From 847cd13618e3ee2d6aedfa63e2660033168ada12 Mon Sep 17 00:00:00 2001 From: Matthias Hinrichs Date: Thu, 7 May 2026 21:20:07 +0200 Subject: [PATCH] feat: add MCP server templates for Gitea, HomeAssistant, and Outline with federated gateway support --- 05-mcp-servers/fleet.yaml | 0 .../templates/federated-gateway-secrets.yaml | 44 +++++++++ .../templates/federated-gateway.yaml | 55 +++++++++++ 05-mcp-servers/templates/gitea-mcp.yaml | 97 +++++++++++++++++++ .../templates/homeassistant-mcp.yaml | 51 ++++++++++ 05-mcp-servers/templates/outline-mcp.yaml | 49 ++++++++++ 6 files changed, 296 insertions(+) create mode 100644 05-mcp-servers/fleet.yaml create mode 100644 05-mcp-servers/templates/federated-gateway-secrets.yaml create mode 100644 05-mcp-servers/templates/federated-gateway.yaml create mode 100644 05-mcp-servers/templates/gitea-mcp.yaml create mode 100644 05-mcp-servers/templates/homeassistant-mcp.yaml create mode 100644 05-mcp-servers/templates/outline-mcp.yaml diff --git a/05-mcp-servers/fleet.yaml b/05-mcp-servers/fleet.yaml new file mode 100644 index 0000000..e69de29 diff --git a/05-mcp-servers/templates/federated-gateway-secrets.yaml b/05-mcp-servers/templates/federated-gateway-secrets.yaml new file mode 100644 index 0000000..80c246c --- /dev/null +++ b/05-mcp-servers/templates/federated-gateway-secrets.yaml @@ -0,0 +1,44 @@ +apiVersion: secrets.phase.dev/v1alpha1 +kind: PhaseSecret +metadata: + name: outline-mcp-secret + namespace: agentgateway-system +spec: + authentication: + serviceToken: + serviceTokenSecretReference: + secretName: phase-service-token + secretNamespace: phase-secrets-operator + managedSecretReferences: + - secretName: outline-mcp-bearer-token + secretNamespace: agentgateway-system + secretType: Opaque + processors: + OUTLINE_BEARER_TOKEN: + asName: Authorization + phaseApp: federated_mcp + phaseAppEnv: production + phaseAppEnvPath: / + phaseHost: https://phase.hnrx.net + +--- +apiVersion: secrets.phase.dev/v1alpha1 +kind: PhaseSecret +metadata: + name: homeassistant-mcp-secret + namespace: agentgateway-system +spec: + authentication: + serviceToken: + serviceTokenSecretReference: + secretName: phase-service-token + secretNamespace: phase-secrets-operator + managedSecretReferences: + - secretName: homeassistant-mcp-secret + secretNamespace: agentgateway-system + secretType: Opaque + nameTransformer: 'upper-camel' + phaseApp: home_assistant_token + phaseAppEnv: production + phaseAppEnvPath: / + phaseHost: https://phase.hnrx.net \ No newline at end of file diff --git a/05-mcp-servers/templates/federated-gateway.yaml b/05-mcp-servers/templates/federated-gateway.yaml new file mode 100644 index 0000000..d4f99a3 --- /dev/null +++ b/05-mcp-servers/templates/federated-gateway.yaml @@ -0,0 +1,55 @@ +apiVersion: agentgateway.dev/v1alpha1 +kind: AgentgatewayBackend +metadata: + name: federated-gateway + namespace: agentgateway-system +spec: + mcp: + targets: + - name: gitea + selector: + services: + matchLabels: + app: gitea-mcp-server + - name: outline-mcp-server + static: + host: outline.hnrx.net + port: 443 + path: /mcp/ + policies: + tls: + sni: outline.hnrx.net + auth: + secretRef: + name: outline-mcp-bearer-token + - name: homeassistant-mcp-server + static: + host: ha.hnrx.net + port: 443 + path: /api/mcp + policies: + tls: + sni: ha.hnrx.net + auth: + secretRef: + name: homeassistant-mcp-secret +--- +apiVersion: gateway.networking.k8s.io/v1 +kind: HTTPRoute +metadata: + name: mcp-federated + namespace: agentgateway-system +spec: + parentRefs: + - name: agentgateway-proxy + namespace: agentgateway-system + rules: + - backendRefs: + - name: federated-gateway + namespace: agentgateway-system + group: agentgateway.dev + kind: AgentgatewayBackend + matches: + - path: + type: PathPrefix + value: /mcp \ No newline at end of file diff --git a/05-mcp-servers/templates/gitea-mcp.yaml b/05-mcp-servers/templates/gitea-mcp.yaml new file mode 100644 index 0000000..63341e4 --- /dev/null +++ b/05-mcp-servers/templates/gitea-mcp.yaml @@ -0,0 +1,97 @@ +apiVersion: secrets.phase.dev/v1alpha1 +kind: PhaseSecret +metadata: + name: gitea-mcp-server-secret + namespace: agentgateway-system +spec: + authentication: + serviceToken: + serviceTokenSecretReference: + secretName: phase-service-token + secretNamespace: phase-secrets-operator + managedSecretReferences: + - secretName: gitea-mcp-server-secret + secretNamespace: agentgateway-system + secretType: Opaque + phaseApp: gitea-mcp-server + phaseAppEnv: production + phaseAppEnvPath: / + phaseHost: https://phase.hnrx.net + +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: gitea-mcp-server + namespace: agentgateway-system +spec: + replicas: 1 + selector: + matchLabels: + app: gitea-mcp-server + template: + metadata: + labels: + app: gitea-mcp-server + spec: + containers: + - name: gitea-mcp-server + image: docker.gitea.com/gitea-mcp-server:latest + command: ["/app/gitea-mcp"] + args: ["-t", "http", "--port", "8080"] + envFrom: + - secretRef: + name: gitea-mcp-server-secret + ports: + - containerPort: 8080 + +--- +apiVersion: v1 +kind: Service +metadata: + name: gitea-mcp-server + namespace: agentgateway-system + labels: + app: gitea-mcp-server +spec: + selector: + app: gitea-mcp-server + ports: + - port: 8080 + targetPort: 8080 + appProtocol: agentgateway.dev/mcp + +--- +apiVersion: agentgateway.dev/v1alpha1 +kind: AgentgatewayBackend +metadata: + name: mcp-backend + namespace: agentgateway-system +spec: + mcp: + targets: + - name: gitea-mcp-server + selector: + services: + matchLabels: + app: gitea-mcp-server +--- +apiVersion: gateway.networking.k8s.io/v1 +kind: HTTPRoute +metadata: + name: gitea-mcp + namespace: agentgateway-system +spec: + parentRefs: + - name: agentgateway-proxy + namespace: agentgateway-system + rules: + - backendRefs: + - name: mcp-backend + namespace: agentgateway-system + group: agentgateway.dev + kind: AgentgatewayBackend + matches: + - path: + type: PathPrefix + value: /mcp-gitea diff --git a/05-mcp-servers/templates/homeassistant-mcp.yaml b/05-mcp-servers/templates/homeassistant-mcp.yaml new file mode 100644 index 0000000..855ae37 --- /dev/null +++ b/05-mcp-servers/templates/homeassistant-mcp.yaml @@ -0,0 +1,51 @@ +apiVersion: agentgateway.dev/v1alpha1 +kind: AgentgatewayBackend +metadata: + name: homeassistant-mcp-backend + namespace: agentgateway-system +spec: + mcp: + targets: + - name: homeassistant-mcp-server + static: + host: ha.hnrx.net + port: 443 + path: /api/mcp + policies: + tls: + sni: ha.hnrx.net + +--- +apiVersion: gateway.networking.k8s.io/v1 +kind: HTTPRoute +metadata: + name: homeassistant-mcp + namespace: agentgateway-system +spec: + parentRefs: + - name: agentgateway-proxy + namespace: agentgateway-system + rules: + - backendRefs: + - name: homeassistant-mcp-backend + namespace: agentgateway-system + group: agentgateway.dev + kind: AgentgatewayBackend + filters: + - type: CORS + cors: + allowHeaders: + - "*" + allowMethods: + - "*" + allowOrigins: + - "*" + - type: RequestHeaderModifier + requestHeaderModifier: + set: + - name: Authorization + value: "Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiIwMThlYjBjMjk0MjU0YzdhODdiNTc5MjcwMThkMjE2NiIsImlhdCI6MTczNDY1MTY2MCwiZXhwIjoyMDUwMDExNjYwfQ.2M6rKWpzScXX28tYVTkzpgZgdCSou8DiyhqXkeJF6HE" + matches: + - path: + type: PathPrefix + value: /mcp-homeassistant \ No newline at end of file diff --git a/05-mcp-servers/templates/outline-mcp.yaml b/05-mcp-servers/templates/outline-mcp.yaml new file mode 100644 index 0000000..4168381 --- /dev/null +++ b/05-mcp-servers/templates/outline-mcp.yaml @@ -0,0 +1,49 @@ +apiVersion: agentgateway.dev/v1alpha1 +kind: AgentgatewayBackend +metadata: + name: outline-mcp-backend + namespace: agentgateway-system +spec: + mcp: + targets: + - name: outline-mcp-server + static: + host: outline.hnrx.net + port: 443 + path: /mcp/ + policies: + tls: + sni: outline.hnrx.net + auth: + secretRef: + name: outline-mcp-bearer-token + +--- +apiVersion: gateway.networking.k8s.io/v1 +kind: HTTPRoute +metadata: + name: outline-mcp + namespace: agentgateway-system +spec: + parentRefs: + - name: agentgateway-proxy + namespace: agentgateway-system + rules: + - backendRefs: + - name: outline-mcp-backend + namespace: agentgateway-system + group: agentgateway.dev + kind: AgentgatewayBackend + filters: + - type: CORS + cors: + allowHeaders: + - "*" + allowMethods: + - "*" + allowOrigins: + - "*" + matches: + - path: + type: PathPrefix + value: /mcp-outline