feat(deploy): single unified Ingress with per-host routing

Replace multiple conflicting Ingress resources with one that routes:
- gitdata.ai         → frontend (port 80)
- api.gitdata.ai     → app (port 8080)
- git.gitdata.ai     → gitserver-http (port 8022)
- static.gitdata.ai  → static (port 8081)

Disable service-level ingress configs in values.yaml (they would
conflict on the same host/path). Single TLS secret covers all hosts.

deploy/templates/ingress.yaml

@@ -1,61 +1,70 @@
-{{- if .Values.app.ingress.enabled -}}
+{{- /* Single unified Ingress for all services */ -}}
-{{- $svcName := printf "%s-app" (include "gitdata.fullname" .) -}}
+{{- $fullName := include "gitdata.fullname" . -}}
 {{- $ns := include "gitdata.namespace" . -}}
-{{- $ing := .Values.app.ingress -}}
 apiVersion: networking.k8s.io/v1
 kind: Ingress
 metadata:
-  name: {{ include "gitdata.fullname" . }}-ingress
+  name: {{ $fullName }}-ingress
   namespace: {{ $ns }}
   labels:
-    app.kubernetes.io/name: {{ include "gitdata.fullname" . }}-app
+    app.kubernetes.io/name: {{ $fullName }}
     app.kubernetes.io/instance: {{ .Release.Name }}
   annotations:
-    cert-manager.io/cluster-issuer: {{ $ing.clusterIssuer | default "cloudflare-acme-cluster-issuer" }}
+    cert-manager.io/cluster-issuer: cloudflare-acme-cluster-issuer
-{{- if $ing.annotations }}
-{{ toYaml $ing.annotations | indent 4 }}
-{{- end }}
-{{- if not (hasKey ($ing.annotations | default dict) "nginx.ingress.kubernetes.io/proxy-body-size") }}
-{{- if or (not $ing.className) (eq $ing.className "nginx") (contains "nginx" $ing.className) }}
     nginx.ingress.kubernetes.io/proxy-body-size: "0"
     nginx.ingress.kubernetes.io/proxy-read-timeout: "3600"
     nginx.ingress.kubernetes.io/proxy-send-timeout: "3600"
-{{- end }}
-{{- end }}
 spec:
-{{- if $ing.className }}
+  ingressClassName: nginx
-  ingressClassName: {{ $ing.className }}
-{{- end }}
-{{- if $ing.tls }}
   tls:
-{{- range $ing.tls }}
+    - hosts:
-  - hosts:
+        - gitdata.ai
-{{- range .hosts }}
+        - api.gitdata.ai
-    - {{ . | quote }}
+        - git.gitdata.ai
-{{- end }}
+        - static.gitdata.ai
-    secretName: {{ .secretName }}
+      secretName: {{ $fullName }}-tls
-{{- end }}
-{{- else }}
-  tls:
-{{- range $ing.hosts }}
-  - hosts:
-    - {{ .host | quote }}
-    secretName: {{ include "gitdata.fullname" $ }}-app-tls
-{{- end }}
-{{- end }}
   rules:
-{{- range $ing.hosts }}
+    # Frontend
-  - host: {{ .host | quote }}
+    - host: gitdata.ai
-    http:
+      http:
-      paths:
+        paths:
-{{- range .paths }}
+          - path: /
-      - path: {{ .path }}
+            pathType: Prefix
-        pathType: {{ .pathType | default "Prefix" }}
+            backend:
-        backend:
+              service:
-          service:
+                name: {{ $fullName }}-frontend
-            name: {{ $svcName }}
+                port:
-            port:
+                  number: 80
-              number: {{ $.Values.app.service.port }}
+    # API
-{{- end }}
+    - host: api.gitdata.ai
-{{- end }}
+      http:
-{{- end }}
+        paths:
+          - path: /
+            pathType: Prefix
+            backend:
+              service:
+                name: {{ $fullName }}-app
+                port:
+                  number: {{ .Values.app.service.port }}
+    # Gitserver HTTP
+    - host: git.gitdata.ai
+      http:
+        paths:
+          - path: /
+            pathType: Prefix
+            backend:
+              service:
+                name: {{ $fullName }}-gitserver-http
+                port:
+                  number: {{ .Values.gitserver.service.http.port }}
+    # Static files
+    - host: static.gitdata.ai
+      http:
+        paths:
+          - path: /
+            pathType: Prefix
+            backend:
+              service:
+                name: {{ $fullName }}-static
+                port:
+                  number: {{ .Values.static.service.port }}

deploy/values.yaml

@@ -137,15 +137,7 @@ frontend:
     type: ClusterIP
 
   ingress:
-    enabled: true
+    enabled: false
-    className: nginx
-    annotations: {}
-    hosts:
-      - host: gitdata.ai
-        paths:
-          - path: /
-            pathType: Prefix
-    tls: []
 
   resources:
     requests:
@@ -185,17 +177,7 @@ app:
     port: 8080
 
   ingress:
-    enabled: true
+    enabled: false
-    className: nginx
-    annotations: {}
-    hosts:
-      - host: gitdata.ai
-        paths:
-          - path: /
-            pathType: Prefix
-          - path: /api
-            pathType: Prefix
-    tls: []
 
   resources:
     requests:
@@ -243,14 +225,7 @@ static:
     port: 8081
 
   ingress:
-    enabled: true
+    enabled: false
-    className: nginx
-    annotations: {}
-    hosts:
-      - host: static.gitdata.ai
-        paths:
-          - path: /
-            pathType: Prefix
 
   cors: true
   logLevel: info
@@ -326,15 +301,7 @@ gitserver:
     accessMode: ReadWriteOnce
 
   ingress:
-    enabled: true
+    enabled: false
-    className: nginx
-    annotations: {}
-    hosts:
-      - host: git.gitdata.ai
-        paths:
-          - path: /
-            pathType: Prefix
-    tls: []
 
   env: []