delete external device

2026-01-23 00:05:04 +01:00
parent 84c7137c23
commit 227b92fe4f
12 changed files with 45 additions and 1195 deletions
--- a/helm/external-devices/dev/Chart.yaml
+++ b/helm/external-devices/dev/Chart.yaml
@@ -1,7 +0,0 @@
-apiVersion: v2
-name: external-devices
-description: Chart pour exposer les équipements externes via Traefik reverse proxy
-type: application
-version: 0.1.0
-appVersion: "1.0"
-
--- a/helm/external-devices/dev/templates/ingressroutes.yaml
+++ b/helm/external-devices/dev/templates/ingressroutes.yaml
@@ -1,52 +0,0 @@
-{{- range $name, $device := .Values.externalDevices }}
-{{- if $device.enabled }}
---
-apiVersion: traefik.io/v1alpha1
-kind: IngressRoute
-metadata:
-  name: {{ $name }}
-  namespace: {{ $device.namespace | default $.Values.global.namespace }}
-  labels:
-    app: external-device
-    device: {{ $name }}
-spec:
-  entryPoints:
-    - websecure
-  routes:
-    - match: Host(`{{ $device.domain }}`)
-      kind: Rule
-      services:
-        - name: {{ $name }}-backend
-          port: {{ $device.port }}
-      {{- if $device.basicAuth.enabled }}
-      middlewares:
-        - name: {{ $name }}-auth
-      {{- end }}
-  tls:
-    secretName: {{ $device.tlsSecret | default $.Values.global.tlsSecret }}
-{{- if $.Values.global.redirectHttpToHttps }}
---
-# Redirection HTTP vers HTTPS
-apiVersion: traefik.io/v1alpha1
-kind: IngressRoute
-metadata:
-  name: {{ $name }}-http-redirect
-  namespace: {{ $device.namespace | default $.Values.global.namespace }}
-  labels:
-    app: external-device
-    device: {{ $name }}
-spec:
-  entryPoints:
-    - web
-  routes:
-    - match: Host(`{{ $device.domain }}`)
-      kind: Rule
-      middlewares:
-        - name: redirect-https
-      services:
-        - name: {{ $name }}-backend
-          port: {{ $device.port }}
-{{- end }}
-{{- end }}
-{{- end }}
-
--- a/helm/external-devices/dev/templates/middlewares.yaml
+++ b/helm/external-devices/dev/templates/middlewares.yaml
@@ -1,29 +0,0 @@
-{{- if .Values.global.redirectHttpToHttps }}
---
-# Middleware pour rediriger HTTP vers HTTPS
-apiVersion: traefik.io/v1alpha1
-kind: Middleware
-metadata:
-  name: redirect-https
-  namespace: {{ .Values.global.namespace }}
-spec:
-  redirectScheme:
-    scheme: https
-    permanent: true
-{{- end }}
-
-{{- range $name, $device := .Values.externalDevices }}
-{{- if and $device.enabled $device.basicAuth.enabled }}
---
-# Middleware d'authentification basique pour {{ $name }}
-apiVersion: traefik.io/v1alpha1
-kind: Middleware
-metadata:
-  name: {{ $name }}-auth
-  namespace: {{ $device.namespace | default $.Values.global.namespace }}
-spec:
-  basicAuth:
-    secret: {{ $device.basicAuth.secretName }}
-{{- end }}
-{{- end }}
-
--- a/helm/external-devices/dev/templates/services.yaml
+++ b/helm/external-devices/dev/templates/services.yaml
@@ -1,47 +0,0 @@
-{{- range $name, $device := .Values.externalDevices }}
-{{- if $device.enabled }}
---
-# Service pour {{ $name }}
-apiVersion: v1
-kind: Service
-metadata:
-  name: {{ $name }}-backend
-  namespace: {{ $device.namespace | default $.Values.global.namespace }}
-  labels:
-    app: external-device
-    device: {{ $name }}
-    app.kubernetes.io/managed-by: Helm
-    app.kubernetes.io/instance: {{ $.Release.Name }}
-  annotations:
-    argocd.argoproj.io/sync-wave: "-1"
-spec:
-  type: ClusterIP
-  ports:
-    - port: {{ $device.port }}
-      targetPort: {{ $device.port }}
-      protocol: TCP
---
-# Endpoints pour {{ $name }} (pointe vers l'IP externe)
-apiVersion: v1
-kind: Endpoints
-metadata:
-  name: {{ $name }}-backend
-  namespace: {{ $device.namespace | default $.Values.global.namespace }}
-  labels:
-    app: external-device
-    device: {{ $name }}
-    app.kubernetes.io/managed-by: Helm
-    app.kubernetes.io/instance: {{ $.Release.Name }}
-  annotations:
-    argocd.argoproj.io/sync-wave: "0"
-    # Forcer ArgoCD à gérer cette ressource même si elle est normalement exclue
-    argocd.argoproj.io/sync-options: "ServerSideApply=true"
-subsets:
-  - addresses:
-      - ip: {{ $device.ip }}
-    ports:
-      - port: {{ $device.port }}
-        protocol: TCP
-{{- end }}
-{{- end }}
-
--- a/helm/external-devices/dev/values.yaml
+++ b/helm/external-devices/dev/values.yaml
@@ -1,33 +0,0 @@
-# Configuration pour les équipements externes exposés via Traefik (dev)
-# Les certificats TLS sont gérés par cert-manager dans le cluster OPS
-# ⚠️ Pour le moment, seuls les services externes en production sont configurés
-
-externalDevices:  
-  # OpenMediaVault
-  omv:
-    enabled: true
-    domain: "nas.dev.gkdomaine.fr"
-    ip: "10.78.20.107"  # ⚠️ À configurer avec l'IP réelle d'OpenMediaVault
-    port: 80
-    tlsSecret: "wildcard-dev-tls"
-    namespace: "traefik-dev"
-    basicAuth:
-      enabled: false
-      secretName: "omv-basic-auth"
-    
-  # Ajoutez d'autres équipements ici
-  # exemple:
-  # autre-equipement:
-  #   enabled: true
-  #   domain: "autre.dev.gkdomaine.fr"
-  #   ip: "192.168.1.30"
-  #   port: 80
-  #   tlsSecret: "wildcard-dev-tls"
-  #   namespace: "traefik-dev"
-
-# Configuration globale
-global:
-  namespace: "traefik-dev"
-  tlsSecret: "wildcard-dev-tls"
-  redirectHttpToHttps: true
-