Update authentication configuration for Longhorn ingress

cluster/kubernetes_dashboard/dashboard-ingress-route.yaml

@@ -0,0 +1,92 @@
+# apiVersion: v1
+# kind: Secret
+# metadata:
+#   name: basic-auth-users-secret
+#   namespace: kubernetes-dashboard
+# data:
+#   users: dXNlcjokYXByMSREdjgvWEFWayR1RmhjMlNyalloMGJuR09IYmNrV2oxCgo=
+
+---
+apiVersion: cert-manager.io/v1
+kind: ClusterIssuer
+metadata:
+  name: selfsigned
+spec:
+  selfSigned: {}
+
+---
+apiVersion: cert-manager.io/v1
+kind: Certificate
+metadata:
+  name: kboard.taefik.local
+  namespace: kubernetes-dashboard
+spec:
+  dnsNames:
+    - kboard.taefik.local
+  secretName: kboard.taefik.local
+  issuerRef:
+    name: selfsigned
+    kind: ClusterIssuer
+
+---
+
+apiVersion: traefik.io/v1alpha1
+kind: ServersTransport
+metadata:
+  name: insecure-transport
+  namespace: kubernetes-dashboard
+spec:
+  serverName: kubernetes-dashboard-kong-proxy
+  insecureSkipVerify: true
+---
+# Declaring the user list
+# apiVersion: traefik.io/v1alpha1
+# kind: Middleware
+# metadata:
+#   name: ingress-auth
+#   namespace: kubernetes-dashboard
+# spec:
+#   basicAuth:
+#     secret: basic-auth-users-secret
+
+# ---
+# apiVersion: traefik.io/v1alpha1
+# kind: Middleware
+# metadata:
+#   name: strip-dashboard
+#   namespace: kubernetes-dashboard
+# spec:
+#   stripPrefix:
+#     prefixes:
+#       - "/kboard"
+#     forceSlash: true
+
+# ---
+# Host(`test.traefik.local`) && PathPrefix(`/kboard`)
+
+apiVersion: traefik.io/v1alpha1
+kind: IngressRoute
+metadata:
+  name: kubernetes-dashboard-ingress
+  namespace: kubernetes-dashboard
+spec:
+  entryPoints:
+    # - web
+    - websecure
+  routes:
+    - match: Host(`kboard.taefik.local`)
+      kind: Rule
+      # middlewares:
+        # - name: ingress-auth
+        #   namespace: kubernetes-dashboard
+        # - name: strip-dashboard
+        #   namespace: kubernetes-dashboard
+      services:
+        - name: kubernetes-dashboard-kong-proxy
+          port: 443
+          # scheme: https
+          namespace: kubernetes-dashboard
+          serversTransport: insecure-transport
+      # Use the secret generated by cert-manager
+  tls:
+    secretName: kboard.taefik.local

cluster/kubernetes_dashboard/readme.md

@@ -0,0 +1,12 @@
+# kubenetes dashboard
+# https://kubernetes.io/docs/tasks/access-application-cluster/web-ui-dashboard/
+
+# kubectl proxy
+```
+kubectl -n kubernetes-dashboard apply -f dashboard-ingress-route.yaml
+
+kubectl -n kubernetes-dashboard get ingressroutes
+
+
+k delete -f dashboard-ingress-route.yaml
+```

cluster/longhorn_ingress/readme.md

@@ -3,9 +3,9 @@
 ## Description
 ```bash
 # https://longhorn.io/docs/1.6.2/deploy/accessing-the-ui/longhorn-ingress/
-# $ USER=admin; PASSWORD=1234; echo "${USER}:$(openssl passwd -stdin -apr1 <<< ${PASSWORD})" >> auth
-# $ cat auth
-# admin:$apr1$FnyKCYKb$6IP2C45fZxMcoLwkOwf7k0
+# USER=admin; PASSWORD=1234; echo "${USER}:$(openssl passwd -stdin -apr1 <<< ${PASSWORD})" >> auth
+# cat auth
+# admin:$apr1$9ucb20/W$4PupY6OD8EsPbxUSGLFdG.
 
 htpasswd -nb user password | openssl base64 > auth
 # replace user and password with your own values in auth file to longhorn-ingress-route.yaml
@@ -65,9 +65,9 @@ htpasswd -nb user password | openssl base64 > auth
 
 kubectl -n longhorn-system apply -f longhorn-ingress-route.yaml
 
-$ kubectl -n longhorn-system get ingressroutes
-NAME               HOSTS   ADDRESS                                     PORTS   AGE
-longhorn-ingress   *       45.79.165.114,66.228.45.37,97.107.142.125   80      2m7s
+kubectl -n longhorn-system get ingressroutes
+# NAME               HOSTS   ADDRESS                                     PORTS   AGE
+# longhorn-ingress   *       45.79.165.114,66.228.45.37,97.107.142.125   80      2m7s
 
 $ curl -v http://97.107.142.125/
 *   Trying 97.107.142.125...