k3s-cluster/cluster/apps/traefik/traefik-values.yaml

73 lines
1.6 KiB
YAML

additionalArguments:
- --certificatesresolvers.cloudflare.acme.dnschallenge.provider=cloudflare
- --certificatesresolvers.cloudflare.acme.email=seanomik@gmail.com
- --certificatesresolvers.cloudflare.acme.dnschallenge.resolvers=1.1.1.1
- --certificatesresolvers.cloudflare.acme.storage=/ssl-certs/acme-cloudflare.json
- --api.insecure
- --providers.kubernetesingress
logs:
general:
level: DEBUG
ports:
traefik:
port: 9000
expose: true
exposedPort: 9001
# The port protocol (TCP/UDP)
protocol: TCP
web:
expose: true
# (optional) Permanent Redirect to HTTPS
# redirectTo: websecure
websecure:
exposed: true
tls:
enabled: true
certResolver: cloudflare
metrics:
port: 9100
expose: true
exposedPort: 9100
protocol: TCP
env:
- name: CF_DNS_API_TOKEN
valueFrom:
secretKeyRef:
key: apiToken
name: cloudflare-credentials
# Disable Dashboard
ingressRoute:
dashboard:
enabled: true
# Persistent Storage
persistence:
enabled: true
name: ssl-certs
size: 1Gi
path: /ssl-certs
#deployment:
# initContainers:
# The "volume-permissions" init container is required if you run into permission issues.
# Related issue: https://github.com/containous/traefik/issues/6972
# - name: volume-permissions
# image: busybox:1.31.1
# command: ["sh", "-c", "chmod -Rv 600 /ssl-certs"]
# volumeMounts:
# - name: ssl-certs
# mountPath: /ssl-certs
# Set Traefik as your default Ingress Controller, according to Kubernetes 1.19+ changes.
ingressClass:
enabled: true
isDefaultClass: true
namespaceOverride: traefik