bluejay-infra/apps/fc-mysql/fc-mysql.yaml

# FlowerCore MySQL Manager — TLS + Ingress
# Deployment and Service managed by deploy script (not ArgoCD)
---
apiVersion: cert-manager.io/v1
kind: Certificate
metadata:
  name: mysql-web-tls
  namespace: fc-mysql
spec:
  secretName: mysql-web-tls
  issuerRef:
    name: step-ca-acme
    kind: ClusterIssuer
  dnsNames:
    - mysql.iamworkin.lan
---
apiVersion: traefik.io/v1alpha1
kind: IngressRoute
metadata:
  name: mysql-web
  namespace: fc-mysql
spec:
  entryPoints:
    - websecure
  routes:
    - match: Host(`mysql.iamworkin.lan`)
      kind: Rule
      services:
        - name: mysql-web
          port: 5300
  tls:
    secretName: mysql-web-tls