65 lines
1.4 KiB
YAML
65 lines
1.4 KiB
YAML
deployment:
|
|
initContainers:
|
|
- name: volume-permissions
|
|
image: busybox:latest
|
|
command: ["sh", "-c", "touch /data/acme.json; chmod -v 600 /data/acme.json"]
|
|
volumeMounts:
|
|
- name: data
|
|
mountPath: /data
|
|
|
|
env:
|
|
- name: HETZNER_API_KEY
|
|
valueFrom:
|
|
secretKeyRef:
|
|
name: hetzner-api-key
|
|
key: token
|
|
|
|
additionalArguments:
|
|
- "--api.basePath=/fog/traefik"
|
|
|
|
persistence:
|
|
enabled: true
|
|
|
|
logs:
|
|
format: json
|
|
access:
|
|
enabled: true
|
|
format: json
|
|
|
|
ingressRoute:
|
|
dashboard:
|
|
enabled: true
|
|
matchRule: Host(`fog.goatchat.ca`) && (PathPrefix(`/fog/traefik/dashboard`) || PathPrefix(`/fog/traefik/api`))
|
|
entryPoints: ["websecure"]
|
|
middlewares:
|
|
- name: traefik-dashboard-auth
|
|
tls:
|
|
certResolver: letsencrypt
|
|
|
|
extraObjects:
|
|
- apiVersion: v1
|
|
kind: Secret
|
|
metadata:
|
|
name: traefik-dashboard-auth-secret
|
|
type: kubernetes.io/basic-auth
|
|
stringData:
|
|
username: admin
|
|
password: # set through cli args
|
|
|
|
- apiVersion: traefik.io/v1alpha1
|
|
kind: Middleware
|
|
metadata:
|
|
name: traefik-dashboard-auth
|
|
spec:
|
|
basicAuth:
|
|
secret: traefik-dashboard-auth-secret
|
|
|
|
certificatesResolvers:
|
|
letsencrypt:
|
|
acme:
|
|
dnschallenge:
|
|
provider: hetzner
|
|
delaybeforecheck: 30
|
|
email: # set through cli args
|
|
storage: /data/acme.json
|