From 0ff84def1464ce0b81bb72197fed51e3a6a3df10 Mon Sep 17 00:00:00 2001
From: Daniel <nalilord@web.de>
Date: Tue, 14 Oct 2025 14:36:11 +0200
Subject: [PATCH] Added passbolt ingress and cert

---
 .DS_Store                                     | Bin 6148 -> 0 bytes
 .gitignore                                    |   1 +
 argocd/.DS_Store                              | Bin 6148 -> 0 bytes
 argocd/apps/.DS_Store                         | Bin 6148 -> 0 bytes
 .../include/passbolt-certificate.yaml         |  13 +++++
 config/passbolt/passbolt-ingressroute.yaml    |  53 ++++++++++++++++++
 6 files changed, 67 insertions(+)
 delete mode 100644 .DS_Store
 create mode 100644 .gitignore
 delete mode 100644 argocd/.DS_Store
 delete mode 100644 argocd/apps/.DS_Store
 create mode 100644 argocd/apps/cert-manager/include/passbolt-certificate.yaml
 create mode 100644 config/passbolt/passbolt-ingressroute.yaml

diff --git a/.DS_Store b/.DS_Store
deleted file mode 100644
index 2ddac0dcc6eb0523c8fdc56b3317f39e3b0b0558..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 6148
zcmeHKJ8r`;3?);e2$02NM_r*e5RCK$xj<SQ=wiS?i|(F!t{kn8pCN|Z%^6ZW0@RZz
zJ_&k*X^Mz;U&FIVD<XTip?ur0HrqE}*)AgrgyW1}hT*dx-==9?W&a*9?xVcQhrG*l
z&9@C26`%rCfC^9nDzLc%Sz`Bx%}?fmRDcTHy8`xoC~(7?I0yQt1B15!zy@JA%)OTY
z77GAt;v9$wOoIvxs%DF!K}Wn~UQL_>gD#rQhvv<i9g6zxIKOzhXbt2@1*pJMfrnVO
zR{vk%fAs%L5?54!3j8Ytv^k!R9iEi6b@e!_wFQ2LTh0Y;hPhKPcsT}oImW`u@slS-
aUa>j$YvLT}bi|zw<j;WVLZbq=R^SIq-W6~F

diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..e43b0f9
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1 @@
+.DS_Store
diff --git a/argocd/.DS_Store b/argocd/.DS_Store
deleted file mode 100644
index 71d98e9527ff91d70f53e361bfd1b6cdaad7d5b8..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 6148
zcmeH~Jr2S!425mzP>H1@V-^m;4I%_5-~#+~L;|T|&(V2yybzdCg`Sc9Vy71EH#D_~
z=<YdgMFtV+;ij^&(3m3c<SY;Trg6I7F8BM*im*i$u@pW?vme_O5+DH*AOR8}ff*5q
zW4vF@=$?2hBtQc5AYku@1UJp0rK-O=5PSrHb||}H?Xv_lSpk|uOI1{08q<SDtNIvX
zb#I5JxGsm5s<mA-h7XN@R-0mATH8ev5}0Ne1`;5FhQPAsgPs2e__z7LX<<qNB=Bbh
zwA&x|J3LgJtsjqP^;1-BUEol^9O3OF0Er#NYq%TslP#b*v{Xd}#t#9<z(4{&CGY~M
CJ`%YA

diff --git a/argocd/apps/.DS_Store b/argocd/apps/.DS_Store
deleted file mode 100644
index 1a2403d74b23421176fb9f203ded6be7f10b4fb6..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 6148
zcmeH~O>P1)427Thk&wD!$ugTBfEz>zPS6X`0=rQ`s=Ck7d3L;E+BF)XXUTc76VK1L
zn2Z6~?)SU})&N#?SG@Z$GGn~N4Ff*$jm!DxG<;pJgQqdey&lkcjmPy|mWY4|h=2%)
zfCx;8Kpf&c|KBF`OnMX%5P@kB@b5#RyVlg!H9j32q6MHXm=5DSdI@Ur1huBNuFTLZ
zy9disi#EjbQBEznuco%Hy&RU!hvl8kyBM1Fa#&$Nvl^m71Vms&VBX`kpZ^E?fBpZc
zM4<?Xz>5*E#r|Wz<4fh)`sejLf6T1U8=V^4IXwIXFz};zLl5J6@d>r2wyw<3^dk@$
KG>E`c3ETmfS`&K!

diff --git a/argocd/apps/cert-manager/include/passbolt-certificate.yaml b/argocd/apps/cert-manager/include/passbolt-certificate.yaml
new file mode 100644
index 0000000..c5b8a67
--- /dev/null
+++ b/argocd/apps/cert-manager/include/passbolt-certificate.yaml
@@ -0,0 +1,13 @@
+apiVersion: cert-manager.io/v1
+kind: Certificate
+metadata:
+  name: passbolt-cert
+  namespace: kube-system
+spec:
+  secretName: passbolt-tls
+  issuerRef:
+    name: lets-encrypt
+    kind: ClusterIssuer
+  commonName: passbolt.innovation-hub-niedersachsen.de
+  dnsNames:
+    - passbolt.innovation-hub-niedersachsen.de
diff --git a/config/passbolt/passbolt-ingressroute.yaml b/config/passbolt/passbolt-ingressroute.yaml
new file mode 100644
index 0000000..0a9205b
--- /dev/null
+++ b/config/passbolt/passbolt-ingressroute.yaml
@@ -0,0 +1,53 @@
+---
+apiVersion: traefik.io/v1alpha1
+kind: Middleware
+metadata:
+  name: passbolt-stripprefix
+  namespace: kube-system
+spec:
+  stripPrefix:
+    prefixes:
+      - /
+---
+apiVersion: traefik.io/v1alpha1
+kind: ServersTransport
+metadata:
+  name: passbolt-transport
+  namespace: kube-system
+spec:
+  insecureSkipVerify: true
+---
+apiVersion: traefik.io/v1alpha1
+kind: IngressRoute
+metadata:
+  name: passbolt-external
+  namespace: kube-system
+  annotations:
+    cert-manager.io/cluster-issuer: "lets-encrypt"
+spec:
+  entryPoints:
+    - websecure
+  routes:
+    - match: Host(`passbolt.innovation-hub-niedersachsen.de`)
+      kind: Rule
+      services:
+        - name: passbolt-external-service
+          port: 3001
+          scheme: http
+          serversTransport: passbolt-transport
+      middlewares:
+        - name: passbolt-stripprefix
+  tls:
+    secretName: passbolt-tls
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: passbolt-external-service
+  namespace: kube-system
+spec:
+  type: ExternalName
+  externalName: 192-168-4-106.nip.io
+  ports:
+    - port: 3001
+      targetPort: 3001