outline: route via APISIX (port 9443, ApisixRoute CRD), not Traefik

Switched Bunny iron-kr-nowaf origin from :443 (Traefik) to :9443 (APISIX, no SafeLine plugin) since APISIX plugins are per-route. Used existing :9443 path (juiceshop already there) instead of opening a new OpenWrt port. Outline route managed via ApisixTls + ApisixRoute CRDs because admin-API direct PUTs get swept by apisix-ingress-controller as orphans. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-04-21 10:08:16 +09:00
parent a20c68e3a1
commit 0fbce86cfc
2 changed files with 16 additions and 2 deletions
--- a/infra/platform/outline.md
+++ b/infra/platform/outline.md
@@ -26,8 +26,9 @@ Outline은 팀 위키/문서 관리 플랫폼. K3s 클러스터에 배포.
 | TLS (Traefik) | wildcard-inouter-tls (*.inouter.com) |
 | TLS (CDN) | *.inouter.com wildcard (cert-manager, GTS WR1 발급) 수동 업로드 |
 | CDN | BunnyCDN **iron-kr-nowaf** 존 (ID 5720695, WAF 없음, 쿠키 허용) — 2026-04-21 iron-kr에서 분리 이전 |
+| Bunny Origin | https://220.120.65.245:9443 → APISIX (Traefik 미경유) |
 | DNS | outline.inouter.com CNAME → iron-kr-nowaf.b-cdn.net (Cloudflare, proxied OFF) |
-| Ingress | Traefik IngressRoute (CRD) |
+| Ingress | **APISIX ApisixRoute `outline` (ssl_id 4e7704e0, route_id ce4d2d80)** — 2026-04-21 변경. Traefik IngressRoute는 롤백 대비 유지 중이지만 비활성 경로 |

 ## 인증 (Gitea OAuth2)