add repo

2025-09-04 00:13:39 +02:00
parent bb76fc67dc
commit 0bbc20ca14
23 changed files with 610 additions and 0 deletions
--- a/external/configmaps/configmap.yaml
+++ b/external/configmaps/configmap.yaml
@@ -33,3 +33,43 @@ data:
        proxy_ssl_verify off;
      }
    }
+
+  gitdotcom.conf: |
+    server {
+      listen 3001;
+      server_name git.c2et.com;
+      location / {
+        proxy_pass https://192.168.0.40;
+        proxy_ssl_verify off;
+      }
+    }
+
+  harbordotcom.conf: |
+    server {
+      listen 85;
+      server_name harbor.c2et.com;
+      location / {
+        proxy_pass https://192.168.0.40;
+        proxy_ssl_verify off;
+      }
+    }
+
+  wireguarddotcom.conf: |
+    server {
+      listen 51821;
+      server_name wireguard.c2et.com;
+      location / {
+        proxy_pass https://192.168.0.40;
+        proxy_ssl_verify off;
+      }
+    }
+
+  cockpitdotcom.conf: |
+    server {
+      listen 9090;
+      server_name cockpit.c2et.com;
+      location / {
+        proxy_pass https://192.168.0.40;
+        proxy_ssl_verify off;
+      }
+    }
--- a/external/configmaps/configmap.yaml.save
+++ b/external/configmaps/configmap.yaml.save
@@ -0,0 +1,37 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: nginx-router-config
+  namespace: external
+data:
+  router.conf: |
+    server {
+      listen 80 default_server;
+      server_name admin.firewall.c2et.net;
+      location / {
+        proxy_pass https://192.168.0.1;
+        proxy_ssl_verify off;
+      }
+    }
+
+  powervault1.conf: |
+    server {
+      listen 80;
+      server_name admin.powervault1.c2et.net;
+      location / {
+        proxy_pass https://192.168.0.71;
+        proxy_ssl_verify off;
+      }
+    }
+
+  powervault2.conf: |
+    server {
+      listen 80;
+      server_name admin.powervault2.c2et.net;
+      location / {
+        proxy_pass https://192.168.0.74;
+        proxy_ssl_verify off;
+      }
+    }
+
+
--- a/external/ingress/cockpitdotcom.yaml
+++ b/external/ingress/cockpitdotcom.yaml
@@ -0,0 +1,27 @@
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  name: cockpitdotcom-ingress
+  namespace: external
+  annotations:
+    cert-manager.io/cluster-issuer: "letsencrypt-prod"
+    nginx.ingress.kubernetes.io/backend-protocol: "HTTP"
+    nginx.ingress.kubernetes.io/ssl-redirect: "true"
+    nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
+spec:
+  ingressClassName: nginx
+  tls:
+    - hosts:
+        - cockpit.c2et.com
+      secretName: cockpitdotcom-tls
+  rules:
+    - host: cockpit.c2et.com
+      http:
+        paths:
+          - path: /
+            pathType: Prefix
+            backend:
+              service:
+                name: external-router-svc
+                port:
+                  number: 80
--- a/external/ingress/gitdotcom.yaml
+++ b/external/ingress/gitdotcom.yaml
@@ -0,0 +1,27 @@
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  name: gitdotcom-ingress
+  namespace: external
+  annotations:
+    cert-manager.io/cluster-issuer: "letsencrypt-prod"
+    nginx.ingress.kubernetes.io/backend-protocol: "HTTP"
+    nginx.ingress.kubernetes.io/ssl-redirect: "true"
+    nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
+spec:
+  ingressClassName: nginx
+  tls:
+    - hosts:
+        - git.c2et.com
+      secretName: gitdotcom-tls
+  rules:
+    - host: git.c2et.com
+      http:
+        paths:
+          - path: /
+            pathType: Prefix
+            backend:
+              service:
+                name: external-router-svc
+                port:
+                  number: 80
--- a/external/ingress/harbordotcom.yaml
+++ b/external/ingress/harbordotcom.yaml
@@ -0,0 +1,27 @@
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  name: harbordotcom-ingress
+  namespace: external
+  annotations:
+    cert-manager.io/cluster-issuer: "letsencrypt-prod"
+    nginx.ingress.kubernetes.io/backend-protocol: "HTTP"
+    nginx.ingress.kubernetes.io/ssl-redirect: "true"
+    nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
+spec:
+  ingressClassName: nginx
+  tls:
+    - hosts:
+        - harbor.c2et.com
+      secretName: harbordotcom-tls
+  rules:
+    - host: harbor.c2et.com
+      http:
+        paths:
+          - path: /
+            pathType: Prefix
+            backend:
+              service:
+                name: external-router-svc
+                port:
+                  number: 80
--- a/external/ingress/wireguarddotcom.yaml
+++ b/external/ingress/wireguarddotcom.yaml
@@ -0,0 +1,27 @@
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  name: wireguarddotcom-ingress
+  namespace: external
+  annotations:
+    cert-manager.io/cluster-issuer: "letsencrypt-prod"
+    nginx.ingress.kubernetes.io/backend-protocol: "HTTP"
+    nginx.ingress.kubernetes.io/ssl-redirect: "true"
+    nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
+spec:
+  ingressClassName: nginx
+  tls:
+    - hosts:
+        - wireguard.c2et.com
+      secretName: wireguarddotcom-tls
+  rules:
+    - host: wireguard.c2et.com
+      http:
+        paths:
+          - path: /
+            pathType: Prefix
+            backend:
+              service:
+                name: external-router-svc
+                port:
+                  number: 80