sorb/axion1337.chat-gitops
1
0
Fork 0
Code Issues 5 Pull Requests Actions Packages Projects 1 Releases 3 Wiki Activity

fix: use JSON6902 patches to inject secretName into ingress TLS

Browse Source
This commit is contained in:
Scrublord MacBad 2026-04-21 22:48:28 +02:00
parent fb471fad46
commit 007c6e76d0
3 changed files with 61 additions and 56 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
apps/production/element-server-suite.yaml
View File

@ -26,7 +26,6 @@ spec:
enabled: true enabled: true
ingress: ingress:
host: matrix.axion1337.chat host: matrix.axion1337.chat
tlsSecretName: matrix-axion1337-chat-tls
annotations: annotations:
cert-manager.io/cluster-issuer: letsencrypt-prod cert-manager.io/cluster-issuer: letsencrypt-prod
traefik.ingress.kubernetes.io/router.tls: "true" traefik.ingress.kubernetes.io/router.tls: "true"
@ -36,7 +35,6 @@ spec:
enabled: true enabled: true
ingress: ingress:
host: account.axion1337.chat host: account.axion1337.chat
tlsSecretName: account-axion1337-chat-tls
annotations: annotations:
cert-manager.io/cluster-issuer: letsencrypt-prod cert-manager.io/cluster-issuer: letsencrypt-prod
traefik.ingress.kubernetes.io/router.tls: "true" traefik.ingress.kubernetes.io/router.tls: "true"
@ -46,7 +44,6 @@ spec:
enabled: true enabled: true
ingress: ingress:
host: mrtc.axion1337.chat host: mrtc.axion1337.chat
tlsSecretName: mrtc-axion1337-chat-tls
annotations: annotations:
cert-manager.io/cluster-issuer: letsencrypt-prod cert-manager.io/cluster-issuer: letsencrypt-prod
traefik.ingress.kubernetes.io/router.tls: "true" traefik.ingress.kubernetes.io/router.tls: "true"
@ -56,7 +53,6 @@ spec:
enabled: true enabled: true
ingress: ingress:
host: axion1337.chat host: axion1337.chat
tlsSecretName: axion1337-chat-tls
annotations: annotations:
cert-manager.io/cluster-issuer: letsencrypt-prod cert-manager.io/cluster-issuer: letsencrypt-prod
traefik.ingress.kubernetes.io/router.tls: "true" traefik.ingress.kubernetes.io/router.tls: "true"
@ -66,7 +62,6 @@ spec:
enabled: true enabled: true
ingress: ingress:
host: admin.axion1337.chat host: admin.axion1337.chat
tlsSecretName: admin-axion1337-chat-tls
annotations: annotations:
cert-manager.io/cluster-issuer: letsencrypt-prod cert-manager.io/cluster-issuer: letsencrypt-prod
traefik.ingress.kubernetes.io/router.tls: "true" traefik.ingress.kubernetes.io/router.tls: "true"

49
apps/production/ingress-tls-patch.yaml
View File

@ -1,49 +0,0 @@
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: matrix-stack-synapse
spec:
tls:
- secretName: matrix-axion1337-chat-tls
hosts:
- matrix.axion1337.chat
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: matrix-stack-matrix-authentication-service
spec:
tls:
- secretName: account-axion1337-chat-tls
hosts:
- account.axion1337.chat
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: matrix-stack-matrix-rtc
spec:
tls:
- secretName: mrtc-axion1337-chat-tls
hosts:
- mrtc.axion1337.chat
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: matrix-stack-element-web
spec:
tls:
- secretName: axion1337-chat-tls
hosts:
- axion1337.chat
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: matrix-stack-element-admin
spec:
tls:
- secretName: admin-axion1337-chat-tls
hosts:
- admin.axion1337.chat

63
apps/production/kustomization.yaml
View File

@ -7,5 +7,64 @@ resources:
- matrix-certificates.yaml - matrix-certificates.yaml
- element-server-suite.yaml - element-server-suite.yaml
patchesStrategicMerge: patchesJson6902:
- ingress-tls-patch.yaml - target:
group: networking.k8s.io
version: v1
kind: Ingress
name: matrix-stack-synapse
namespace: matrix
patch: |-
- op: add
path: /spec/tls/0/secretName
value: matrix-axion1337-chat-tls
- target:
group: networking.k8s.io
version: v1
kind: Ingress
name: matrix-stack-matrix-authentication-service
namespace: matrix
patch: |-
- op: add
path: /spec/tls/0/secretName
value: account-axion1337-chat-tls
- target:
group: networking.k8s.io
version: v1
kind: Ingress
name: matrix-stack-matrix-rtc
namespace: matrix
patch: |-
- op: add
path: /spec/tls/0/secretName
value: mrtc-axion1337-chat-tls
- target:
group: networking.k8s.io
version: v1
kind: Ingress
name: matrix-stack-element-web
namespace: matrix
patch: |-
- op: add
path: /spec/tls/0/secretName
value: axion1337-chat-tls
- target:
group: networking.k8s.io
version: v1
kind: Ingress
name: matrix-stack-element-admin
namespace: matrix
patch: |-
- op: add
path: /spec/tls/0/secretName
value: admin-axion1337-chat-tls
- target:
group: networking.k8s.io
version: v1
kind: Ingress
name: matrix-stack-well-known
namespace: matrix
patch: |-
- op: add
path: /spec/tls/0/secretName
value: axion1337-chat-tls