apiVersion: v1 kind: Namespace metadata: name: proxmox --- apiVersion: apps/v1 kind: Deployment metadata: name: proxmox-proxy-deployment namespace: proxmox labels: app: proxmox-proxy spec: replicas: 1 selector: matchLabels: app: proxmox-proxy template: metadata: labels: app: proxmox-proxy spec: nodeSelector: kubernetes.io/hostname: premhome-falcon-1 containers: - name: tcp-proxy image: harbor.yadunut.dev/yadunut/tcp_proxy:sha-85ed592-1748014668 # {"$imagepolicy": "flux-system:tcp-proxy"} env: - name: LISTEN_ADDR value: "0.0.0.0:8443" - name: UPSTREAM_ADDR value: "10.0.0.5:8006" ports: - containerPort: 8443 name: https --- apiVersion: traefik.io/v1alpha1 kind: ServersTransport metadata: name: proxmox-insecure namespace: proxmox spec: insecureSkipVerify: true --- apiVersion: networking.k8s.io/v1 kind: Ingress metadata: name: proxmox-proxy namespace: proxmox annotations: traefik.ingress.kubernetes.io/router.middlewares: authentik-system-authentik@kubernetescrd spec: ingressClassName: traefik rules: - host: proxmox.i.yadunut.dev http: paths: - path: / pathType: Prefix backend: service: name: proxmox-proxy port: name: https tls: - hosts: - proxmox.i.yadunut.dev secretName: wildcard-cert-i.yadunut.dev-prod --- apiVersion: v1 kind: Service metadata: name: proxmox-proxy namespace: proxmox annotations: traefik.ingress.kubernetes.io/service.serversscheme: https traefik.ingress.kubernetes.io/service.serverstransport: proxmox-proxmox-insecure@kubernetescrd spec: selector: app: proxmox-proxy ports: - name: https port: 8443 targetPort: https type: ClusterIP --- apiVersion: image.toolkit.fluxcd.io/v1beta2 kind: ImageRepository metadata: name: tcp-proxy namespace: flux-system spec: image: harbor.yadunut.dev/yadunut/tcp_proxy interval: 1m0s --- apiVersion: image.toolkit.fluxcd.io/v1beta2 kind: ImagePolicy metadata: name: tcp-proxy namespace: flux-system spec: imageRepositoryRef: name: tcp-proxy filterTags: pattern: "^sha-[a-fA-F0-9]+-(?P.*)" extract: "$ts" policy: numerical: order: asc