From 2da27316545f1a95b8d6b407403c6769762abe71 Mon Sep 17 00:00:00 2001
From: Pim Kunis <pim@kunis.nl>
Date: Mon, 8 Apr 2024 21:17:28 +0200
Subject: [PATCH] create service and ingress for esrom enable externalnames in
 traefik for esrom

---
 nix/flake/kubenix/default.nix | 40 ++++++++++++++++++++++++++++++++++-
 1 file changed, 39 insertions(+), 1 deletion(-)

diff --git a/nix/flake/kubenix/default.nix b/nix/flake/kubenix/default.nix
index cc97ebc..5b508bd 100644
--- a/nix/flake/kubenix/default.nix
+++ b/nix/flake/kubenix/default.nix
@@ -99,7 +99,9 @@
                           options: ""
                           certResolver: ""
                           domains: []
-
+                    providers:
+                      kubernetesIngress:
+                        allowExternalNameServices: true
                   '';
                 };
               };
@@ -117,6 +119,42 @@
                   }];
                 };
               };
+
+              services.esrom.spec = {
+                type = "ExternalName";
+                externalName = "esrom.dmz";
+                ports = [{
+                  port = 80;
+                  targetPort = 80;
+                }];
+              };
+
+              ingresses.esrom = {
+                metadata.annotations."cert-manager.io/cluster-issuer" = "letsencrypt";
+
+                spec = {
+                  ingressClassName = "traefik";
+
+                  rules = [{
+                    host = "esrom.kun.is";
+
+                    http.paths = [{
+                      path = "/";
+                      pathType = "Prefix";
+
+                      backend.service = {
+                        name = "esrom";
+                        port.number = 80;
+                      };
+                    }];
+                  }];
+
+                  tls = [{
+                    secretName = "esrom-tls";
+                    hosts = [ "esrom.kun.is" ];
+                  }];
+                };
+              };
             };