Argo/apps/templates/traefik.yaml

128 lines
3.4 KiB
YAML
Raw Normal View History

2022-07-02 22:58:54 +02:00
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
name: traefik
namespace: argo-cd
finalizers:
- resources-finalizer.argocd.argoproj.io
spec:
destination:
server: https://kubernetes.default.svc
namespace: traefik
project: default
source:
chart: traefik
helm:
values: |
image:
repository: &traefikImage library/traefik
name: *traefikImage
tag: v2.8.0
pullPolicy: IfNotPresent
2022-07-02 23:08:00 +02:00
deployment:
additionalContainers:
# https://docs.datadoghq.com/developers/dogstatsd/unix_socket/?tab=host
- name: cloudflare
2022-07-03 01:13:42 +02:00
image: ghcr.io/roxedus/pipelines:cloudflared-2022.6.3
2022-07-02 23:08:00 +02:00
args: ["tunnel", "--no-autoupdate", "run", "--token", "$(cloudflared)"]
resources:
limits:
cpu: "800m"
memory: "100Mi"
requests:
cpu: "300m"
memory: "40Mi"
envFrom:
- secretRef:
name: cloudflared-secrets
- image: ghcr.io/roxedus/pipelines:traefik-cloudflare-tunnel-cca7aa94
name: auto-cloudflare
resources:
limits:
cpu: "800m"
memory: "100Mi"
requests:
cpu: "300m"
memory: "40Mi"
envFrom:
- secretRef:
name: auto-cloudflared-secrets
env:
- name: TRAEFIK_SERVICE_ENDPOINT
value: http://localhost:8000
- name: TRAEFIK_API_ENDPOINT
value: http://localhost:9000
- name: TRAEFIK_ENTRYPOINT
value: web
2022-07-02 22:58:54 +02:00
pilot:
enabled: true
experimental:
http3:
enabled: true
2022-07-02 23:03:14 +02:00
plugins:
enabled: false
kubernetesGateway:
enabled: false
2022-07-02 22:58:54 +02:00
globalArguments: []
additionalArguments:
- "--entryPoints.web.forwardedHeaders.trustedIPs=127.0.0.1/32"
- "--api.insecure=true"
envFrom:
- secretRef:
name: traefik-secrets
ports:
2022-07-02 23:03:14 +02:00
traefik:
port: 9000
expose: false
exposedPort: 9000
protocol: TCP
2022-07-02 22:58:54 +02:00
web:
2022-07-02 23:03:14 +02:00
port: 8000
2022-07-02 22:58:54 +02:00
expose: false
2022-07-02 23:03:14 +02:00
exposedPort: 80
protocol: TCP
2022-07-02 22:58:54 +02:00
websecure:
2022-07-02 23:03:14 +02:00
port: 8443
2022-07-02 22:58:54 +02:00
expose: false
2022-07-02 23:03:14 +02:00
exposedPort: 443
2022-07-02 22:58:54 +02:00
protocol: TCP
http3: true
tls:
enabled: true
tlsOptions:
default:
sniStrict: true
minVersion: VersionTLS12
service:
2022-07-02 23:03:14 +02:00
enabled: false
2022-07-02 22:58:54 +02:00
type: NodePort
2022-07-02 23:03:14 +02:00
annotations: {}
annotationsTCP: {}
annotationsUDP: {}
labels: {}
spec:
{}
loadBalancerSourceRanges:
[]
externalIPs:
[]
2022-07-02 22:58:54 +02:00
certResolvers: {}
repoURL: https://helm.traefik.io/traefik
targetRevision: 10.24.0
syncPolicy:
automated:
prune: true
selfHeal: true
syncOptions:
- CreateNamespace=true