81 lines
2.1 KiB
YAML
81 lines
2.1 KiB
YAML
apiVersion: helm.cattle.io/v1
|
|
kind: HelmChartConfig
|
|
metadata:
|
|
name: traefik
|
|
namespace: kube-system
|
|
spec:
|
|
valuesContent: |-
|
|
nodeSelector:
|
|
kubernetes.io/hostname: k3sh0
|
|
providers:
|
|
kubernetesCRD:
|
|
allowCrossNamespace: true
|
|
certResolvers:
|
|
letsencrypt:
|
|
email: admin@t00n.de
|
|
dnsChallenge:
|
|
provider: ionos
|
|
delayBeforeCheck: 60
|
|
resolvers:
|
|
- 1.1.1.1
|
|
storage: /data/acme-ionos.json
|
|
ingressRoute:
|
|
dashboard:
|
|
enabled: true
|
|
matchRule: Host(`traefik.monitor.k8s.t000-n.de`) && (PathPrefix(`/dashboard`) || PathPrefix(`/api`))
|
|
middlewares:
|
|
- name: localipfilter
|
|
entryPoints: ["websecure"]
|
|
env:
|
|
- name: IONOS_API_KEY
|
|
valueFrom:
|
|
secretKeyRef:
|
|
key: apiKey
|
|
name: ionos-api-credentials
|
|
- name: CROWDSEC_BOUNCER_API_KEY
|
|
valueFrom:
|
|
secretKeyRef:
|
|
name: crowdsec-bouncer-api-key
|
|
key: api-key
|
|
ports:
|
|
web:
|
|
port: 8000
|
|
expose: true
|
|
exposedPort: 80
|
|
nodePort: 32080
|
|
websecure:
|
|
port: 8443
|
|
expose: true
|
|
exposedPort: 443
|
|
nodePort: 32443
|
|
tls:
|
|
enabled: true
|
|
certResolver: "letsencrypt"
|
|
service:
|
|
enabled: true
|
|
single: true
|
|
type: LoadBalancer
|
|
spec:
|
|
externalTrafficPolicy: Local
|
|
externalIPs:
|
|
- 192.168.0.50
|
|
- 192.168.0.51
|
|
- 192.168.0.52
|
|
- 192.168.0.53
|
|
persistence:
|
|
enabled: true
|
|
name: data
|
|
accessMode: ReadWriteMany
|
|
size: 1Gi
|
|
storageClass: longhorn
|
|
path: /data
|
|
#experimental:
|
|
# plugins:
|
|
# crowdsec-bouncer-traefik-plugin:
|
|
# moduleName: github.com/maxlerebourg/crowdsec-bouncer-traefik-plugin
|
|
# version: v1.4.6
|
|
#additionalArguments:
|
|
# - "--providers.kubernetescrd"
|
|
# - "--entrypoints.web.http.middlewares=crowdsec-bouncer@kubernetescrd"
|
|
# - "--entrypoints.websecure.http.middlewares=kube-system-crowdsec-bouncer@kubernetescrd"
|