68 lines
1.5 KiB
YAML
68 lines
1.5 KiB
YAML
|
|
||
|
deployment:
|
||
|
initContainers:
|
||
|
- name: volume-permissions
|
||
|
image: busybox:latest
|
||
|
command: ["sh", "-c", "rm /data/acme.json; touch /data/acme.json; chown 65532:65532 /data/acme.json; chmod -v 600 /data/acme.json; chown -R 65532:65532 /var/log/traefik"]
|
||
|
securityContext:
|
||
|
runAsNonRoot: false
|
||
|
runAsGroup: 0
|
||
|
runAsUser: 0
|
||
|
volumeMounts:
|
||
|
- name: data
|
||
|
mountPath: /data
|
||
|
- name: access-log
|
||
|
mountPath: /var/log/traefik
|
||
|
additionalVolumes:
|
||
|
- name: access-log
|
||
|
hostPath:
|
||
|
path: /var/log/traefik/
|
||
|
certResolvers:
|
||
|
letsencrypt:
|
||
|
email: namesny.matus@gmail.com
|
||
|
dnsChallenge:
|
||
|
provider: cloudflare
|
||
|
delayBeforeCheck: 30
|
||
|
resolvers:
|
||
|
- 1.1.1.1
|
||
|
- 8.8.8.8
|
||
|
storage: /data/acme.json
|
||
|
envFrom:
|
||
|
- secretRef:
|
||
|
name: traefik-cf-secret
|
||
|
additionalVolumeMounts:
|
||
|
- name: access-log
|
||
|
mountPath: /var/log/traefik/
|
||
|
logs:
|
||
|
access:
|
||
|
enabled: true
|
||
|
filePath: /var/log/traefik/access.log
|
||
|
ingressRoute:
|
||
|
dashboard:
|
||
|
enabled: true
|
||
|
matchRule: Host(`traefik.namesny.com`)
|
||
|
entryPoints: ["websecure"]
|
||
|
middlewares:
|
||
|
- name: "auth-authelia@kubernetescrd"
|
||
|
providers:
|
||
|
kubernetesCRD:
|
||
|
allowCrossNamespace: true
|
||
|
persistence:
|
||
|
enabled: true
|
||
|
storageClass: retain-local-path
|
||
|
ports:
|
||
|
websecure:
|
||
|
tls:
|
||
|
enabled: true
|
||
|
certResolver: letsencrypt
|
||
|
domains:
|
||
|
- main: namesny.com
|
||
|
sans:
|
||
|
- "*.namesny.com"
|
||
|
web:
|
||
|
redirectTo:
|
||
|
port: websecure
|
||
|
service:
|
||
|
spec:
|
||
|
externalTrafficPolicy: Local
|