2022-07-02 22:58:54 +02:00
|
|
|
apiVersion: argoproj.io/v1alpha1
|
|
|
|
kind: Application
|
|
|
|
metadata:
|
|
|
|
name: traefik
|
|
|
|
namespace: argo-cd
|
|
|
|
finalizers:
|
|
|
|
- resources-finalizer.argocd.argoproj.io
|
|
|
|
spec:
|
|
|
|
destination:
|
|
|
|
server: https://kubernetes.default.svc
|
|
|
|
namespace: traefik
|
|
|
|
project: default
|
|
|
|
source:
|
|
|
|
chart: traefik
|
|
|
|
helm:
|
|
|
|
values: |
|
|
|
|
image:
|
|
|
|
repository: &traefikImage library/traefik
|
|
|
|
name: *traefikImage
|
|
|
|
tag: v2.8.0
|
|
|
|
pullPolicy: IfNotPresent
|
2022-07-02 23:08:00 +02:00
|
|
|
deployment:
|
|
|
|
additionalContainers:
|
|
|
|
# https://docs.datadoghq.com/developers/dogstatsd/unix_socket/?tab=host
|
|
|
|
- name: cloudflare
|
2022-07-03 01:13:42 +02:00
|
|
|
image: ghcr.io/roxedus/pipelines:cloudflared-2022.6.3
|
2022-07-02 23:08:00 +02:00
|
|
|
args: ["tunnel", "--no-autoupdate", "run", "--token", "$(cloudflared)"]
|
|
|
|
resources:
|
|
|
|
limits:
|
|
|
|
cpu: "800m"
|
|
|
|
memory: "100Mi"
|
|
|
|
requests:
|
|
|
|
cpu: "300m"
|
|
|
|
memory: "40Mi"
|
|
|
|
envFrom:
|
|
|
|
- secretRef:
|
|
|
|
name: cloudflared-secrets
|
|
|
|
- image: ghcr.io/roxedus/pipelines:traefik-cloudflare-tunnel-cca7aa94
|
|
|
|
name: auto-cloudflare
|
|
|
|
resources:
|
|
|
|
limits:
|
|
|
|
cpu: "800m"
|
|
|
|
memory: "100Mi"
|
|
|
|
requests:
|
|
|
|
cpu: "300m"
|
|
|
|
memory: "40Mi"
|
|
|
|
envFrom:
|
|
|
|
- secretRef:
|
|
|
|
name: auto-cloudflared-secrets
|
|
|
|
env:
|
|
|
|
- name: TRAEFIK_SERVICE_ENDPOINT
|
|
|
|
value: http://localhost:8000
|
|
|
|
- name: TRAEFIK_API_ENDPOINT
|
|
|
|
value: http://localhost:9000
|
|
|
|
- name: TRAEFIK_ENTRYPOINT
|
|
|
|
value: web
|
|
|
|
|
2022-07-02 22:58:54 +02:00
|
|
|
pilot:
|
|
|
|
enabled: true
|
|
|
|
|
|
|
|
experimental:
|
|
|
|
http3:
|
|
|
|
enabled: true
|
2022-07-02 23:03:14 +02:00
|
|
|
plugins:
|
|
|
|
enabled: false
|
|
|
|
kubernetesGateway:
|
|
|
|
enabled: false
|
2022-07-02 22:58:54 +02:00
|
|
|
|
|
|
|
globalArguments: []
|
|
|
|
|
|
|
|
additionalArguments:
|
|
|
|
- "--entryPoints.web.forwardedHeaders.trustedIPs=127.0.0.1/32"
|
|
|
|
- "--api.insecure=true"
|
|
|
|
envFrom:
|
|
|
|
|
|
|
|
- secretRef:
|
|
|
|
name: traefik-secrets
|
|
|
|
|
|
|
|
ports:
|
2022-07-02 23:03:14 +02:00
|
|
|
traefik:
|
|
|
|
port: 9000
|
|
|
|
expose: false
|
|
|
|
exposedPort: 9000
|
|
|
|
protocol: TCP
|
2022-07-02 22:58:54 +02:00
|
|
|
web:
|
2022-07-02 23:03:14 +02:00
|
|
|
port: 8000
|
2022-07-02 22:58:54 +02:00
|
|
|
expose: false
|
2022-07-02 23:03:14 +02:00
|
|
|
exposedPort: 80
|
|
|
|
protocol: TCP
|
2022-07-02 22:58:54 +02:00
|
|
|
websecure:
|
2022-07-02 23:03:14 +02:00
|
|
|
port: 8443
|
2022-07-02 22:58:54 +02:00
|
|
|
expose: false
|
2022-07-02 23:03:14 +02:00
|
|
|
exposedPort: 443
|
2022-07-02 22:58:54 +02:00
|
|
|
protocol: TCP
|
|
|
|
http3: true
|
|
|
|
tls:
|
|
|
|
enabled: true
|
|
|
|
|
|
|
|
tlsOptions:
|
|
|
|
default:
|
|
|
|
sniStrict: true
|
|
|
|
minVersion: VersionTLS12
|
|
|
|
|
|
|
|
service:
|
2022-07-02 23:03:14 +02:00
|
|
|
enabled: false
|
2022-07-02 22:58:54 +02:00
|
|
|
type: NodePort
|
2022-07-02 23:03:14 +02:00
|
|
|
annotations: {}
|
|
|
|
annotationsTCP: {}
|
|
|
|
annotationsUDP: {}
|
|
|
|
labels: {}
|
|
|
|
spec:
|
|
|
|
{}
|
|
|
|
loadBalancerSourceRanges:
|
|
|
|
[]
|
|
|
|
externalIPs:
|
|
|
|
[]
|
2022-07-02 22:58:54 +02:00
|
|
|
|
|
|
|
certResolvers: {}
|
|
|
|
|
|
|
|
repoURL: https://helm.traefik.io/traefik
|
|
|
|
targetRevision: 10.24.0
|
|
|
|
syncPolicy:
|
|
|
|
automated:
|
|
|
|
prune: true
|
|
|
|
selfHeal: true
|
|
|
|
syncOptions:
|
|
|
|
- CreateNamespace=true
|