From bb1bf3c017d26070c1eb7f59f692f4851a620e86 Mon Sep 17 00:00:00 2001 From: Brad Stein Date: Fri, 16 Jan 2026 01:40:50 -0300 Subject: [PATCH] fix ingress tls routing --- services/comms/helmrelease.yaml | 2 ++ services/gitops-ui/helmrelease.yaml | 1 + services/jenkins/ingress.yaml | 1 + services/logging/ingress.yaml | 2 ++ services/monitoring/helmrelease.yaml | 4 ++++ services/nextcloud/collabora.yaml | 1 + services/nextcloud/ingress.yaml | 1 + services/vault/ingress.yaml | 1 + 8 files changed, 13 insertions(+) diff --git a/services/comms/helmrelease.yaml b/services/comms/helmrelease.yaml index 2b049c8..bf45b21 100644 --- a/services/comms/helmrelease.yaml +++ b/services/comms/helmrelease.yaml @@ -135,6 +135,7 @@ spec: annotations: cert-manager.io/cluster-issuer: letsencrypt traefik.ingress.kubernetes.io/router.entrypoints: websecure + traefik.ingress.kubernetes.io/router.tls: "true" csHosts: - matrix.live.bstein.dev hosts: @@ -395,6 +396,7 @@ spec: annotations: cert-manager.io/cluster-issuer: letsencrypt traefik.ingress.kubernetes.io/router.entrypoints: websecure + traefik.ingress.kubernetes.io/router.tls: "true" hosts: - live.bstein.dev tls: diff --git a/services/gitops-ui/helmrelease.yaml b/services/gitops-ui/helmrelease.yaml index 86ae327..671dfe3 100644 --- a/services/gitops-ui/helmrelease.yaml +++ b/services/gitops-ui/helmrelease.yaml @@ -33,6 +33,7 @@ spec: annotations: cert-manager.io/cluster-issuer: letsencrypt traefik.ingress.kubernetes.io/router.entrypoints: websecure + traefik.ingress.kubernetes.io/router.tls: "true" hosts: - host: cd.bstein.dev paths: diff --git a/services/jenkins/ingress.yaml b/services/jenkins/ingress.yaml index e702c8c..611eae4 100644 --- a/services/jenkins/ingress.yaml +++ b/services/jenkins/ingress.yaml @@ -7,6 +7,7 @@ metadata: annotations: cert-manager.io/cluster-issuer: letsencrypt traefik.ingress.kubernetes.io/router.entrypoints: websecure + traefik.ingress.kubernetes.io/router.tls: "true" spec: ingressClassName: traefik tls: diff --git a/services/logging/ingress.yaml b/services/logging/ingress.yaml index 7beeb9a..eafeb5d 100644 --- a/services/logging/ingress.yaml +++ b/services/logging/ingress.yaml @@ -6,6 +6,8 @@ metadata: namespace: logging annotations: cert-manager.io/cluster-issuer: letsencrypt + traefik.ingress.kubernetes.io/router.entrypoints: websecure + traefik.ingress.kubernetes.io/router.tls: "true" spec: ingressClassName: traefik tls: diff --git a/services/monitoring/helmrelease.yaml b/services/monitoring/helmrelease.yaml index 3ff3f0c..c99a8ca 100644 --- a/services/monitoring/helmrelease.yaml +++ b/services/monitoring/helmrelease.yaml @@ -322,6 +322,8 @@ spec: ingressClassName: traefik annotations: cert-manager.io/cluster-issuer: letsencrypt + traefik.ingress.kubernetes.io/router.entrypoints: websecure + traefik.ingress.kubernetes.io/router.tls: "true" hosts: - metrics.bstein.dev path: / @@ -503,6 +505,8 @@ spec: ingressClassName: traefik annotations: cert-manager.io/cluster-issuer: letsencrypt + traefik.ingress.kubernetes.io/router.entrypoints: websecure + traefik.ingress.kubernetes.io/router.tls: "true" hosts: - host: alerts.bstein.dev paths: diff --git a/services/nextcloud/collabora.yaml b/services/nextcloud/collabora.yaml index 0f09c79..8a87821 100644 --- a/services/nextcloud/collabora.yaml +++ b/services/nextcloud/collabora.yaml @@ -61,6 +61,7 @@ metadata: annotations: cert-manager.io/cluster-issuer: letsencrypt-prod traefik.ingress.kubernetes.io/router.entrypoints: websecure + traefik.ingress.kubernetes.io/router.tls: "true" spec: tls: - hosts: diff --git a/services/nextcloud/ingress.yaml b/services/nextcloud/ingress.yaml index 1c60282..0df2660 100644 --- a/services/nextcloud/ingress.yaml +++ b/services/nextcloud/ingress.yaml @@ -7,6 +7,7 @@ metadata: annotations: cert-manager.io/cluster-issuer: letsencrypt-prod traefik.ingress.kubernetes.io/router.entrypoints: websecure + traefik.ingress.kubernetes.io/router.tls: "true" spec: tls: - hosts: diff --git a/services/vault/ingress.yaml b/services/vault/ingress.yaml index 1d9d523..b768381 100644 --- a/services/vault/ingress.yaml +++ b/services/vault/ingress.yaml @@ -7,6 +7,7 @@ metadata: annotations: kubernetes.io/ingress.class: traefik traefik.ingress.kubernetes.io/router.entrypoints: websecure + traefik.ingress.kubernetes.io/router.tls: "true" spec: ingressClassName: traefik tls: