feat: Traefik | add custom TLSOptions

2025-11-29 13:19:14 +05:00
parent ad3478c48c
commit ff2174205a
3 changed files with 31 additions and 103 deletions
--- a/utils/traefik/ingress/publicIngress.ts
+++ b/utils/traefik/ingress/publicIngress.ts
@@ -2,26 +2,25 @@ import { Construct } from "constructs";
 import { IngressRoute, IngressRouteOptions } from "./ingress";
 import { CloudflareCertificate } from "../../cert-manager";

-type PublicIngressRouteOptions = Omit<
-  IngressRouteOptions,
-  "entryPoints" | "tlsSecretName" | "middlewares"
->;
+export class PublicIngressRoute extends IngressRoute {
+  constructor(
+    scope: Construct,
+    id: string,
+    opts: Omit<
+      IngressRouteOptions,
+      "entryPoints" | "tlsSecretName" | "middlewares"
+    >,
+  ) {
+    const tlsSecretName = `${opts.name}-tls`;

-export class PublicIngressRoute extends Construct {
-  constructor(scope: Construct, id: string, opts: PublicIngressRouteOptions) {
-    super(scope, id);
+    super(scope, id, {
+      ...opts,
+      tlsSecretName,
+      entryPoints: ["websecure"],
+      middlewares: ["homelab/rate-limit"],
+    });

-    const {
-      provider,
-      name,
-      namespace,
-      host,
-      serviceName,
-      servicePort,
-      serviceProtocol,
-    } = opts;
-
-    const tlsSecretName = `${name}-tls`;
+    const { provider, name, namespace, host } = opts;

    new CloudflareCertificate(this, `${name}-cert`, {
      provider,
@@ -30,19 +29,5 @@ export class PublicIngressRoute extends Construct {
      secretName: tlsSecretName,
      dnsNames: [host],
    });
-
-    new IngressRoute(this, opts.name, {
-      provider,
-      namespace,
-      host,
-      tlsSecretName,
-      serviceName,
-      servicePort,
-      serviceProtocol,
-      name,
-      path: opts.path ?? "/",
-      entryPoints: ["websecure"],
-      middlewares: [`${namespace}/rate-limit`],
-    });
  }
 }