Argo/apps/templates/traefik.yaml

146 lines
3.8 KiB
YAML
Raw Normal View History

2022-07-02 22:58:54 +02:00
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
name: traefik
namespace: argo-cd
finalizers:
- resources-finalizer.argocd.argoproj.io
spec:
destination:
server: https://kubernetes.default.svc
namespace: traefik
project: default
source:
chart: traefik
helm:
2022-11-15 12:48:55 +01:00
values: |
2022-11-18 09:55:47 +01:00
2022-11-15 12:48:55 +01:00
image:
repository: &traefikImage library/traefik
name: *traefikImage
tag: v2.9.4
pullPolicy: IfNotPresent
experimental:
http3:
enabled: true
plugins:
enabled: false
kubernetesGateway:
enabled: false
2022-12-07 11:14:54 +01:00
# dnsPolicy: ClusterFirstWithHostNet
# hostNetwork: true
# nodeSelector:
# hasDns: "true"
2022-11-15 12:48:55 +01:00
2022-12-07 11:14:54 +01:00
# securityContext:
# capabilities:
# drop: [ALL]
# add: [NET_BIND_SERVICE]
# readOnlyRootFilesystem: true
# runAsGroup: 0
# runAsNonRoot: false
# runAsUser: 0
2022-11-15 12:48:55 +01:00
globalArguments: []
additionalArguments:
# - "--entryPoints.web.forwardedHeaders.trustedIPs=127.0.0.1/32"
- "--api.insecure=true"
2022-11-17 13:14:54 +01:00
- "--ping"
2022-11-17 13:30:48 +01:00
- "--ping.entrypoint=traefik"
2022-11-15 12:48:55 +01:00
envFrom:
- secretRef:
name: traefik-secrets
2022-12-12 09:54:03 +01:00
# persistence:
# enabled: true
# name: data
# accessMode: ReadWriteOnce
# size: 128Mi
# storageClass: "longhorn"
# path: /data
2022-11-15 13:23:41 +01:00
2022-11-15 12:48:55 +01:00
ports:
traefik:
port: 9000
expose: true
2022-12-07 15:39:44 +01:00
exposedPort: 9900
2022-11-15 12:48:55 +01:00
protocol: TCP
web:
2022-12-07 11:23:38 +01:00
port: 8080
exposedPort: 80
2022-12-07 12:30:27 +01:00
expose: true
2022-11-15 12:48:55 +01:00
protocol: TCP
2022-11-15 13:54:19 +01:00
redirectTo: websecure
2022-11-15 12:48:55 +01:00
websecure:
2022-12-07 11:23:38 +01:00
port: 4443
exposedPort: 443
2022-12-07 12:47:37 +01:00
expose: true
2022-11-15 12:48:55 +01:00
protocol: TCP
tls:
enabled: true
metrics:
2022-12-08 12:56:44 +01:00
port: 9102
2022-12-07 12:47:37 +01:00
expose: false
2022-11-15 12:48:55 +01:00
udp:
port: 6666
protocol: UDP
expose: true
tlsOptions:
default:
sniStrict: true
minVersion: VersionTLS12
service:
2022-12-07 13:01:51 +01:00
enabled: true
2022-12-07 11:14:54 +01:00
type: LoadBalancer
2022-11-15 12:48:55 +01:00
2022-12-12 09:54:03 +01:00
# deployment:
# initContainers:
# #The "volume-permissions" init container is required if you run into permission issues.
# #Related issue: https://github.com/traefik/traefik/issues/6825
# - name: volume-permissions
# image: busybox:1.35
# command: ["sh", "-c", "touch /data/acme.json && chmod -Rv 600 /data/* && chown 65532:65532 /data/acme.json"]
# volumeMounts:
# - name: data
# mountPath: /data
2022-11-15 13:54:19 +01:00
2022-12-06 01:52:00 +01:00
logs:
general:
level: DEBUG
2022-12-06 01:48:59 +01:00
2022-12-05 14:11:20 +01:00
providers:
2022-12-06 01:31:19 +01:00
kubernetesCRD:
allowCrossNamespace: true
2022-12-05 14:11:20 +01:00
kubernetesIngress:
publishedService:
enabled: true
2022-11-30 23:20:08 +01:00
ingressClass:
enabled: true
isDefaultClass: true
2022-12-12 09:54:03 +01:00
# certResolvers:
# cloudflare:
# email: me@roxedus.dev
# #caServer: https://acme-staging-v02.api.letsencrypt.org/directory
# dnsChallenge:
# provider: cloudflare
# resolvers:
# - "1.1.1.1:53"
# - "8.8.8.8:53"
# storage: /data/acme.json
2022-07-02 22:58:54 +02:00
repoURL: https://helm.traefik.io/traefik
2022-11-30 23:00:25 +01:00
targetRevision: 20.6.0
2022-07-02 22:58:54 +02:00
syncPolicy:
automated:
prune: true
selfHeal: true
syncOptions:
- CreateNamespace=true