diff options
| author | Paul Buetow <paul@buetow.org> | 2026-02-07 22:54:26 +0200 |
|---|---|---|
| committer | Paul Buetow <paul@buetow.org> | 2026-02-07 22:54:26 +0200 |
| commit | 404f7b9309b9206459681c5b56a57bc1aeb47c5c (patch) | |
| tree | 496cfdade44a8b41f8b21042d02c87d569f4fc5b /f3s/argocd | |
| parent | 6eb57bedcd9d82e54a6c2162ee223416ea977c65 (diff) | |
feat: add LAN ingresses for all services
Add *.f3s.lan.buetow.org ingress resources for all services to enable
LAN access with TLS termination. This allows direct access from the
192.168.1.0/24 network through the FreeBSD CARP/relayd setup.
Services updated:
- argocd: argocd.f3s.lan.buetow.org
- cgit: cgit.f3s.lan.buetow.org
- grafana: grafana.f3s.lan.buetow.org
- anki-sync-server: anki.f3s.lan.buetow.org
- apache: f3s.lan.buetow.org, www.f3s.lan.buetow.org, standby.f3s.lan.buetow.org
- audiobookshelf: audiobookshelf.f3s.lan.buetow.org
- filebrowser: filebrowser.f3s.lan.buetow.org
- immich: immich.f3s.lan.buetow.org
- ipv6test: ipv6test.f3s.lan.buetow.org (+ ipv4/ipv6 subdomains)
- keybr: keybr.f3s.lan.buetow.org
- koreader-sync-server: koreader.f3s.lan.buetow.org
- miniflux: flux.f3s.lan.buetow.org
- opodsync: gpodder.f3s.lan.buetow.org
- radicale: radicale.f3s.lan.buetow.org
- syncthing: syncthing.f3s.lan.buetow.org
- tracing-demo: tracing-demo.f3s.lan.buetow.org
- wallabag: bag.f3s.lan.buetow.org
- webdav: webdav.f3s.lan.buetow.org
All LAN ingresses use:
- TLS with f3s-lan-tls certificate (cert-manager)
- Traefik entrypoints: web,websecure
- Same backend services as external ingresses
Also fixed koreader-sync-server ingress to use modern annotations.
Co-authored-by: Cursor <cursoragent@cursor.com>
Diffstat (limited to 'f3s/argocd')
| -rw-r--r-- | f3s/argocd/ingress.yaml | 26 |
1 files changed, 26 insertions, 0 deletions
diff --git a/f3s/argocd/ingress.yaml b/f3s/argocd/ingress.yaml index b10c288..f87f475 100644 --- a/f3s/argocd/ingress.yaml +++ b/f3s/argocd/ingress.yaml @@ -22,3 +22,29 @@ spec: name: argocd-server port: number: 80 +--- +# ArgoCD UI LAN Ingress +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: argocd-server-ingress-lan + namespace: cicd + annotations: + spec.ingressClassName: traefik + traefik.ingress.kubernetes.io/router.entrypoints: web,websecure +spec: + tls: + - hosts: + - argocd.f3s.lan.buetow.org + secretName: f3s-lan-tls + rules: + - host: argocd.f3s.lan.buetow.org + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: argocd-server + port: + number: 80 |