From e22ba25b7e07e7c9189cfc4a25ceea7946d05bed Mon Sep 17 00:00:00 2001 From: Morten Olsen Date: Mon, 29 Dec 2025 10:27:40 +0100 Subject: [PATCH] feat: support public/private gateway --- .../templates/external-http-service.yaml | 11 -------- .../templates/virtual-service.yaml | 25 +++++++++++++++++-- .../templates/external-http-service.yaml | 11 -------- .../templates/virtual-service copy.yaml | 18 ------------- .../baikal/templates/virtual-service.yaml | 25 +++++++++++++++++-- .../templates/external-http-service.yaml | 11 -------- .../blinko/templates/virtual-service.yaml | 25 +++++++++++++++++-- .../templates/external-http-service.yaml | 11 -------- .../bytestash/templates/virtual-service.yaml | 25 +++++++++++++++++-- .../templates/external-http-service.yaml | 11 -------- .../templates/virtual-service.yaml | 25 +++++++++++++++++-- .../coder/templates/virtual-service.yaml | 5 ++-- .../esphome/templates/virtual-service.yaml | 5 ++-- .../templates/external-http-service.yaml | 11 -------- .../templates/virtual-service.yaml | 25 +++++++++++++++++-- .../templates/external-http-service.yaml | 11 -------- .../jellyfin/templates/virtual-service.yaml | 25 +++++++++++++++++-- .../charts/zot/templates/virtual-service.yaml | 25 +++++++++++++++++-- apps/root/values.yaml | 5 +++- 19 files changed, 194 insertions(+), 116 deletions(-) delete mode 100644 apps/charts/audiobookshelf/templates/external-http-service.yaml delete mode 100644 apps/charts/baikal/templates/external-http-service.yaml delete mode 100644 apps/charts/baikal/templates/virtual-service copy.yaml delete mode 100644 apps/charts/blinko/templates/external-http-service.yaml delete mode 100644 apps/charts/bytestash/templates/external-http-service.yaml delete mode 100644 apps/charts/calibre-web/templates/external-http-service.yaml delete mode 100644 apps/charts/home-assistant/templates/external-http-service.yaml delete mode 100644 apps/charts/jellyfin/templates/external-http-service.yaml diff --git a/apps/charts/audiobookshelf/templates/external-http-service.yaml b/apps/charts/audiobookshelf/templates/external-http-service.yaml deleted file mode 100644 index e28916d..0000000 --- a/apps/charts/audiobookshelf/templates/external-http-service.yaml +++ /dev/null @@ -1,11 +0,0 @@ -apiVersion: homelab.mortenolsen.pro/v1 -kind: ExternalHttpService -metadata: - name: '{{ .Release.Name }}' -spec: - environment: '{{ .Values.globals.environment }}' - subdomain: '{{ .Values.subdomain }}' - destination: - host: '{{ .Release.Name }}.{{ .Release.Namespace }}.svc.cluster.local' - port: - number: 80 diff --git a/apps/charts/audiobookshelf/templates/virtual-service.yaml b/apps/charts/audiobookshelf/templates/virtual-service.yaml index 0af9b24..36e9d43 100644 --- a/apps/charts/audiobookshelf/templates/virtual-service.yaml +++ b/apps/charts/audiobookshelf/templates/virtual-service.yaml @@ -1,11 +1,11 @@ apiVersion: networking.istio.io/v1 kind: VirtualService metadata: - name: "{{ .Release.Name }}" + name: "{{ .Release.Name }}-public" namespace: "{{ .Release.Namespace }}" spec: gateways: - - "{{ .Values.globals.istio.gateway }}" + - "{{ .Values.globals.istio.gateways.public }}" - mesh hosts: - "{{ .Values.subdomain }}.{{ .Values.globals.domain }}" @@ -16,3 +16,24 @@ spec: host: "{{ .Release.Name }}" port: number: 80 + +--- +apiVersion: networking.istio.io/v1 +kind: VirtualService +metadata: + name: "{{ .Release.Name }}-private" + namespace: "{{ .Release.Namespace }}" +spec: + gateways: + - "{{ .Values.globals.istio.gateways.private }}" + - mesh + hosts: + - "{{ .Values.subdomain }}.