diff --git a/stacks/cloudflared/modules/cloudflared/cloudflare.tf b/stacks/cloudflared/modules/cloudflared/cloudflare.tf index 793296d2..0d9902e1 100644 --- a/stacks/cloudflared/modules/cloudflared/cloudflare.tf +++ b/stacks/cloudflared/modules/cloudflared/cloudflare.tf @@ -63,7 +63,7 @@ resource "cloudflare_zero_trust_tunnel_cloudflared_config" "sof" { content { hostname = ingress_rule.value == "viktorbarzin.me" ? ingress_rule.value : "${ingress_rule.value}.viktorbarzin.me" path = "/" - service = "https://10.0.20.202:443" + service = "https://10.0.20.200:443" origin_request { no_tls_verify = true } diff --git a/stacks/coturn/main.tf b/stacks/coturn/main.tf index 17b5ac5d..7d963c4f 100644 --- a/stacks/coturn/main.tf +++ b/stacks/coturn/main.tf @@ -193,8 +193,8 @@ resource "kubernetes_service" "coturn" { name = "coturn" namespace = kubernetes_namespace.coturn.metadata[0].name annotations = { - "metallb.universe.tf/loadBalancerIPs" = "10.0.20.200" - "metallb.universe.tf/allow-shared-ip" = "shared" + "metallb.io/loadBalancerIPs" = "10.0.20.200" + "metallb.io/allow-shared-ip" = "shared" } } diff --git a/stacks/headscale/modules/headscale/main.tf b/stacks/headscale/modules/headscale/main.tf index fc330049..5545eb03 100644 --- a/stacks/headscale/modules/headscale/main.tf +++ b/stacks/headscale/modules/headscale/main.tf @@ -287,7 +287,8 @@ resource "kubernetes_service" "headscale-server" { "app" = "headscale" } annotations = { - "metallb.universe.tf/allow-shared-ip" : "shared" + "metallb.io/loadBalancerIPs" = "10.0.20.200" + "metallb.io/allow-shared-ip" = "shared" } } diff --git a/stacks/kms/main.tf b/stacks/kms/main.tf index 6f0a091e..754e0106 100644 --- a/stacks/kms/main.tf +++ b/stacks/kms/main.tf @@ -181,7 +181,8 @@ resource "kubernetes_service" "windows_kms" { app = "kms-service" } annotations = { - "metallb.universe.tf/allow-shared-ip" = "shared" + "metallb.io/loadBalancerIPs" = "10.0.20.200" + "metallb.io/allow-shared-ip" = "shared" } } diff --git a/stacks/mailserver/modules/mailserver/main.tf b/stacks/mailserver/modules/mailserver/main.tf index cc24b0f5..1f4333f4 100644 --- a/stacks/mailserver/modules/mailserver/main.tf +++ b/stacks/mailserver/modules/mailserver/main.tf @@ -460,15 +460,14 @@ resource "kubernetes_service" "mailserver" { } annotations = { - "metallb.universe.tf/allow-shared-ip" = "shared" + "metallb.io/loadBalancerIPs" = "10.0.20.200" + "metallb.io/allow-shared-ip" = "shared" } } spec { - type = "LoadBalancer" - load_balancer_ip = "10.0.20.201" - # external_traffic_policy = "Cluster" - external_traffic_policy = "Local" + type = "LoadBalancer" + external_traffic_policy = "Cluster" selector = { app = "mailserver" } @@ -500,12 +499,6 @@ resource "kubernetes_service" "mailserver" { port = 993 target_port = "imap-secure" } - - port { - name = "roundcube" - protocol = "TCP" - port = 80 - } } } diff --git a/stacks/platform/modules/cloudflared/cloudflare.tf b/stacks/platform/modules/cloudflared/cloudflare.tf index 793296d2..0d9902e1 100644 --- a/stacks/platform/modules/cloudflared/cloudflare.tf +++ b/stacks/platform/modules/cloudflared/cloudflare.tf @@ -63,7 +63,7 @@ resource "cloudflare_zero_trust_tunnel_cloudflared_config" "sof" { content { hostname = ingress_rule.value == "viktorbarzin.me" ? ingress_rule.value : "${ingress_rule.value}.viktorbarzin.me" path = "/" - service = "https://10.0.20.202:443" + service = "https://10.0.20.200:443" origin_request { no_tls_verify = true } diff --git a/stacks/platform/modules/headscale/main.tf