/production/kustomization.yaml | 63 ++++++++++++++++++++++- 3 files changed, 61 insertions(+), 56 deletions(-) delete mode 100644 apps/production/ingress-tls-patch.yaml diff --git a/apps/production/element-server-suite.yaml b/apps/production/element-server-suite.yaml index 69e0e3e..d5fe1d0 100644 --- a/apps/production/element-server-suite.yaml +++ b/apps/production/element-server-suite.yaml @@ -26,7 +26,6 @@ spec: enabled: true ingress: host: matrix.axion1337.chat - tlsSecretName: matrix-axion1337-chat-tls annotations: cert-manager.io/cluster-issuer: letsencrypt-prod traefik.ingress.kubernetes.io/router.tls: "true" @@ -36,7 +35,6 @@ spec: enabled: true ingress: host: account.axion1337.chat - tlsSecretName: account-axion1337-chat-tls annotations: cert-manager.io/cluster-issuer: letsencrypt-prod traefik.ingress.kubernetes.io/router.tls: "true" @@ -46,7 +44,6 @@ spec: enabled: true ingress: host: mrtc.axion1337.chat - tlsSecretName: mrtc-axion1337-chat-tls annotations: cert-manager.io/cluster-issuer: letsencrypt-prod traefik.ingress.kubernetes.io/router.tls: "true" @@ -56,7 +53,6 @@ spec: enabled: true ingress: host: axion1337.chat - tlsSecretName: axion1337-chat-tls annotations: cert-manager.io/cluster-issuer: letsencrypt-prod traefik.ingress.kubernetes.io/router.tls: "true" @@ -66,7 +62,6 @@ spec: enabled: true ingress: host: admin.axion1337.chat - tlsSecretName: admin-axion1337-chat-tls annotations: cert-manager.io/cluster-issuer: letsencrypt-prod traefik.ingress.kubernetes.io/router.tls: "true" diff --git a/apps/production/ingress-tls-patch.yaml b/apps/production/ingress-tls-patch.yaml deleted file mode 100644 index 462b4e2..0000000 --- a/apps/production/ingress-tls-patch.yaml +++ /dev/null @@ -1,49 +0,0 @@ -apiVersion: networking.k8s.io/v1 -kind: Ingress -metadata: - name: matrix-stack-synapse -spec: - tls: - - secretName: matrix-axion1337-chat-tls - hosts: - - matrix.axion1337.chat ---- -apiVersion: networking.k8s.io/v1 -kind: Ingress -metadata: - name: matrix-stack-matrix-authentication-service -spec: - tls: - - secretName: account-axion1337-chat-tls - hosts: - - account.axion1337.chat ---- -apiVersion: networking.k8s.io/v1 -kind: Ingress -metadata: - name: matrix-stack-matrix-rtc -spec: - tls: - - secretName: mrtc-axion1337-chat-tls - hosts: - - mrtc.axion1337.chat ---- -apiVersion: networking.k8s.io/v1 -kind: Ingress -metadata: - name: matrix-stack-element-web -spec: - tls: - - secretName: axion1337-chat-tls - hosts: - - axion1337.chat ---- -apiVersion: networking.k8s.io/v1 -kind: Ingress -metadata: - name: matrix-stack-element-admin -spec: - tls: - - secretName: admin-axion1337-chat-tls - hosts: - - admin.axion1337.chat diff --git a/apps/production/kustomization.yaml b/apps/production/kustomization.yaml index 8beef92..dca385c 100644 --- a/apps/production/kustomization.yaml +++ b/apps/production/kustomization.yaml @@ -7,5 +7,64 @@ resources: - matrix-certificates.yaml - element-server-suite.yaml -patchesStrategicMerge: - - ingress-tls-patch.yaml \ No newline at end of file +patchesJson6902: + - target: + group: networking.k8s.io + version: v1 + kind: Ingress + name: matrix-stack-synapse + namespace: matrix + patch: |- + - op: add + path: /spec/tls/0/secretName + value: matrix-axion1337-chat-tls + - target: + group: networking.k8s.io + version: v1 + kind: Ingress + name: matrix-stack-matrix-authentication-service + namespace: matrix + patch: |- + - op: add + path: /spec/tls/0/secretName + value: account-axion1337-chat-tls + - target: + group: networking.k8s.io + version: v1 + kind: Ingress + name: matrix-stack-matrix-rtc + namespace: matrix + patch: |- + - op: add + path: /spec/tls/0/secretName + value: mrtc-axion1337-chat-tls + - target: + group: networking.k8s.io + version: v1 + kind: Ingress + name: matrix-stack-element-web + namespace: matrix + patch: |- + - op: add + path: /spec/tls/0/secretName + value: axion1337-chat-tls + - target: + group: networking.k8s.io + version: v1 + kind: Ingress + name: matrix-stack-element-admin + namespace: matrix + patch: |- + - op: add + path: /spec/tls/0/secretName + value: admin-axion1337-chat-tls + - target: + group: networking.k8s.io + version: v1 + kind: Ingress + name: matrix-stack-well-known + namespace: matrix + patch: |- + - op: add + path: /spec/tls/0/secretName + value: axion1337-chat-tls \ No newline at end of file