{{ .Values.globals.domain }}" + - mesh + http: + - route: + - destination: + host: "{{ .Release.Name }}" + port: + number: 80 + diff --git a/apps/charts/baikal/templates/external-http-service.yaml b/apps/charts/baikal/templates/external-http-service.yaml deleted file mode 100644 index e28916d..0000000 --- a/apps/charts/baikal/templates/external-http-service.yaml +++ /dev/null @@ -1,11 +0,0 @@ -apiVersion: homelab.mortenolsen.pro/v1 -kind: ExternalHttpService -metadata: - name: '{{ .Release.Name }}' -spec: - environment: '{{ .Values.globals.environment }}' - subdomain: '{{ .Values.subdomain }}' - destination: - host: '{{ .Release.Name }}.{{ .Release.Namespace }}.svc.cluster.local' - port: - number: 80 diff --git a/apps/charts/baikal/templates/virtual-service copy.yaml b/apps/charts/baikal/templates/virtual-service copy.yaml deleted file mode 100644 index 0af9b24..0000000 --- a/apps/charts/baikal/templates/virtual-service copy.yaml +++ /dev/null @@ -1,18 +0,0 @@ -apiVersion: networking.istio.io/v1 -kind: VirtualService -metadata: - name: "{{ .Release.Name }}" - namespace: "{{ .Release.Namespace }}" -spec: - gateways: - - "{{ .Values.globals.istio.gateway }}" - - mesh - hosts: - - "{{ .Values.subdomain }}.{{ .Values.globals.domain }}" - - mesh - http: - - route: - - destination: - host: "{{ .Release.Name }}" - port: - number: 80 diff --git a/apps/charts/baikal/templates/virtual-service.yaml b/apps/charts/baikal/templates/virtual-service.yaml index 0af9b24..36e9d43 100644 --- a/apps/charts/baikal/templates/virtual-service.yaml +++ b/apps/charts/baikal/templates/virtual-service.yaml @@ -1,11 +1,11 @@ apiVersion: networking.istio.io/v1 kind: VirtualService metadata: - name: "{{ .Release.Name }}" + name: "{{ .Release.Name }}-public" namespace: "{{ .Release.Namespace }}" spec: gateways: - - "{{ .Values.globals.istio.gateway }}" + - "{{ .Values.globals.istio.gateways.public }}" - mesh hosts: - "{{ .Values.subdomain }}.{{ .Values.globals.domain }}" @@ -16,3 +16,24 @@ spec: host: "{{ .Release.Name }}" port: number: 80 + +--- +apiVersion: networking.istio.io/v1 +kind: VirtualService +metadata: + name: "{{ .Release.Name }}-private" + namespace: "{{ .Release.Namespace }}" +spec: + gateways: + - "{{ .Values.globals.istio.gateways.private }}" + - mesh + hosts: + - "{{ .Values.subdomain }}.{{ .Values.globals.domain }}" + - mesh + http: + - route: + - destination: + host: "{{ .Release.Name }}" + port: + number: 80 + diff --git a/apps/charts/blinko/templates/external-http-service.yaml b/apps/charts/blinko/templates/external-http-service.yaml deleted file mode 100644 index e28916d..0000000 --- a/apps/charts/blinko/templates/external-http-service.yaml +++ /dev/null @@ -1,11 +0,0 @@ -apiVersion: homelab.mortenolsen.pro/v1 -kind: ExternalHttpService -metadata: - name: '{{ .Release.Name }}' -spec: - environment: '{{ .Values.globals.environment }}' - subdomain: '{{ .Values.subdomain }}' - destination: - host: '{{ .Release.Name }}.{{ .Release.Namespace }}.svc.cluster.local' - port: - number: 80 diff --git a/apps/charts/blinko/templates/virtual-service.yaml b/apps/charts/blinko/templates/virtual-service.yaml index 0af9b24..36e9d43 100644 --- a/apps/charts/blinko/templates/virtual-service.yaml +++ b/apps/charts/blinko/templates/virtual-service.yaml @@ -1,11 +1,11 @@ apiVersion: networking.istio.io/v1 kind: VirtualService metadata: - name: "{{ .Release.Name }}" + name: "{{ .Release.Name }}-public" namespace: "{{ .Release.Namespace }}" spec: gateways: - - "{{ .Values.globals.istio.gateway }}" + - "{{ .Values.globals.istio.gateways.public }}" - mesh hosts: - "{{ .Values.subdomain }}.