bluejay/bluejay-infra
1
0
Fork 0
Code Issues Pull Requests 14 Actions Packages Projects Releases Wiki Activity

Add basicAuth middleware to NOC proxy IngressRoutes

Browse Source 
Add bcrypt-based basicAuth (admin/zenith-turret-falcon-umber) to grafana,
prometheus, and cockpit IngressRoutes in noc-proxy namespace. Uses shared
Secret and Middleware, matching the traefik-dashboard-auth pattern.
This commit is contained in:
Andrew M. Stoltz
2026-03-11 14:44:03 -05:00
parent 1d8e2e9a1c
commit 5cc7f787cc
1 changed files with 27 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

27
apps/noc-services/noc-services.yaml
View File

@@ -11,6 +11,27 @@ metadata:
app.kubernetes.io/part-of: bluejay-infra
---
# ============================================================
# BasicAuth - shared across all NOC proxy IngressRoutes
# ============================================================
apiVersion: v1
kind: Secret
metadata:
name: noc-proxy-auth
namespace: noc-proxy
type: Opaque
data:
users: YWRtaW46JDJiJDEwJEZjdlVFNWNpNkxvNi5rZ1k5L3hJV2V5M2tvM3VVY1U5YXJaSlQ4N29ZREtCSi5lNkoucXJD
---
apiVersion: traefik.io/v1alpha1
kind: Middleware
metadata:
name: noc-proxy-auth
namespace: noc-proxy
spec:
basicAuth:
secret: noc-proxy-auth
---
# ============================================================
# Grafana - noc1:3000
# ============================================================
apiVersion: v1
@@ -61,6 +82,8 @@ spec:
routes:
- kind: Rule
match: Host(`grafana.iamworkin.lan`)
middlewares:
- name: noc-proxy-auth
services:
- name: grafana-external
port: 3000
@@ -118,6 +141,8 @@ spec:
routes:
- kind: Rule
match: Host(`prometheus.iamworkin.lan`)
middlewares:
- name: noc-proxy-auth
services:
- name: prometheus-external
port: 9091
@@ -185,6 +210,8 @@ spec:
routes:
- kind: Rule
match: Host(`cockpit.iamworkin.lan`)
middlewares:
- name: noc-proxy-auth
services:
- name: cockpit-external
port: 9090