alexlebens/infrastructure
1
0
Fork 0
Code Issues 1 Pull Requests 4 Actions Activity
Files
01dfc0cc676d60ba8fc78a12b8fb218ea3de45ee
infrastructure/clusters/cl01tl/helm/traefik/values.yaml
Alex Lebens e4f8996477
All checks were successful
lint-test-helm / lint-helm (pull_request) Successful in 2m52s
Details
lint-test-helm / validate-kubeconform (pull_request) Successful in 6m32s
Details
render-manifests / render-manifests (pull_request) Successful in 4m3s
Details
feat: refactor apps
2026-04-07 19:43:43 -05:00

178 lines
4.2 KiB
YAML
Raw Blame History

traefik:
image:
registry: docker.io
repository: traefik
tag: v3.6.12@sha256:171c9c3565b29f6c133f1c1b43c5d4e5853415198e9e1078c001f8702ff66aec
deployment:
kind: DaemonSet
podDisruptionBudget:
enabled: true
minAvailable: 1
ingressClass:
enabled: false
gateway:
enabled: true
annotations:
cert-manager.io/cluster-issuer: letsencrypt-issuer
listeners:
web:
port: 8000
hostname: "*.alexlebens.net"
protocol: HTTP
namespacePolicy:
from: All
websecure:
port: 8443
hostname: "*.alexlebens.net"
protocol: HTTPS
namespacePolicy:
from: All
certificateRefs:
- group: ''
kind: Secret
name: websecure-gateway-cert
namespace: traefik
mode: Terminate
ssh:
port: 22
protocol: TCP
namespacePolicy:
from: All
allowedRoutes:
kinds:
- kind: TCPRoute
ingressRoute:
dashboard:
enabled: true
matchRule: (Host(`traefik-cl01tl.alexlebens.net`) && (PathPrefix(`/api/`) || PathPrefix(`/dashboard/`)))
entryPoints: ["websecure"]
updateStrategy:
type: RollingUpdate
rollingUpdate:
maxUnavailable: 1
maxSurge: 1
providers:
kubernetesCRD:
allowCrossNamespace: true
allowEmptyServices: true
kubernetesIngress:
enabled: false
kubernetesGateway:
enabled: true
experimentalChannel: true
statusAddress:
ip: 10.232.1.21
metrics:
prometheus:
service:
enabled: true
disableAPICheck: true
serviceMonitor:
enabled: true
prometheusRule:
enabled: true
rules:
- alert: TraefikDown
expr: up{job="traefik"} == 0
for: 5m
labels:
context: traefik
severity: warning
annotations:
summary: "Traefik Down"
description: "{{ $labels.pod }} on {{ $labels.nodename }} is down"
global:
checkNewVersion: false
ports:
traefik:
expose:
default: false
web:
port: 8000
expose:
default: true
exposedPort: 80
http:
redirections:
entryPoint:
to: websecure
scheme: https
permanent: true
forwardedHeaders:
trustedIPs:
- 10.0.0.0/8
- 172.16.0.0/16
- 192.168.0.0/16
- fc00::/7
proxyProtocol:
trustedIPs:
- 10.0.0.0/8
- 172.16.0.0/16
- 192.168.0.0/16
- fc00::/7
websecure:
port: 8443
expose:
default: true
exposedPort: 443
http:
# -- See
# -- [upstream documentation](https://doc.traefik.io/traefik/security/request-path/#encoded-character-filtering)
# -- [relevant issue] https://github.com/traefik/traefik/issues/12399
encodedCharacters:
allowEncodedSlash: true
allowEncodedBackSlash: true
allowEncodedNullCharacter: true
allowEncodedSemicolon: true
allowEncodedPercent: true
allowEncodedQuestionMark: true
allowEncodedHash: true
forwardedHeaders:
trustedIPs:
- 10.0.0.0/8
- 172.16.0.0/16
- 192.168.0.0/16
- fc00::/7
proxyProtocol:
trustedIPs:
- 10.0.0.0/8
- 172.16.0.0/16
- 192.168.0.0/16
- fc00::/7
ssh:
port: 22
expose:
default: true
exposedPort: 22
forwardedHeaders:
trustedIPs:
- 10.0.0.0/8
- 172.16.0.0/16
- 192.168.0.0/16
- fc00::/7
proxyProtocol:
trustedIPs:
- 10.0.0.0/8
- 172.16.0.0/16
- 192.168.0.0/16
- fc00::/7
metrics:
expose:
default: false
service:
enabled: true
type: LoadBalancer
externalIPs:
- 10.232.1.21
resources:
requests:
cpu: 10m
memory: 100Mi
traefik-crds:
enabled: true
traefik: true
gatewayAPI: false
gatewayAPIExperimental: true
hub: false
deleteOnUninstall: false
Reference in New Issue View Git Blame Copy Permalink