{{ .Values.globals.domain }}" @@ -16,3 +16,24 @@ spec: host: "{{ .Release.Name }}" port: number: 80 + +--- +apiVersion: networking.istio.io/v1 +kind: VirtualService +metadata: + name: "{{ .Release.Name }}-private" + namespace: "{{ .Release.Namespace }}" +spec: + gateways: + - "{{ .Values.globals.istio.gateways.private }}" + - mesh + hosts: + - "{{ .Values.subdomain }}.{{ .Values.globals.domain }}" + - mesh + http: + - route: + - destination: + host: "{{ .Release.Name }}" + port: + number: 80 + diff --git a/apps/charts/bytestash/templates/external-http-service.yaml b/apps/charts/bytestash/templates/external-http-service.yaml deleted file mode 100644 index e28916d..0000000 --- a/apps/charts/bytestash/templates/external-http-service.yaml +++ /dev/null @@ -1,11 +0,0 @@ -apiVersion: homelab.mortenolsen.pro/v1 -kind: ExternalHttpService -metadata: - name: '{{ .Release.Name }}' -spec: - environment: '{{ .Values.globals.environment }}' - subdomain: '{{ .Values.subdomain }}' - destination: - host: '{{ .Release.Name }}.{{ .Release.Namespace }}.svc.cluster.local' - port: - number: 80 diff --git a/apps/charts/bytestash/templates/virtual-service.yaml b/apps/charts/bytestash/templates/virtual-service.yaml index 0af9b24..36e9d43 100644 --- a/apps/charts/bytestash/templates/virtual-service.yaml +++ b/apps/charts/bytestash/templates/virtual-service.yaml @@ -1,11 +1,11 @@ apiVersion: networking.istio.io/v1 kind: VirtualService metadata: - name: "{{ .Release.Name }}" + name: "{{ .Release.Name }}-public" namespace: "{{ .Release.Namespace }}" spec: gateways: - - "{{ .Values.globals.istio.gateway }}" + - "{{ .Values.globals.istio.gateways.public }}" - mesh hosts: - "{{ .Values.subdomain }}.{{ .Values.globals.domain }}" @@ -16,3 +16,24 @@ spec: host: "{{ .Release.Name }}" port: number: 80 + +--- +apiVersion: networking.istio.io/v1 +kind: VirtualService +metadata: + name: "{{ .Release.Name }}-private" + namespace: "{{ .Release.Namespace }}" +spec: + gateways: + - "{{ .Values.globals.istio.gateways.private }}" + - mesh + hosts: + - "{{ .Values.subdomain }}.{{ .Values.globals.domain }}" + - mesh + http: + - route: + - destination: + host: "{{ .Release.Name }}" + port: + number: 80 + diff --git a/apps/charts/calibre-web/templates/external-http-service.yaml b/apps/charts/calibre-web/templates/external-http-service.yaml deleted file mode 100644 index e28916d..0000000 --- a/apps/charts/calibre-web/templates/external-http-service.yaml +++ /dev/null @@ -1,11 +0,0 @@ -apiVersion: homelab.mortenolsen.pro/v1 -kind: ExternalHttpService -metadata: - name: '{{ .Release.Name }}' -spec: - environment: '{{ .Values.globals.environment }}' - subdomain: '{{ .Values.subdomain }}' - destination: - host: '{{ .Release.Name }}.{{ .Release.Namespace }}.svc.cluster.local' - port: - number: 80 diff --git a/apps/charts/calibre-web/templates/virtual-service.yaml b/apps/charts/calibre-web/templates/virtual-service.yaml index 0af9b24..36e9d43 100644 --- a/apps/charts/calibre-web/templates/virtual-service.yaml +++ b/apps/charts/calibre-web/templates/virtual-service.yaml @@ -1,11 +1,11 @@ apiVersion: networking.istio.io/v1 kind: VirtualService metadata: - name: "{{ .Release.Name }}" + name: "{{ .Release.Name }}-public" namespace: "{{ .Release.Namespace }}" spec: gateways: - - "{{ .Values.globals.istio.gateway }}" + - "{{ .Values.globals.istio.gateways.public }}" - mesh hosts: - "{{ .Values.subdomain }}.