diff --git a/src/traefik_route_observer.py b/src/traefik_route_observer.py index 61e185b8..6f1a469c 100644 --- a/src/traefik_route_observer.py +++ b/src/traefik_route_observer.py @@ -82,8 +82,7 @@ def _ingress_config(self) -> dict[str, dict[str, dict[str, typing.Any]]]: routers[f"juju-{self.model.name}-{self.model.app.name}-{sanitized_protocol}"] = { "entryPoints": [sanitized_protocol], "service": service_name, - "rule": "HostSNI(`*`)", - "tls": {"passthrough": True}, + "rule": "ClientIP(`0.0.0.0/0`)", } services[service_name] = { "loadBalancer": { diff --git a/tests/unit/test_traefik_route_observer.py b/tests/unit/test_traefik_route_observer.py index e697564d..1850af17 100644 --- a/tests/unit/test_traefik_route_observer.py +++ b/tests/unit/test_traefik_route_observer.py @@ -59,14 +59,12 @@ def test_on_traefik_route_relation_joined_when_leader(monkeypatch: pytest.Monkey "juju-testing-observer-charm-conn-tcp": { "entryPoints": ["conn-tcp"], "service": "juju-testing-observer-charm-service-conn-tcp", - "rule": "HostSNI(`*`)", - "tls": {"passthrough": True}, + "rule": "ClientIP(`0.0.0.0/0`)", }, "juju-testing-observer-charm-enrole-tcp": { "entryPoints": ["enrole-tcp"], "service": "juju-testing-observer-charm-service-enrole-tcp", - "rule": "HostSNI(`*`)", - "tls": {"passthrough": True}, + "rule": "ClientIP(`0.0.0.0/0`)", }, }, "services": {