From 43abf125a9e4ec8071307fc35c5d5559d4b729e8 Mon Sep 17 00:00:00 2001
From: Erki Aas <erki@veebkolm.ee>
Date: Wed, 17 Jul 2024 17:59:59 +0300
Subject: [PATCH] pve: add pve-internal.k-space.ee for pve-csi in whitelisted
 codemowers.cloud cluster

---
 oidc-gateway/proxmox.yaml | 49 +++++++++++++++++++++++++++++++++++++++
 1 file changed, 49 insertions(+)

diff --git a/oidc-gateway/proxmox.yaml b/oidc-gateway/proxmox.yaml
index 4027c09..850beed 100644
--- a/oidc-gateway/proxmox.yaml
+++ b/oidc-gateway/proxmox.yaml
@@ -191,3 +191,52 @@ spec:
     regex: ^https://proxmox.k-space.ee/(.*)$
     replacement: https://pve.k-space.ee/$1
     permanent: false
+---
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  name: pve-internal
+  annotations:
+    kubernetes.io/ingress.class: traefik
+    external-dns.alpha.kubernetes.io/target: traefik.k-space.ee
+    traefik.ingress.kubernetes.io/router.entrypoints: websecure
+    traefik.ingress.kubernetes.io/router.middlewares: oidc-gateway-codemowers-cloud-ip-whitelist@kubernetescrd
+    traefik.ingress.kubernetes.io/router.tls: "true"
+spec:
+  rules:
+  - host: pve-internal.k-space.ee
+    http:
+      paths:
+      - pathType: Prefix
+        path: "/"
+        backend:
+          service:
+            name: pve1
+            port:
+              number: 8006
+      - pathType: Prefix
+        path: "/"
+        backend:
+          service:
+            name: pve8
+            port:
+              number: 8006
+      - pathType: Prefix
+        path: "/"
+        backend:
+          service:
+            name: pve9
+            port:
+              number: 8006
+  tls:
+  - hosts:
+    - "*.k-space.ee"
+---
+apiVersion: traefik.containo.us/v1alpha1
+kind: Middleware
+metadata:
+  name: codemowers-cloud-ip-whitelist
+spec:
+  ipWhiteList:
+    sourceRange:
+      - 172.20.5.0/24