From 50ff2ad3d2f16b208792bd72dc77f10550b1ffe9 Mon Sep 17 00:00:00 2001
From: James Andariese <james@strudelline.net>
Date: Fri, 28 Apr 2023 13:11:49 -0500
Subject: [PATCH] add external services

---
 external-services/git.yaml         | 34 ++++++++++++++++++++++++++++
 external-services/minio-admin.yaml | 33 +++++++++++++++++++++++++++
 external-services/minio.yaml       | 33 +++++++++++++++++++++++++++
 external-services/noctowl.yaml     | 33 +++++++++++++++++++++++++++
 external-services/ns.yaml          |  6 +++++
 external-services/vault.yaml       | 36 ++++++++++++++++++++++++++++++
 external-services/webdav.yaml      | 36 ++++++++++++++++++++++++++++++
 7 files changed, 211 insertions(+)
 create mode 100644 external-services/git.yaml
 create mode 100644 external-services/minio-admin.yaml
 create mode 100644 external-services/minio.yaml
 create mode 100644 external-services/noctowl.yaml
 create mode 100644 external-services/ns.yaml
 create mode 100644 external-services/vault.yaml
 create mode 100644 external-services/webdav.yaml

diff --git a/external-services/git.yaml b/external-services/git.yaml
new file mode 100644
index 0000000..52901eb
--- /dev/null
+++ b/external-services/git.yaml
@@ -0,0 +1,34 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: git
+  namespace: external-services
+spec:
+  externalName: noctowl.cascade.strudelline.net
+  type: ExternalName
+---
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  name: git
+  namespace: external-services
+  annotations:
+    haproxy-ingress.github.io/ssl-redirect: "true"
+    #haproxy-ingress.github.io/backend-protocol: "h1-ssl"
+spec:
+  ingressClassName: haproxy
+  rules:
+  - host: git.strudelline.net
+    http:
+      paths:
+      - path: /
+        pathType: Prefix
+        backend:
+          service:
+            name: git
+            port:
+              number: 57924
+  tls:
+  - hosts:
+    - git.strudelline.net
+    secretName: wildcard-tls
diff --git a/external-services/minio-admin.yaml b/external-services/minio-admin.yaml
new file mode 100644
index 0000000..b171581
--- /dev/null
+++ b/external-services/minio-admin.yaml
@@ -0,0 +1,33 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: minio-admin
+  namespace: external-services
+spec:
+  externalName: noctowl.cascade.strudelline.net
+  type: ExternalName
+---
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  name: minio-admin
+  namespace: external-services
+  annotations:
+    haproxy-ingress.github.io/ssl-redirect: "true"
+spec:
+  ingressClassName: haproxy
+  rules:
+  - host: minio-admin.strudelline.net
+    http:
+      paths:
+      - path: /
+        pathType: Prefix
+        backend:
+          service:
+            name: minio-admin
+            port:
+              number: 58714
+  tls:
+  - hosts:
+    - minio-admin.strudelline.net
+    secretName: wildcard-tls
diff --git a/external-services/minio.yaml b/external-services/minio.yaml
new file mode 100644
index 0000000..5c1cfdc
--- /dev/null
+++ b/external-services/minio.yaml
@@ -0,0 +1,33 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: minio
+  namespace: external-services
+spec:
+  externalName: noctowl.cascade.strudelline.net
+  type: ExternalName
+---
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  name: minio
+  namespace: external-services
+  annotations:
+    haproxy-ingress.github.io/ssl-redirect: "true"
+spec:
+  ingressClassName: haproxy
+  rules:
+  - host: minio.strudelline.net
+    http:
+      paths:
+      - path: /
+        pathType: Prefix
+        backend:
+          service:
+            name: minio
+            port:
+              number: 58713
+  tls:
+  - hosts:
+    - minio.strudelline.net
+    secretName: wildcard-tls
diff --git a/external-services/noctowl.yaml b/external-services/noctowl.yaml
new file mode 100644
index 0000000..594296d
--- /dev/null
+++ b/external-services/noctowl.yaml
@@ -0,0 +1,33 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: noctowl
+  namespace: external-services
+spec:
+  externalName: noctowl.cascade.strudelline.net
+  type: ExternalName
+---
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  name: noctowl
+  namespace: external-services
+  annotations:
+    haproxy-ingress.github.io/ssl-redirect: "true"
+spec:
+  ingressClassName: haproxy
+  rules:
+  - host: noctowl.strudelline.net
+    http:
+      paths:
+      - path: /
+        pathType: Prefix
+        backend:
+          service:
+            name: noctowl
+            port:
+              number: 5000
+  tls:
+  - hosts:
+    - noctowl.strudelline.net
+    secretName: wildcard-tls
diff --git a/external-services/ns.yaml b/external-services/ns.yaml
new file mode 100644
index 0000000..f33f429
--- /dev/null
+++ b/external-services/ns.yaml
@@ -0,0 +1,6 @@
+apiVersion: v1
+kind: Namespace
+metadata:
+  labels:
+    wildcard-tls.kn8v.com/copy: "true"
+  name: external-services
diff --git a/external-services/vault.yaml b/external-services/vault.yaml
new file mode 100644
index 0000000..ffdb7f9
--- /dev/null
+++ b/external-services/vault.yaml
@@ -0,0 +1,36 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: vault
+  namespace: external-services
+spec:
+  externalName: noctowl.cascade.strudelline.net
+  type: ExternalName
+---
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  name: vault
+  namespace: external-services
+  annotations:
+    #haproxy-ingress.github.io/ssl-redirect: "true"
+    #haproxy-ingress.github.io/backend-protocol: "h1-ssl"
+    ingress.kubernetes.io/config-backend: |
+      http-request set-header X-Real-IP %[src]
+spec:
+  ingressClassName: haproxy
+  rules:
+  - host: vault.strudelline.net
+    http:
+      paths:
+      - path: /
+        pathType: Prefix
+        backend:
+          service:
+            name: vault
+            port:
+              number: 5005
+  tls:
+  - hosts:
+    - vault.strudelline.net
+    secretName: wildcard-tls
diff --git a/external-services/webdav.yaml b/external-services/webdav.yaml
new file mode 100644
index 0000000..35596fc
--- /dev/null
+++ b/external-services/webdav.yaml
@@ -0,0 +1,36 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: webdav
+  namespace: external-services
+spec:
+  externalName: noctowl.cascade.strudelline.net
+  type: ExternalName
+---
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  name: webdav
+  namespace: external-services
+  annotations:
+    #haproxy-ingress.github.io/ssl-redirect: "true"
+    #haproxy-ingress.github.io/backend-protocol: "h1-ssl"
+    ingress.kubernetes.io/config-backend: |
+      http-request set-header X-Real-IP %[src]
+spec:
+  ingressClassName: haproxy
+  rules:
+  - host: webdav.strudelline.net
+    http:
+      paths:
+      - path: /
+        pathType: Prefix
+        backend:
+          service:
+            name: webdav
+            port:
+              number: 5005
+  tls:
+  - hosts:
+    - webdav.strudelline.net
+    secretName: wildcard-tls