From e82d9fd0a934f35c2065e2e2bee8641a7d29bc9c Mon Sep 17 00:00:00 2001 From: JJGadgets Date: Wed, 29 Nov 2023 06:23:30 +0800 Subject: [PATCH] fix: migrate ingress classes S01E04 --- kube/deploy/apps/atuin/app/hr.yaml | 2 +- kube/deploy/apps/audiobookshelf/app/hr.yaml | 2 +- kube/deploy/apps/cyberchef/app/hr.yaml | 2 +- kube/deploy/apps/elk/app/hr.yaml | 2 +- kube/deploy/apps/firefly/app/hr.yaml | 2 +- kube/deploy/apps/gotosocial/app/hr.yaml | 2 +- kube/deploy/apps/grocy/app/hr.yaml | 2 +- kube/deploy/apps/jellyfin/app/hr.yaml | 2 +- kube/deploy/apps/joplin/app/hr.yaml | 2 +- kube/deploy/apps/libreddit/app/hr.yaml | 2 +- kube/deploy/apps/livestream/oven/player/hr.yaml | 2 +- kube/deploy/apps/miniflux/app/hr.yaml | 2 +- kube/deploy/apps/neko/xfce/hr.yaml | 2 +- kube/deploy/apps/nextcloud/app/hr.yaml | 2 +- kube/deploy/apps/nfs-web/app/hr.yaml | 2 +- kube/deploy/apps/ntfy/app/hr.yaml | 2 +- kube/deploy/apps/paperless-ngx/app/hr.yaml | 2 +- kube/deploy/apps/phanpy/app/hr.yaml | 2 +- kube/deploy/apps/piped/app/hr.yaml | 2 +- kube/deploy/apps/psono/app/hr.yaml | 6 +++--- kube/deploy/apps/searxng/app/hr.yaml | 2 +- kube/deploy/apps/soft-serve/app/hr.yaml | 2 +- kube/deploy/apps/thelounge/app/hr.yaml | 2 +- kube/deploy/apps/zipline/app/hr.yaml | 2 +- kube/deploy/core/storage/rook-ceph/cluster/app/hr.yaml | 2 +- 25 files changed, 27 insertions(+), 27 deletions(-) diff --git a/kube/deploy/apps/atuin/app/hr.yaml b/kube/deploy/apps/atuin/app/hr.yaml index 04116582..7f19fcb9 100644 --- a/kube/deploy/apps/atuin/app/hr.yaml +++ b/kube/deploy/apps/atuin/app/hr.yaml @@ -25,7 +25,7 @@ spec: tag: "17.0.1" command: ["atuin", "server", "start"] podLabels: - ingress.home.arpa/nginx: "allow" + ingress.home.arpa/nginx-internal: "allow" db.home.arpa/pg: "pg-atuin" env: TZ: "${CONFIG_TZ}" diff --git a/kube/deploy/apps/audiobookshelf/app/hr.yaml b/kube/deploy/apps/audiobookshelf/app/hr.yaml index b91447f8..b698f767 100644 --- a/kube/deploy/apps/audiobookshelf/app/hr.yaml +++ b/kube/deploy/apps/audiobookshelf/app/hr.yaml @@ -20,7 +20,7 @@ spec: replicas: 1 pod: labels: - ingress.home.arpa/nginx: "allow" + ingress.home.arpa/nginx-internal: "allow" egress.home.arpa/world: "allow" containers: main: diff --git a/kube/deploy/apps/cyberchef/app/hr.yaml b/kube/deploy/apps/cyberchef/app/hr.yaml index 608f2391..23ef1303 100644 --- a/kube/deploy/apps/cyberchef/app/hr.yaml +++ b/kube/deploy/apps/cyberchef/app/hr.yaml @@ -24,7 +24,7 @@ spec: repository: docker.io/mpepping/cyberchef tag: v10.5.2@sha256:61f336cc9d716a0bf88193325fdeaec73669dd1de8040ad34f7ac5641e9c279a podLabels: - ingress.home.arpa/nginx: "allow" + ingress.home.arpa/nginx-internal: "allow" env: TZ: "${CONFIG_TZ}" service: diff --git a/kube/deploy/apps/elk/app/hr.yaml b/kube/deploy/apps/elk/app/hr.yaml index 963d0aab..9eafae77 100644 --- a/kube/deploy/apps/elk/app/hr.yaml +++ b/kube/deploy/apps/elk/app/hr.yaml @@ -24,7 +24,7 @@ spec: repository: ghcr.io/elk-zone/elk tag: v0.10.3 podLabels: - ingress.home.arpa/nginx: "allow" + ingress.home.arpa/nginx-internal: "allow" egress.home.arpa/ingress-nginx: "allow" env: TZ: "${CONFIG_TZ}" diff --git a/kube/deploy/apps/firefly/app/hr.yaml b/kube/deploy/apps/firefly/app/hr.yaml index 19625ba1..5a4f7dcb 100644 --- a/kube/deploy/apps/firefly/app/hr.yaml +++ b/kube/deploy/apps/firefly/app/hr.yaml @@ -26,7 +26,7 @@ spec: repository: docker.io/fireflyiii/core tag: version-6.0.17 podLabels: - ingress.home.arpa/nginx: "allow" + ingress.home.arpa/nginx-internal: "allow" env: TZ: "${CONFIG_TZ}" APP_ENV: "production" diff --git a/kube/deploy/apps/gotosocial/app/hr.yaml b/kube/deploy/apps/gotosocial/app/hr.yaml index d2e917fd..b3258e7e 100644 --- a/kube/deploy/apps/gotosocial/app/hr.yaml +++ b/kube/deploy/apps/gotosocial/app/hr.yaml @@ -25,7 +25,7 @@ spec: repository: "docker.io/superseriousbusiness/gotosocial" tag: "0.12.2" podLabels: - ingress.home.arpa/nginx: "allow" + ingress.home.arpa/nginx-internal: "allow" ingress.home.arpa/cloudflare: "allow" db.home.arpa/pg: "pg-gotosocial" s3.home.arpa/store: "rgw-${CLUSTER_NAME}" diff --git a/kube/deploy/apps/grocy/app/hr.yaml b/kube/deploy/apps/grocy/app/hr.yaml index cef7419a..27a50e3d 100644 --- a/kube/deploy/apps/grocy/app/hr.yaml +++ b/kube/deploy/apps/grocy/app/hr.yaml @@ -22,7 +22,7 @@ spec: replicas: 1 pod: labels: - ingress.home.arpa/nginx: "allow" + ingress.home.arpa/nginx-internal: "allow" containers: main: image: diff --git a/kube/deploy/apps/jellyfin/app/hr.yaml b/kube/deploy/apps/jellyfin/app/hr.yaml index c91ed104..65fff7ec 100644 --- a/kube/deploy/apps/jellyfin/app/hr.yaml +++ b/kube/deploy/apps/jellyfin/app/hr.yaml @@ -16,7 +16,7 @@ spec: values: automountServiceAccountToken: false podLabels: - ingress.home.arpa/nginx: "allow" + ingress.home.arpa/nginx-internal: "allow" egress.home.arpa/world-https: "allow" egress.home.arpa/dlna: "allow" authentik.home.arpa/ldap: "allow" diff --git a/kube/deploy/apps/joplin/app/hr.yaml b/kube/deploy/apps/joplin/app/hr.yaml index 95bc48c7..2c484884 100644 --- a/kube/deploy/apps/joplin/app/hr.yaml +++ b/kube/deploy/apps/joplin/app/hr.yaml @@ -24,7 +24,7 @@ spec: repository: docker.io/joplin/server tag: 2.12.1-beta@sha256:332cc8eacbb55aa5d5120039ed256332fa5a535ca3aac0657e5338015e34824c podLabels: - ingress.home.arpa/nginx: "allow" + ingress.home.arpa/nginx-internal: "allow" db.home.arpa/pg: "pg-default" egress.home.arpa/world-ntp: "allow" env: diff --git a/kube/deploy/apps/libreddit/app/hr.yaml b/kube/deploy/apps/libreddit/app/hr.yaml index 8bdfcf71..e58e34f2 100644 --- a/kube/deploy/apps/libreddit/app/hr.yaml +++ b/kube/deploy/apps/libreddit/app/hr.yaml @@ -24,7 +24,7 @@ spec: repository: ghcr.io/auricom/libreddit tag: 0.30.1@sha256:58108c7aaf963cd7903c0e35f6af041f9ed77fdf8bd7019f79b9a989846ee97a podLabels: - ingress.home.arpa/nginx: "allow" + ingress.home.arpa/nginx-internal: "allow" env: TZ: "${CONFIG_TZ}" LIBREDDIT_SFW_ONLY: "off" diff --git a/kube/deploy/apps/livestream/oven/player/hr.yaml b/kube/deploy/apps/livestream/oven/player/hr.yaml index f1c0590e..0bd17a63 100644 --- a/kube/deploy/apps/livestream/oven/player/hr.yaml +++ b/kube/deploy/apps/livestream/oven/player/hr.yaml @@ -24,7 +24,7 @@ spec: repository: docker.io/airensoft/ovenplayerdemo tag: 1.0.0@sha256:f42bb15fe56e2ea2e65d12fd567be16d1b48c0d1ad3a609f2198beb70dec20c8 podLabels: - ingress.home.arpa/nginx: "allow" + ingress.home.arpa/nginx-internal: "allow" env: TZ: "${CONFIG_TZ}" service: diff --git a/kube/deploy/apps/miniflux/app/hr.yaml b/kube/deploy/apps/miniflux/app/hr.yaml