diff --git a/apps/templates/traefik.yaml b/apps/templates/traefik.yaml new file mode 100644 index 0000000..d34ccef --- /dev/null +++ b/apps/templates/traefik.yaml @@ -0,0 +1,91 @@ +apiVersion: argoproj.io/v1alpha1 +kind: Application +metadata: + name: traefik + namespace: argo-cd + finalizers: + - resources-finalizer.argocd.argoproj.io +spec: + destination: + server: https://kubernetes.default.svc + namespace: traefik + project: default + source: + chart: traefik + helm: + values: | + image: + repository: &traefikImage library/traefik + name: *traefikImage + tag: v2.8.0 + pullPolicy: IfNotPresent + + experimental: + http3: + enabled: true + plugins: + enabled: false + kubernetesGateway: + enabled: false + + globalArguments: [] + + additionalArguments: + # - "--entryPoints.web.forwardedHeaders.trustedIPs=127.0.0.1/32" + - "--api.insecure=true" + envFrom: + - secretRef: + name: traefik-secrets + + ports: + traefik: + port: 9000 + expose: false + exposedPort: 9000 + protocol: TCP + web: + port: 8000 + expose: false + exposedPort: 80 + protocol: TCP + websecure: + port: 8443 + expose: false + exposedPort: 443 + protocol: TCP + http3: true + tls: + enabled: true + metrics: + port: 9100 + expose: true + + tlsOptions: + default: + sniStrict: true + minVersion: VersionTLS12 + + service: + enabled: true + type: ClusterIP + annotations: {} + annotationsTCP: {} + annotationsUDP: {} + labels: {} + spec: + {} + loadBalancerSourceRanges: + [] + externalIPs: + [] + + certResolvers: {} + + repoURL: https://helm.traefik.io/traefik + targetRevision: 10.24.0 + syncPolicy: + automated: + prune: true + selfHeal: true + syncOptions: + - CreateNamespace=true