ssh tunnel on staging to talos cluster

2025-12-11 15:36:54 +01:00 · 2025-12-11 15:36:54 +01:00 · 1baed53927
commit 1baed53927
parent 7326438470
1 changed files with 25 additions and 5 deletions
--- a/deployment/kustomize/overlays/staging/portal-deployment.yaml
+++ b/deployment/kustomize/overlays/staging/portal-deployment.yaml
@ -32,7 +32,7 @@ spec:
                secretKeyRef:
                  name: portal-storage-creds
                  key: AWS_SECRET_ACCESS_KEY
-        - name: ssh-tunnel
+        - name: ssh-tunnel-dev
          image: servala.app.codey.ch/servala/servala-portal:latest
          command:
            - "/bin/bash"
@ -44,10 +44,30 @@ spec:
              ssh $SSH_HOST -l $SSH_USER -o StrictHostKeyChecking=no -L 6443:127.0.0.1:6443 -N -i /app/.ssh/id -v
          env:
            - name: SSH_HOST
-              valueFrom:
-                secretKeyRef:
-                  name: servala-sshclient
-                  key: ssh-host
+              value: "78.47.176.209"
+            - name: SSH_USER
+              valueFrom:
+                secretKeyRef:
+                  name: servala-sshclient
+                  key: ssh-user
+            - name: SSH_PRIVATE_KEY
+              valueFrom:
+                secretKeyRef:
+                  name: servala-sshclient
+                  key: ssh-private-key
+        - name: ssh-tunnel-talos
+          image: servala.app.codey.ch/servala/servala-portal:latest
+          command:
+            - "/bin/bash"
+            - "-c"
+            - |
+              mkdir -p /app/.ssh && chmod 700 /app/.ssh
+              echo "$SSH_PRIVATE_KEY" > /app/.ssh/id
+              chmod 600 /app/.ssh/id
+              ssh $SSH_HOST -l $SSH_USER -o StrictHostKeyChecking=no -L 6444:172.18.200.10:6443 -N -i /app/.ssh/id -v
+          env:
+            - name: SSH_HOST
+              value: mgmt.cls-rma1-9c02.servala.com
            - name: SSH_USER
              valueFrom:
                secretKeyRef: