From 79a6efe27831f2ad2052445977c6a7df4f980583 Mon Sep 17 00:00:00 2001
From: Sheogorath <sheogorath@shivering-isles.com>
Date: Sun, 10 Oct 2021 02:34:02 +0200
Subject: [PATCH] nginx-ingress: Fix ingress ports in helm and terraform

---
 infrastructure/ingress-nginx/release.yaml | 4 ++--
 terraform/firewall.tf                     | 4 ++--
 terraform/loadbalancer.tf                 | 4 ++--
 terraform/main.tf                         | 3 ++-
 4 files changed, 8 insertions(+), 7 deletions(-)

diff --git a/infrastructure/ingress-nginx/release.yaml b/infrastructure/ingress-nginx/release.yaml
index 98306bd5f..0bf79679c 100644
--- a/infrastructure/ingress-nginx/release.yaml
+++ b/infrastructure/ingress-nginx/release.yaml
@@ -189,8 +189,8 @@ spec:
         #   tcp:
         #     8080: 32808
         nodePorts:
-          http: 80
-          https: 443
+          http: 32080
+          https: 32443
           tcp: {}
           udp: {}
 
diff --git a/terraform/firewall.tf b/terraform/firewall.tf
index c9c141521..d156b903a 100644
--- a/terraform/firewall.tf
+++ b/terraform/firewall.tf
@@ -155,14 +155,14 @@ resource "hcloud_firewall" "k8s-ingress" {
       description     = "Public HTTP"
       direction       = "in"
       protocol        = "tcp"
-      port            = "80"
+      port            = "32080"
       source_ips      = [for s in [hcloud_load_balancer.lb.ipv4] : "${s}/32"]
   }
   rule {
       description     = "Public HTTPS"
       direction       = "in"
       protocol        = "tcp"
-      port            = "443"
+      port            = "32443"
       source_ips      = [for s in [hcloud_load_balancer.lb.ipv4] : "${s}/32"]
   }
 }
diff --git a/terraform/loadbalancer.tf b/terraform/loadbalancer.tf
index 93881fa4b..4fbb95169 100644
--- a/terraform/loadbalancer.tf
+++ b/terraform/loadbalancer.tf
@@ -36,7 +36,7 @@ resource "hcloud_load_balancer_service" "lb_ingress_http" {
   load_balancer_id = hcloud_load_balancer.lb.id
   protocol         = "tcp"
   listen_port      = 80
-  destination_port = 80
+  destination_port = 32080
 
   health_check {
     protocol = "tcp"
@@ -51,7 +51,7 @@ resource "hcloud_load_balancer_service" "lb_ingress_https" {
   load_balancer_id = hcloud_load_balancer.lb.id
   protocol         = "tcp"
   listen_port      = 443
-  destination_port = 443
+  destination_port = 32443
 
   health_check {
     protocol = "tcp"
diff --git a/terraform/main.tf b/terraform/main.tf
index 0049bbcf2..6b0fbf68b 100644
--- a/terraform/main.tf
+++ b/terraform/main.tf
@@ -16,7 +16,8 @@ module "nodes" {
   image          = var.image
   labels          = {
     "k8s.io/node" = "true",
-    "k8s.io/master" = "true"
+    "k8s.io/master" = "true",
+    "k8s.io/ingress" = "true",
   }
   placement_group_id = hcloud_placement_group.k8s.id
   ssh_keys       = data.hcloud_ssh_keys.all_keys.ssh_keys.*.name
-- 
GitLab