additionalArguments: - --certificatesresolvers.cloudflare.acme.dnschallenge.provider=cloudflare - --certificatesresolvers.cloudflare.acme.email=seanomik@gmail.com - --certificatesresolvers.cloudflare.acme.dnschallenge.resolvers=1.1.1.1 - --certificatesresolvers.cloudflare.acme.storage=/ssl-certs/acme-cloudflare.json - --api.insecure - --providers.kubernetesingress logs: general: level: DEBUG ports: traefik: port: 9000 expose: true exposedPort: 9001 # The port protocol (TCP/UDP) protocol: TCP web: port: 8000 expose: true exposedPort: 80 # (optional) Permanent Redirect to HTTPS # redirectTo: websecure protocol: TCP websecure: port: 8443 expose: true exposedPort: 443 protocol: TCP tls: enabled: true certResolver: cloudflare metrics: port: 9100 expose: true exposedPort: 9100 protocol: TCP service: enabled: true single: true type: LoadBalancer externalIPs: - 192.168.87.10 env: - name: CF_DNS_API_TOKEN valueFrom: secretKeyRef: key: apiToken name: cloudflare-credentials # Disable Dashboard ingressRoute: dashboard: enabled: true matchRule: Host(`k3st.***REMOVED***`) && (PathPrefix(`/dashboard`) || PathPrefix(`/api`)) entryPoints: ["traefik", "websecure"] # Persistent Storage persistence: enabled: true name: ssl-certs size: 1Gi path: /ssl-certs #deployment: # initContainers: # The "volume-permissions" init container is required if you run into permission issues. # Related issue: https://github.com/containous/traefik/issues/6972 # - name: volume-permissions # image: busybox:1.31.1 # command: ["sh", "-c", "chmod -Rv 600 /ssl-certs"] # volumeMounts: # - name: ssl-certs # mountPath: /ssl-certs # Set Traefik as your default Ingress Controller, according to Kubernetes 1.19+ changes. ingressClass: enabled: true isDefaultClass: true metrics: prometheus: entryPoint: metrics namespaceOverride: traefik