k3s-cluster/cluster/core/networking/traefik/helm-release.yaml

106 lines
2.6 KiB
YAML
Raw Normal View History

apiVersion: helm.toolkit.fluxcd.io/v2beta1
kind: HelmRelease
metadata:
2023-04-03 02:45:20 +00:00
name: traefik
namespace: traefik
spec:
interval: 5m
chart:
spec:
chart: traefik
2023-04-05 02:42:19 +00:00
version: '22.0.0'
sourceRef:
kind: HelmRepository
2023-04-02 18:26:12 +00:00
name: traefik-charts
namespace: flux-system
interval: 1m
2023-04-02 19:18:48 +00:00
values:
additionalArguments:
- --api.insecure
logs:
general:
level: DEBUG
2023-04-05 03:16:00 +00:00
providers:
kubernetesCRD:
enabled: true
allowCrossNamespace: false
allowExternalNameServices: false
allowEmptyServices: false
# ingressClass: traefik-internal
# labelSelector: environment=production,method=traefik
namespaces: []
# - "default"
kubernetesIngress:
enabled: true
allowExternalNameServices: false
allowEmptyServices: false
# ingressClass: traefik-internal
# labelSelector: environment=production,method=traefik
namespaces: []
# - "default"
# IP used for Kubernetes Ingress endpoints
publishedService:
enabled: false
# Published Kubernetes Service to copy status from. Format: namespace/servicename
# By default this Traefik service
# pathOverride: ""
service:
annotations:
metallb.universe.tf/allow-shared-ip: "main-ip-192.168.87.10"
spec:
loadBalancerIP: "192.168.87.10"
2023-04-02 19:18:48 +00:00
ports:
2023-04-03 02:45:20 +00:00
traefik:
port: 9000
expose: true
exposedPort: 9000
# The port protocol (TCP/UDP)
protocol: TCP
2023-04-02 19:18:48 +00:00
web:
2023-04-03 02:45:20 +00:00
port: 8000
2023-04-02 19:18:48 +00:00
expose: true
2023-04-03 02:45:20 +00:00
exposedPort: 80
2023-04-05 03:21:37 +00:00
redirectTo: websecure
2023-04-03 02:45:20 +00:00
protocol: TCP
2023-04-02 19:18:48 +00:00
websecure:
2023-04-03 02:45:20 +00:00
port: 8443
expose: true
exposedPort: 443
protocol: TCP
2023-04-02 19:18:48 +00:00
tls:
enabled: true
2023-04-10 23:57:41 +00:00
#certResolver: cloudflare
2023-04-03 02:45:20 +00:00
metrics:
port: 9100
expose: true
exposedPort: 9100
protocol: TCP
2023-04-02 19:18:48 +00:00
# Disable Dashboard
ingressRoute:
dashboard:
enabled: false
# annotations:
# cert-manager.io/cluster-issuer: "letsencrypt-production"
# entryPoints:
# - websecure
# middlewares:
# - traefik-authentik@kubernetescrd
# matchRule: Host(`traefik.${SECRET_DOMAIN}`) && (PathPrefix(`/dashboard`) || PathPrefix(`/api`))
2023-04-02 19:18:48 +00:00
# Set Traefik as your default Ingress Controller, according to Kubernetes 1.19+ changes.
ingressClass:
enabled: true
isDefaultClass: true
2023-04-03 02:45:20 +00:00
metrics:
prometheus:
entryPoint: metrics
2023-04-02 19:18:48 +00:00
namespaceOverride: traefik