apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: bakery-ingress
  namespace: bakery-ia
  labels:
    app.kubernetes.io/name: bakery-ia
    app.kubernetes.io/component: ingress
  annotations:
    # Nginx ingress controller annotations
    nginx.ingress.kubernetes.io/ssl-redirect: "true"
    nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
    nginx.ingress.kubernetes.io/proxy-body-size: "500m"
    nginx.ingress.kubernetes.io/proxy-connect-timeout: "600"
    nginx.ingress.kubernetes.io/proxy-send-timeout: "3600"
    nginx.ingress.kubernetes.io/proxy-read-timeout: "3600"
    # SSE and WebSocket configuration for long-lived connections
    nginx.ingress.kubernetes.io/proxy-buffering: "off"
    nginx.ingress.kubernetes.io/proxy-http-version: "1.1"
    nginx.ingress.kubernetes.io/upstream-keepalive-timeout: "3600"
    # WebSocket upgrade support
    nginx.ingress.kubernetes.io/websocket-services: "gateway-service"
    # CORS configuration
    nginx.ingress.kubernetes.io/enable-cors: "true"
    nginx.ingress.kubernetes.io/cors-allow-methods: "GET, POST, PUT, DELETE, OPTIONS, PATCH"
    nginx.ingress.kubernetes.io/cors-allow-headers: "Content-Type, Authorization, X-Requested-With, Accept, Origin, Cache-Control"
    nginx.ingress.kubernetes.io/cors-allow-credentials: "true"


spec:
  ingressClassName: nginx
  tls:
  - hosts:
    - DOMAIN_PLACEHOLDER  # To be replaced by kustomize
    - gitea.DOMAIN_PLACEHOLDER  # To be replaced by kustomize
    - registry.DOMAIN_PLACEHOLDER  # To be replaced by kustomize
    - mail.DOMAIN_PLACEHOLDER  # To be replaced by kustomize
    secretName: TLS_SECRET_PLACEHOLDER  # To be replaced by kustomize
  rules:
  # Main application routes
  - host: DOMAIN_PLACEHOLDER  # To be replaced by kustomize
    http:
      paths:
      - path: /
        pathType: Prefix
        backend:
          service:
            name: frontend-service
            port:
              number: 3000
      - path: /api
        pathType: Prefix
        backend:
          service:
            name: gateway-service
            port:
              number: 8000
  # Gitea CI/CD route
  - host: gitea.DOMAIN_PLACEHOLDER  # To be replaced by kustomize
    http:
      paths:
      - path: /
        pathType: Prefix
        backend:
          service:
            name: gitea-http
            port:
              number: 3000
  # Gitea Container Registry route
  # NOTE: Gitea's container registry is served on the same HTTP port (3000) under /v2/
  # It does NOT run on a separate port - the registry.PORT config is not used for external access
  - host: registry.DOMAIN_PLACEHOLDER  # To be replaced by kustomize
    http:
      paths:
      - path: /
        pathType: Prefix
        backend:
          service:
            name: gitea-http  # Service created by Gitea Helm chart
            port:
              number: 3000  # Same as HTTP port - registry is at /v2/ path
  # Mail server web interface (webmail and admin)
  - host: mail.DOMAIN_PLACEHOLDER  # To be replaced by kustomize
    http:
      paths:
      - path: /
        pathType: Prefix
        backend:
          service:
            name: mailu-front
            port:
              number: 80