core: add bstein.dev coredns overrides

traefik: wire LB service to custom deployment
2026-01-15 16:29:32 -03:00 · 2026-01-15 11:26:46 -03:00
5 changed files with 49 additions and 3 deletions
--- a/infrastructure/core/coredns-custom.yaml
+++ b/infrastructure/core/coredns-custom.yaml
@ -0,0 +1,42 @@
 # infrastructure/core/coredns-custom.yaml
 apiVersion: v1
 kind: ConfigMap
 metadata:
  name: coredns-custom
  namespace: kube-system
 data:
  bstein-dev.server: |
    bstein.dev:53 {
      errors
      cache 30
      hosts {
        192.168.22.9 alerts.bstein.dev
        192.168.22.9 auth.bstein.dev
        192.168.22.9 bstein.dev
        192.168.22.9 call.live.bstein.dev
        192.168.22.9 cd.bstein.dev
        192.168.22.9 chat.ai.bstein.dev
        192.168.22.9 ci.bstein.dev
        192.168.22.9 cloud.bstein.dev
        192.168.22.9 health.bstein.dev
        192.168.22.9 kit.live.bstein.dev
        192.168.22.9 live.bstein.dev
        192.168.22.9 logs.bstein.dev
        192.168.22.9 longhorn.bstein.dev
        192.168.22.9 mail.bstein.dev
        192.168.22.9 matrix.live.bstein.dev
        192.168.22.9 metrics.bstein.dev
        192.168.22.9 monero.bstein.dev
        192.168.22.9 notes.bstein.dev
        192.168.22.9 office.bstein.dev
        192.168.22.9 pegasus.bstein.dev
        192.168.22.9 registry.bstein.dev
        192.168.22.9 scm.bstein.dev
        192.168.22.9 secret.bstein.dev
        192.168.22.9 sso.bstein.dev
        192.168.22.9 stream.bstein.dev
        192.168.22.9 tasks.bstein.dev
        192.168.22.9 vault.bstein.dev
        fallthrough
      }
    }
--- a/infrastructure/core/kustomization.yaml
+++ b/infrastructure/core/kustomization.yaml
@ -4,5 +4,6 @@ kind: Kustomization
 resources:
  - ../modules/base
  - ../modules/profiles/atlas-ha
  - coredns-custom.yaml
  - ../sources/cert-manager/letsencrypt.yaml
  - ../sources/cert-manager/letsencrypt-prod.yaml
--- a/infrastructure/traefik/deployment.yaml
+++ b/infrastructure/traefik/deployment.yaml
@ -27,6 +27,8 @@ items:
        creationTimestamp: null
        labels:
          app: traefik
          app.kubernetes.io/instance: traefik-kube-system
          app.kubernetes.io/name: traefik
      spec:
        containers:
        - args:
--- a/infrastructure/traefik/traefik-service-lb.yaml
+++ b/infrastructure/traefik/traefik-service-lb.yaml
@ -3,7 +3,7 @@ apiVersion: v1
 kind: Service
 metadata:
  name: traefik
-  namespace: kube-system
+  namespace: traefik
  annotations:
    metallb.universe.tf/address-pool: communication-pool
 spec:
@ -20,5 +20,4 @@ spec:
      targetPort: websecure
      protocol: TCP
  selector:
-    app.kubernetes.io/instance: traefik-kube-system
+    app: traefik
    app.kubernetes.io/name: traefik
--- a/services/gitea/ingress.yaml
+++ b/services/gitea/ingress.yaml
@ -7,6 +7,8 @@ metadata:
  annotations:
    cert-manager.io/cluster-issuer: letsencrypt
    nginx.ingress.kubernetes.io/ssl-redirect: "true"
    traefik.ingress.kubernetes.io/router.entrypoints: websecure
    traefik.ingress.kubernetes.io/router.tls: "true"
 spec:
  tls:
    - hosts:
Author	SHA1	Message	Date
Brad Stein	66e7e6acc5	core: add bstein.dev coredns overrides	2026-01-15 16:29:32 -03:00
Brad Stein	7817248eb9	traefik: wire LB service to custom deployment	2026-01-15 11:26:46 -03:00