From 6c3f5b49f8e4fbe56e7616129a17f8645a6c8109 Mon Sep 17 00:00:00 2001
From: ZhenYi <434836402@qq.com>
Date: Wed, 15 Apr 2026 14:17:03 +0800
Subject: [PATCH] feat(deploy): single unified Ingress with per-host routing
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Replace multiple conflicting Ingress resources with one that routes:
- gitdata.ai         → frontend (port 80)
- api.gitdata.ai     → app (port 8080)
- git.gitdata.ai     → gitserver-http (port 8022)
- static.gitdata.ai  → static (port 8081)

Disable service-level ingress configs in values.yaml (they would
conflict on the same host/path). Single TLS secret covers all hosts.
---
 deploy/templates/ingress.yaml | 103 ++++++++++++++++++----------------
 deploy/values.yaml            |  41 ++------------
 2 files changed, 60 insertions(+), 84 deletions(-)

diff --git a/deploy/templates/ingress.yaml b/deploy/templates/ingress.yaml
index 76589b1..a4e731c 100644
--- a/deploy/templates/ingress.yaml
+++ b/deploy/templates/ingress.yaml
@@ -1,61 +1,70 @@
-{{- if .Values.app.ingress.enabled -}}
-{{- $svcName := printf "%s-app" (include "gitdata.fullname" .) -}}
+{{- /* Single unified Ingress for all services */ -}}
+{{- $fullName := include "gitdata.fullname" . -}}
 {{- $ns := include "gitdata.namespace" . -}}
-{{- $ing := .Values.app.ingress -}}
 apiVersion: networking.k8s.io/v1
 kind: Ingress
 metadata:
-  name: {{ include "gitdata.fullname" . }}-ingress
+  name: {{ $fullName }}-ingress
   namespace: {{ $ns }}
   labels:
-    app.kubernetes.io/name: {{ include "gitdata.fullname" . }}-app
+    app.kubernetes.io/name: {{ $fullName }}
     app.kubernetes.io/instance: {{ .Release.Name }}
   annotations:
-    cert-manager.io/cluster-issuer: {{ $ing.clusterIssuer | default "cloudflare-acme-cluster-issuer" }}
-{{- if $ing.annotations }}
-{{ toYaml $ing.annotations | indent 4 }}
-{{- end }}
-{{- if not (hasKey ($ing.annotations | default dict) "nginx.ingress.kubernetes.io/proxy-body-size") }}
-{{- if or (not $ing.className) (eq $ing.className "nginx") (contains "nginx" $ing.className) }}
+    cert-manager.io/cluster-issuer: cloudflare-acme-cluster-issuer
     nginx.ingress.kubernetes.io/proxy-body-size: "0"
     nginx.ingress.kubernetes.io/proxy-read-timeout: "3600"
     nginx.ingress.kubernetes.io/proxy-send-timeout: "3600"
-{{- end }}
-{{- end }}
 spec:
-{{- if $ing.className }}
-  ingressClassName: {{ $ing.className }}
-{{- end }}
-{{- if $ing.tls }}
+  ingressClassName: nginx
   tls:
-{{- range $ing.tls }}
-  - hosts:
-{{- range .hosts }}
-    - {{ . | quote }}
-{{- end }}
-    secretName: {{ .secretName }}
-{{- end }}
-{{- else }}
-  tls:
-{{- range $ing.hosts }}
-  - hosts:
-    - {{ .host | quote }}
-    secretName: {{ include "gitdata.fullname" $ }}-app-tls
-{{- end }}
-{{- end }}
+    - hosts:
+        - gitdata.ai
+        - api.gitdata.ai
+        - git.gitdata.ai
+        - static.gitdata.ai
+      secretName: {{ $fullName }}-tls
   rules:
-{{- range $ing.hosts }}
-  - host: {{ .host | quote }}
-    http:
-      paths:
-{{- range .paths }}
-      - path: {{ .path }}
-        pathType: {{ .pathType | default "Prefix" }}
-        backend:
-          service:
-            name: {{ $svcName }}
-            port:
-              number: {{ $.Values.app.service.port }}
-{{- end }}
-{{- end }}
-{{- end }}
+    # Frontend
+    - host: gitdata.ai
+      http:
+        paths:
+          - path: /
+            pathType: Prefix
+            backend:
+              service:
+                name: {{ $fullName }}-frontend
+                port:
+                  number: 80
+    # API
+    - host: api.gitdata.ai
+      http:
+        paths:
+          - path: /
+            pathType: Prefix
+            backend:
+              service:
+                name: {{ $fullName }}-app
+                port:
+                  number: {{ .Values.app.service.port }}
+    # Gitserver HTTP
+    - host: git.gitdata.ai
+      http:
+        paths:
+          - path: /
+            pathType: Prefix
+            backend:
+              service:
+                name: {{ $fullName }}-gitserver-http
+                port:
+                  number: {{ .Values.gitserver.service.http.port }}
+    # Static files
+    - host: static.gitdata.ai
+      http:
+        paths:
+          - path: /
+            pathType: Prefix
+            backend:
+              service:
+                name: {{ $fullName }}-static
+                port:
+                  number: {{ .Values.static.service.port }}
diff --git a/deploy/values.yaml b/deploy/values.yaml
index d99a0e2..fba5f94 100644
--- a/deploy/values.yaml
+++ b/deploy/values.yaml
@@ -137,15 +137,7 @@ frontend:
     type: ClusterIP
 
   ingress:
-    enabled: true
-    className: nginx
-    annotations: {}
-    hosts:
-      - host: gitdata.ai
-        paths:
-          - path: /
-            pathType: Prefix
-    tls: []
+    enabled: false
 
   resources:
     requests:
@@ -185,17 +177,7 @@ app:
     port: 8080
 
   ingress:
-    enabled: true
-    className: nginx
-    annotations: {}
-    hosts:
-      - host: gitdata.ai
-        paths:
-          - path: /
-            pathType: Prefix
-          - path: /api
-            pathType: Prefix
-    tls: []
+    enabled: false
 
   resources:
     requests:
@@ -243,14 +225,7 @@ static:
     port: 8081
 
   ingress:
-    enabled: true
-    className: nginx
-    annotations: {}
-    hosts:
-      - host: static.gitdata.ai
-        paths:
-          - path: /
-            pathType: Prefix
+    enabled: false
 
   cors: true
   logLevel: info
@@ -326,15 +301,7 @@ gitserver:
     accessMode: ReadWriteOnce
 
   ingress:
-    enabled: true
-    className: nginx
-    annotations: {}
-    hosts:
-      - host: git.gitdata.ai
-        paths:
-          - path: /
-            pathType: Prefix
-    tls: []
+    enabled: false
 
   env: []