Fix kind cluster to allow full Ingress on localhost

deploy/base/ingress.yaml

@@ -12,7 +12,7 @@ spec:
   ingressClassName: nginx
   # NOTE: overlays depend on the order of rule entries.
   rules:
-  - host: grafana
+  - host: grafana.internal
     http:
       paths:
       - pathType: Prefix
@@ -22,7 +22,7 @@ spec:
             name: grafana
             port:
               name: service
-  - host: invidious
+  - host: invidious.internal
     http:
       paths:
       - pathType: Prefix
@@ -32,7 +32,7 @@ spec:
             name: invidious
             port:
               name: http
-  - host: element
+  - host: element.internal
     http:
       paths:
       - pathType: Prefix
@@ -42,7 +42,7 @@ spec:
             name: element
             port:
               name: http
-  - host: gitea
+  - host: gitea.internal
     http:
       paths:
       - pathType: Prefix

deploy/base/svc-ingress-nginx.yaml

@@ -1,4 +1,13 @@
 ---
+# Configure the ingress-nginx to use specific nodePorts for HTTP and HTTPS
+# traffic. This allows the cluster to route traffic to the service via port
+# mappings.
+- op: replace
+  path: /spec/ports/0/nodePort
+  value: 32048
+- op: replace
+  path: /spec/ports/1/nodePort
+  value: 32049
 # Force the ingress-nginx service to expose port 22. This allows traffic to be
 # routed to the Gitea SSH service.
 - op: add

deploy/dev/gitea-config.ini

@@ -6,13 +6,13 @@ RUN_USER = git
 APP_DATA_PATH   = /data/gitea
 PROTOCOL        = http
 HTTP_PORT       = 3000
-ROOT_URL        = http://localhost:3000
+ROOT_URL        = http://gitea.internal
-SSH_DOMAIN      = localhost
+SSH_DOMAIN      = gitea.internal
 SSH_LISTEN_PORT = 2222
 SSH_PORT        = 2222
 START_SSH_SERVER = true
 ENABLE_PPROF    = false
-DOMAIN          = localhost:3000
+DOMAIN          = gitea.internal
 OFFLINE_MODE    = false
 LFS_START_SERVER = true
 LFS_JWT_SECRET  = ebGusL71uqCv_YcAzbhoINeXMj1DtMO3q6StXHDzyi8
@@ -68,7 +68,7 @@ ENABLE_CAPTCHA                    = false
 DEFAULT_KEEP_EMAIL_PRIVATE        = true
 DEFAULT_ALLOW_CREATE_ORGANIZATION = true
 DEFAULT_ENABLE_TIMETRACKING       = true
-NO_REPLY_ADDRESS                  = noreply.localhost
+NO_REPLY_ADDRESS                  = noreply.gitea.internal
 
 [database]
 DB_TYPE = postgres

deploy/dev/ingress.yaml

@@ -1,27 +1,4 @@
+# TODO: setup TLS certs for local cluster.
 - op: replace
   path: /spec/ingressClassName
   value: dev-nginx
-- op: add
-  path: /metadata/annotations
-  value:
-    cert-manager.io/cluster-issuer: cluster-issuer-selfsigned
-- op: replace
-  path: /spec/tls
-  value:
-    - hosts:
-      - grafana.local
-      - invidious.local
-      - element.local
-      - gitea.local
-- op: replace
-  path: /spec/rules/0/host
-  value: grafana.local
-- op: replace
-  path: /spec/rules/1/host
-  value: invidious.local
-- op: replace
-  path: /spec/rules/2/host
-  value: element.local
-- op: replace
-  path: /spec/rules/3/host
-  value: gitea.local

deploy/dev/invidious-config.yaml

@@ -1,4 +1,4 @@
-domain: localhost:3000
+domain: invidious.local
 channel_threads: 1
 feed_threads: 1
 registration_enabled: true

kind/cluster.yaml

@@ -0,0 +1,18 @@
+kind: Cluster
+apiVersion: kind.x-k8s.io/v1alpha4
+nodes:
+- role: control-plane
+  kubeadmConfigPatches:
+  - |
+    kind: InitConfiguration
+    nodeRegistration:
+      kubeletExtraArgs:
+        node-labels: "ingress-ready=true"
+  extraPortMappings:
+  - containerPort: 32048
+    hostPort: 80
+    protocol: TCP
+    listenAddress: "0.0.0.0"
+  - containerPort: 32049
+    hostPort: 443
+    protocol: TCP