apiVersion: helm.cattle.io/v1 kind: HelmChartConfig metadata: name: traefik namespace: kube-system spec: valuesContent: |- nodeSelector: kubernetes.io/hostname: k3sh0 providers: kubernetesCRD: allowCrossNamespace: true certResolvers: letsencrypt: email: admin@t00n.de dnsChallenge: provider: ionos delayBeforeCheck: 60 resolvers: - 1.1.1.1 storage: /data/acme-ionos.json ingressRoute: dashboard: enabled: true matchRule: Host(`traefik.monitor.k8s.t000-n.de`) && (PathPrefix(`/dashboard`) || PathPrefix(`/api`)) middlewares: - name: localipfilter entryPoints: ["websecure"] env: - name: IONOS_API_KEY valueFrom: secretKeyRef: key: apiKey name: ionos-api-credentials - name: CROWDSEC_BOUNCER_API_KEY valueFrom: secretKeyRef: name: crowdsec-bouncer-api-key key: api-key ports: web: port: 8000 expose: true exposedPort: 80 nodePort: 32080 websecure: port: 8443 expose: true exposedPort: 443 nodePort: 32443 tls: enabled: true certResolver: "letsencrypt" service: enabled: true single: true type: LoadBalancer spec: externalTrafficPolicy: Local externalIPs: - 192.168.0.50 - 192.168.0.51 - 192.168.0.52 - 192.168.0.53 persistence: enabled: true name: data accessMode: ReadWriteMany size: 1Gi storageClass: longhorn path: /data #experimental: # plugins: # crowdsec-bouncer-traefik-plugin: # moduleName: github.com/maxlerebourg/crowdsec-bouncer-traefik-plugin # version: v1.4.6 #additionalArguments: # - "--providers.kubernetescrd" # - "--entrypoints.web.http.middlewares=crowdsec-bouncer@kubernetescrd" # - "--entrypoints.websecure.http.middlewares=kube-system-crowdsec-bouncer@kubernetescrd"