{{ .Values.globals.domain }}" @@ -16,3 +16,24 @@ spec: host: "{{ .Release.Name }}" port: number: 80 + +--- +apiVersion: networking.istio.io/v1 +kind: VirtualService +metadata: + name: "{{ .Release.Name }}-private" + namespace: "{{ .Release.Namespace }}" +spec: + gateways: + - "{{ .Values.globals.istio.gateways.private }}" + - mesh + hosts: + - "{{ .Values.subdomain }}.{{ .Values.globals.domain }}" + - mesh + http: + - route: + - destination: + host: "{{ .Release.Name }}" + port: + number: 80 + diff --git a/apps/charts/coder/templates/virtual-service.yaml b/apps/charts/coder/templates/virtual-service.yaml index 0af9b24..a9b195e 100644 --- a/apps/charts/coder/templates/virtual-service.yaml +++ b/apps/charts/coder/templates/virtual-service.yaml @@ -1,11 +1,11 @@ apiVersion: networking.istio.io/v1 kind: VirtualService metadata: - name: "{{ .Release.Name }}" + name: "{{ .Release.Name }}-private" namespace: "{{ .Release.Namespace }}" spec: gateways: - - "{{ .Values.globals.istio.gateway }}" + - "{{ .Values.globals.istio.gateways.private }}" - mesh hosts: - "{{ .Values.subdomain }}.{{ .Values.globals.domain }}" @@ -16,3 +16,4 @@ spec: host: "{{ .Release.Name }}" port: number: 80 + diff --git a/apps/charts/esphome/templates/virtual-service.yaml b/apps/charts/esphome/templates/virtual-service.yaml index 0af9b24..a9b195e 100644 --- a/apps/charts/esphome/templates/virtual-service.yaml +++ b/apps/charts/esphome/templates/virtual-service.yaml @@ -1,11 +1,11 @@ apiVersion: networking.istio.io/v1 kind: VirtualService metadata: - name: "{{ .Release.Name }}" + name: "{{ .Release.Name }}-private" namespace: "{{ .Release.Namespace }}" spec: gateways: - - "{{ .Values.globals.istio.gateway }}" + - "{{ .Values.globals.istio.gateways.private }}" - mesh hosts: - "{{ .Values.subdomain }}.{{ .Values.globals.domain }}" @@ -16,3 +16,4 @@ spec: host: "{{ .Release.Name }}" port: number: 80 + diff --git a/apps/charts/home-assistant/templates/external-http-service.yaml b/apps/charts/home-assistant/templates/external-http-service.yaml deleted file mode 100644 index f865728..0000000 --- a/apps/charts/home-assistant/templates/external-http-service.yaml +++ /dev/null @@ -1,11 +0,0 @@ -apiVersion: homelab.mortenolsen.pro/v1 -kind: ExternalHttpService -metadata: - name: "{{ .Release.Name }}" -spec: - environment: "{{ .Values.globals.environment }}" - subdomain: "{{ .Values.subdomain }}" - destination: - host: "{{ .Release.Name }}.{{ .Release.Namespace }}.svc.cluster.local" - port: - number: 80 diff --git a/apps/charts/home-assistant/templates/virtual-service.yaml b/apps/charts/home-assistant/templates/virtual-service.yaml index 0af9b24..36e9d43 100644 --- a/apps/charts/home-assistant/templates/virtual-service.yaml +++ b/apps/charts/home-assistant/templates/virtual-service.yaml @@ -1,11 +1,11 @@ apiVersion: networking.istio.io/v1 kind: VirtualService metadata: - name: "{{ .Release.Name }}" + name: "{{ .Release.Name }}-public" namespace: "{{ .Release.Namespace }}" spec: gateways: - - "{{ .Values.globals.istio.gateway }}" + - "{{ .Values.globals.istio.gateways.public }}" - mesh hosts: - "{{ .Values.subdomain }}.