sheppy/opendesk
1
0
Fork 0
mirror of https://gitlab.opencode.de/bmi/opendesk/deployment/opendesk.git synced 2025-12-06 07:21:36 +01:00
Code Issues Packages Projects Releases Wiki Activity

fix(helmfile): Add cluster.networking.proxies. Deployments need to set this if their load balancer or reverse proxy IPs are not part of the cluster.networking.cidr.

Browse Source
This commit is contained in:
Thorsten Roßner
2024-08-09 08:50:50 +02:00
parent 8aa1a7fa7d
commit a395759551
3 changed files with 15 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
docs/getting-started.md
View File

@@ -199,6 +199,16 @@ cluster:
- "127.0.0.0/8" - "127.0.0.0/8"
``` ```
If your load balancer / reverse proxy IPs are not already covered by the above `cidr` you need to
explicitly configure the related IPs or IP ranges:
```yaml
cluster:
networking:
incomingCIDR:
- "172.16.0.0/12"
```
### Ingress ### Ingress
By default, the `ingressClassName` is empty to choose your default ingress controller. You may want to customize it by By default, the `ingressClassName` is empty to choose your default ingress controller. You may want to customize it by

2
helmfile/apps/nextcloud/values-nextcloud-mgmt.yaml.gotmpl
View File

@@ -37,7 +37,7 @@ configuration:
port: {{ .Values.cache.nextcloud.port | quote }} port: {{ .Values.cache.nextcloud.port | quote }}
collabora: collabora:
# internalWopiUrl: "" # internalWopiUrl: ""
wopiAllowlist: {{ join " " .Values.cluster.networking.cidr | quote }} wopiAllowlist: {{ join ", " ( concat .Values.cluster.networking.cidr .Values.cluster.networking.incomingCIDR ) | quote }}
database: database:
host: {{ .Values.databases.nextcloud.host | quote }} host: {{ .Values.databases.nextcloud.host | quote }}
port: {{ .Values.databases.nextcloud.port | quote }} port: {{ .Values.databases.nextcloud.port | quote }}

5
helmfile/environments/default/cluster.yaml
View File

@@ -18,11 +18,14 @@ cluster:
# Kubernetes cluster network CIDRs. # Kubernetes cluster network CIDRs.
cidr: cidr:
- "10.0.0.0/8" - "10.0.0.0/8"
# IP addresses or IP ranges of the reverse proxy / load balancer to restrict the requesting source
# for defined services.
incomingCIDR: []
# Ingress-gateway IP - only relevant for "NodePort" cluster services. # Ingress-gateway IP - only relevant for "NodePort" cluster services.
# When ingress and egress gateway use different ips, which results that pods can't self-discover their incoming ip, # When ingress and egress gateway use different ips, which results that pods can't self-discover their incoming ip,
# you need to provide the public (load-balanced) ingress gateways ip address. # you need to provide the public (load-balanced) ingress gateways ip address.
ingressGatewayIP: "" ingressGatewayIP: ""
# LoadBalancer status fiel - only relevant for "LoadBalancer" cluster services. # LoadBalancer status field - only relevant for "LoadBalancer" cluster services.
# The IP/DNS of your load-balancer will be fetched for some components from 'status' map of services. # The IP/DNS of your load-balancer will be fetched for some components from 'status' map of services.
# Most providers use '.status.loadBalancer.ingress[0].ip' to store public ip. You can modify the chosen field here. # Most providers use '.status.loadBalancer.ingress[0].ip' to store public ip. You can modify the chosen field here.
loadBalancerStatusField: "ip" loadBalancerStatusField: "ip"