From bf4f13faeb9bb9030459d4e89500f5db4fd6efac Mon Sep 17 00:00:00 2001
From: Aaditya Dhruv <aadityadhruv@mailbox.org>
Date: Tue, 22 Apr 2025 17:18:17 -0500
Subject: Update Gonic Role - Ingress fixes

Instead of having one Ingress with two domains, its better to have
individual ingresses for them. This is done so that the correct cert
authority can be chosen for the internal vs external domain
---
 roles/gonic/files/gonic/templates/ingress.yaml | 19 ++++++++++++++++---
 1 file changed, 16 insertions(+), 3 deletions(-)

diff --git a/roles/gonic/files/gonic/templates/ingress.yaml b/roles/gonic/files/gonic/templates/ingress.yaml
index aa6a0bd..9ea5ab0 100644
--- a/roles/gonic/files/gonic/templates/ingress.yaml
+++ b/roles/gonic/files/gonic/templates/ingress.yaml
@@ -9,10 +9,9 @@ spec:
   tls:
   - hosts:
     - music.aadityadhruv.com
-    - music.home
     secretName: gonic-tls
   rules:
-  - host: music.home
+  - host: music.aadityadhruv.com
     http:
       paths:
       - path: /
@@ -22,7 +21,21 @@ spec:
             name: gonic-service
             port:
               number: 80
-  - host: music.aadityadhruv.com
+---
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  name: gonic-ca
+  annotations:
+    cert-manager.io/cluster-issuer: "ca-issuer"
+spec:
+  ingressClassName: traefik
+  tls:
+  - hosts:
+    - music.home
+    secretName: gonic-tls-ca
+  rules:
+  - host: music.home
     http:
       paths:
       - path: /
-- 
cgit