b/stacks/platform/modules/headscale/main.tf index 4d5e9dc6..4b0562a7 100644 --- a/stacks/platform/modules/headscale/main.tf +++ b/stacks/platform/modules/headscale/main.tf @@ -283,7 +283,8 @@ resource "kubernetes_service" "headscale-server" { "app" = "headscale" } annotations = { - "metallb.universe.tf/allow-shared-ip" : "shared" + "metallb.io/loadBalancerIPs" = "10.0.20.200" + "metallb.io/allow-shared-ip" = "shared" } } diff --git a/stacks/platform/modules/mailserver/main.tf b/stacks/platform/modules/mailserver/main.tf index 2e9c4b2e..1f4333f4 100644 --- a/stacks/platform/modules/mailserver/main.tf +++ b/stacks/platform/modules/mailserver/main.tf @@ -460,14 +460,14 @@ resource "kubernetes_service" "mailserver" { } annotations = { - "metallb.universe.tf/allow-shared-ip" = "shared" + "metallb.io/loadBalancerIPs" = "10.0.20.200" + "metallb.io/allow-shared-ip" = "shared" } } spec { type = "LoadBalancer" - # external_traffic_policy = "Cluster" - external_traffic_policy = "Local" + external_traffic_policy = "Cluster" selector = { app = "mailserver" } @@ -499,12 +499,6 @@ resource "kubernetes_service" "mailserver" { port = 993 target_port = "imap-secure" } - - port { - name = "roundcube" - protocol = "TCP" - port = 80 - } } } diff --git a/stacks/platform/modules/technitium/main.tf b/stacks/platform/modules/technitium/main.tf index 305c7023..a8b8910a 100644 --- a/stacks/platform/modules/technitium/main.tf +++ b/stacks/platform/modules/technitium/main.tf @@ -74,7 +74,7 @@ resource "kubernetes_config_map" "coredns" { rcode NXDOMAIN fallthrough } - forward . 10.0.20.204 # Technitium LoadBalancer + forward . 10.0.20.200 # Technitium LoadBalancer cache { success 10000 300 6 denial 10000 300 60 @@ -265,6 +265,10 @@ resource "kubernetes_service" "technitium-dns" { labels = { "app" = "technitium" } + annotations = { + "metallb.io/loadBalancerIPs" = "10.0.20.200" + "metallb.io/allow-shared-ip" = "shared" + } } spec { @@ -274,7 +278,7 @@ resource "kubernetes_service" "technitium-dns" { port = 53 protocol = "UDP" } - external_traffic_policy = "Local" + external_traffic_policy = "Cluster" selector = { "dns-server" = "true" } diff --git a/stacks/platform/modules/traefik/main.tf b/stacks/platform/modules/traefik/main.tf index 7fb06dcc..3eced97b 100644 --- a/stacks/platform/modules/traefik/main.tf +++ b/stacks/platform/modules/traefik/main.tf @@ -144,10 +144,11 @@ resource "helm_release" "traefik" { service = { type = "LoadBalancer" annotations = { - "metallb.io/loadBalancerIPs" = "10.0.20.202" + "metallb.io/loadBalancerIPs" = "10.0.20.200" + "metallb.io/allow-shared-ip" = "shared" } spec = { - externalTrafficPolicy = "Local" + externalTrafficPolicy = "Cluster" } } diff --git a/stacks/platform/modules/wireguard/main.tf b/stacks/platform/modules/wireguard/main.tf index a80b514b..1c098108 100644 --- a/stacks/platform/modules/wireguard/main.tf +++ b/stacks/platform/modules/wireguard/main.tf @@ -209,7 +209,8 @@ resource "kubernetes_service" "wireguard" { name = "wireguard" namespace = kubernetes_namespace.wireguard.metadata[0].name annotations = { - "metallb.universe.tf/allow-shared-ip" = "shared" + "metallb.io/loadBalancerIPs" = "10.0.20.200" + "metallb.io/allow-shared-ip" = "shared" } labels = { "app" = "wireguard" diff --git a/stacks/servarr/qbittorrent/main.tf b/stacks/servarr/qbittorrent/main.tf index ab5fd43a..ca666c44 100644 --- a/stacks/servarr/qbittorrent/main.tf +++ b/stacks/servarr/qbittorrent/main.tf @@ -146,7 +146,8 @@ resource "kubernetes_service" "qbittorrent-torrenting" { } annotations = { - "metallb.universe.tf/allow-shared-ip" = "shared" + "metallb.io/loadBalancerIPs" = "10.0.20.200" + "metallb.io/allow-shared-ip" = "shared" } } diff --git a/stacks/shadowsocks/main.tf b/stacks/shadowsocks/main.tf index f49524c0..b1994053 100644 --- a/stacks/shadowsocks/main.tf +++ b/stacks/shadowsocks/main.tf @@ -117,7 +117,8 @@ resource "kubernetes_service" "mailserver" { # rename me app = "shadowsocks" } annotations = { - "metallb.universe.tf/allow-shared-ip" = "shared" + "metallb.io/loadBalancerIPs" = "10.0.20.200" + "metallb.io/allow-shared-ip" = "shared" } } diff --git a/stacks/technitium/modules/technitium/main.tf b/stacks/technitium/modules/technitium/main.tf index 71565733..5f06b2e8 100644 --- a/stacks/technitium/modules/technitium/main.tf +++ b/stacks/technitium/modules/technitium/main.tf @@ -74,7 +74,7 @@ resource "kubernetes_config_map" "coredns" { rcode NXDOMAIN fallthrough } - forward . 10.0.20.204 # Technitium LoadBalancer + forward . 10.0.20.200 # Technitium LoadBalancer cache { success 10000 300 6 denial 10000 300 60 @@ -265,7 +265,10 @@ resource "kubernetes_service" "technitium-dns" { labels = { "app" = "technitium" } - annotations = {} + annotations = { + "metallb.io/loadBalancerIPs" = "10.0.20.200" + "metallb.io/allow-shared-ip" = "shared" + } } spec { @@ -275,7 +278,7 @@ resource "kubernetes_service" "technitium-dns" { port = 53 protocol = "UDP" } - external_traffic_policy = "Local" + external_traffic_policy = "Cluster" selector = { "dns-server" = "true" } diff --git a/stacks/tor-proxy/main.tf b/stacks/tor-proxy/main.tf index 5c2937c1..623ea4cb 100644 --- a/stacks/tor-proxy/main.tf +++ b/stacks/tor-proxy/main.tf @@ -242,7 +242,8 @@ resource "kubernetes_service" "torrserver-bt" { app = "torrserver-bt" } annotations = { - "metallb.universe.tf/allow-shared-ip" = "shared" + "metallb.io/loadBalancerIPs" = "10.0.20.200" + "metallb.io/allow-shared-ip" = "shared" } } diff --git a/stacks/traefik/modules/traefik/main.tf b/stacks/traefik/modules/traefik/main.tf index 2ce97ef5..887c95e0 100644 --- a/stacks/traefik/modules/traefik/main.tf +++ b/stacks/traefik/modules/traefik/main.tf @@ -144,10 +144,11 @@ resource "helm_release" "traefik" { service = { type = "LoadBalancer" annotations = { - "metallb.io/loadBalancerIPs" = "10.0.20.202" + "metallb.io/loadBalancerIPs" = "10.0.20.200" + "metallb.io/allow-shared-ip" = "shared" } spec = { - externalTrafficPolicy = "Local" + externalTrafficPolicy = "Cluster" } } diff --git a/stacks/wireguard/modules/wireguard/main.tf b/stacks/wireguard/modules/wireguard/main.tf index a80b514b..1c098108 100644 --- a/stacks/wireguard/modules/wireguard/main.tf +++ b/stacks/wireguard/modules/wireguard/main.tf @@ -209,7 +209,8 @@ resource "kubernetes_service" "wireguard" { name = "wireguard" namespace = kubernetes_namespace.wireguard.metadata[0].name annotations = { - "metallb.universe.tf/allow-shared-ip" = "shared" + "metallb.io/loadBalancerIPs" = "10.0.20.200" + "metallb.io/allow-shared-ip" = "shared" } labels = { "app" = "wireguard" diff --git a/stacks/xray/modules/xray/main.tf b/stacks/xray/modules/xray/main.tf index ae258875..12b47557 100644 --- a/stacks/xray/modules/xray/main.tf +++ b/stacks/xray/modules/xray/main.tf @@ -189,6 +189,10 @@ resource "kubernetes_service" "xray-reality" { labels = { "app" = "xray" } + annotations = { + "metallb.io/loadBalancerIPs" = "10.0.20.200" + "metallb.io/allow-shared-ip" = "shared" + } } spec {