index 2760f378..5289982b 100644 --- a/kube/deploy/apps/miniflux/app/hr.yaml +++ b/kube/deploy/apps/miniflux/app/hr.yaml @@ -24,7 +24,7 @@ spec: repository: ghcr.io/miniflux/miniflux tag: 2.0.44-distroless@sha256:c369c2fdaff368a469c836f0c9f40f15f02f74b4418617fd9c886f28b02154d3 podLabels: - ingress.home.arpa/nginx: "allow" + ingress.home.arpa/nginx-internal: "allow" db.home.arpa/pg: "pg-default" egress.home.arpa/world: "allow" env: diff --git a/kube/deploy/apps/neko/xfce/hr.yaml b/kube/deploy/apps/neko/xfce/hr.yaml index 8877442b..93370fd6 100644 --- a/kube/deploy/apps/neko/xfce/hr.yaml +++ b/kube/deploy/apps/neko/xfce/hr.yaml @@ -24,7 +24,7 @@ spec: repository: ghcr.io/m1k1o/neko/xfce tag: 2.8.8@sha256:d44e5b7f8b4968841a86860c402c008816fdc0eabc7eff39f42bc6c50670f78f podLabels: - ingress.home.arpa/nginx: "allow" + ingress.home.arpa/nginx-internal: "allow" egress.home.arpa/world: "allow" env: TZ: "${CONFIG_TZ}" diff --git a/kube/deploy/apps/nextcloud/app/hr.yaml b/kube/deploy/apps/nextcloud/app/hr.yaml index ee9617a6..c837a800 100644 --- a/kube/deploy/apps/nextcloud/app/hr.yaml +++ b/kube/deploy/apps/nextcloud/app/hr.yaml @@ -21,7 +21,7 @@ spec: replicas: 1 pod: labels: - ingress.home.arpa/nginx: "allow" + ingress.home.arpa/nginx-internal: "allow" egress.home.arpa/world: "allow" # TODO: tighten this # s3.home.arpa/store: "rgw-${CLUSTER_NAME}" containers: diff --git a/kube/deploy/apps/nfs-web/app/hr.yaml b/kube/deploy/apps/nfs-web/app/hr.yaml index 049c4d1e..ee6f4b46 100644 --- a/kube/deploy/apps/nfs-web/app/hr.yaml +++ b/kube/deploy/apps/nfs-web/app/hr.yaml @@ -20,7 +20,7 @@ spec: replicas: 1 pod: labels: - ingress.home.arpa/nginx: "allow" + ingress.home.arpa/nginx-internal: "allow" containers: main: image: diff --git a/kube/deploy/apps/ntfy/app/hr.yaml b/kube/deploy/apps/ntfy/app/hr.yaml index e3da354b..ffa8da83 100644 --- a/kube/deploy/apps/ntfy/app/hr.yaml +++ b/kube/deploy/apps/ntfy/app/hr.yaml @@ -20,7 +20,7 @@ spec: replicas: "1" pod: labels: - ingress.home.arpa/nginx: "allow" + ingress.home.arpa/nginx-internal: "allow" containers: main: imagePullPolicy: "IfNotPresent" diff --git a/kube/deploy/apps/paperless-ngx/app/hr.yaml b/kube/deploy/apps/paperless-ngx/app/hr.yaml index 930c88e2..27a6fdee 100644 --- a/kube/deploy/apps/paperless-ngx/app/hr.yaml +++ b/kube/deploy/apps/paperless-ngx/app/hr.yaml @@ -22,7 +22,7 @@ spec: replicas: 1 pod: labels: - ingress.home.arpa/nginx: "allow" + ingress.home.arpa/nginx-internal: "allow" containers: main: image: diff --git a/kube/deploy/apps/phanpy/app/hr.yaml b/kube/deploy/apps/phanpy/app/hr.yaml index 840962cc..469f5597 100644 --- a/kube/deploy/apps/phanpy/app/hr.yaml +++ b/kube/deploy/apps/phanpy/app/hr.yaml @@ -27,7 +27,7 @@ spec: repository: "ghcr.io/jjgadgets/phanpy" tag: "production" podLabels: - ingress.home.arpa/nginx: "allow" + ingress.home.arpa/nginx-internal: "allow" service: main: ports: diff --git a/kube/deploy/apps/piped/app/hr.yaml b/kube/deploy/apps/piped/app/hr.yaml index 4a5348ac..6bfb846e 100644 --- a/kube/deploy/apps/piped/app/hr.yaml +++ b/kube/deploy/apps/piped/app/hr.yaml @@ -16,7 +16,7 @@ spec: values: automountServiceAccountToken: false podLabels: - ingress.home.arpa/nginx: "allow" + ingress.home.arpa/nginx-internal: "allow" egress.home.arpa/ingress-nginx: "allow" db.home.arpa/pg: "pg-default" egress.home.arpa/world: "allow" diff --git a/kube/deploy/apps/psono/app/hr.yaml b/kube/deploy/apps/psono/app/hr.yaml index 17f5bf85..1a4ba47b 100644 --- a/kube/deploy/apps/psono/app/hr.yaml +++ b/kube/deploy/apps/psono/app/hr.yaml @@ -24,7 +24,7 @@ spec: repository: "docker.io/psono/psono-server-enterprise" tag: "3.8.0" podLabels: - ingress.home.arpa/nginx: "allow" + ingress.home.arpa/nginx-internal: "allow" db.home.arpa/pg: "pg-enc" egress.home.arpa/ingress-nginx: "allow" env: @@ -163,7 +163,7 @@ spec: tag: 2.7.5 command: ["/usr/bin/caddy", "file-server", "--access-log", "--listen", ":8080", "--root", "/psono"] podLabels: - ingress.home.arpa/nginx: "allow" + ingress.home.arpa/nginx-internal: "allow" service: main: ports: @@ -266,7 +266,7 @@ spec: tag: 2.7.5 command: ["/usr/bin/caddy", "file-server", "--access-log", "--listen", ":8080", "--root", "/psono"] podLabels: - ingress.home.arpa/nginx: "allow" + ingress.home.arpa/nginx-internal: "allow" service: main: ports: diff --git a/kube/deploy/apps/searxng/app/hr.yaml b/kube/deploy/apps/searxng/app/hr.yaml index 79654057..84c2a9e4 100644 --- a/kube/deploy/apps/searxng/app/hr.yaml +++ b/kube/deploy/apps/searxng/app/hr.yaml @@ -24,7 +24,7 @@ spec: repository: docker.io/searxng/searxng tag: 2023.7.22-65d8b1a31 podLabels: - ingress.home.arpa/nginx: "allow" + ingress.home.arpa/nginx-internal: "allow" egress.home.arpa/world: "allow" env: TZ: "${CONFIG_TZ}" diff --git a/kube/deploy/apps/soft-serve/app/hr.yaml b/kube/deploy/apps/soft-serve/app/hr.yaml index 380a05d0..850935fd 100644 --- a/kube/deploy/apps/soft-serve/app/hr.yaml +++ b/kube/deploy/apps/soft-serve/app/hr.yaml @@ -24,7 +24,7 @@ spec: repository: ghcr.io/charmbracelet/soft-serve tag: v0.7.3 podLabels: - ingress.home.arpa/nginx: "allow" + ingress.home.arpa/nginx-internal: "allow" db.home.arpa/pg: "pg-default" env: TZ: "${CONFIG_TZ}" diff --git a/kube/deploy/apps/thelounge/app/hr.yaml b/kube/deploy/apps/thelounge/app/hr.yaml index 815f3925..09e2d194 100644 --- a/kube/deploy/apps/thelounge/app/hr.yaml +++ b/kube/deploy/apps/thelounge/app/hr.yaml @@ -21,7 +21,7 @@ spec: type: deployment replicas: 1 podLabels: - ingress.home.arpa/nginx: "allow" + ingress.home.arpa/nginx-internal: "allow" authentik.home.arpa/ldap: "allow" image: repository: ghcr.io/thelounge/thelounge diff --git a/kube/deploy/apps/zipline/app/hr.yaml b/kube/deploy/apps/zipline/app/hr.yaml index 92269f50..0efc5061 100644 --- a/kube/deploy/apps/zipline/app/hr.yaml +++ b/kube/deploy/apps/zipline/app/hr.yaml @@ -24,7 +24,7 @@ spec: repository: "ghcr.io/diced/zipline" tag: "3.7.4" podLabels: - ingress.home.arpa/nginx: "allow" + ingress.home.arpa/nginx-internal: "allow" db.home.arpa/pg: "pg-zipline" s3.home.arpa/store: "rgw-${CLUSTER_NAME}" env: diff --git a/kube/deploy/core/storage/rook-ceph/cluster/app/hr.yaml b/kube/deploy/core/storage/rook-ceph/cluster/app/hr.yaml index 5f5928fb..5689984f 100644 --- a/kube/deploy/core/storage/rook-ceph/cluster/app/hr.yaml +++ b/kube/deploy/core/storage/rook-ceph/cluster/app/hr.yaml @@ -44,7 +44,7 @@ spec: ssl: false labels: mgr: - ingress.home.arpa/nginx: "allow" + ingress.home.arpa/nginx-internal: "allow" prom.home.arpa/kps: "allow" mon: count: 3