admin/turingpi
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

build: migrate ingresses for Traefik v3 (k3s upgrade)

Browse Source 
k3s update bumped Traefik chart 37 → 39, dropping v2 support. Replace
the v2-only `whitelist.sourcerange` annotation on the gitea ingress
with an `ipAllowList` Middleware (resources/gitea-middleware.yaml),
referenced via `router.middlewares`. Switch the default-ns ingresses
(kube-plex, radarr, sonarr, lidarr) from the deprecated
`kubernetes.io/ingress.class` annotation to `spec.ingressClassName`.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
This commit is contained in:
gilgamezh
2026-05-07 10:36:22 +02:00
parent 290ce6a103
commit 3ace05a695
3 changed files with 18 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files
non_argo_values/gitea_values.yaml
+2 -2
View File
@@ -21,8 +21,8 @@ ingress:
className: traefik
pathType: Prefix
annotations:
# Restrict to LAN access (matching your existing pattern)
traefik.ingress.kubernetes.io/whitelist.sourcerange: "192.168.0.0/16,10.0.0.0/8,172.16.0.0/12"
# Restrict to LAN access via Traefik v3 Middleware (resources/gitea-middleware.yaml)
traefik.ingress.kubernetes.io/router.middlewares: "gitea-lan-only@kubernetescrd"
cert-manager.io/cluster-issuer: "letsencrypt-production"
hosts:
- host: gitea.gilgamezh.me