From ffd7c5802307262957975b758137850c990d8c78 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Simen=20R=C3=B8stvik?= Date: Tue, 15 Nov 2022 12:48:55 +0100 Subject: [PATCH] F --- apps/templates/traefik.yaml | 90 +++++++++++++++++++++++++++++++++++-- helm/traefik/values.yaml | 74 ------------------------------ 2 files changed, 87 insertions(+), 77 deletions(-) delete mode 100644 helm/traefik/values.yaml diff --git a/apps/templates/traefik.yaml b/apps/templates/traefik.yaml index 08fb335..7aaa8da 100644 --- a/apps/templates/traefik.yaml +++ b/apps/templates/traefik.yaml @@ -12,10 +12,94 @@ spec: project: default source: chart: traefik - path: helm/ helm: - valueFiles: - - values.yaml + values: | + image: + repository: &traefikImage library/traefik + name: *traefikImage + tag: v2.9.4 + pullPolicy: IfNotPresent + + experimental: + http3: + enabled: true + plugins: + enabled: false + kubernetesGateway: + enabled: false + + dnsPolicy: ClusterFirstWithHostNet + hostNetwork: true + nodeSelector: + hasDns: "true" + + securityContext: + capabilities: + drop: [ALL] + add: [NET_BIND_SERVICE] + readOnlyRootFilesystem: true + runAsGroup: 0 + runAsNonRoot: false + runAsUser: 0 + + globalArguments: [] + + additionalArguments: + # - "--entryPoints.web.forwardedHeaders.trustedIPs=127.0.0.1/32" + - "--api.insecure=true" + envFrom: + - secretRef: + name: traefik-secrets + + ports: + traefik: + port: 9000 + expose: true + exposedPort: 9000 + protocol: TCP + web: + port: 80 + expose: false + protocol: TCP + websecure: + port: 443 + expose: false + protocol: TCP + tls: + enabled: true + metrics: + port: 9100 + expose: true + udp: + port: 6666 + protocol: UDP + expose: true + + tlsOptions: + default: + sniStrict: true + minVersion: VersionTLS12 + + service: + enabled: true + type: NodePort + annotations: {} + annotationsTCP: {} + annotationsUDP: {} + labels: {} + spec: + {} + loadBalancerSourceRanges: + [] + externalIPs: + [] + + certResolvers: + cloudflare: + email: me@roxedus.dev + dnsChallenge: + provider: cloudflare + storage: /data/acme.json repoURL: https://helm.traefik.io/traefik targetRevision: 10.24.0 diff --git a/helm/traefik/values.yaml b/helm/traefik/values.yaml deleted file mode 100644 index 577a08d..0000000 --- a/helm/traefik/values.yaml +++ /dev/null @@ -1,74 +0,0 @@ -image: - repository: &traefikImage library/traefik - name: *traefikImage - tag: v2.9.4 - pullPolicy: IfNotPresent - -experimental: - http3: - enabled: true - plugins: - enabled: false - kubernetesGateway: - enabled: false - -dnsPolicy: ClusterFirstWithHostNet -hostNetwork: true -nodeSelector: - hasDns: "true" - -securityContext: - capabilities: - drop: [ALL] - add: [NET_BIND_SERVICE] - readOnlyRootFilesystem: true - runAsGroup: 0 - runAsNonRoot: false - runAsUser: 0 - -additionalArguments: -# - "--entryPoints.web.forwardedHeaders.trustedIPs=127.0.0.1/32" - - "--api.insecure=true" -envFrom: - - secretRef: - name: traefik-secrets - -ports: - traefik: - port: 9000 - expose: true - exposedPort: 9000 - protocol: TCP - web: - port: 80 - expose: false - protocol: TCP - websecure: - port: 443 - expose: false - protocol: TCP - tls: - enabled: true - metrics: - port: 9100 - expose: true - udp: - port: 6666 - protocol: UDP - expose: true - -tlsOptions: - default: - sniStrict: true - minVersion: VersionTLS12 - -service: - enabled: true - type: NodePort - -certResolvers: - cloudflare: - email: me@roxedus.dev - dnsChallenge: - provider: cloudflare - storage: /data/acme.json \ No newline at end of file