From 41d16dcdcd346f7f89577e1a0047cec845ca48ba Mon Sep 17 00:00:00 2001 From: Steffen Illium Date: Wed, 27 Mar 2024 11:48:45 +0100 Subject: [PATCH] traefik middleware and tls adjustments --- infrastructure/03-traefik/base/values.yaml | 17 ++++++++++++----- .../04-longhorn/base/longhorn-ui-ingress.yaml | 2 -- .../base/cert-manager-ui-ingress.yaml | 2 -- .../base/kube-dashboard-ui-ingress.yaml | 4 +--- infrastructure/argo-cd-ui-ingress.yaml | 2 -- 5 files changed, 13 insertions(+), 14 deletions(-) diff --git a/infrastructure/03-traefik/base/values.yaml b/infrastructure/03-traefik/base/values.yaml index daa704d..c1c5ed7 100644 --- a/infrastructure/03-traefik/base/values.yaml +++ b/infrastructure/03-traefik/base/values.yaml @@ -22,7 +22,9 @@ ingressRoute: enabled: true # Custom match rule with host domain matchRule: Host(`tr.steffenillium.de`) - entryPoints: ["websecure", "web"] + entryPoints: + - "websecure" + - "web" # Add custom middlewares : authentication and redirection # middlewares: # - name: traefik-dashboard-auth @@ -38,12 +40,15 @@ additionalArguments: ports: web: + port: 8000 + expose: true + exposedPort: 80 + protocol: TCP + http3: + enabled: false tls: enabled: false websecure: - ## -- Enable this entrypoint as a default entrypoint. When a service doesn't explicitly set an entrypoint it will only use this entrypoint. - ## ONLY AVAILABLE ON V3 - asDefault: false port: 8443 expose: true exposedPort: 443 @@ -52,8 +57,10 @@ ports: enabled: false tls: enabled: true + certResolver: default - middlewares: [] + middlewares: + - "default-headers" service: enabled: true diff --git a/infrastructure/04-longhorn/base/longhorn-ui-ingress.yaml b/infrastructure/04-longhorn/base/longhorn-ui-ingress.yaml index d9dcb8b..6419991 100644 --- a/infrastructure/04-longhorn/base/longhorn-ui-ingress.yaml +++ b/infrastructure/04-longhorn/base/longhorn-ui-ingress.yaml @@ -12,5 +12,3 @@ spec: services: - name: ui port: 80 - tls: - certResolver: default diff --git a/infrastructure/05-cert-manager/base/cert-manager-ui-ingress.yaml b/infrastructure/05-cert-manager/base/cert-manager-ui-ingress.yaml index 21f91c5..821f8bc 100644 --- a/infrastructure/05-cert-manager/base/cert-manager-ui-ingress.yaml +++ b/infrastructure/05-cert-manager/base/cert-manager-ui-ingress.yaml @@ -13,5 +13,3 @@ spec: - name: lcl-cert-manager kind: Service port: 9402 - tls: - certResolver: default diff --git a/infrastructure/06-kube-dashboard/base/kube-dashboard-ui-ingress.yaml b/infrastructure/06-kube-dashboard/base/kube-dashboard-ui-ingress.yaml index 4c70419..c5c243a 100644 --- a/infrastructure/06-kube-dashboard/base/kube-dashboard-ui-ingress.yaml +++ b/infrastructure/06-kube-dashboard/base/kube-dashboard-ui-ingress.yaml @@ -11,6 +11,4 @@ spec: kind: Rule services: - name: kubernetes-dashboard - port: 443 - tls: - certResolver: default + port: 8443 diff --git a/infrastructure/argo-cd-ui-ingress.yaml b/infrastructure/argo-cd-ui-ingress.yaml index 5815875..fa71c0a 100644 --- a/infrastructure/argo-cd-ui-ingress.yaml +++ b/infrastructure/argo-cd-ui-ingress.yaml @@ -13,5 +13,3 @@ spec: services: - name: argocd-server port: 80 - tls: - certResolver: default