diff --git a/infrastructure/platform/networking/ingress/base/ingress.yaml b/infrastructure/platform/networking/ingress/base/ingress.yaml index c0892f07..fbd33f1f 100644 --- a/infrastructure/platform/networking/ingress/base/ingress.yaml +++ b/infrastructure/platform/networking/ingress/base/ingress.yaml @@ -32,9 +32,6 @@ spec: tls: - hosts: - DOMAIN_PLACEHOLDER # To be replaced by kustomize - - gitea.DOMAIN_PLACEHOLDER # To be replaced by kustomize - - registry.DOMAIN_PLACEHOLDER # To be replaced by kustomize - - mail.DOMAIN_PLACEHOLDER # To be replaced by kustomize secretName: TLS_SECRET_PLACEHOLDER # To be replaced by kustomize rules: # Main application routes @@ -55,38 +52,7 @@ spec: name: gateway-service port: number: 8000 - # Gitea CI/CD route - - host: gitea.DOMAIN_PLACEHOLDER # To be replaced by kustomize - http: - paths: - - path: / - pathType: Prefix - backend: - service: - name: gitea-http - port: - number: 3000 - # Gitea Container Registry route - # NOTE: Gitea's container registry is served on the same HTTP port (3000) under /v2/ - # It does NOT run on a separate port - the registry.PORT config is not used for external access - - host: registry.DOMAIN_PLACEHOLDER # To be replaced by kustomize - http: - paths: - - path: / - pathType: Prefix - backend: - service: - name: gitea-http # Service created by Gitea Helm chart - port: - number: 3000 # Same as HTTP port - registry is at /v2/ path - # Mail server web interface (webmail and admin) - - host: mail.DOMAIN_PLACEHOLDER # To be replaced by kustomize - http: - paths: - - path: / - pathType: Prefix - backend: - service: - name: mailu-front - port: - number: 80 + # NOTE: Gitea and Registry ingresses are managed by Gitea Helm chart + # See infrastructure/cicd/gitea/values.yaml for ingress configuration + # NOTE: Mail ingress is deployed separately via mailu-helm resource + # to avoid 503 errors when Mailu is not running diff --git a/infrastructure/platform/networking/ingress/overlays/prod/kustomization.yaml b/infrastructure/platform/networking/ingress/overlays/prod/kustomization.yaml index 032404d4..d7d4e28e 100644 --- a/infrastructure/platform/networking/ingress/overlays/prod/kustomization.yaml +++ b/infrastructure/platform/networking/ingress/overlays/prod/kustomization.yaml @@ -3,7 +3,6 @@ kind: Kustomization resources: - ../../base - - gitea-service.yaml namePrefix: prod- @@ -15,26 +14,12 @@ patches: - op: replace path: /spec/tls/0/hosts/0 value: bakewise.ai - - op: replace - path: /spec/tls/0/hosts/1 - value: gitea.bakewise.ai - - op: replace - path: /spec/tls/0/hosts/2 - value: registry.bakewise.ai - # NOTE: mail.bakewise.ai TLS is handled by separate mailu ingress - op: replace path: /spec/tls/0/secretName value: bakery-ia-prod-tls-cert - op: replace path: /spec/rules/0/host value: bakewise.ai - - op: replace - path: /spec/rules/1/host - value: gitea.bakewise.ai - - op: replace - path: /spec/rules/2/host - value: registry.bakewise.ai - # Mail rule removed - mail ingress is deployed separately via mailu-helm - op: add path: /metadata/annotations/nginx.ingress.kubernetes.io~1cors-allow-origin value: "https://bakewise.ai,https://www.bakewise.ai,https://mail.bakewise.ai,https://registry.bakewise.ai,https://gitea.bakewise.ai" @@ -49,4 +34,7 @@ patches: value: "letsencrypt-production" - op: add path: /metadata/annotations/cert-manager.io~1acme-challenge-type - value: "http01" \ No newline at end of file + value: "http01" +# NOTE: Gitea and Registry ingresses are managed by Gitea Helm chart +# See infrastructure/cicd/gitea/values-prod.yaml for production ingress configuration +# NOTE: mail.bakewise.ai is handled by separate mailu ingress \ No newline at end of file