feat(traefik): add TCP routing for Gitea SSH port 2222

- Add TCP entrypoint 'gitea-ssh' on port 2222 in static config - Create TCP router configuration for routing SSH traffic to Gitea - Use Gitea container IP (172.23.0.2) since Traefik runs in host network mode - Routes git.michaelschiemer.de:2222 through Traefik instead of direct VPN access
2025-11-05 12:12:42 +01:00
parent aeeed293af
commit 7c52065aae
2 changed files with 24 additions and 0 deletions
--- a/deployment/stacks/traefik/dynamic/gitea-ssh.yml
+++ b/deployment/stacks/traefik/dynamic/gitea-ssh.yml
@@ -0,0 +1,20 @@
 # TCP Router Configuration for Gitea SSH
 # Routes SSH traffic on port 2222 to Gitea container
 tcp:
  routers:
    gitea-ssh:
      entryPoints:
        - gitea-ssh
      rule: "HostSNI(`*`)"
      service: gitea-ssh-service
  services:
    gitea-ssh-service:
      loadBalancer:
        servers:
          # Gitea container SSH service
          # Note: Using container IP from traefik-public network
          # Traefik runs in host network mode, so we need the actual container IP
          # IP address: 172.23.0.2 (traefik-public network)
          - address: "172.23.0.2:22"
--- a/deployment/stacks/traefik/traefik.yml
+++ b/deployment/stacks/traefik/traefik.yml
@@ -30,6 +30,10 @@ entryPoints:
            sans:
              - "*.michaelschiemer.de"
  # TCP entrypoint for Gitea SSH
  gitea-ssh:
    address: ":2222"
 # Certificate Resolvers
 certificatesResolvers:
  letsencrypt: