fix(proxmox): TLS Passthrough GW for again

apps/utility/proxmox/kustomization.yaml

@@ -4,4 +4,5 @@ kind: Kustomization
 resources:
   - ns.yaml
   - svc.yaml
-  - endpoint-slice.yaml
+  - endpoint-slice.yaml
+  - tls-route.yaml

apps/utility/proxmox/svc.yaml

@@ -1,7 +1,7 @@
 apiVersion: v1
 kind: Service
 metadata:
-  name: euclid
+  name: proxmox-euclid
   namespace: proxmox
 spec:
   ports:

apps/utility/proxmox/tls-route.yaml

@@ -0,0 +1,15 @@
+apiVersion: gateway.networking.k8s.io/v1alpha2
+kind: TLSRoute
+metadata:
+  name: euclid
+  namespace: proxmox
+spec:
+  parentRefs:
+    - name: proxmox-euclid
+      namespace: gateway
+  hostnames:
+    - "proxmox.euclid.stonegarden.dev"
+  rules:
+    - backendRefs:
+        - name: proxmox-euclid
+          port: 443

infra/gateway/gw-proxmox-euclid.yaml

@@ -0,0 +1,20 @@
+apiVersion: gateway.networking.k8s.io/v1
+kind: Gateway
+metadata:
+  name: proxmox-euclid
+  namespace: gateway
+spec:
+  gatewayClassName: cilium
+  infrastructure:
+    annotations:
+      io.cilium/lb-ipam-ips: 192.168.1.173
+  listeners:
+    - protocol: TLS
+      port: 443
+      name: proxmox-tls-passthrough
+      hostname: proxmox.euclid.stonegarden.dev
+      tls:
+        mode: Passthrough
+      allowedRoutes:
+        namespaces:
+          from: All

infra/gateway/kustomization.yaml

@@ -7,4 +7,5 @@ resources:
   - ns.yaml
   - cloudflare-api-token.yaml
   - cloudflare-issuer.yaml
-  - gw-stonegarden.yaml
+  - gw-stonegarden.yaml
+  - gw-proxmox-euclid.yaml

infra/net-aux/config/cloudflared/config.yaml

@@ -12,7 +12,7 @@ ingress:
   - hostname: ssh.stonegarden.dev
     service: ssh://192.168.1.50:22
   - hostname: proxmox.euclid.stonegarden.dev
-    service: https://euclid.proxmox.svc.cluster.local:443
+    service: https://cilium-gateway-proxmox-euclid.gateway.svc.cluster.local:443
     originRequest:
       originServerName: proxmox.euclid.stonegarden.dev
   - hostname: haos.stonegarden.dev