From 842cba070c9afc8cd26167d47d1d823525d1b97e Mon Sep 17 00:00:00 2001
From: josep-tecnativa <josep.guardiola@tecnativa.com>
Date: Wed, 8 May 2024 11:34:38 +0200
Subject: [PATCH] [IMP] Add traefik necessary rules to expose database service
 (compatible with Traefik 3)

---
 _traefik2_labels.yml.jinja | 16 +++++++++++++++-
 1 file changed, 15 insertions(+), 1 deletion(-)

diff --git a/_traefik2_labels.yml.jinja b/_traefik2_labels.yml.jinja
index bcd6ce0e..f433cf38 100644
--- a/_traefik2_labels.yml.jinja
+++ b/_traefik2_labels.yml.jinja
@@ -43,6 +43,18 @@
   {%- endif %}
 {%- endmacro %}
 
+{# Same on HostSNI #}
+{%- macro domains_rule_sni(domain_group) -%}
+  HostSNI(
+    {%- for host in domain_group.hosts -%}
+    `{{ host }}`
+    {%- if not loop.last %}, {% endif %}
+    {%- endfor -%}
+  )
+  {%- if domain_group.path_prefixes %} && {{ path_prefix_rule(domain_group.path_prefixes) }}
+  {%- endif %}
+{%- endmacro %}
+
 {%- macro key(project_name, odoo_version, suffix) %}
   {{- '%s-%.1f-%s'|format(project_name, odoo_version, suffix)|replace('.', '-') }}
 {%- endmacro %}
@@ -212,7 +224,9 @@
 {%- macro database(domain_groups_list, cidr_whitelist, key, port, project_name) %}
       {#- Service #}
       traefik.tcp.services.{{ key }}-database.loadbalancer.server.port: 5432
-
+      traefik.tcp.routers.{{ key }}-database.tls: "true"
+      traefik.tcp.routers.{{ key }}-database.tls.certResolver: letsencrypt
+      traefik.tcp.routers.{{ key }}-database.rule: {{ domains_rule_sni(domain_groups_list) }}
       {%- if cidr_whitelist %}
       {#- Declare whitelist middleware #}
       ? traefik.tcp.middlewares.{{ key }}-whitelist.IPWhiteList.sourceRange