bakery-admin/bakery-ia
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add new infra architecture 8

Browse Source
This commit is contained in:
Urtzi Alfaro
2026-01-19 22:28:53 +01:00
parent 012aca0d6a
commit 52b8abdc0e
18 changed files with 810 additions and 148 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
infrastructure/platform/networking/ingress/base/ingress.yaml
View File

@@ -33,6 +33,7 @@ spec:
- hosts:
- DOMAIN_PLACEHOLDER # To be replaced by kustomize
- gitea.DOMAIN_PLACEHOLDER # To be replaced by kustomize
- registry.DOMAIN_PLACEHOLDER # To be replaced by kustomize
- mail.DOMAIN_PLACEHOLDER # To be replaced by kustomize
secretName: TLS_SECRET_PLACEHOLDER # To be replaced by kustomize
rules:
@@ -65,6 +66,19 @@ spec:
name: gitea-http
port:
number: 3000
# Gitea Container Registry route
# NOTE: Gitea's container registry is served on the same HTTP port (3000) under /v2/
# It does NOT run on a separate port - the registry.PORT config is not used for external access
- host: registry.DOMAIN_PLACEHOLDER # To be replaced by kustomize
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: gitea-http # Service created by Gitea Helm chart
port:
number: 3000 # Same as HTTP port - registry is at /v2/ path
# Mail server web interface (webmail and admin)
- host: mail.DOMAIN_PLACEHOLDER # To be replaced by kustomize
http:

9
infrastructure/platform/networking/ingress/overlays/dev/gitea-service.yaml
View File

@@ -1,3 +1,8 @@
---
# Service to route traffic from bakery-ia namespace to Gitea in gitea namespace
# Using ExternalName pointing to the headless service FQDN
# The ingress controller can resolve headless services via DNS (returns pod IPs)
# NOTE: Gitea's container registry is served on port 3000 (same as HTTP) at /v2/ path
apiVersion: v1
kind: Service
metadata:
@@ -5,7 +10,9 @@ metadata:
namespace: bakery-ia
spec:
type: ExternalName
# Use the headless service DNS name - nginx ingress resolves this to pod IPs
externalName: gitea-http.gitea.svc.cluster.local
ports:
- port: 3000
- name: http
port: 3000
targetPort: 3000

12
infrastructure/platform/networking/ingress/overlays/dev/kustomization.yaml
View File

@@ -20,7 +20,10 @@ patches:
value: gitea.bakery-ia.local
- op: replace
path: /spec/tls/0/hosts/2
value: mail.bakery-ia.local
value: registry.bakery-ia.local
- op: replace
path: /spec/tls/0/hosts/3
value: mail.bakery-ia.dev
- op: replace
path: /spec/tls/0/secretName
value: bakery-dev-tls-cert
@@ -32,7 +35,10 @@ patches:
value: gitea.bakery-ia.local
- op: replace
path: /spec/rules/2/host
value: mail.bakery-ia.local
value: registry.bakery-ia.local
- op: replace
path: /spec/rules/3/host
value: mail.bakery-ia.dev
- op: replace
path: /metadata/annotations/nginx.ingress.kubernetes.io~1cors-allow-origin
value: "https://localhost,https://localhost:3000,https://localhost:3001,https://127.0.0.1,https://127.0.0.1:3000,https://127.0.0.1:3001,https://bakery-ia.local,http://localhost,http://localhost:3000,http://localhost:3001,http://127.0.0.1,http://127.0.0.1:3000"
value: "https://localhost,https://localhost:3000,https://localhost:3001,https://127.0.0.1,https://127.0.0.1:3000,https://127.0.0.1:3001,https://bakery-ia.local,https://registry.bakery-ia.local,https://gitea.bakery-ia.local,http://localhost,http://localhost:3000,http://localhost:3001,http://127.0.0.1,http://127.0.0.1:3000"