core: add bstein.dev coredns overrides

traefik: wire LB service to custom deployment
2026-01-15 16:29:32 -03:00 · 2026-01-15 11:26:46 -03:00
5 changed files with 49 additions and 3 deletions
--- a/infrastructure/core/coredns-custom.yaml
+++ b/infrastructure/core/coredns-custom.yaml
@ -0,0 +1,42 @@
+# infrastructure/core/coredns-custom.yaml
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: coredns-custom
+  namespace: kube-system
+data:
+  bstein-dev.server: |
+    bstein.dev:53 {
+      errors
+      cache 30
+      hosts {
+        192.168.22.9 alerts.bstein.dev
+        192.168.22.9 auth.bstein.dev
+        192.168.22.9 bstein.dev
+        192.168.22.9 call.live.bstein.dev
+        192.168.22.9 cd.bstein.dev
+        192.168.22.9 chat.ai.bstein.dev
+        192.168.22.9 ci.bstein.dev
+        192.168.22.9 cloud.bstein.dev
+        192.168.22.9 health.bstein.dev
+        192.168.22.9 kit.live.bstein.dev
+        192.168.22.9 live.bstein.dev
+        192.168.22.9 logs.bstein.dev
+        192.168.22.9 longhorn.bstein.dev
+        192.168.22.9 mail.bstein.dev
+        192.168.22.9 matrix.live.bstein.dev
+        192.168.22.9 metrics.bstein.dev
+        192.168.22.9 monero.bstein.dev
+        192.168.22.9 notes.bstein.dev
+        192.168.22.9 office.bstein.dev
+        192.168.22.9 pegasus.bstein.dev
+        192.168.22.9 registry.bstein.dev
+        192.168.22.9 scm.bstein.dev
+        192.168.22.9 secret.bstein.dev
+        192.168.22.9 sso.bstein.dev
+        192.168.22.9 stream.bstein.dev
+        192.168.22.9 tasks.bstein.dev
+        192.168.22.9 vault.bstein.dev
+        fallthrough
+      }
+    }
--- a/infrastructure/core/kustomization.yaml
+++ b/infrastructure/core/kustomization.yaml
@ -4,5 +4,6 @@ kind: Kustomization
 resources:
  - ../modules/base
  - ../modules/profiles/atlas-ha
+  - coredns-custom.yaml
  - ../sources/cert-manager/letsencrypt.yaml
  - ../sources/cert-manager/letsencrypt-prod.yaml
--- a/infrastructure/traefik/deployment.yaml
+++ b/infrastructure/traefik/deployment.yaml
@ -27,6 +27,8 @@ items:
        creationTimestamp: null
        labels:
          app: traefik
+          app.kubernetes.io/instance: traefik-kube-system
+          app.kubernetes.io/name: traefik
      spec:
        containers:
        - args:
--- a/infrastructure/traefik/traefik-service-lb.yaml
+++ b/infrastructure/traefik/traefik-service-lb.yaml
@ -3,7 +3,7 @@ apiVersion: v1
 kind: Service
 metadata:
  name: traefik
-  namespace: kube-system
+  namespace: traefik
  annotations:
    metallb.universe.tf/address-pool: communication-pool
 spec:
@ -20,5 +20,4 @@ spec:
      targetPort: websecure
      protocol: TCP
  selector:
-    app.kubernetes.io/instance: traefik-kube-system
-    app.kubernetes.io/name: traefik
+    app: traefik
--- a/services/gitea/ingress.yaml
+++ b/services/gitea/ingress.yaml
@ -7,6 +7,8 @@ metadata:
  annotations:
    cert-manager.io/cluster-issuer: letsencrypt
    nginx.ingress.kubernetes.io/ssl-redirect: "true"
+    traefik.ingress.kubernetes.io/router.entrypoints: websecure
+    traefik.ingress.kubernetes.io/router.tls: "true"
 spec:
  tls:
    - hosts:
Author	SHA1	Message	Date
Brad Stein	66e7e6acc5	core: add bstein.dev coredns overrides	2026-01-15 16:29:32 -03:00
Brad Stein	7817248eb9	traefik: wire LB service to custom deployment	2026-01-15 11:26:46 -03:00