68 lines
1.5 KiB
YAML
Executable File
68 lines
1.5 KiB
YAML
Executable File
|
|
deployment:
|
|
initContainers:
|
|
- name: volume-permissions
|
|
image: busybox:stable@sha256:5eef5ed34e1e1ff0a4ae850395cbf665c4de6b4b83a32a0bc7bcb998e24e7bbb
|
|
command: ["sh", "-c", "touch /data/acme.json; chown 65532:65532 /data/acme.json; chmod -v 600 /data/acme.json; chown -R 65532:65532 /var/log/traefik"]
|
|
securityContext:
|
|
runAsNonRoot: false
|
|
runAsGroup: 0
|
|
runAsUser: 0
|
|
volumeMounts:
|
|
- name: data
|
|
mountPath: /data
|
|
- name: access-log
|
|
mountPath: /var/log/traefik
|
|
additionalVolumes:
|
|
- name: access-log
|
|
hostPath:
|
|
path: /var/log/traefik/
|
|
certResolvers:
|
|
letsencrypt:
|
|
email: namesny.matus@gmail.com
|
|
dnsChallenge:
|
|
provider: cloudflare
|
|
delayBeforeCheck: 30
|
|
resolvers:
|
|
- 1.1.1.1
|
|
- 8.8.8.8
|
|
storage: /data/acme.json
|
|
envFrom:
|
|
- secretRef:
|
|
name: traefik-cf-secret
|
|
additionalVolumeMounts:
|
|
- name: access-log
|
|
mountPath: /var/log/traefik/
|
|
logs:
|
|
access:
|
|
enabled: true
|
|
filePath: /var/log/traefik/access.log
|
|
ingressRoute:
|
|
dashboard:
|
|
enabled: true
|
|
matchRule: Host(`traefik.namesny.com`)
|
|
entryPoints: ["websecure"]
|
|
middlewares:
|
|
- name: "auth-authelia@kubernetescrd"
|
|
providers:
|
|
kubernetesCRD:
|
|
allowCrossNamespace: true
|
|
persistence:
|
|
enabled: true
|
|
storageClass: retain-local-path
|
|
ports:
|
|
websecure:
|
|
tls:
|
|
enabled: true
|
|
certResolver: letsencrypt
|
|
domains:
|
|
- main: namesny.com
|
|
sans:
|
|
- "*.namesny.com"
|
|
web:
|
|
redirectTo:
|
|
port: websecure
|
|
service:
|
|
spec:
|
|
externalTrafficPolicy: Local
|