apiVersion: helm.toolkit.fluxcd.io/v2beta1 kind: HelmRelease metadata: name: traefik-helm namespace: traefik spec: interval: 5m chart: spec: chart: traefik version: '22.x.x' sourceRef: kind: HelmRepository name: traefik-charts namespace: flux-system interval: 1m # valuesFiles: # - ./traefik-values.yaml values: additionalArguments: - --certificatesresolvers.cloudflare.acme.dnschallenge.provider=cloudflare - --certificatesresolvers.cloudflare.acme.email=seanomik@gmail.com - --certificatesresolvers.cloudflare.acme.dnschallenge.resolvers=1.1.1.1 - --certificatesresolvers.cloudflare.acme.storage=/ssl-certs/acme-cloudflare.json - --api.insecure - --providers.kubernetesingress logs: general: level: DEBUG ports: web: expose: true exposedPort: 8080 # (optional) Permanent Redirect to HTTPS # redirectTo: websecure websecure: tls: exposed: true exposedPort: 8443 enabled: true certResolver: cloudflare env: - name: CF_DNS_API_TOKEN valueFrom: secretKeyRef: key: apiToken name: cloudflare-credentials # Disable Dashboard ingressRoute: dashboard: enabled: false # Persistent Storage persistence: enabled: true name: ssl-certs size: 1Gi path: /ssl-certs #deployment: # initContainers: # The "volume-permissions" init container is required if you run into permission issues. # Related issue: https://github.com/containous/traefik/issues/6972 # - name: volume-permissions # image: busybox:1.31.1 # command: ["sh", "-c", "chmod -Rv 600 /ssl-certs"] # volumeMounts: # - name: ssl-certs # mountPath: /ssl-certs # Set Traefik as your default Ingress Controller, according to Kubernetes 1.19+ changes. ingressClass: enabled: true isDefaultClass: true namespaceOverride: traefik