From 8f9f6dd5b3ebc1f248b2c72b5adf3c7f5cba3c1a Mon Sep 17 00:00:00 2001
From: Brad Stein <Brad.Stein@gmail.com>
Date: Tue, 9 Dec 2025 19:07:21 -0300
Subject: [PATCH] vault: route ingress through oauth2-proxy

---
 services/vault/ingress.yaml | 7 ++-----
 1 file changed, 2 insertions(+), 5 deletions(-)

diff --git a/services/vault/ingress.yaml b/services/vault/ingress.yaml
index 26c9b16..8849cae 100644
--- a/services/vault/ingress.yaml
+++ b/services/vault/ingress.yaml
@@ -7,10 +7,7 @@ metadata:
   annotations:
     kubernetes.io/ingress.class: traefik
     traefik.ingress.kubernetes.io/router.entrypoints: websecure
-    traefik.ingress.kubernetes.io/router.middlewares: vault-vault-login-redirect@kubernetescrd
     traefik.ingress.kubernetes.io/router.tls: "true"
-    traefik.ingress.kubernetes.io/service.serversscheme: https
-    traefik.ingress.kubernetes.io/service.serverstransport: vault-vault-to-https@kubernetescrd
 spec:
   ingressClassName: traefik
   tls:
@@ -24,6 +21,6 @@ spec:
             pathType: Prefix
             backend:
               service:
-                name: vault
+                name: oauth2-proxy-vault
                 port:
-                  number: 8200
+                  number: 80