wn/home-automation
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

mtls fix 3
Some checks failed
ci/woodpecker/push/build/4 Pipeline was successful
Details
ci/woodpecker/push/predeploy Pipeline was successful
Details
ci/woodpecker/push/build/3 Pipeline was successful
Details
ci/woodpecker/push/build/2 Pipeline failed
Details
ci/woodpecker/push/deploy/2 unknown status
Details
ci/woodpecker/push/deploy/3 unknown status
Details
ci/woodpecker/push/build/1 Pipeline failed
Details
ci/woodpecker/push/deploy/1 unknown status
Details
ci/woodpecker/push/deploy/4 unknown status
Details
ci/woodpecker/tag/predeploy Pipeline was successful
Details
ci/woodpecker/tag/build/4 Pipeline was successful
Details
ci/woodpecker/tag/build/1 Pipeline was successful
Details
ci/woodpecker/tag/build/3 Pipeline was successful
Details
ci/woodpecker/tag/build/2 Pipeline was successful
Details
ci/woodpecker/tag/deploy/1 Pipeline was successful
Details
ci/woodpecker/tag/deploy/2 Pipeline was successful
Details
ci/woodpecker/tag/deploy/4 Pipeline was successful
Details
ci/woodpecker/tag/deploy/3 Pipeline was successful
Details

Browse Source
This commit is contained in:
Wolfgang Hottgenroth
2025-11-29 22:19:12 +01:00
parent f3f9238d5f
commit 205baa7e01
4 changed files with 8 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
.woodpecker/predeploy.yml
View File

@@ -33,7 +33,7 @@ steps:
--namespace=$NAMESPACE --namespace=$NAMESPACE
--dry-run=client -o yaml | kubectl apply -f - --dry-run=client -o yaml | kubectl apply -f -
- kubectl apply -f deployment/configmap.yaml -n $NAMESPACE - kubectl apply -f deployment/configmap.yaml -n $NAMESPACE
- kubectl apply -f deployment/mtls-config.yaml -n $NAMESPACE - kubectl apply -f deployment/mtls-config.yaml # NO NAMESPACE HERE
when: when:
event: [tag] event: [tag]

4
deployment/api-deployment.yaml
View File

@@ -107,8 +107,8 @@ metadata:
name: api-ingress name: api-ingress
annotations: annotations:
cert-manager.io/cluster-issuer: letsencrypt-production-http cert-manager.io/cluster-issuer: letsencrypt-production-http
traefik.ingress.kubernetes.io/router.middlewares: homea2-mtls-auth@kubernetescrd,homea2-security-headers@kubernetescrd traefik.ingress.kubernetes.io/router.middlewares: default-mtls-auth@kubernetescrd,default-security-headers@kubernetescrd
traefik.ingress.kubernetes.io/router.tls.options: homea2-mtls@kubernetescrd traefik.ingress.kubernetes.io/router.tls.options: default-homea2-mtls@kubernetescrd
spec: spec:
tls: tls:
- hosts: - hosts:

3
deployment/mtls-config.yaml
View File

@@ -2,6 +2,7 @@ apiVersion: traefik.containo.us/v1alpha1
kind: TLSOption kind: TLSOption
metadata: metadata:
name: homea2-mtls name: homea2-mtls
namespace: default
spec: spec:
clientAuth: clientAuth:
secretNames: secretNames:
@@ -19,6 +20,7 @@ apiVersion: traefik.containo.us/v1alpha1
kind: Middleware kind: Middleware
metadata: metadata:
name: mtls-auth name: mtls-auth
namespace: default
spec: spec:
headers: headers:
customRequestHeaders: customRequestHeaders:
@@ -35,6 +37,7 @@ apiVersion: traefik.containo.us/v1alpha1
kind: Middleware kind: Middleware
metadata: metadata:
name: security-headers name: security-headers
namespace: default
spec: spec:
headers: headers:
customResponseHeaders: customResponseHeaders:

4
deployment/ui-deployment.yaml
View File

@@ -84,8 +84,8 @@ metadata:
name: ui-ingress name: ui-ingress
annotations: annotations:
cert-manager.io/cluster-issuer: letsencrypt-production-http cert-manager.io/cluster-issuer: letsencrypt-production-http
traefik.ingress.kubernetes.io/router.middlewares: homea2-mtls-auth@kubernetescrd,homea2-security-headers@kubernetescrd traefik.ingress.kubernetes.io/router.middlewares: default-mtls-auth@kubernetescrd,default-security-headers@kubernetescrd
traefik.ingress.kubernetes.io/router.tls.options: homea2-mtls@kubernetescrd traefik.ingress.kubernetes.io/router.tls.options: default-homea2-mtls@kubernetescrd
spec: spec:
tls: tls:
- hosts: - hosts: