From 4b7ed6085b1924868fa243cdf2d4b27158094773 Mon Sep 17 00:00:00 2001
From: Jan Novak <jan.novak@livesport.eu>
Date: Tue, 17 Feb 2026 11:55:49 +0100
Subject: [PATCH] gitops/cilium: enable Gateway API and add HTTPRoute for ghost

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
---
 gitops/home-kubernetes/cilium/gateway.yaml    | 20 ++++++++++++++
 .../cilium/helmrelelase_cilium.yaml           |  2 ++
 .../ghost-on-kubernetes/07-httproute.yaml     | 27 +++++++++++++++++++
 3 files changed, 49 insertions(+)
 create mode 100644 gitops/home-kubernetes/cilium/gateway.yaml
 create mode 100644 gitops/home-kubernetes/ghost-on-kubernetes/07-httproute.yaml

diff --git a/gitops/home-kubernetes/cilium/gateway.yaml b/gitops/home-kubernetes/cilium/gateway.yaml
new file mode 100644
index 0000000..7df26d0
--- /dev/null
+++ b/gitops/home-kubernetes/cilium/gateway.yaml
@@ -0,0 +1,20 @@
+---
+apiVersion: gateway.networking.k8s.io/v1
+kind: Gateway
+metadata:
+  name: cilium-gateway
+  namespace: kube-system
+spec:
+  gatewayClassName: cilium
+  listeners:
+    - name: http
+      protocol: HTTP
+      port: 80
+    - name: https
+      protocol: HTTPS
+      port: 443
+      tls:
+        mode: Terminate
+        certificateRefs:
+          - kind: Secret
+            name: gateway-tls
diff --git a/gitops/home-kubernetes/cilium/helmrelelase_cilium.yaml b/gitops/home-kubernetes/cilium/helmrelelase_cilium.yaml
index cbc6801..735e081 100644
--- a/gitops/home-kubernetes/cilium/helmrelelase_cilium.yaml
+++ b/gitops/home-kubernetes/cilium/helmrelelase_cilium.yaml
@@ -31,6 +31,8 @@ spec:
         clusterPoolIPv4PodCIDRList: "10.96.0.0/16"
     l2announcements:
       enabled: true
+    gatewayAPI:
+      enabled: true
     kubeProxyReplacement: true
     k8sServiceHost: 192.168.0.31  # or LB IP
     k8sServicePort: 6443
diff --git a/gitops/home-kubernetes/ghost-on-kubernetes/07-httproute.yaml b/gitops/home-kubernetes/ghost-on-kubernetes/07-httproute.yaml
new file mode 100644
index 0000000..aba34de
--- /dev/null
+++ b/gitops/home-kubernetes/ghost-on-kubernetes/07-httproute.yaml
@@ -0,0 +1,27 @@
+---
+apiVersion: gateway.networking.k8s.io/v1
+kind: HTTPRoute
+metadata:
+  name: ghost-on-kubernetes
+  namespace: ghost-on-kubernetes
+  labels:
+    app: ghost-on-kubernetes
+    app.kubernetes.io/name: ghost-on-kubernetes-httproute
+    app.kubernetes.io/instance: ghost-on-kubernetes
+    app.kubernetes.io/version: '6.0'
+    app.kubernetes.io/component: httproute
+    app.kubernetes.io/part-of: ghost-on-kubernetes
+spec:
+  parentRefs:
+    - name: cilium-gateway
+      namespace: kube-system
+  hostnames:
+    - ghost.lab.home.hrajfrisbee.cz
+  rules:
+    - matches:
+        - path:
+            type: PathPrefix
+            value: /
+      backendRefs:
+        - name: ghost-on-kubernetes-service
+          port: 2368