feat(openbao): enable bao.coulomb.social ingress and Traefik middlewares

Expose OpenBao UI via TLS ingress with rate-limit and HSTS middlewares.
Track netkingdom OIDC mount in authenticated verify checks.
This commit is contained in:
2026-06-18 01:23:02 +02:00
parent 7838df6069
commit 423eccc8e9
4 changed files with 59 additions and 2 deletions

View File

@@ -31,7 +31,23 @@ server:
memory: 512Mi
ingress:
enabled: false
enabled: true
annotations:
cert-manager.io/cluster-issuer: letsencrypt-prod
traefik.ingress.kubernetes.io/router.middlewares: >-
openbao-openbao-rate-limit@kubernetescrd,
openbao-openbao-hsts@kubernetescrd
ingressClassName: traefik
pathType: Prefix
activeService: true
hosts:
- host: bao.coulomb.social
paths:
- /
tls:
- secretName: bao-tls
hosts:
- bao.coulomb.social
authDelegator:
enabled: true