2024-02-17 18:36:09 +01:00
|
|
|
deployment:
|
|
|
|
kind: DaemonSet
|
|
|
|
hostNetwork: true
|
|
|
|
ports:
|
|
|
|
web:
|
|
|
|
port: 80
|
|
|
|
redirectTo:
|
|
|
|
port: "websecure"
|
|
|
|
websecure:
|
|
|
|
port: 443
|
|
|
|
tls:
|
|
|
|
certResolver: "letsencrypt"
|
|
|
|
|
|
|
|
securityContext:
|
|
|
|
capabilities:
|
|
|
|
drop: [ALL]
|
|
|
|
add: [NET_BIND_SERVICE]
|
|
|
|
readOnlyRootFilesystem: true
|
|
|
|
runAsGroup: 0
|
|
|
|
runAsNonRoot: false
|
|
|
|
runAsUser: 0
|
|
|
|
|
|
|
|
service:
|
|
|
|
type: NodePort
|
|
|
|
ipFamilyPolicy: PreferDualStack
|
|
|
|
|
|
|
|
persistence:
|
|
|
|
enabled: true
|
2024-02-18 06:37:01 +01:00
|
|
|
accessMode: ReadWriteMany
|
2024-02-17 18:36:09 +01:00
|
|
|
|
|
|
|
certResolvers:
|
|
|
|
letsencrypt:
|
|
|
|
email: letsencrypt@ar21.de
|
|
|
|
tlsChallenge: true
|
|
|
|
httpChallenge:
|
|
|
|
entryPoint: "web"
|
|
|
|
storage: /data/acme.json
|
|
|
|
|
|
|
|
updateStrategy:
|
|
|
|
type: RollingUpdate
|
|
|
|
rollingUpdate:
|
|
|
|
maxUnavailable: 1
|
|
|
|
maxSurge: 0
|
|
|
|
|
|
|
|
ingressRoute:
|
|
|
|
dashboard:
|
|
|
|
matchRule: Host(`traefik.lab.ar21.de`)
|
|
|
|
entryPoints: ["traefik", "websecure"]
|
|
|
|
middlewares:
|
|
|
|
- name: basic-auth
|