From e1b8e121fac46446c198b46fcc659b66f1502177 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Simen=20R=C3=B8stvik?= Date: Tue, 15 Nov 2022 12:35:21 +0100 Subject: [PATCH] test values --- apps/templates/traefik-values.yaml | 74 +++++++++++++++++++++++++ apps/templates/traefik.yaml | 89 +----------------------------- 2 files changed, 76 insertions(+), 87 deletions(-) create mode 100644 apps/templates/traefik-values.yaml diff --git a/apps/templates/traefik-values.yaml b/apps/templates/traefik-values.yaml new file mode 100644 index 0000000..577a08d --- /dev/null +++ b/apps/templates/traefik-values.yaml @@ -0,0 +1,74 @@ +image: + repository: &traefikImage library/traefik + name: *traefikImage + tag: v2.9.4 + pullPolicy: IfNotPresent + +experimental: + http3: + enabled: true + plugins: + enabled: false + kubernetesGateway: + enabled: false + +dnsPolicy: ClusterFirstWithHostNet +hostNetwork: true +nodeSelector: + hasDns: "true" + +securityContext: + capabilities: + drop: [ALL] + add: [NET_BIND_SERVICE] + readOnlyRootFilesystem: true + runAsGroup: 0 + runAsNonRoot: false + runAsUser: 0 + +additionalArguments: +# - "--entryPoints.web.forwardedHeaders.trustedIPs=127.0.0.1/32" + - "--api.insecure=true" +envFrom: + - secretRef: + name: traefik-secrets + +ports: + traefik: + port: 9000 + expose: true + exposedPort: 9000 + protocol: TCP + web: + port: 80 + expose: false + protocol: TCP + websecure: + port: 443 + expose: false + protocol: TCP + tls: + enabled: true + metrics: + port: 9100 + expose: true + udp: + port: 6666 + protocol: UDP + expose: true + +tlsOptions: + default: + sniStrict: true + minVersion: VersionTLS12 + +service: + enabled: true + type: NodePort + +certResolvers: + cloudflare: + email: me@roxedus.dev + dnsChallenge: + provider: cloudflare + storage: /data/acme.json \ No newline at end of file diff --git a/apps/templates/traefik.yaml b/apps/templates/traefik.yaml index 7aaa8da..dae98a1 100644 --- a/apps/templates/traefik.yaml +++ b/apps/templates/traefik.yaml @@ -13,93 +13,8 @@ spec: source: chart: traefik helm: - values: | - image: - repository: &traefikImage library/traefik - name: *traefikImage - tag: v2.9.4 - pullPolicy: IfNotPresent - - experimental: - http3: - enabled: true - plugins: - enabled: false - kubernetesGateway: - enabled: false - - dnsPolicy: ClusterFirstWithHostNet - hostNetwork: true - nodeSelector: - hasDns: "true" - - securityContext: - capabilities: - drop: [ALL] - add: [NET_BIND_SERVICE] - readOnlyRootFilesystem: true - runAsGroup: 0 - runAsNonRoot: false - runAsUser: 0 - - globalArguments: [] - - additionalArguments: - # - "--entryPoints.web.forwardedHeaders.trustedIPs=127.0.0.1/32" - - "--api.insecure=true" - envFrom: - - secretRef: - name: traefik-secrets - - ports: - traefik: - port: 9000 - expose: true - exposedPort: 9000 - protocol: TCP - web: - port: 80 - expose: false - protocol: TCP - websecure: - port: 443 - expose: false - protocol: TCP - tls: - enabled: true - metrics: - port: 9100 - expose: true - udp: - port: 6666 - protocol: UDP - expose: true - - tlsOptions: - default: - sniStrict: true - minVersion: VersionTLS12 - - service: - enabled: true - type: NodePort - annotations: {} - annotationsTCP: {} - annotationsUDP: {} - labels: {} - spec: - {} - loadBalancerSourceRanges: - [] - externalIPs: - [] - - certResolvers: - cloudflare: - email: me@roxedus.dev - dnsChallenge: - provider: cloudflare - storage: /data/acme.json + valueFiles: + - traefik-values.yaml repoURL: https://helm.traefik.io/traefik targetRevision: 10.24.0