Merge branch 'main' of https://github.com/illiumst/kubedeploy
This commit is contained in:
@ -3,37 +3,18 @@ kind: IngressRoute
|
||||
metadata:
|
||||
name: adguard-ui
|
||||
namespace: adguard
|
||||
labels:
|
||||
local: "true"
|
||||
spec:
|
||||
entryPoints:
|
||||
- web
|
||||
- websecure
|
||||
- web-front
|
||||
- websecure-front
|
||||
- web-local
|
||||
- websecure-local
|
||||
routes:
|
||||
- match: Host(`adguard.steffenillium.de`) || Host(`dns.steffenillium.de`)
|
||||
kind: Rule
|
||||
services:
|
||||
- name: adguard-service
|
||||
port: 80
|
||||
---
|
||||
apiVersion: traefik.io/v1alpha1
|
||||
kind: IngressRoute
|
||||
metadata:
|
||||
name: adguard-ui-front
|
||||
namespace: adguard
|
||||
labels:
|
||||
expose: "true"
|
||||
spec:
|
||||
entryPoints:
|
||||
- websecure
|
||||
routes:
|
||||
- match: Host(`adguard.steffenillium.de`)
|
||||
kind: Rule
|
||||
# middlewares:
|
||||
# - name: authentik-middleware
|
||||
services:
|
||||
- name: adguard-service
|
||||
port: 80
|
||||
port: http
|
||||
---
|
||||
|
||||
apiVersion: traefik.io/v1alpha1
|
||||
@ -41,14 +22,13 @@ kind: IngressRoute
|
||||
metadata:
|
||||
name: adguard-ui-init
|
||||
namespace: adguard
|
||||
labels:
|
||||
local: "true"
|
||||
spec:
|
||||
entryPoints:
|
||||
- web
|
||||
- web-local
|
||||
- websecure-local
|
||||
routes:
|
||||
- match: Host(`adguard-init.steffenillium.de`)
|
||||
kind: Rule
|
||||
services:
|
||||
- name: adguard-service
|
||||
port: 3000
|
||||
port: http-initial
|
||||
|
||||
@ -9,15 +9,15 @@ spec:
|
||||
ports:
|
||||
- protocol: TCP
|
||||
port: 3000
|
||||
targetPort: 3000
|
||||
targetPort: http-initial
|
||||
name: http-initial
|
||||
- protocol: TCP
|
||||
port: 80
|
||||
targetPort: 80
|
||||
targetPort: http
|
||||
name: http
|
||||
- protocol: UDP
|
||||
port: 53
|
||||
targetPort: 53
|
||||
targetPort: dns
|
||||
name: dns
|
||||
type: LoadBalancer
|
||||
loadBalancerIP: 192.168.178.101
|
||||
|
||||
@ -20,9 +20,11 @@ spec:
|
||||
- image: gitea/gitea:latest
|
||||
name: gitea
|
||||
ports:
|
||||
- containerPort: 3000
|
||||
- name: http
|
||||
containerPort: 3000
|
||||
protocol: TCP
|
||||
- containerPort: 22
|
||||
- name: ssh
|
||||
containerPort: 22
|
||||
protocol: TCP
|
||||
resources: {}
|
||||
volumeMounts:
|
||||
|
||||
@ -3,16 +3,15 @@ kind: IngressRoute
|
||||
metadata:
|
||||
name: gitea
|
||||
namespace: gitea
|
||||
labels:
|
||||
expose: "true"
|
||||
local: "true"
|
||||
spec:
|
||||
entryPoints:
|
||||
- web
|
||||
- websecure
|
||||
- web-front
|
||||
- websecure-front
|
||||
- web-local
|
||||
- websecure-local
|
||||
routes:
|
||||
- match: Host(`gitea.steffenillium.de`)
|
||||
kind: Rule
|
||||
services:
|
||||
- name: gitea
|
||||
port: 80
|
||||
port: http
|
||||
|
||||
@ -6,12 +6,12 @@ metadata:
|
||||
name: gitea
|
||||
spec:
|
||||
ports:
|
||||
- name: web
|
||||
- name: http
|
||||
port: 80
|
||||
targetPort: 3000
|
||||
targetPort: http
|
||||
- name: ssh
|
||||
port: 22
|
||||
targetPort: 22
|
||||
targetPort: ssh
|
||||
selector:
|
||||
app: gitea
|
||||
status:
|
||||
|
||||
@ -2,13 +2,10 @@ apiVersion: traefik.io/v1alpha1
|
||||
kind: IngressRoute
|
||||
metadata:
|
||||
name: kubernetes-dashboard
|
||||
labels:
|
||||
expose: "false"
|
||||
local: "true"
|
||||
spec:
|
||||
entryPoints:
|
||||
- web
|
||||
- websecure
|
||||
- web-local
|
||||
- websecure-local
|
||||
routes:
|
||||
- match: Host(`kubernetes-dashboard.steffenillium.de`)
|
||||
kind: Rule
|
||||
|
||||
@ -6,6 +6,6 @@ spec:
|
||||
ports:
|
||||
- name: http
|
||||
port: 80
|
||||
targetPort: 80
|
||||
targetPort: http
|
||||
selector:
|
||||
app: nextcloud-app
|
||||
|
||||
@ -3,13 +3,12 @@ kind: IngressRoute
|
||||
metadata:
|
||||
name: nextcloud-ingress
|
||||
namespace: nextcloud
|
||||
labels:
|
||||
expose: "true"
|
||||
local: "true"
|
||||
spec:
|
||||
entryPoints:
|
||||
- web
|
||||
- websecure
|
||||
- web-front
|
||||
- websecure-front
|
||||
- web-local
|
||||
- websecure-local
|
||||
routes:
|
||||
- match: Host(`newcloud.steffenillium.de`)
|
||||
kind: Rule
|
||||
|
||||
@ -71,7 +71,8 @@ spec:
|
||||
name: nextcloud-secret
