grant/fog
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
fog/traefik/values.yaml

103 lines
2.0 KiB
YAML
Raw Permalink Blame History

deployment:
initContainers:
- name: volume-permissions
image: busybox:latest
command: ["sh", "-c", "touch /data/acme.json; chmod -v 600 /data/acme.json"]
volumeMounts:
- name: data
mountPath: /data
updateStrategy:
type: Recreate
env:
- name: HETZNER_API_KEY
valueFrom:
secretKeyRef:
name: hetzner-api-key
key: token
additionalArguments:
- "--api.basePath=/fog/traefik"
persistence:
enabled: true
logs:
format: json
access:
enabled: true
format: json
service:
spec:
externalTrafficPolicy: Local
ingressRoute:
dashboard:
enabled: true
matchRule: Host(`fog.incngrnt.ca`) && (PathPrefix(`/fog/traefik/dashboard`) || PathPrefix(`/fog/traefik/api`))
entryPoints: ["websecure"]
middlewares:
- name: traefik-dashboard-auth
tls:
certResolver: letsencrypt
ports:
websecure:
middlewares:
- traefik-rate-limit@kubernetescrd
web:
middlewares:
- traefik-redirectscheme@kubernetescrd
ssh:
port: 2222
expose:
default: true
exposedPort: 2222
protocol: TCP
extraObjects:
- apiVersion: v1
kind: Secret
metadata:
name: traefik-dashboard-auth-secret
type: kubernetes.io/basic-auth
stringData:
username: admin
password: # set through cli args
- apiVersion: traefik.io/v1alpha1
kind: Middleware
metadata:
name: traefik-dashboard-auth
spec:
basicAuth:
secret: traefik-dashboard-auth-secret
- apiVersion: traefik.io/v1alpha1
kind: Middleware
metadata:
name: rate-limit
spec:
rateLimit:
average: 50
burst: 100
- apiVersion: traefik.io/v1alpha1
kind: Middleware
metadata:
name: redirectscheme
spec:
redirectScheme:
scheme: https
permanent: true
certificatesResolvers:
letsencrypt:
acme:
dnschallenge:
provider: hetzner
delaybeforecheck: 30
email: # set through cli args
storage: /data/acme.json
Reference in New Issue View Git Blame Copy Permalink