{{ .Values.globals.domain }}" @@ -16,3 +16,24 @@ spec: host: "{{ .Release.Name }}" port: number: 80 + +--- +apiVersion: networking.istio.io/v1 +kind: VirtualService +metadata: + name: "{{ .Release.Name }}-private" + namespace: "{{ .Release.Namespace }}" +spec: + gateways: + - "{{ .Values.globals.istio.gateways.private }}" + - mesh + hosts: + - "{{ .Values.subdomain }}.{{ .Values.globals.domain }}" + - mesh + http: + - route: + - destination: + host: "{{ .Release.Name }}" + port: + number: 80 + diff --git a/apps/charts/jellyfin/templates/external-http-service.yaml b/apps/charts/jellyfin/templates/external-http-service.yaml deleted file mode 100644 index e28916d..0000000 --- a/apps/charts/jellyfin/templates/external-http-service.yaml +++ /dev/null @@ -1,11 +0,0 @@ -apiVersion: homelab.mortenolsen.pro/v1 -kind: ExternalHttpService -metadata: - name: '{{ .Release.Name }}' -spec: - environment: '{{ .Values.globals.environment }}' - subdomain: '{{ .Values.subdomain }}' - destination: - host: '{{ .Release.Name }}.{{ .Release.Namespace }}.svc.cluster.local' - port: - number: 80 diff --git a/apps/charts/jellyfin/templates/virtual-service.yaml b/apps/charts/jellyfin/templates/virtual-service.yaml index 0af9b24..36e9d43 100644 --- a/apps/charts/jellyfin/templates/virtual-service.yaml +++ b/apps/charts/jellyfin/templates/virtual-service.yaml @@ -1,11 +1,11 @@ apiVersion: networking.istio.io/v1 kind: VirtualService metadata: - name: "{{ .Release.Name }}" + name: "{{ .Release.Name }}-public" namespace: "{{ .Release.Namespace }}" spec: gateways: - - "{{ .Values.globals.istio.gateway }}" + - "{{ .Values.globals.istio.gateways.public }}" - mesh hosts: - "{{ .Values.subdomain }}.{{ .Values.globals.domain }}" @@ -16,3 +16,24 @@ spec: host: "{{ .Release.Name }}" port: number: 80 + +--- +apiVersion: networking.istio.io/v1 +kind: VirtualService +metadata: + name: "{{ .Release.Name }}-private" + namespace: "{{ .Release.Namespace }}" +spec: + gateways: + - "{{ .Values.globals.istio.gateways.private }}" + - mesh + hosts: + - "{{ .Values.subdomain }}.{{ .Values.globals.domain }}" + - mesh + http: + - route: + - destination: + host: "{{ .Release.Name }}" + port: + number: 80 + diff --git a/apps/charts/zot/templates/virtual-service.yaml b/apps/charts/zot/templates/virtual-service.yaml index 0af9b24..36e9d43 100644 --- a/apps/charts/zot/templates/virtual-service.yaml +++ b/apps/charts/zot/templates/virtual-service.yaml @@ -1,11 +1,11 @@ apiVersion: networking.istio.io/v1 kind: VirtualService metadata: - name: "{{ .Release.Name }}" + name: "{{ .Release.Name }}-public" namespace: "{{ .Release.Namespace }}" spec: gateways: - - "{{ .Values.globals.istio.gateway }}" + - "{{ .Values.globals.istio.gateways.public }}" - mesh hosts: - "{{ .Values.subdomain }}.{{ .Values.globals.domain }}" @@ -16,3 +16,24 @@ spec: host: "{{ .Release.Name }}" port: number: 80 + +--- +apiVersion: networking.istio.io/v1 +kind: VirtualService +metadata: + name: "{{ .Release.Name }}-private" + namespace: "{{ .Release.Namespace }}" +spec: + gateways: + - "{{ .Values.globals.istio.gateways.private }}" + - mesh + hosts: + - "{{ .Values.subdomain }}.{{ .Values.globals.domain }}" + - mesh + http: + - route: + - destination: + host: "{{ .Release.Name }}" + port: + number: 80 + diff --git a/apps/root/values.yaml b/apps/root/values.yaml index 1dc87bc..972cc64 100644 --- a/apps/root/values.yaml +++ b/apps/root/values.yaml @@ -8,5 +8,8 @@ globals: domain: olsen.cloud timezone: Europe/Amsterdam istio: - gateway: istio-system/private + gateway: shared/private + gateways: + private: shared/private + public: shared/public