|
||||
key: MYSQL_PASSWORD
|
||||
ports:
|
||||
- containerPort: 80
|
||||
- name: http
|
||||
containerPort: 80
|
||||
protocol: TCP
|
||||
resources: {}
|
||||
volumeMounts:
|
||||
|
||||
@ -3,30 +3,26 @@ kind: IngressRoute
|
||||
metadata:
|
||||
name: paperless-ingress
|
||||
namespace: paperless
|
||||
labels:
|
||||
local: "true"
|
||||
spec:
|
||||
entryPoints:
|
||||
- web
|
||||
- websecure
|
||||
- web-local
|
||||
- websecure-local
|
||||
routes:
|
||||
- match: Host(`documents.steffenillium.de`)
|
||||
kind: Rule
|
||||
services:
|
||||
- name: paperless-service
|
||||
port: 8000
|
||||
port: http
|
||||
---
|
||||
apiVersion: traefik.io/v1alpha1
|
||||
kind: IngressRoute
|
||||
metadata:
|
||||
name: paperless-ingress-front
|
||||
namespace: paperless
|
||||
labels:
|
||||
expose: "true"
|
||||
spec:
|
||||
entryPoints:
|
||||
- web
|
||||
- websecure
|
||||
- web-front
|
||||
- websecure-front
|
||||
routes:
|
||||
- match: Host(`documents.steffenillium.de`)
|
||||
kind: Rule
|
||||
@ -35,4 +31,4 @@ spec:
|
||||
# namespace: authentik
|
||||
services:
|
||||
- name: paperless-service
|
||||
port: 8000
|
||||
port: http
|
||||
@ -7,8 +7,8 @@ metadata:
|
||||
spec:
|
||||
ports:
|
||||
- name: http
|
||||
port: 8000
|
||||
targetPort: 8000
|
||||
port: 80
|
||||
targetPort: http
|
||||
selector:
|
||||
app: paperless-webserver
|
||||
status:
|
||||
|
||||
@ -43,7 +43,8 @@ spec:
|
||||
- image: ghcr.io/paperless-ngx/paperless-ngx:latest
|
||||
name: paperless-webserver
|
||||
ports:
|
||||
- containerPort: 8000
|
||||
- name: http
|
||||
containerPort: 8000
|
||||
protocol: TCP
|
||||
resources: {}
|
||||
volumeMounts:
|
||||
|
||||
@ -4,7 +4,6 @@ kind: Kustomization
|
||||
namespace: paperless
|
||||
|
||||
resources:
|
||||
- networking
|
||||
- base/paperless-secret-sealed.yaml
|
||||
- base/paperless-ingress.yaml
|
||||
- base/paperless-service.yaml
|
||||
|
||||
@ -3,13 +3,12 @@ kind: IngressRoute
|
||||
metadata:
|
||||
name: vaultwarden-ingress
|
||||
namespace: vaultwarden
|
||||
labels:
|
||||
expose: "true"
|
||||
local: "true"
|
||||
spec:
|
||||
entryPoints:
|
||||
- web
|
||||
- websecure
|
||||
- web-front
|
||||
- websecure-front
|
||||
- web-local
|
||||
- websecure-local
|
||||
routes:
|
||||
- match: Host(`vault.steffenillium.de`)
|
||||
kind: Rule
|
||||
|
||||
@ -3,13 +3,10 @@ kind: IngressRoute
|
||||
metadata:
|
||||
name: argocd-ui
|
||||
namespace: argocd
|
||||
labels:
|
||||
expose: "false"
|
||||
local: "true"
|
||||
spec:
|
||||
entryPoints:
|
||||
- web
|
||||
- websecure
|
||||
- web-local
|
||||
- websecure-local
|
||||
routes:
|
||||
- match: Host(`argocd.steffenillium.de`)
|
||||
kind: Rule
|
||||
|
||||
@ -1,8 +0,0 @@
|
||||
apiVersion: metallb.io/v1beta1
|
||||
kind: IPAddressPool
|
||||
metadata:
|
||||
name: front-pool
|
||||
spec:
|
||||
addresses:
|
||||
- 82.165.0.71/32
|
||||
autoAssign: false
|
||||
@ -4,4 +4,4 @@ metadata:
|
||||
name: local-pool
|
||||
spec:
|
||||
addresses:
|
||||
- 192.168.178.101-192.168.178.105
|
||||
- 192.168.178.100-192.168.178.110
|
||||
|
||||
@ -6,6 +6,12 @@ namespace: metallb-system
|
||||
resources:
|
||||
- base/01-metallb-advert.yaml
|
||||
- base/01-metallb-pool-local.yaml
|
||||
- base/01-metallb-pool-front.yaml
|
||||
|
||||
- github.com/metallb/metallb/config/native?ref=v0.14.4
|
||||
|
||||
# configMapGenerator:
|
||||
# - name: config
|
||||
# literals:
|
||||
# - lb-class=metallb
|
||||
|
||||
# generatorOptions:
|
||||
# disableNameSuffixHash: true
|
||||
|
||||
@ -1,10 +1,11 @@
|
||||
apiVersion: kustomize.config.k8s.io/v1beta1
|
||||
kind: Kustomization
|
||||
resources:
|
||||
- apps-adguard copy 3.yaml
|
||||
- apps-adguard.yaml
|
||||
- apps-gitea.yaml
|
||||
- apps-newcloud.yaml
|
||||
- apps-nextcloud.yaml
|
||||
- apps-paperless.yaml
|
||||
- apps-vaultwarden.yaml
|
||||
- infrastructure-traefik.yaml
|
||||
- infrastructure-secrets.yaml
|
||||
- projects-website.yaml
|
||||
|
||||
31
infrastructure/03-traefik/base/cert/ionos-secret-sealed.yaml
Normal file
31
infrastructure/03-traefik/base/cert/ionos-secret-sealed.yaml
Normal file
@ -0,0 +1,31 @@
|
||||
