90 lines
1.8 KiB
YAML
90 lines
1.8 KiB
YAML
certResolvers:
|
|
cloudflare:
|
|
dnsChallenge:
|
|
provider: cloudflare
|
|
storage: /ssl-certs/acme-cloudflare.json
|
|
|
|
env:
|
|
- name: CF_DNS_API_TOKEN
|
|
valueFrom:
|
|
secretKeyRef:
|
|
key: token
|
|
name: cloudflare-token-jafner-net-dns-edit
|
|
|
|
logs:
|
|
general:
|
|
level: error
|
|
|
|
ports:
|
|
web:
|
|
redirectTo:
|
|
port: websecure
|
|
websecure:
|
|
tls:
|
|
enabled: true
|
|
certResolver: cloudflare
|
|
|
|
ingressRoute:
|
|
dashboard:
|
|
enabled: true
|
|
|
|
additionalArguments:
|
|
- "--api.insecure=true"
|
|
|
|
tlsStore:
|
|
default:
|
|
defaultCertificate:
|
|
secretName: traefik-k3s-jafner-net
|
|
|
|
persistence:
|
|
enabled: true
|
|
name: ssl-certs
|
|
size: 1Gi
|
|
path: /ssl-certs
|
|
storageClass: local-path
|
|
|
|
deployment:
|
|
initContainers:
|
|
- name: volume-permissions
|
|
image: busybox:1.36.1
|
|
command: ["sh", "-c", "touch /ssl-certs/acme-cloudflare.json; chmod -v 600 /ssl-certs/acme-cloudflare.json"]
|
|
volumeMounts:
|
|
- name: ssl-certs
|
|
mountPath: /ssl-certs
|
|
|
|
ingressClass:
|
|
enabled: true
|
|
isDefaultClass: true
|
|
|
|
extraObjects:
|
|
- apiVersion: v1
|
|
kind: Service
|
|
metadata:
|
|
name: traefik-dashboard
|
|
spec:
|
|
selector:
|
|
app.kubernetes.io/name: traefik
|
|
app.kubernetes.io/instance: traefik-traefik
|
|
ports:
|
|
- port: 8080
|
|
name: traefik
|
|
targetPort: 9000
|
|
protocol: TCP
|
|
- apiVersion: networking.k8s.io/v1
|
|
kind: Ingress
|
|
metadata:
|
|
name: traefik-dashboard
|
|
annotations:
|
|
traefik.ingress.kubernetes.io/router.entrypoints: websecure
|
|
spec:
|
|
rules:
|
|
- host: traefik.k3s.jafner.net
|
|
http:
|
|
paths:
|
|
- path: /
|
|
pathType: Prefix
|
|
backend:
|
|
service:
|
|
name: traefik-dashboard
|
|
port:
|
|
name: traefik |