From 1fbe50c79f8440381da69f9c5716ca3010dfaed8 Mon Sep 17 00:00:00 2001
From: Roxedus <me@roxedus.dev>
Date: Sat, 2 Jul 2022 22:58:54 +0200
Subject: [PATCH] Nativer chart

---
 apps/templates/traefik.yaml | 101 ++++++++++++++++++++++++++++++++++++
 1 file changed, 101 insertions(+)
 create mode 100644 apps/templates/traefik.yaml

diff --git a/apps/templates/traefik.yaml b/apps/templates/traefik.yaml
new file mode 100644
index 0000000..a203452
--- /dev/null
+++ b/apps/templates/traefik.yaml
@@ -0,0 +1,101 @@
+apiVersion: argoproj.io/v1alpha1
+kind: Application
+metadata:
+  name: traefik
+  namespace: argo-cd
+  finalizers:
+    - resources-finalizer.argocd.argoproj.io
+spec:
+  destination:
+    server: https://kubernetes.default.svc
+    namespace: traefik
+  project: default
+  source:
+    chart: traefik
+    helm:
+      values: |
+          image:
+            repository: &traefikImage library/traefik
+            name: *traefikImage
+            tag: v2.8.0
+            pullPolicy: IfNotPresent
+          additionalContainers:
+            # https://docs.datadoghq.com/developers/dogstatsd/unix_socket/?tab=host
+            - name: cloudflare
+              image: cloudflare/cloudflared:2022.6.3
+              args: ["tunnel", "--no-autoupdate", "run", "--token", "$(cloudflared)"]
+              resources:
+                limits:
+                  cpu: "800m"
+                  memory: "100Mi"
+                requests:
+                  cpu: "300m"
+                  memory: "40Mi"
+              envFrom:
+                - secretRef:
+                    name: cloudflared-secrets
+            - image: ghcr.io/roxedus/pipelines:traefik-cloudflare-tunnel-cca7aa94
+              name: auto-cloudflare
+              resources:
+                limits:
+                  cpu: "800m"
+                  memory: "100Mi"
+                requests:
+                  cpu: "300m"
+                  memory: "40Mi"
+              envFrom:
+                - secretRef:
+                    name: auto-cloudflared-secrets
+              env:
+                - name: TRAEFIK_SERVICE_ENDPOINT
+                  value: http://localhost:8000
+                - name: TRAEFIK_API_ENDPOINT
+                  value: http://localhost:9000
+                - name: TRAEFIK_ENTRYPOINT
+                  value: web
+          pilot:
+            enabled: true
+
+          experimental:
+            http3:
+              enabled: true
+
+          globalArguments: []
+
+          additionalArguments:
+            - "--entryPoints.web.forwardedHeaders.trustedIPs=127.0.0.1/32"
+            - "--api.insecure=true"
+          envFrom:
+
+            - secretRef:
+                name: traefik-secrets
+
+          ports:
+            web:
+              expose: false
+            websecure:
+              expose: false
+              protocol: TCP
+              http3: true
+              tls:
+                enabled: true
+
+          tlsOptions:
+            default:
+              sniStrict: true
+              minVersion: VersionTLS12
+
+          service:
+            enabled: true
+            type: NodePort
+
+          certResolvers: {}
+
+    repoURL: https://helm.traefik.io/traefik
+    targetRevision: 10.24.0
+  syncPolicy:
+    automated:
+      prune: true
+      selfHeal: true
+    syncOptions:
+      - CreateNamespace=true