{
|
||||
"kind": "SealedSecret",
|
||||
"apiVersion": "bitnami.com/v1alpha1",
|
||||
"metadata": {
|
||||
"name": "ionos-secret",
|
||||
"namespace": "traefik",
|
||||
"creationTimestamp": null,
|
||||
"annotations": {
|
||||
"sealedsecrets.bitnami.com/namespace-wide": "true"
|
||||
}
|
||||
},
|
||||
"spec": {
|
||||
"template": {
|
||||
"metadata": {
|
||||
"name": "ionos-secret",
|
||||
"namespace": "traefik",
|
||||
"creationTimestamp": null,
|
||||
"annotations": {
|
||||
"sealedsecrets.bitnami.com/namespace-wide": "true"
|
||||
}
|
||||
},
|
||||
"type": "Opaque"
|
||||
},
|
||||
"encryptedData": {
|
||||
"IONOS_API_KEY": "AgCxvGIrvr67T1Ey/ZqrdXXHGkJV7RNQINPf/NoIKy/FnrgmH+z6ivHNoGkBP/7gjRIrkKDz3IF8RFHMcGjDDUOYrSEZEZCNGkloJO7ZQnQwzi/qGfrJYlh2UDab+VO8L3NLCphMm+XnxwG28fINxU54B8uQE01DsvNCohmlrnW4C4YAY4ekkl1qI51mybgLRuE3pzOPQWsY9gwH70QKXYKPd1nQXa0RDYv97hq7D3tDrrpXAQrvuFzisCQpShnRCYpMaA/Oftk0yazjbxzX0uUBLS5ej/eOwxCn8fVWZoqdVx15TOvJkYEdFeqWeSZH8naorUuALnW6GRovfuAGKUiRj7mmgVEwKCWmPf7dxi/WSAA/1YXrPp7wIeAzVI5Svw/hbjQmUBm/Ze5zwpPBSOX7QURnbLaUk6F3gf2oaWiuFIC8zlmBQBAQLSBogg5JhTk1r+yZHd8/JpTD22isIpr1Y8nZLXxbI197fXNaWeMwQN0kFJ+XTxYXrZN9mClz8FjlckuENMsqSQ3ukSpbk9Hu7dgxWbdJg++x6b0/WGdYn9R9SK2SJ7+AAM3qTRyl9Sxb/BHt1QPnZEWPo69bq6dLgNQ5ZkmeaDBBbvsWssXWRXdUkYTAD6ZKmqLcJRAT0SIl+FFMPdaBcExqgSato826uCwtXDyFqcF9IH4Nnq9/wzaPUnDsiovZlTsF8DyYIAQftLVn06gVhQTX3LdyiZQtqQQEPAVVo3Iehs+LxolG7q2eVgdupOYxBkCCnETtfxcdWlVuHa/NCgpYo5k7tJCDpxNyIJc7qK2Fgk8XulTlCE+478X6twRzJzYYO0XUfhiwgtSB6g8ctRoB3Fjymax3qlZAplloLw==",
|
||||
"IONOS_MAIL": "AgAJbu1GfJNVmkN+bZsUoyAQT3ezccnH5BG86Ga+R9yYpdFBqLBY9oXDwyqF4mkrFai85UhHwUqXNckir9QE0MlH5ljj5RlWgmybrQ1O40f8+xktqrmcbsDFasLE1+/trtqXDPWr97k/+QYWuPefEdWFHBu7J/H6AWSExTKy5kGz+DFIu0M/uNWh1P0VWtAsDce/xM5lFCSy7udR1zFF/MBOW0Fos8qNv9oC2kYn811nweiIZ/JXuak78es9LpzuhA/giBVwZFpBCxGrrIhCMRYleE+QMYWxMdF4wWATYYM238nosNDZ0XoT6p2qokKAeLeCJ+l8Hv4ROn04uc5n9yrnCKucKsUVE7O2rA0600q3ockV91CM0N5DHm4WXKFqSV7fi1BndpeDKtx/bWINC+fOfFjwTdMvbF2NtH8U/Ng2jQEP15ftwnRTPwQaJEuVn/gAAZ0gMHcqxEU/3yGjwMnuDqg9cCyKTpyLxeReDdeU8nAHmawylmlpFl6f1SuO0NYkUbFf4JHg06DIasPZcmY5g7mmVVaAqHQx3u4DTS+ewmtixn/dAFh5w+8AXgQHDsrjXO9cKmksLD87PbIPR/sHwHlmfqg3PVQ/BEDR8VAWhCJREVUbCvArK91Z4eiOehLbFAlXs7qb/J/lLo8+14mnyIC05q+m9vbRurdf5odJVMLCssoHp7E2Uhr1SntI9xuf/U1qHspvPn+95kJOBiJNGi0djVOXnk4=",
|
||||
"PREFIX": "AgC4uYl2bPGcIt3rtlTPMFbdqIL+hLMqGGqk7V9rMtc7DndKcREn34coxU/q9TbccBYnFpNUYuuRIzX9KckIUPBzd/3AvueoM64kaVb7uqa0BHPi2RVAKxVvEbCcDLOD+9K/rdDVBugAEcTUSWMJGkVT7E6lnxi0bpTRmnpd0kg/8kXfg/mszQmQwCfvkFRjKAjcSiQ4w4y3TlVdDkMaQ3oaXEwMTX8o8K6hK8L29RXyu/YrMrLrL7KPecEl6/ueb9JO2rRxO3Lo9tZ+z69Ex9NkhIin9Ry6qpersfQHLRz3RXo18wMtkBEHK6g9OML69eRxv5A5+Hu4L0ryZhk66B2ao/578xNo70yVPTEs09JwQsj+jHm6AVCybve1TNhnaR/3MoJP1Z4CYnwdazH/d3rIiiMip+5knPkD0FhgCJXQ1I552KtHiNBKkxtHb5oTO8+yq59NrR4FoVv2LJRXljtaIhNVcmTIIvujicbSJpUxoRNTXs4vhXa18YysI1R8+Q4V0U4mgqotdzdIiLCkn0r2kJlwURJLB6NKOgOhYzNnS1pP4VoO6ZJbcEJzbf0hicinQs/gDMceBO5vJEFS8qw+Ec+w2GOdxPWWQYiXSIZlOK7gmJYM5knUpJBy13E46Zjj966sg9PvlPSsXA/x1LGkFA8jR6gylFqoB2LjpKTGdc4xP2U49v6jiFNqlcU1YI2UQ/b7J3lfPe04nLReCkwWsycbLNJ7bEDJoBt0LkQEzw==",
|
||||
"SECRET": "AgCrj+z7/noAdrQebEV2HNKz2c3QFSNRmKBHrlO0r2GK5w3RsHaspo1kIKsvxVK6O2XU+AlVG3mhZ/45nS/5mKrKqfbaB9bE8vXLe20ZEueUMQniwCsW+xehhQgf5AfSO7IRyDHsI9H7TeJl6YaMQAokoaRpXLCPC/uAfr+c+G4nDV5bIBJcYyjABwHGabdBFsBb81HJgxpa+knTQk9VRfPq5nagOiPtGTGiZyNCkObmmGzhxuj2wKtzSTT/kmmfn4HpVrmDP6VnupfAhP5w8/uTpVLHAkFaLqLjUbHGlppnET/qtI9Rv5O4QwEcDB8AERF/vqpZMVEhrNh03jcWgazWAPdU7OmvGaIou9kXWJMvYGQoPjqDFPmdAj2XJZcrD6h2KAROe63Xd0fYZDAAua35gAD3Dc4OrUhVwjDj1Lexnw6pmz+9LLGPzHqZnjkTv4ayooaml0tqKzkhVzoLFOo2HzZMZCOcIyowL7OXcZEK1lqJtfCdixtvK9dTD4p9Yjmd5Q65kAOttwWc23Y0YrJi7dRFs/JPYbd3Mo1E6jsxJy4fpNYhCeDDjOfqdG8t4saOq5kF/v+KFpgDTvnv+aRmP5tR5svOcamF6rkgXTUK3ntssFrimI0My/brecAnA3S6448RxbFf7FR9CToWfRF7UORyK+WIk5V+xJIKEQjlOCoiKIPLkxECzvfCxtxDDnRChK3n6+3QCvNyK0siMmmXKbf2mNN5peTdUA89AzUHcc3nWh1OuK779LmUxAKmRehg1DdX7Ggvrgt5zzbnQl4XiZVUL9SeNLDuYKu7BXFvSMhUuPlE+A=="
|
||||
}
|
||||
}
|
||||
}
|
||||
22
infrastructure/03-traefik/base/crds/kustomization.yaml
Normal file
22
infrastructure/03-traefik/base/crds/kustomization.yaml
Normal file
@ -0,0 +1,22 @@
|
||||
apiVersion: kustomize.config.k8s.io/v1beta1
