From 382cc69b2c22bbb6fbf5d2b02e34b3cbf3ae1d20 Mon Sep 17 00:00:00 2001
From: Adrien Reslinger <adrien@reslinger.net>
Date: Wed, 5 Oct 2022 11:16:48 +0200
Subject: [PATCH] Update traefik deployment

---
 tasks/main.yml                           | 13 +++++++++++++
 templates/traefik-cm.yml.j2              |  5 ++++-
 templates/traefik-hub-certificate.yml.j2 | 14 ++++++++++++++
 3 files changed, 31 insertions(+), 1 deletion(-)
 create mode 100644 templates/traefik-hub-certificate.yml.j2

diff --git a/tasks/main.yml b/tasks/main.yml
index c712f88..2dc1bf6 100644
--- a/tasks/main.yml
+++ b/tasks/main.yml
@@ -141,6 +141,19 @@
       when:
         - traefik_ondemand is defined
 
+    - name: ReInstall traefik-hub certificate if already know
+      kubernetes.core.k8s:
+        state: "present"
+        context: "{{ my_context }}"
+        namespace: '{{ traefik_namespace }}'
+#        merge_type: merge
+#        apply: true
+        resource_definition: "{{ lookup('template', item) | from_yaml_all }}"
+      with_items:
+        - traefik-hub-certificate.yml.j2
+      when:
+        - traefik_hub_tlscrt is defined
+        - traefik_hub_tlskey is defined
     - name: Defined traefik-hub repository
       kubernetes.core.helm_repository:
         name: traefik-hub
diff --git a/templates/traefik-cm.yml.j2 b/templates/traefik-cm.yml.j2
index f7ec403..7adfb58 100644
--- a/templates/traefik-cm.yml.j2
+++ b/templates/traefik-cm.yml.j2
@@ -46,7 +46,7 @@ data:
       traefikhub-api:
         address: ":9900"
       traefikhub-tunl:
-        address: ":9901"
+        address: ":9901/tcp"
 {% endif%}
 {% for traefik_entrypoint in traefik_entrypoints %}
       {{ traefik_entrypoint.name }}:
@@ -71,6 +71,9 @@ data:
         allowEmptyServices: true
       kubernetesIngress:
         ingressClass: "traefik"
+{% if traefik_hub_token is defined %}
+        allowExternalNameServices: true
+{% endif%}
         allowEmptyServices: true
       file:
         directory: /etc/traefik/file/
diff --git a/templates/traefik-hub-certificate.yml.j2 b/templates/traefik-hub-certificate.yml.j2
new file mode 100644
index 0000000..72997c3
--- /dev/null
+++ b/templates/traefik-hub-certificate.yml.j2
@@ -0,0 +1,14 @@
+apiVersion: v1
+kind: List
+items:
+- apiVersion: v1
+  kind: Secret
+  metadata:
+    annotations:
+      app.kubernetes.io/managed-by: traefik-hub
+    name: hub-certificate
+    namespace: {{ traefik_namespace }}
+  type: kubernetes.io/tls
+  data:
+    tls.crt: {{ traefik_hub_tlscrt | b64encode }}
+    tls.key: {{ traefik_hub_tlskey | b64encode }}