ab/homelab
1
0
Fork 1
Code Pull Requests Actions Packages Wiki Activity

Changed syncthing access and auth scheme
All checks were successful
Update Kubernetes Services Wiki / Generate and Update K8s Wiki (push) Successful in 11s
Details
Check with kubeconform / lint (push) Successful in 12s
Details

Browse Source
This commit is contained in:
AB from home.homenet
2025-10-12 13:16:10 +03:00
parent 479a2a02ea
commit 00837fb238
4 changed files with 203 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

38
k8s/apps/syncthing/ingress-route.yaml
View File

@@ -7,7 +7,8 @@ spec:
entryPoints:
- websecure
routes:
- match: Host(`ss.hexor.cy`)
# Landing page
- match: Host(`ss.hexor.cy`) && Path(`/`)
kind: Rule
services:
- name: syncthing-landing
@@ -15,35 +16,70 @@ spec:
middlewares:
- name: authentik-forward-auth
namespace: syncthing
# NAS instance and its assets
- match: Host(`ss.hexor.cy`) && PathPrefix(`/nas`)
kind: Rule
priority: 100
services:
- name: syncthing-nas
port: 8384
middlewares:
- name: authentik-forward-auth
namespace: syncthing
- name: syncthing-headers-nas
namespace: syncthing
- name: set-cookie-nas
namespace: syncthing
- name: strip-prefix-nas
namespace: syncthing
# Master instance and its assets
- match: Host(`ss.hexor.cy`) && PathPrefix(`/master`)
kind: Rule
priority: 100
services:
- name: syncthing-master
port: 8384
middlewares:
- name: authentik-forward-auth
namespace: syncthing
- name: syncthing-headers-master
namespace: syncthing
- name: set-cookie-master
namespace: syncthing
- name: strip-prefix-master
namespace: syncthing
# Iris instance and its assets
- match: Host(`ss.hexor.cy`) && PathPrefix(`/iris`)
kind: Rule
priority: 100
services:
- name: syncthing-khv
port: 8384
middlewares:
- name: authentik-forward-auth
namespace: syncthing
- name: syncthing-headers-iris
namespace: syncthing
- name: set-cookie-iris
namespace: syncthing
- name: strip-prefix-iris
namespace: syncthing
# Catch all static assets and route based on referer header
- match: Host(`ss.hexor.cy`) && (PathPrefix(`/vendor`) || PathPrefix(`/theme-assets`) || PathPrefix(`/meta`) || PathPrefix(`/syncthing`))
kind: Rule
priority: 50
services:
- name: syncthing-router
namespace: syncthing
port: 80
middlewares:
- name: authentik-forward-auth
namespace: syncthing
- name: asset-router
namespace: syncthing
tls:
secretName: syncthing-tls