|
||||
kind: Kustomization
|
||||
resources:
|
||||
- traefik.containo.us_ingressroutes.yaml
|
||||
- traefik.containo.us_ingressroutetcps.yaml
|
||||
- traefik.containo.us_ingressrouteudps.yaml
|
||||
- traefik.containo.us_middlewares.yaml
|
||||
- traefik.containo.us_middlewaretcps.yaml
|
||||
- traefik.containo.us_serverstransports.yaml
|
||||
- traefik.containo.us_tlsoptions.yaml
|
||||
- traefik.containo.us_tlsstores.yaml
|
||||
- traefik.containo.us_traefikservices.yaml
|
||||
- traefik.io_ingressroutes.yaml
|
||||
- traefik.io_ingressroutetcps.yaml
|
||||
- traefik.io_ingressrouteudps.yaml
|
||||
- traefik.io_middlewares.yaml
|
||||
- traefik.io_middlewaretcps.yaml
|
||||
- traefik.io_serverstransports.yaml
|
||||
- traefik.io_serverstransporttcps.yaml
|
||||
- traefik.io_tlsoptions.yaml
|
||||
- traefik.io_tlsstores.yaml
|
||||
- traefik.io_traefikservices.yaml
|
||||
@ -22,29 +22,49 @@ spec:
|
||||
spec:
|
||||
containers:
|
||||
- resources: {}
|
||||
name: traefik
|
||||
args:
|
||||
- --global.sendanonymoususage=false
|
||||
- --global.checknewversion=false
|
||||
- --entrypoints.smb-udp137.address=:137/udp
|
||||
- --entrypoints.smb-udp138.address=:138/udp
|
||||
- --entrypoints.smb-tcp139.address=:139/tcp
|
||||
- --entrypoints.smb-tcp445.address=:445/tcp
|
||||
- --entrypoints.dns.address=:53/udp
|
||||
- --entrypoints.metrics.address=:9100/tcp
|
||||
- --entrypoints.traefik.address=:9000/tcp
|
||||
- --entrypoints.web.address=:8000/tcp
|
||||
- --entrypoints.websecure.address=:8443/tcp
|
||||
- --entrypoints.dns.address=:53/udp
|
||||
|
||||
- --entrypoints.web-local.address=:80/tcp
|
||||
- --entrypoints.web-local.transport.respondingTimeouts.readTimeout=300
|
||||
- --entrypoints.web-local.transport.respondingTimeouts.idleTimeout=0
|
||||
|
||||
- --entrypoints.websecure-local.address=:443/tcp
|
||||
- --entrypoints.websecure-local.http.middlewares=traefik-default-headers
|
||||
- --entrypoints.websecure-local.http.tls=true
|
||||
- --entrypoints.websecure-local.transport.respondingTimeouts.readTimeout=300
|
||||
- --entrypoints.websecure-local.transport.respondingTimeouts.idleTimeout=0
|
||||
|
||||
- --entrypoints.web-front.address=:8000/tcp
|
||||
- --entrypoints.web-front.transport.respondingTimeouts.readTimeout=300
|
||||
- --entrypoints.web-front.transport.respondingTimeouts.idleTimeout=0
|
||||
#- --entrypoints.web-front.http.redirections.entryPoint.to=websecure-front
|
||||
#- --entrypoints.web-front.http.redirections.entryPoint.scheme=https
|
||||
|
||||
- --entrypoints.websecure-front.address=:8443/tcp
|
||||
- --entrypoints.websecure-front.http.middlewares=traefik-default-headers
|
||||
- --entrypoints.websecure-front.http.tls=true
|
||||
- --entrypoints.websecure-front.transport.respondingTimeouts.readTimeout=300
|
||||
- --entrypoints.websecure-front.transport.respondingTimeouts.idleTimeout=0
|
||||
|
||||
- --certificatesResolvers.default.acme.caServer=https://acme-staging-v02.api.letsencrypt.org/directory
|
||||
- --certificatesResolvers.default.acme.email=steffen.illium@gmail.com
|
||||
- --certificatesResolvers.default.acme.dnsChallenge.provider=ionos
|
||||
- --certificatesResolvers.default.acme.storage=/certs/acme.json
|
||||
|
||||
- --api.dashboard=true
|
||||
- --ping=true
|
||||
- --metrics.prometheus=true
|
||||
- --metrics.prometheus.entrypoint=metrics
|
||||
- --providers.kubernetescrd
|
||||
- --providers.kubernetescrd.labelSelector=local=true
|
||||
# - --providers.kubernetescrd.labelSelector=local=true
|
||||
- --providers.kubernetescrd.allowExternalNameServices=true
|
||||
- --entrypoints.websecure.http.middlewares=traefik-default-headers
|
||||
- --entrypoints.websecure.http.tls=true
|
||||
- --entrypoints.websecure.http.tls.certResolver=default
|
||||
- --log.level=WARN
|
||||
|
||||
- --accesslog=true
|
||||
- --accesslog.fields.defaultmode=keep
|
||||
- --accesslog.fields.headers.defaultmode=drop
|
||||
@ -59,6 +79,11 @@ spec:
|
||||
valueFrom:
|
||||
fieldRef:
|
||||
fieldPath: metadata.namespace
|
||||
- name: IONOS_API_KEY
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: ionos-secret
|
||||
key: IONOS_API_KEY
|
||||
image: docker.io/traefik:latest
|
||||
imagePullPolicy: IfNotPresent
|
||||
livenessProbe:
|
||||
@ -71,10 +96,7 @@ spec:
|
||||
periodSeconds: 10
|
||||
successThreshold: 1
|
||||
timeoutSeconds: 2
|
||||
name: traefik
|
||||
ports:
|
||||
- containerPort: 445
|
||||
name: smb
|
||||
- containerPort: 53
|
||||
name: dns
|
||||
protocol: UDP
|
||||
@ -84,11 +106,17 @@ spec:
|
||||
- containerPort: 9000
|
||||
name: traefik
|
||||
protocol: TCP
|
||||
- containerPort: 80
|
||||
name: web-local
|
||||
protocol: TCP
|
||||
- containerPort: 443
|
||||
name: websecure-local
|
||||
protocol: TCP
|
||||
- containerPort: 8000
|
||||
name: web
|
||||
name: web-front
|
||||
protocol: TCP
|
||||
- containerPort: 8443
|
||||
name: websecure
|
||||
name: websecure-front
|
||||
protocol: TCP
|
||||
readinessProbe:
|
||||
failureThreshold: 1
|
||||
@ -103,15 +131,19 @@ spec:
|
||||
securityContext:
|
||||
allowPrivilegeEscalation: false
|
||||
capabilities:
|
||||
drop:
|
||||
- ALL
|
||||
add:
|
||||
- NET_BIND_SERVICE
|
||||
readOnlyRootFilesystem: true
|
||||
volumeMounts:
|
||||
- mountPath: /data
|
||||
name: data
|
||||
- mountPath: /tmp
|
||||
name: tmp
|
||||
hostNetwork: false
|
||||
- mountPath: /certs
|
||||
name: traefik-pvc
|
||||
subPath: certs
|
||||
- mountPath: /data
|
||||
name: traefik-pvc
|
||||
subPath: data
|
||||
- mountPath: /tmp
|
||||
name: traefik-pvc
|
||||
subPath: tmp
|
||||
securityContext:
|
||||
fsGroupChangePolicy: OnRootMismatch
|
||||
runAsGroup: 65532
|
||||
@ -120,8 +152,7 @@ spec:
|
||||
serviceAccountName: traefik
|
||||
terminationGracePeriodSeconds: 60
|
||||
volumes:
|
||||
- emptyDir: {}
|
||||
name: data
|
||||
- emptyDir: {}
|
||||
name: tmp
|
||||
- name: traefik-pvc
|
||||
persistentVolumeClaim:
|
||||
claimName: traefik-pvc
|
||||
|
||||
|
||||
@ -1,12 +1,14 @@
|
||||
apiVersion: kustomize.config.k8s.io/v1beta1
|
||||
kind: Kustomization
|
||||
|
||||
namespace: traefik
|
||||
|
||||
resources:
|
||||
# Deployment
|
||||
- cert
|
||||
- crds
|
||||
- deployment-traefik.yaml
|
||||
# Objects
|
||||
- traefik-service.yaml
|
||||
- networking
|
||||
- security
|
||||
|
||||
|
||||
- traefik-middleware-default-headers.yaml
|
||||
- traefik-namespace.yaml
|
||||
- traefik-pvc.yaml
|
||||
|
||||
@ -1,5 +1,6 @@
|
||||
apiVersion: kustomize.config.k8s.io/v1beta1
|
||||
kind: Kustomization
|
||||
|
||||
resources:
|
||||
- traefik-dashboard-ingress.yaml
|
||||
- networking-ingressclass-traefik.yaml
|
||||
- traefik-service.yaml
|
||||
|
||||
@ -0,0 +1,15 @@
|
||||
apiVersion: traefik.io/v1alpha1
|
||||
kind: IngressRoute
|
||||
metadata:
|
||||
name: traefik-dashboard
|
||||
namespace: traefik
|
||||
spec:
|
||||
entryPoints:
|
||||
- web-local
|
||||
- websecure-local
|
||||
routes:
|
||||
- match: Host(`traefik.steffenillium.de`)
|
||||
kind: Rule
|
||||
services:
|
||||
- name: api@internal
|
||||
kind: TraefikService
|
||||
@ -0,0 +1,55 @@
|
||||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
name: traefik-local
|
||||
namespace: traefik
|
||||
spec:
|
||||
loadBalancerIP: 192.168.178.102
|
||||
type: LoadBalancer
|
||||
selector:
|
||||
app: traefik
|
||||
ports:
|
||||
# Local
|
||||
- name: web
|
||||
port: 80
|
||||
protocol: TCP
|
||||
targetPort: web-local
|
||||
- name: websecure
|
||||
port: 443
|
||||
protocol: TCP
|
||||
targetPort: websecure-local
|
||||
- name: dns
|
||||
port: 53
|
||||
protocol: UDP
|
||||
targetPort: dns
|
||||
- name: traefik
|
||||
port: 9000
|
||||
protocol: TCP
|
||||
targetPort: traefik
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
name: traefik-front
|
||||
namespace: traefik
|
||||
spec:
|
||||
type: NodePort
|
||||
selector:
|
||||
app: traefik
|
||||
ports:
|
||||
# Front
|
||||
- name: web
|
||||
port: 80
|
||||
protocol: TCP
|
||||
targetPort: web-front
|
||||
nodePort: 30080
|
||||
- name: websecure
|
||||
port: 443
|
||||
protocol: TCP
|
||||
targetPort: websecure-front
|
||||
nodePort: 30443
|
||||
- name: dns
|
||||
port: 53
|
||||
protocol: UDP
|
||||
targetPort: dns
|
||||
nodePort: 30053
|
||||
@ -3,8 +3,6 @@ kind: Middleware
|
||||
metadata:
|
||||
name: authentik-middleware
|
||||
namespace: traefik
|
||||
labels:
|
||||
expose: "true"
|
||||
spec:
|
||||
forwardAuth:
|
||||
address: https://auth.steffenillium.de/outpost.goauthentik.io/auth/traefik
|
||||
@ -3,9 +3,6 @@ kind: Middleware
|
||||
metadata:
|
||||
name: default-headers
|
||||
namespace: traefik
|
||||
labels:
|
||||
local: "true"
|
||||
expose: "true"
|
||||
|
||||
spec:
|
||||
headers:
|
||||
@ -1,9 +0,0 @@
|
||||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
name: traefik
|
||||
namespace: traefik
|
||||
spec:
|
||||
selector:
|
||||
app: traefik
|
||||
type: LoadBalancer
|
||||
@ -3,12 +3,10 @@ kind: IngressRoute
|
||||
metadata:
|
||||
name: fritz-ingress
|
||||
namespace: traefik
|
||||
labels:
|
||||
local: "true"
|
||||
spec:
|
||||
entryPoints:
|
||||
- web
|
||||
- websecure
|
||||
- web-local
|
||||
- websecure-local
|
||||
routes:
|
||||
- match: Host(`fritz.steffenillium.de`)
|
||||
kind: Rule
|
||||
@ -21,12 +19,10 @@ kind: IngressRoute
|
||||
metadata:
|
||||
name: fritz-ingress-front
|
||||
namespace: traefik
|
||||
labels:
|
||||
expose: "true"
|
||||
spec:
|
||||
entryPoints:
|
||||
- web
|
||||
- websecure
|
||||
- web-front
|
||||
- websecure-front
|
||||
routes:
|
||||
- match: Host(`fritz.steffenillium.de`)
|
||||
kind: Rule
|
||||
@ -3,13 +3,12 @@ kind: IngressRoute
|
||||
metadata:
|
||||
name: home-assistant-ingress
|
||||
namespace: traefik
|
||||
labels:
|
||||
expose: "true"
|
||||
local: "true"
|
||||
spec:
|
||||
entryPoints:
|
||||
- web
|
||||
- websecure
|
||||
- web-front
|
||||
- websecure-front
|
||||
- web-local
|
||||
- websecure-local
|
||||
routes:
|
||||
- match: Host(`home.steffenillium.de`)
|
||||
kind: Rule
|
||||
@ -1,10 +1,6 @@
|
||||
apiVersion: kustomize.config.k8s.io/v1beta1
|
||||
kind: Kustomization
|
||||
|
||||
namespace: traefik
|
||||
|
||||
resources:
|
||||
- overlay-external
|
||||
- overlay-internal
|
||||
- shared
|
||||
|
||||
- base
|
||||
- foreign
|
||||
|
||||
@ -1,18 +0,0 @@
|
||||
apiVersion: kustomize.config.k8s.io/v1beta1
|
||||
kind: Kustomization
|
||||
|
||||
namespace: traefik
|
||||
|
||||
namePrefix: front-
|
||||
|
||||
components:
|
||||
- ../../../components/front-region-selector.yaml
|
||||
|
||||
resources:
|
||||
- ../base
|
||||
|
||||
|
||||
|
||||
patches:
|
||||
- path: patches/traefik-service-patch.yaml
|
||||
- path: patches/traefik-deployment-patch.yaml
|
||||
@ -1,29 +0,0 @@
|
||||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
name: traefik
|
||||
namespace: traefik
|
||||
spec:
|
||||
type: NodePort
|
||||
|
||||
ports:
|
||||
- name: traefik
|
||||
port: 9000
|
||||
protocol: TCP
|
||||
targetPort: traefik
|
||||
- name: web
|
||||
port: 80
|
||||
protocol: TCP
|
||||
targetPort: web
|
||||
nodeport: 80
|
||||
- name: websecure
|
||||
port: 443
|
||||
protocol: TCP
|
||||
targetPort: websecure
|
||||
nodeport: 443
|
||||
- name: dns
|
||||
port: 53
|
||||
protocol: UDP
|
||||
targetPort: dns
|
||||
nodeport: 53
|
||||
|
||||
@ -1,16 +0,0 @@
|
||||
apiVersion: kustomize.config.k8s.io/v1beta1
|
||||
kind: Kustomization
|
||||
|
||||
namespace: traefik
|
||||
|
||||
namePrefix: local-
|
||||
|
||||
components:
|
||||
- ../../../components/local-region-selector.yaml
|
||||
|
||||
resources:
|
||||
- traefik-ingress-dashboard-local.yaml
|
||||
- ../base
|
||||
|
||||
patches:
|
||||
- path: patches/traefik-service-patch.yaml
|
||||
@ -1,38 +0,0 @@
|
||||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
name: traefik
|
||||
namespace: traefik
|
||||
spec:
|
||||
loadBalancerIP: 192.168.178.102
|
||||
type: LoadBalancer
|
||||
|
||||
ports:
|
||||
- name: smb137
|
||||
port: 137
|
||||
protocol: UDP
|
||||
- name: smb138
|
||||
port: 138
|
||||
protocol: UDP
|
||||
- name: smb139
|
||||
port: 139
|
||||
protocol: TCP
|
||||
- name: smb445
|
||||
port: 445
|
||||
protocol: TCP
|
||||
- name: web
|
||||
port: 80
|
||||
protocol: TCP
|
||||
targetPort: 8000
|
||||
- name: websecure
|
||||
port: 443
|
||||
protocol: TCP
|
||||
targetPort: 8443
|
||||
- name: dns
|
||||
port: 53
|
||||
protocol: UDP
|
||||
targetPort: 53
|
||||
- name: traefik
|
||||
port: 9000
|
||||
protocol: TCP
|
||||
targetPort: 9000
|
||||
@ -1,35 +0,0 @@
|
||||
apiVersion: traefik.io/v1alpha1
|
||||
kind: IngressRoute
|
||||
metadata:
|
||||
labels:
|
||||
local: "true"
|
||||
name: traefik-dashboard-local
|
||||
namespace: traefik
|
||||
spec:
|
||||
entryPoints:
|
||||
- websecure
|
||||
- web
|
||||
routes:
|
||||
- kind: Rule
|
||||
match: Host(`tr-local.steffenillium.de`)
|
||||
services:
|
||||
- kind: TraefikService
|
||||
name: api@internal
|
||||
---
|
||||
apiVersion: traefik.io/v1alpha1
|
||||
kind: IngressRoute
|
||||
metadata:
|
||||
labels:
|
||||
local: "true"
|
||||
name: traefik-dashboard-front
|
||||
namespace: traefik
|
||||
spec:
|
||||
entryPoints:
|
||||
- websecure
|
||||
- web
|
||||
routes:
|
||||
- kind: Rule
|
||||
match: Host(`tr-front.steffenillium.de`)
|
||||
services:
|
||||
- name: traefik-dashboard-front-internal
|
||||
port: 9080
|
||||
@ -1,13 +0,0 @@
|
||||
global:
|
||||
leaderElection:
|
||||
namespace: cert-manager
|
||||
|
||||
webhook:
|
||||
securePort: 10260
|
||||
validatingWebhookConfigurationAnnotations:
|
||||
cert-manager.io/inject-ca-from-secret: cert-manager/cert-manager-webhook-ca
|
||||
|
||||
|
||||
# clusterResourceNamespace: cert-manager
|
||||
|
||||
namespace: cert-manager
|
||||
@ -1,31 +0,0 @@
|
||||
{
|
||||
"kind": "SealedSecret",
|
||||
"apiVersion": "bitnami.com/v1alpha1",
|
||||
"metadata": {
|
||||
"name": "ionos-secret",
|
||||
"namespace": "traefik",
|
||||
"creationTimestamp": null,
|
||||
"annotations": {
|
||||
"sealedsecrets.bitnami.com/namespace-wide": "true"
|
||||
}
|
||||
},
|
||||
"spec": {
|
||||
"template": {
|
||||
"metadata": {
|
||||
"name": "ionos-secret",
|
||||
"namespace": "traefik",
|
||||
"creationTimestamp": null,
|
||||
"annotations": {
|
||||
"sealedsecrets.bitnami.com/namespace-wide": "true"
|
||||
}
|
||||
},
|
||||
"type": "Opaque"
|
||||
},
|
||||
"encryptedData": {
|
||||
"IONOS_API_KEY": "AgAFcwdnm6mQ2JuHgkY8eb4T2gLjmPIuhMewSrMX9tmtt0UU2w3vM/4M/hogAjIw9cyUqKoMwHrCOBQL4299+ZPJ8atxXi9pvrbCP0BwUPprRjfImHDiqnXjxLXZZJe3RyiFSUC7KfDYjTcg0I2pKqIryTCjJaPeEv3YNsObDPYV8eFDTvDziHf6sviPbS/33F7s3MADssHrqb3qP0i1SMkwYbju+hGqWvLkRQJRcPfQOGkL9YKwzu07eRrf3/fkn4DcTemyS7H8w6oArg4IvYT1zFeY5YCDwRQ6M7l557WXer28deRRTY99mUjIo3p1bFjY9dzcXf+1Ucp1iVdAJ3OAa7Tc17x8Ff8k4e4NryTPrjCPoXevo6JKF7zVqOYNUJV7xFn6PHRHfW4XMngB1nhiD0z/GmG/7FKdZUBcYmB9N88JqMN8RTEtEavgVNQFR/gkggPpRAgDXezg4P5dUIW07ssSy026MJ4WQF1hbKPeKl2ZPSOUozwserTAMjHNJ6P77aS1ASemCxbInT8Kf/Apd6w/2R5EQjoZF4gNnrPOmgctdf2EXHU039vJeMZTEwAYDcmaOm7sv+6mNtpfgGXuZDYm/IkHx21ZmJgNhJtmpej5y9PW/nQ8C+0za189YE1nbPL0h4q/oDyVEObZ5d823Ce1lD7uS4vyv6Sx/f7fcO1A27ag3VQSxLF84/qplDV/qWTbOP2OJIfyV8FZJqjSTqWlhEiMup+ZS5XsiEka0JKCrQKz08FrvKrIOlXIxhe2zhg4UQr5nJSYFMZ83fG4A6MJSDJVgrh5VynYcRIYNSxbdETKTcRSpSVKwRJ+fgJItfDEKmj8Owodt9NQZc2LvI8Lo12d6g==",
|
||||
"IONOS_MAIL": "AgB0r4IdLQOZMM8IolpoQV/psaU6+peZUsbxxP42oTol/xv+y/pB5M992lsK2Xtx0I3zY2geC4ghl16HxKFdc4DQdvJud75ehHlqqest5lvCxKhrQKUS2oaDIP6caywzsDa1SN0cH9FE2UhfnwR73PWYjFsKyAlsySYR3Kcc0EhWx3ukniCdqxRE2PYKFVI3X3R9N/BMSfg8jwNRe7WvXyjOGItDChZnEkAMmqA5ilqSIE2hesrvTKwyD81cgSYuJpKuXzWcJ1kBUBjqbUAP4N1T2cNXyD04izFi7pD1Gi4LniyLO35Il/bKVLioqjY4j92LcHcP6Qz1UfskVd6NqlNSyLYwQ3zJh3xnateoSW6873RcVo83rFjnUIBvkb2+UpPaWEyqFdWHmzi+jm02hzOD+Ht6MKvZDQyITWSOJbZvJBwg9Qd2VQ3YxqjcgPIHFvM9rA0zS3vvX6/dMIHam/UEsFBEzj5JPx7BrI+MLkgkFqc6yJ/uxIZrg4ZhYc6+D7+LUHJ3hKPgFoQ4fxPyGsRZ1M3dQBclilmxymZnf1JzMv/nztq5wAO4JwzuTcAukq2hDOitUebGIs2gtfAyok4Q6HpTBex2QRZjofUq+TEwDxETjyDjDoV/neN5N+b6uHaFiX7/gBfOzsyEqwcociqQhU2RryayKsKUk7b2y2Yp6PTV99HBHRVizPP8s7zl8PYfa/DQu15hjGoW5pw9u2Ieg5lGHIv4hlc=",
|
||||
"PREFIX": "AgB2262DQ5FAFJUCFiFIv5gg6CzC5z33lonQeObVcV5wS75Ya5QIl3Z58WCTqIc6iPmevXKupzyNnTxB1zUNULW3dqOzNSuEQPdtR+OnaPxL0m5I8lk1cGUwLK3snp5FPrV8QiL498TZ25hT3q7XkpIhIEZhMYhlwRQWK+B4oeIblj1WgbuQaV7AEVb8d1k9qPvspL5j7ZLqnymtpMpKpypEueXUhwMCSb6RUYmLYRS4bxE5PTtWdKoGHvpOLOwIf5PJer0IkFHmFN0TAHQJpvtBn0/8d5CNBF/nX27qAds2oOUn61vJf7U71B492xPJk9yycUWe5K8e3l6EJMMkRUu83PbRK0+lGvxTYrduP/gWrziJgy4US0HhC9dWnN+3r4YXd1ux10ZgL+VSIUzNWFtL8E8kRcW0+h6aSBy7quJRo0kZ+feUYissMggp/1okxCnpiY4Gl8H2Fkyy9bopPPXGLCr94X3v4eON0k/0Qd74T3lgoyqmbOUAgZW0hveZGwXkgZCqSitCamUUNdZ9a3Zq6LjJYYK+UvBRSYLxFKuNina/z7AoHYDWrDdZdqHDjam24tz9b6uabAgJzcN1fReHh3rmZbnF5Trzy6UjBAGs79tbRPKq1wisp4ZKZZQu+rD3pVnnOdNOwck6AbcQiZ0rxqd8AJ7JIHf3ZyQ+jY8Mpzde66C0iachuMmPhaMXQVE6vbGre5dWOpWZgTG06l+9pn/6sI+0rrf1HnlCqY+uqQ==",
