CHORE(authelia): disable local auth and add Authelia SSO

- code-server: Change --auth password to --auth none
- code-server: Add Authelia middleware to ingress
- immich: Add Authelia middleware to ingress
- umami: Add Authelia middleware to ingress

code-server/helm-values.yaml

@@ -44,7 +44,7 @@ volumePermissions:
 # Extra arguments for code-server
 extraArgs:
   - --auth
-  - password
+  - none
 
 # Extra environment variables
 extraVars:

code-server/ingress.yaml

@@ -4,14 +4,8 @@ metadata:
   name: code-server-ingress
   namespace: code-server
   annotations:
-    nginx.ingress.kubernetes.io/ssl-redirect: "true"
     cert-manager.io/cluster-issuer: "letsencrypt-prod"
-    # WebSocket 지원 (code-server에 필요)
+    traefik.ingress.kubernetes.io/router.middlewares: authelia-authelia-auth@kubernetescrd
-    nginx.ingress.kubernetes.io/websocket-services: "code-server"
-    # 프록시 타임아웃 설정 (장시간 연결 유지)
-    nginx.ingress.kubernetes.io/proxy-connect-timeout: "3600"
-    nginx.ingress.kubernetes.io/proxy-send-timeout: "3600"
-    nginx.ingress.kubernetes.io/proxy-read-timeout: "3600"
 spec:
   ingressClassName: traefik
   tls:

immich/helm-values.yaml

@@ -55,6 +55,7 @@ server:
       className: traefik
       annotations:
         cert-manager.io/cluster-issuer: letsencrypt-prod
+        traefik.ingress.kubernetes.io/router.middlewares: authelia-authelia-auth@kubernetescrd
       hosts:
         - host: immich0213.kro.kr
           paths:

umami/ingress.yaml

@@ -4,9 +4,8 @@ metadata:
   name: umami-ingress
   namespace: umami
   annotations:
-    nginx.ingress.kubernetes.io/rewrite-target: /
-    nginx.ingress.kubernetes.io/ssl-redirect: "true"
     cert-manager.io/cluster-issuer: "letsencrypt-prod"
+    traefik.ingress.kubernetes.io/router.middlewares: authelia-authelia-auth@kubernetescrd
 spec:
   ingressClassName: traefik
   tls: