This commit is contained in:
parent
3467a8fb01
commit
b5bcfff108
GPG key ID:
643004654D40D577
3 changed files with 71 additions and 15 deletions
|
|
@ -68,10 +68,8 @@ metadata:
|
||||||
name: example-ingress
|
name: example-ingress
|
||||||
namespace: example
|
namespace: example
|
||||||
#annotations:
|
#annotations:
|
||||||
# Use for Basic auth:
|
# Use for Basic auth:
|
||||||
#nginx.org/basic-auth-secret: example-basic-auth-secret
|
# traefik.ingress.kubernetes.io/router.middlewares: default-basic-auth@kubernetescrd
|
||||||
# Use the following annotation if the backend only speaks HTTPS (fill out the service name accordingly):
|
|
||||||
#nginx.org/ssl-services: "example-service"
|
|
||||||
spec:
|
spec:
|
||||||
rules:
|
rules:
|
||||||
- host: "example.apps.yolokube.de"
|
- host: "example.apps.yolokube.de"
|
||||||
|
|
@ -84,14 +82,3 @@ spec:
|
||||||
name: example-service
|
name: example-service
|
||||||
port:
|
port:
|
||||||
number: 80
|
number: 80
|
||||||
# Use for Basic auth:
|
|
||||||
#---
|
|
||||||
#kind: Secret
|
|
||||||
#metadata:
|
|
||||||
# name: example-basic-auth-secret
|
|
||||||
# namespace: example
|
|
||||||
#apiVersion: v1
|
|
||||||
#type: nginx.org/htpasswd
|
|
||||||
#stringData:
|
|
||||||
# htpasswd: |
|
|
||||||
#test:$apr1$2XMU6EMv$f1MJ7zxqTS079YsB7Z.CX/
|
|
||||||
20
traefik/basicauth.yaml
Normal file
20
traefik/basicauth.yaml
Normal file
|
|
@ -0,0 +1,20 @@
|
||||||
|
apiVersion: traefik.io/v1alpha1
|
||||||
|
kind: Middleware
|
||||||
|
metadata:
|
||||||
|
name: basic-auth
|
||||||
|
namespace: traefik
|
||||||
|
spec:
|
||||||
|
basicAuth:
|
||||||
|
secret: authsecret
|
||||||
|
---
|
||||||
|
apiVersion: v1
|
||||||
|
kind: Secret
|
||||||
|
metadata:
|
||||||
|
name: authsecret
|
||||||
|
namespace: traefik
|
||||||
|
data:
|
||||||
|
users: |2
|
||||||
|
YWFyb246JDJ5JDA1JEIyLlEuOS9lNFZFWHNub2UueXBqWU9raXlrbXJGMmhwQXBFN0NZYzJEUEly
|
||||||
|
MHBGSWRETzFPCnRvbTokMnkkMDUkQnNNN2Z2bWYzR3B1em5hazVPU2dyZTB4ODFLNC52eFVRTy9h
|
||||||
|
S1c1Y1k0Z21RT3p2c3NQTE8KYmFzdGk6JCRhcHIxJCRYYUdERnByYiQkTzlZMW9SaFROWTdVNWFh
|
||||||
|
NUxqM3dhMQo=
|
||||||
49
traefik/values.yaml
Normal file
49
traefik/values.yaml
Normal file
|
|
@ -0,0 +1,49 @@
|
||||||
|
deployment:
|
||||||
|
kind: DaemonSet
|
||||||
|
hostNetwork: true
|
||||||
|
ports:
|
||||||
|
web:
|
||||||
|
port: 80
|
||||||
|
redirectTo:
|
||||||
|
port: "websecure"
|
||||||
|
websecure:
|
||||||
|
port: 443
|
||||||
|
tls:
|
||||||
|
certResolver: "letsencrypt"
|
||||||
|
|
||||||
|
securityContext:
|
||||||
|
capabilities:
|
||||||
|
drop: [ALL]
|
||||||
|
add: [NET_BIND_SERVICE]
|
||||||
|
readOnlyRootFilesystem: true
|
||||||
|
runAsGroup: 0
|
||||||
|
runAsNonRoot: false
|
||||||
|
runAsUser: 0
|
||||||
|
|
||||||
|
service:
|
||||||
|
type: NodePort
|
||||||
|
ipFamilyPolicy: PreferDualStack
|
||||||
|
|
||||||
|
persistence:
|
||||||
|
enabled: true
|
||||||
|
|
||||||
|
certResolvers:
|
||||||
|
letsencrypt:
|
||||||
|
email: letsencrypt@ar21.de
|
||||||
|
tlsChallenge: true
|
||||||
|
httpChallenge:
|
||||||
|
entryPoint: "web"
|
||||||
|
storage: /data/acme.json
|
||||||
|
|
||||||
|
updateStrategy:
|
||||||
|
type: RollingUpdate
|
||||||
|
rollingUpdate:
|
||||||
|
maxUnavailable: 1
|
||||||
|
maxSurge: 0
|
||||||
|
|
||||||
|
ingressRoute:
|
||||||
|
dashboard:
|
||||||
|
matchRule: Host(`traefik.lab.ar21.de`)
|
||||||
|
entryPoints: ["traefik", "websecure"]
|
||||||
|
middlewares:
|
||||||
|
- name: basic-auth
|
||||||
Loading…
Reference in a new issue