starting homelab RKE2 cluster

06_argocd_installation/argo-prepare.yaml

@@ -0,0 +1,54 @@
+---
+apiVersion: v1
+kind: Namespace
+metadata:
+  name: argocd
+---
+apiVersion: gateway.networking.k8s.io/v1
+kind: Gateway
+metadata:
+  name: argocd-gateway
+  namespace: argocd
+  labels:
+    bgp.cilium.io/ip-pool: default  # Damit bekommt das Gateway eine IP aus deinem Pool
+  annotations:
+    # Damit external-dns diesen Gateway findet und einen DNS-Eintrag erstellt
+    # (falls external-dns Gateway API unterstützt, was es tut)
+    cert-manager.io/cluster-issuer: cloudflare-cluster-issuer
+spec:
+  gatewayClassName: envoy-gateway-class
+  listeners:
+    - name: https
+      hostname: "argocd.k8s.hnrx.net"
+      protocol: HTTPS
+      port: 443
+      allowedRoutes:
+        namespaces:
+          from: All
+      tls:
+        mode: Terminate
+        certificateRefs:
+          - name: argocd-gateway-tls
+    - name: http
+      hostname: "argocd.k8s.hnrx.net"
+      protocol: HTTP
+      port: 80
+      allowedRoutes:
+        kinds:
+          - kind: HTTPRoute
+          - kind: GRPCRoute
+        namespaces:
+          from: All
+---
+apiVersion: cert-manager.io/v1
+kind: Certificate
+metadata:
+  name: argocd-gateway-tls
+  namespace: argocd
+spec:
+  secretName: argocd-gateway-tls
+  dnsNames:
+  - argocd.k8s.hnrx.net
+  issuerRef:
+    name: cloudflare-cluster-issuer
+    kind: ClusterIssuer