feat(traefik): add TCP routing for Gitea SSH port 2222

- Add TCP entrypoint 'gitea-ssh' on port 2222 in static config - Create TCP router configuration for routing SSH traffic to Gitea - Use Gitea container IP (172.23.0.2) since Traefik runs in host network mode - Routes git.michaelschiemer.de:2222 through Traefik instead of direct VPN access
2025-11-05 12:12:42 +01:00
parent aeeed293af
commit 7c52065aae
2 changed files with 24 additions and 0 deletions
--- a/deployment/stacks/traefik/dynamic/gitea-ssh.yml
+++ b/deployment/stacks/traefik/dynamic/gitea-ssh.yml
@@ -0,0 +1,20 @@
+# TCP Router Configuration for Gitea SSH
+# Routes SSH traffic on port 2222 to Gitea container
+
+tcp:
+  routers:
+    gitea-ssh:
+      entryPoints:
+        - gitea-ssh
+      rule: "HostSNI(`*`)"
+      service: gitea-ssh-service
+
+  services:
+    gitea-ssh-service:
+      loadBalancer:
+        servers:
+          # Gitea container SSH service
+          # Note: Using container IP from traefik-public network
+          # Traefik runs in host network mode, so we need the actual container IP
+          # IP address: 172.23.0.2 (traefik-public network)
+          - address: "172.23.0.2:22"
--- a/deployment/stacks/traefik/traefik.yml
+++ b/deployment/stacks/traefik/traefik.yml
@@ -30,6 +30,10 @@ entryPoints:
            sans:
              - "*.michaelschiemer.de"

+  # TCP entrypoint for Gitea SSH
+  gitea-ssh:
+    address: ":2222"
+
 # Certificate Resolvers
 certificatesResolvers:
  letsencrypt: