From 5b6f0398f91c4d57882941a83226a4363b93c8b8 Mon Sep 17 00:00:00 2001
From: Shahab Dogar <shahab@dogar.dev>
Date: Sat, 22 Nov 2025 23:21:30 +0500
Subject: [PATCH] fix: NixCache | remove insecure ingress and use secure one

---
 cache-infrastructure/index.ts                     | 2 +-
 cache-infrastructure/{nixcache => nix}/index.ts   | 7 +++----
 cache-infrastructure/{nixcache => nix}/nginx.conf | 0
 3 files changed, 4 insertions(+), 5 deletions(-)
 rename cache-infrastructure/{nixcache => nix}/index.ts (94%)
 rename cache-infrastructure/{nixcache => nix}/nginx.conf (100%)

diff --git a/cache-infrastructure/index.ts b/cache-infrastructure/index.ts
index 0cc15a4..c627649 100644
--- a/cache-infrastructure/index.ts
+++ b/cache-infrastructure/index.ts
@@ -1,7 +1,7 @@
 import { Construct } from "constructs";
 import { TerraformStack } from "cdktf";
 import { KubernetesProvider } from "@cdktf/provider-kubernetes/lib/provider";
-import { NixCache } from "./nixcache";
+import { NixCache } from "./nix";
 
 export class CacheInfrastructure extends TerraformStack {
   constructor(scope: Construct, id: string) {
diff --git a/cache-infrastructure/nixcache/index.ts b/cache-infrastructure/nix/index.ts
similarity index 94%
rename from cache-infrastructure/nixcache/index.ts
rename to cache-infrastructure/nix/index.ts
index b058da4..407c217 100644
--- a/cache-infrastructure/nixcache/index.ts
+++ b/cache-infrastructure/nix/index.ts
@@ -6,7 +6,7 @@ import { DeploymentV1 } from "@cdktf/provider-kubernetes/lib/deployment-v1";
 import { KubernetesProvider } from "@cdktf/provider-kubernetes/lib/provider";
 import { ServiceV1 } from "@cdktf/provider-kubernetes/lib/service-v1";
 
-import { IngressRoute, LonghornPvc } from "../../utils";
+import { PublicIngressRoute, LonghornPvc } from "../../utils";
 
 export class NixCache extends Construct {
   constructor(scope: Construct, id: string, provider: KubernetesProvider) {
@@ -119,14 +119,13 @@ export class NixCache extends Construct {
       },
     });
 
-    new IngressRoute(this, "ingress-route", {
+    new PublicIngressRoute(this, "ingress-route", {
       provider,
+      name: "nix-cache",
       namespace: "homelab",
       host: "nix.dogar.dev",
       serviceName: "nix-cache",
       servicePort: 80,
-      entryPoints: ["websecure"],
-      tlsSecretName: "nix-cache-tls",
     });
   }
 }
diff --git a/cache-infrastructure/nixcache/nginx.conf b/cache-infrastructure/nix/nginx.conf
similarity index 100%
rename from cache-infrastructure/nixcache/nginx.conf
rename to cache-infrastructure/nix/nginx.conf