From ca15a6497cc17d270ba069edecec18a1cb6b4fd3 Mon Sep 17 00:00:00 2001
From: Remy Moll <me@moll.re>
Date: Sat, 4 May 2024 12:10:12 +0000
Subject: [PATCH] Add apps/media/ingress.yaml

---
 apps/media/ingress.yaml | 63 +++++++++++++++++++++++++++++++++++++++++
 1 file changed, 63 insertions(+)
 create mode 100644 apps/media/ingress.yaml

diff --git a/apps/media/ingress.yaml b/apps/media/ingress.yaml
new file mode 100644
index 0000000..4a82609
--- /dev/null
+++ b/apps/media/ingress.yaml
@@ -0,0 +1,63 @@
+apiVersion: traefik.io/v1alpha1
+kind: IngressRoute
+metadata:
+  name: jellyfin-vue-ingress
+  namespace: media
+spec:
+  entryPoints:
+    - websecure
+  routes:
+    - match: Host(`media.kluster.moll.re`)
+      middlewares:
+        - name: jellyfin-websocket
+      kind: Rule
+      services:
+        - name: jellyfin-web
+          port: 80
+  tls:
+    certResolver: default-tls
+---
+apiVersion: traefik.io/v1alpha1
+kind: IngressRoute
+metadata:
+  name: jellyfin-backend-ingress
+  namespace: media
+spec:
+  entryPoints:
+    - websecure
+  routes:
+    - match: Host(`media-backend.kluster.moll.re`) && !Path(`/metrics`)
+      middlewares:
+        - name: jellyfin-websocket
+        - name: jellyfin-server-headers
+      kind: Rule
+      services:
+        - name: jellyfin-server
+          port: 8096
+  tls:
+    certResolver: default-tls
+---
+apiVersion: traefik.io/v1alpha1
+kind: Middleware
+metadata:
+  name: jellyfin-websocket
+  namespace: media
+spec:
+  headers:
+    customRequestHeaders:
+      Connection: keep-alive, Upgrade
+      Upgrade: WebSocket
+---
+apiVersion: traefik.io/v1alpha1
+kind: Middleware
+metadata:
+  name: jellyfin-server-headers
+  namespace: media
+spec:
+  headers:
+    accessControlAllowCredentials: true
+    accessControlAllowHeaders: [ "Authorization","Content-Type" ] # "Accept","Origin"
+    accessControlAllowMethods: [ "GET","HEAD","OPTIONS" ] # "POST","PUT"
+    accessControlAllowOriginList:
+      - "*"
+    accessControlMaxAge: 100
\ No newline at end of file