|
||||
"SECRET": "AgAsg/CmTOX7VhPYB6zpVofOGc4Bk943BV3EBXIYuBnqB1JfRNt1rDh1JLe0NDJPswWeoUzrFQPhvpqp+Sn1eYAQpkzptp71SGb7nAmcJUmmNlaAO0gNpVWPKxfzu06n9VuZ3C3E/J275qOIB09Du8KgG2f5cGotw3Q2FwTGeudtRP0A/grMbYwMFNlIFRFAkt6KuDLVJZOeur4ozH9lE7ASsW2/eCdXLZzs+4IwFlms1OFmPf43UTVYvHjwvzT+xC2MAdAVynokwYkP13C8wob+hhIvrWM2MZu+dPZ9pqZ5ThQeO7Qe8/jVSg3UJHGUg0Cpx6rMJwOCtZf38GFUPaB3HpJbwgfkQwfUDzxfGXKwhbHGqVcujeQffQksLgx/xUz+oVx8MyqqGBpM0HIsSLYZubQvLwooydVUyIX4VUTLI3/r+xMT4VQjI/6Di0UnCbg48/HzdEaEQDxv/3uyVSEV7i5ZgbZAESKn0WN+747I4K2daUsMYS3Xhu/YtJdmd64vLh5zeQxjL5j8AxqNeEndS1vWamSZfyDx55uoLEWI6Zo1UwNACpExuVM6BDH0rkJcVdfi7ozi9r6JQ1h/6G0dUiaAESS7VVIRKlMQcrotAjojOaQxXtLqRkvk72/vPt07UeN+iQrX4hrM4d+OOEhUTeqbxugKsN7oN0K7SY/WkB2ENVV1Rm7cjjEENIijvcR1iZavilz4+TmtMSfITt8kZoMFy7cd/hH/3564tAnf8z7Rn599bhNNJmeHdozhSQjrp97GonC375hFHIcOoO/SgT3XHjMixAPilLQI+0fffKxzl2Trfw=="
|
||||
}
|
||||
}
|
||||
}
|
||||
@ -1,23 +0,0 @@
|
||||
---
|
||||
kind: Kustomization
|
||||
apiVersion: kustomize.config.k8s.io/v1beta1
|
||||
resources:
|
||||
- traefik.containo.us_ingressroutes.yaml
|
||||
- traefik.containo.us_ingressroutetcps.yaml
|
||||
- traefik.containo.us_ingressrouteudps.yaml
|
||||
- traefik.containo.us_middlewares.yaml
|
||||
- traefik.containo.us_middlewaretcps.yaml
|
||||
- traefik.containo.us_serverstransports.yaml
|
||||
- traefik.containo.us_tlsoptions.yaml
|
||||
- traefik.containo.us_tlsstores.yaml
|
||||
- traefik.containo.us_traefikservices.yaml
|
||||
- traefik.io_ingressroutes.yaml
|
||||
- traefik.io_ingressroutetcps.yaml
|
||||
- traefik.io_ingressrouteudps.yaml
|
||||
- traefik.io_middlewares.yaml
|
||||
- traefik.io_middlewaretcps.yaml
|
||||
- traefik.io_serverstransports.yaml
|
||||
- traefik.io_serverstransporttcps.yaml
|
||||
- traefik.io_tlsoptions.yaml
|
||||
- traefik.io_tlsstores.yaml
|
||||
- traefik.io_traefikservices.yaml
|
||||
@ -1,10 +0,0 @@
|
||||
apiVersion: kustomize.config.k8s.io/v1beta1
|
||||
kind: Kustomization
|
||||
|
||||
resources:
|
||||
- foreign
|
||||
- cert
|
||||
- base/traefik-middleware-default-headers.yaml
|
||||
- base/traefik-pvc.yaml
|
||||
- crds
|
||||
- base/traefik-namespace.yaml
|
||||
@ -2,8 +2,6 @@ apiVersion: traefik.io/v1alpha1
|
||||
kind: IngressRoute
|
||||
metadata:
|
||||
name: longhorn-frontend
|
||||
labels:
|
||||
local: "true"
|
||||
spec:
|
||||
entryPoints:
|
||||
- web
|
||||
|
||||
@ -18,7 +18,8 @@ spec:
|
||||
- image: ghcr.io/illiumst/website:latest
|
||||
name: website
|
||||
ports:
|
||||
- containerPort: 80
|
||||
- name: http
|
||||
containerPort: 80
|
||||
protocol: TCP
|
||||
resources: {}
|
||||
imagePullSecrets:
|
||||
|
||||
@ -1,17 +1,17 @@
|
||||
apiVersion: traefik.io/v1alpha1
|
||||
kind: IngressRoute
|
||||
metadata:
|
||||
labels:
|
||||
expose: "true"
|
||||
name: website-ingress
|
||||
namespace: website
|
||||
spec:
|
||||
entryPoints:
|
||||
- web
|
||||
- websecure
|
||||
- web-front
|
||||
- websecure-front
|
||||
- web-local
|
||||
- websecure-local
|
||||
routes:
|
||||
- match: Host(`www.steffenillium.de`) || Host(`steffenillium.de`)
|
||||
kind: Rule
|
||||
services:
|
||||
- name: website
|
||||
port: 80
|
||||
port: http
|
||||
|
||||
@ -6,8 +6,8 @@ metadata:
|
||||
name: website
|
||||
spec:
|
||||
ports:
|
||||
- name: "http"
|
||||
- name: http
|
||||
port: 80
|
||||
targetPort: 80
|
||||
targetPort: http
|
||||
selector:
|
||||
app: website
|
||||
|
||||
@ -9,8 +9,3 @@ resources:
|
||||
- base/website-namespace.yaml
|
||||
- base/website-service.yaml
|
||||
- base/website-registry-secret-sealed.yaml
|
||||
|
||||
patches:
|
||||
- path: patches/nodeselector.yaml
|
||||
target:
|
||||
kind: (StatefulSet|Deployment|Job)
|
||||
|
||||
@ -1,9 +0,0 @@
|
||||
apiVersion: apps/v1
|
||||
kind: not-important
|
||||
metadata:
|
||||
name: not-important
|
||||
spec:
|
||||
template:
|
||||
spec:
|
||||
nodeSelector:
|
||||
region: front
|
||||
Reference in New Issue
Block a user