For anyone else running lemmy on kubernetes-
Here is an IngressRoute CRD you can use, to leverage your built-in traefik reverse proxy.
Normally-
(ingress / ingressroute) -> (service) -> (nginx proxy) -> (lemmy / lemmy ui)
With this-
(ingress / ingressroute) -> (service) -> (lemmy / lemmy ui)
A slight optimization to better take advantage of the built in kubernetes functionality. (since, it already has a nginx and/or traefik instance running).
apiVersion: traefik.containo.us/v1alpha1
kind: IngressRoute
metadata:
name: lemmy
namespace: lemmy
spec:
entryPoints:
- websecure
routes:
- kind: Rule
match: Host(`lemmyonline.com`) && (Headers(`Accept`, `application/activity+json`) || HeadersRegexp("Accept", "^application/.*") || Headers(`Accept`, `application/ld+json; profile=\"https://www.w3.org/ns/activitystreams\"`))
services:
- name: lemmy
port: http
- kind: Rule
match: Host(`lemmyonline.com`) && (PathPrefix(`/api`) || PathPrefix(`/pictrs`) || PathPrefix(`/feeds`) || PathPrefix(`/nodeinfo`) || PathPrefix(`/.well-known`))
services:
- name: lemmy
port: http
- kind: Rule
match: Host(`lemmyonline.com`) && Method(`POST`)
services:
- name: lemmy
port: http
- kind: Rule
match: Host(`lemmyonline.com`)
services:
- name: lemmy-ui
port: http
Just- make sure to replace your host, with the proper instance name.
Knock on wood, A fellow on reddit sent me CRDs for nginx.
I have not tested this- but, it might be a great starting point for you.
apiVersion: networking.k8s.io/v1 kind: Ingress metadata: name: lemmy annotations: nginx.ingress.kubernetes.io/proxy-body-size: 100m nginx.ingress.kubernetes.io/limit-rps: "30" nginx.ingress.kubernetes.io/limit-rpm: "600" nginx.ingress.kubernetes.io/use-regex: "true" spec: rules: - host: example.com http: paths: - path: /(api|pictrs|feeds|nodeinfo|.well-known) pathType: Prefix backend: service: name: lemmy port: number: 80 tls: - hosts: - example.com secretName: lemmy-tls --- apiVersion: networking.k8s.io/v1 kind: Ingress metadata: name: lemmy-ui annotations: nginx.ingress.kubernetes.io/limit-rps: "30" nginx.ingress.kubernetes.io/limit-rpm: "600" spec: rules: - host: example.com http: paths: - path: / pathType: Prefix backend: service: name: lemmy-ui port: number: 80 tls: - hosts: - example.com secretName: lemmy-tls --- apiVersion: networking.k8s.io/v1 kind: Ingress metadata: name: pictshare-redirect annotations: nginx.ingress.kubernetes.io/configuration-snippet: | rewrite ^/pictshare(.*)$ /pictrs/image$1 redirect; spec: rules: - host: example.com http: paths: - path: /pictshare pathType: Prefix backend: service: name: pictrs port: number: 80 tls: - hosts: - example.com secretName: lemmy-tls