From 4905c8ddd714a003c37073edf3a1ae5efb8a7d92 Mon Sep 17 00:00:00 2001
From: Dreaded_X <tim@huizinga.dev>
Date: Mon, 18 Nov 2024 23:57:22 +0100
Subject: [PATCH] Moved to staging domain

---
 apps/authelia/release.yaml                |  6 +++---
 apps/traefik-dashboard/ingress.yaml       |  2 +-
 apps/whoami.yaml                          |  2 +-
 clusters/titan.lan.huizinga.dev/apps.yaml |  5 ++++-
 infrastructure/configs/certificates.yaml  | 17 ++++++++++++++++-
 5 files changed, 25 insertions(+), 7 deletions(-)

diff --git a/apps/authelia/release.yaml b/apps/authelia/release.yaml
index ae7b4e3..0b404a3 100644
--- a/apps/authelia/release.yaml
+++ b/apps/authelia/release.yaml
@@ -17,7 +17,7 @@ spec:
       enabled: true
       tls:
         enabled: true
-        secret: ${domain/\./-}-tls
+        secret: ${domain//./-}-tls
       traefikCRD:
         enabled: true
         entryPoints:
@@ -49,8 +49,8 @@ spec:
             value: "JustATest"
       session:
         cookies:
-          - subdomain: login
-            domain: ${domain}
+          - subdomain: login${subdomain}
+            domain: ${topdomain}
 
       storage:
         postgres:
diff --git a/apps/traefik-dashboard/ingress.yaml b/apps/traefik-dashboard/ingress.yaml
index 6e83d65..2277bfb 100644
--- a/apps/traefik-dashboard/ingress.yaml
+++ b/apps/traefik-dashboard/ingress.yaml
@@ -16,4 +16,4 @@ spec:
         - name: api@internal
           kind: TraefikService
   tls:
-    secretName: ${domain/\./-}-tls
+    secretName: ${domain//./-}-tls
diff --git a/apps/whoami.yaml b/apps/whoami.yaml
index 5d4b19c..d735c0f 100644
--- a/apps/whoami.yaml
+++ b/apps/whoami.yaml
@@ -55,4 +55,4 @@ spec:
         - name: whoami
           port: 80
   tls:
-    secretName: ${domain/\./-}-tls
+    secretName: ${domain//./-}-tls
diff --git a/clusters/titan.lan.huizinga.dev/apps.yaml b/clusters/titan.lan.huizinga.dev/apps.yaml
index 494a9d2..22fbb01 100644
--- a/clusters/titan.lan.huizinga.dev/apps.yaml
+++ b/clusters/titan.lan.huizinga.dev/apps.yaml
@@ -17,7 +17,10 @@ spec:
     name: flux-system
   postBuild:
     substitute:
-      domain: huizinga.dev
+      domain: staging.huizinga.dev
+      # Specifically for authelia
+      subdomain: .staging
+      topdomain: huizinga.dev
   path: ./apps
   prune: true
   wait: true
diff --git a/infrastructure/configs/certificates.yaml b/infrastructure/configs/certificates.yaml
index df44ac1..2488572 100644
--- a/infrastructure/configs/certificates.yaml
+++ b/infrastructure/configs/certificates.yaml
@@ -8,7 +8,22 @@ spec:
   issuerRef:
     name: letsencrypt
     kind: ClusterIssuer
-  commonName: "*.huizinga.dev"
+  commonName: "huizinga.dev"
   dnsNames:
     - "huizinga.dev"
     - "*.huizinga.dev"
+---
+apiVersion: cert-manager.io/v1
+kind: Certificate
+metadata:
+  name: staging-huizinga-dev
+  namespace: default
+spec:
+  secretName: staging-huizinga-dev-tls
+  issuerRef:
+    name: letsencrypt
+    kind: ClusterIssuer
+  commonName: "staging.huizinga.dev"
+  dnsNames:
+    - "staging.huizinga.dev"
+    - "*.staging.huizinga.dev"