Start managing gateways with helmfile

2023-10-17 14:56:57 +02:00 · 2023-10-17 14:56:57 +02:00 · 63df23af17
parent 250ee3ef26
commit 63df23af17
7 changed files with 103 additions and 12 deletions
--- a/badhouseplants/helmfile.yaml
+++ b/badhouseplants/helmfile.yaml
@ -92,6 +92,11 @@ releases:
    namespace: mail-service
    createNamespace: true

+  - <<: *istio-gateway-resources
+    installed: true
+    namespace: istio-system
+    createNamespace: false}
+
 bases:
  - ../environments.yaml
  - ../repositories.yaml
--- a/badhouseplants/values/values.docker-mailserver.yaml
+++ b/badhouseplants/values/values.docker-mailserver.yaml
@ -1,4 +1,4 @@
-istio_gateway:
+istio-gateway:
  enabled: true
  gateways:
    - name: badhouseplants-email
@ -52,26 +52,26 @@ istio:
      kind: tcp
      gateway: badhouseplants-email
      service: docker-mailserver
-      hostname: badhousplants.net
+      hostname: badhouseplants.net
      port_match: 25
      port: 25
    - name: docker-mailserver-smpts
      kind: tcp
      gateway: badhouseplants-email
      port_match: 465
-      hostname: badhousplants.net
+      hostname: badhouseplants.net
      service: docker-mailserver
      port: 465
    - name: docker-mailserver-smpt-startls
      kind: tcp
      gateway: badhouseplants-email
-      hostname: badhousplants.net
+      hostname: badhouseplants.net
      port_match: 587
      service: docker-mailserver
      port: 587
    - name: docker-mailserver-imap
      kind: tcp
-      hostname: badhousplants.net
+      hostname: badhouseplants.net
      gateway: badhouseplants-email
      port_match: 143
      service: docker-mailserver
@ -79,7 +79,7 @@ istio:
    - name: docker-mailserver-imaps
      kind: tcp
      gateway: badhouseplants-email
-      hostname: badhousplants.net
+      hostname: badhouseplants.net
      port_match: 993
      service: docker-mailserver
      port: 993
@ -87,22 +87,32 @@ istio:
      kind: tcp
      gateway: badhouseplants-email
      port_match: 110
-      hostname: badhousplants.net
+      hostname: badhouseplants.net
      service: docker-mailserver
      port: 110
    - name: docker-mailserver-pop3s
      kind: tcp
      gateway: badhouseplants-email
      port_match: 993
-      hostname: badhousplants.net
+      hostname: badhouseplants.net
      service: docker-mailserver
      port: 993
+    - name: docker-mailserver-rainloop
+      kind: http
+      gateway: istio-system/badhouseplants-net
+      hostname: mail.badhouseplants.net
+      service: docker-mailserver-rainloop
+      port: 80

+rainloop:
+  enabled: true
+  ingress:
+    enabled: false
 demoMode:
  enabled: false
 domains:
  - badhouseplants.net
-  - "*.badhouseplants.net"
+  - mail.badhouseplants.net
 ssl:
  issuer:
    name: badhouseplants-issuer
--- a/badhouseplants/values/values.istio-gateway-resources.yaml
+++ b/badhouseplants/values/values.istio-gateway-resources.yaml
@ -0,0 +1,69 @@
+istio-gateway:
+  enabled: true
+  gateways:
+    - name: badhouseplants-net
+      servers:
+        - hosts:
+          - badhouseplants.net
+          - '*.badhouseplants.net'
+          port:
+            name: http
+            number: 80
+            protocol: HTTP2
+          tls:
+            httpsRedirect: true
+        - hosts:
+          - badhouseplants.net
+          - '*.badhouseplants.net'
+          port:
+            name: https
+            number: 443
+            protocol: HTTPS
+          tls:
+            credentialName: badhouseplants-wildcard-tls
+            mode: SIMPLE
+    - name: nrodionov-info
+      servers:
+        - hosts:
+          - nrodionov.info
+          - dev.nrodionov.info
+          port:
+            name: http
+            number: 80
+            protocol: HTTP2
+          tls:
+            httpsRedirect: false
+        - hosts:
+          - nrodionov.info
+          - dev.nrodionov.info
+          port:
+            name: https
+            number: 443
+            protocol: HTTPS
+          tls:
+            credentialName: nrodionov-wildcard-tls
+            mode: SIMPLE
+    - name: badhouseplants-vpn
+      servers:
+        - hosts:
+          - '*'
+          port:
+            name: tcp
+            number: 1194
+            protocol: TCP
+    - name: badhouseplants-ssh
+      servers:
+        - hosts:
+          - '*'
+          port:
+            name: ssh
+            number: 22
+            protocol: TCP
+    - name: badhouseplants-minecraft
+      servers:
+        - hosts:
+          - '*'
+          port:
+            name: minecraft
+            number: 25565
+            protocol: TCP
--- a/badhouseplants/values/values.istio-ingressgateway.yaml
+++ b/badhouseplants/values/values.istio-ingressgateway.yaml
@ -1,4 +1,3 @@
---
 service:
  type: LoadBalancer
  ports:
--- a/common/values.istio-gateway.yaml
+++ b/common/values.istio-gateway.yaml
@ -1,5 +1,5 @@
 ---
-istio_gateway:
+istio-gateway:
  templates:
    - |
        {{ range .Values.gateways }}
--- a/message_file.tpl
+++ b/message_file.tpl
--- a/releases.yaml
+++ b/releases.yaml
@ -45,7 +45,7 @@ templates:
    dependencies:
      - chart: bedag/raw
        version: 2.0.0
-        alias: istio_gateway
+        alias: istio-gateway
    values:
      - '{{ requiredEnv "PWD" }}/common/values.istio-gateway.yaml'

@ -179,6 +179,14 @@ templates:
      - template: istio-common
      - template: default-env-values

+  istio-gateway-resources: &istio-gateway-resources
+    name: istio-gateway-resources
+    chart: bedag/raw
+    version: 2.0.0
+    inherit:
+      - template: ext-istio-gateway
+      - template: default-env-values
+
  istiod: &istiod
    name: istiod
    chart: istio/istiod