From 369b2aa542bc54ff9264ca293cfe0ffd2e38b351 Mon Sep 17 00:00:00 2001
From: Toboshii Nakama <toboshii@gmail.com>
Date: Tue, 25 May 2021 04:33:57 -0500
Subject: [PATCH] feat: proxy to internal minio server

---
 .../traefik/external/kustomization.yaml       |  5 +++
 .../networking/traefik/external/minio.yaml    | 40 +++++++++++++++++++
 .../networking/traefik/kustomization.yaml     |  2 +
 3 files changed, 47 insertions(+)
 create mode 100644 cluster/apps/networking/traefik/external/kustomization.yaml
 create mode 100644 cluster/apps/networking/traefik/external/minio.yaml

diff --git a/cluster/apps/networking/traefik/external/kustomization.yaml b/cluster/apps/networking/traefik/external/kustomization.yaml
new file mode 100644
index 00000000..054c2f9a
--- /dev/null
+++ b/cluster/apps/networking/traefik/external/kustomization.yaml
@@ -0,0 +1,5 @@
+---
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+resources:
+- minio.yaml
diff --git a/cluster/apps/networking/traefik/external/minio.yaml b/cluster/apps/networking/traefik/external/minio.yaml
new file mode 100644
index 00000000..54ff1c7c
--- /dev/null
+++ b/cluster/apps/networking/traefik/external/minio.yaml
@@ -0,0 +1,40 @@
+---
+apiVersion: traefik.containo.us/v1alpha1
+kind: IngressRoute
+metadata:
+  name: minio
+  namespace: networking
+spec:
+  entryPoints:
+  - websecure
+  routes:
+  - match: Host(`s.${SECRET_DOMAIN}`)
+    kind: Rule
+    services:
+    - name: minio
+      port: 443
+    middlewares:
+    - name: cloudflare
+  tls:
+    secretName: "${SECRET_DOMAIN/./-}-tls"
+---
+kind: Service
+apiVersion: v1
+metadata:
+  name: minio
+  namespace: networking
+spec:
+  type: ExternalName
+  externalName: s3.${SECRET_DOMAIN}
+---
+apiVersion: externaldns.k8s.io/v1alpha1
+kind: DNSEndpoint
+metadata:
+  name: minio
+  namespace: networking
+spec:
+  endpoints:
+  - dnsName: "s.${SECRET_DOMAIN}"
+    recordType: CNAME
+    targets:
+    - "ipv4.${SECRET_DOMAIN}"
diff --git a/cluster/apps/networking/traefik/kustomization.yaml b/cluster/apps/networking/traefik/kustomization.yaml
index e0026a80..b7ce8086 100644
--- a/cluster/apps/networking/traefik/kustomization.yaml
+++ b/cluster/apps/networking/traefik/kustomization.yaml
@@ -1,3 +1,4 @@
+---
 apiVersion: kustomize.config.k8s.io/v1beta1
 kind: Kustomization
 resources:
@@ -5,4 +6,5 @@ resources:
 - service-monitor.yaml
 - tls-store
 - dashboard
+- external
 - middlewares