titan-iac/services/zot/ingress.yaml

# services/zot/ingress.yaml
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: zot-cli
  namespace: zot
  annotations:
    cert-manager.io/cluster-issuer: letsencrypt
    traefik.ingress.kubernetes.io/router.entrypoints: websecure
    traefik.ingress.kubernetes.io/router.tls: "true"
    traefik.ingress.kubernetes.io/router.middlewares: zot-zot-resp-headers@kubernetescrd
spec:
  ingressClassName: traefik
  tls:
    - hosts: [ "cli.registry.bstein.dev" ]
      secretName: cli-registry-bstein-dev-tls
  rules:
    - host: cli.registry.bstein.dev
      http:
        paths:
          - path: /
            pathType: Prefix
            backend:
              service:
                name: zot
                port:
                  number: 5000
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: zot-ui
  namespace: zot
  annotations:
    cert-manager.io/cluster-issuer: letsencrypt
    traefik.ingress.kubernetes.io/router.entrypoints: websecure
    traefik.ingress.kubernetes.io/router.tls: "true"
    traefik.ingress.kubernetes.io/router.middlewares: zot-zot-ui-auth-header@kubernetescrd, zot-zot-resp-headers@kubernetescrd
spec:
  ingressClassName: traefik
  tls:
    - hosts: [ "web.registry.bstein.dev" ]
      secretName: web-registry-bstein-dev-tls
  rules:
    - host: web.registry.bstein.dev
      http:
        paths:
          - path: /
            pathType: Prefix
            backend:
              service:
                name: zot-oauth2-proxy
                port:
                  number: 80
add zot 2025-08-13 15:58:51 -05:00			`# services/zot/ingress.yaml`
			`apiVersion: networking.k8s.io/v1`
			`kind: Ingress`
			`metadata:`
zot: add oauth proxy and user sync scripts 2025-12-15 12:57:02 -03:00			`name: zot-cli`
add zot 2025-08-13 15:58:51 -05:00			`namespace: zot`
			`annotations:`
standardize cert issuers to letsencrypt 2025-12-12 15:18:40 -03:00			`cert-manager.io/cluster-issuer: letsencrypt`
zot middleware fix 2025-09-08 21:58:50 -05:00			`traefik.ingress.kubernetes.io/router.entrypoints: websecure`
			`traefik.ingress.kubernetes.io/router.tls: "true"`
zot middleware add 2025-09-09 11:27:42 -05:00			`traefik.ingress.kubernetes.io/router.middlewares: zot-zot-resp-headers@kubernetescrd`
add zot 2025-08-13 15:58:51 -05:00			`spec:`
			`ingressClassName: traefik`
			`tls:`
zot: add oauth proxy and user sync scripts 2025-12-15 12:57:02 -03:00			`- hosts: [ "cli.registry.bstein.dev" ]`
			`secretName: cli-registry-bstein-dev-tls`
add zot 2025-08-13 15:58:51 -05:00			`rules:`
zot: add oauth proxy and user sync scripts 2025-12-15 12:57:02 -03:00			`- host: cli.registry.bstein.dev`
add zot 2025-08-13 15:58:51 -05:00			`http:`
			`paths:`
			`- path: /`
			`pathType: Prefix`
			`backend:`
			`service:`
			`name: zot`
			`port:`
			`number: 5000`
zot: add oauth proxy and user sync scripts 2025-12-15 12:57:02 -03:00			`---`
			`apiVersion: networking.k8s.io/v1`
			`kind: Ingress`
			`metadata:`
			`name: zot-ui`
			`namespace: zot`
			`annotations:`
			`cert-manager.io/cluster-issuer: letsencrypt`
			`traefik.ingress.kubernetes.io/router.entrypoints: websecure`
			`traefik.ingress.kubernetes.io/router.tls: "true"`
			`traefik.ingress.kubernetes.io/router.middlewares: zot-zot-ui-auth-header@kubernetescrd, zot-zot-resp-headers@kubernetescrd`
			`spec:`
			`ingressClassName: traefik`
			`tls:`
			`- hosts: [ "web.registry.bstein.dev" ]`
			`secretName: web-registry-bstein-dev-tls`
			`rules:`
			`- host: web.registry.bstein.dev`
			`http:`
			`paths:`
			`- path: /`
			`pathType: Prefix`
			`backend:`
			`service:`
			`name: zot-oauth2-proxy`
			`port:`
			`number: 80`