change to single traefik and endpoint distinction
This commit is contained in:
apps
adguard
gitea
kube-dashboard
nextcloud
paperless
vaultwarden
infrastructure
0-argo-cd-ui-ingress.yaml
03-traefik
base
cert
crds
kustomization.yamltraefik.containo.us_ingressroutes.yamltraefik.containo.us_ingressroutetcps.yamltraefik.containo.us_ingressrouteudps.yamltraefik.containo.us_middlewares.yamltraefik.containo.us_middlewaretcps.yamltraefik.containo.us_serverstransports.yamltraefik.containo.us_tlsoptions.yamltraefik.containo.us_tlsstores.yamltraefik.containo.us_traefikservices.yamltraefik.io_ingressroutes.yamltraefik.io_ingressroutetcps.yamltraefik.io_ingressrouteudps.yamltraefik.io_middlewares.yamltraefik.io_middlewaretcps.yamltraefik.io_serverstransports.yamltraefik.io_serverstransporttcps.yamltraefik.io_tlsoptions.yamltraefik.io_tlsstores.yamltraefik.io_traefikservices.yaml
deployment-traefik.yamlkustomization.yamlnetworking
traefik-middleware-authentik.yamltraefik-middleware-default-headers.yamltraefik-namespace.yamltraefik-pvc.yamlvalues.yamlforeign
kustomization.yamloverlay-external
overlay-internal
patches
shared
projects/website/base
@ -3,12 +3,12 @@ kind: IngressRoute
|
||||
metadata:
|
||||
name: adguard-ui
|
||||
namespace: adguard
|
||||
labels:
|
||||
local: "true"
|
||||
spec:
|
||||
entryPoints:
|
||||
- web
|
||||
- websecure
|
||||
- web-front
|
||||
- websecure-front
|
||||
- web-local
|
||||
- websecure-local
|
||||
routes:
|
||||
- match: Host(`adguard.steffenillium.de`) || Host(`dns.steffenillium.de`)
|
||||
kind: Rule
|
||||
@ -16,36 +16,16 @@ spec:
|
||||
- name: adguard-service
|
||||
port: 80
|
||||
---
|
||||
apiVersion: traefik.io/v1alpha1
|
||||
kind: IngressRoute
|
||||
metadata:
|
||||
name: adguard-ui-front
|
||||
namespace: adguard
|
||||
labels:
|
||||
expose: "true"
|
||||
spec:
|
||||
entryPoints:
|
||||
- websecure
|
||||
routes:
|
||||
- match: Host(`adguard.steffenillium.de`)
|
||||
kind: Rule
|
||||
# middlewares:
|
||||
# - name: authentik-middleware
|
||||
services:
|
||||
- name: adguard-service
|
||||
port: 80
|
||||
---
|
||||
|
||||
apiVersion: traefik.io/v1alpha1
|
||||
kind: IngressRoute
|
||||
metadata:
|
||||
name: adguard-ui-init
|
||||
namespace: adguard
|
||||
labels:
|
||||
local: "true"
|
||||
spec:
|
||||
entryPoints:
|
||||
- web
|
||||
- web-local
|
||||
- websecure-local
|
||||
routes:
|
||||
- match: Host(`adguard-init.steffenillium.de`)
|
||||
kind: Rule
|
||||
|
||||
@ -3,13 +3,12 @@ kind: IngressRoute
|
||||
metadata:
|
||||
name: gitea
|
||||
namespace: gitea
|
||||
labels:
|
||||
expose: "true"
|
||||
local: "true"
|
||||
spec:
|
||||
entryPoints:
|
||||
- web
|
||||
- websecure
|
||||
- web-front
|
||||
- websecure-front
|
||||
- web-local
|
||||
- websecure-local
|
||||
routes:
|
||||
- match: Host(`gitea.steffenillium.de`)
|
||||
kind: Rule
|
||||
|
||||
@ -2,13 +2,10 @@ apiVersion: traefik.io/v1alpha1
|
||||
kind: IngressRoute
|
||||
metadata:
|
||||
name: kubernetes-dashboard
|
||||
labels:
|
||||
expose: "false"
|
||||
local: "true"
|
||||
spec:
|
||||
entryPoints:
|
||||
- web
|
||||
- websecure
|
||||
- web-local
|
||||
- websecure-local
|
||||
routes:
|
||||
- match: Host(`kubernetes-dashboard.steffenillium.de`)
|
||||
kind: Rule
|
||||
|
||||
@ -3,13 +3,12 @@ kind: IngressRoute
|
||||
metadata:
|
||||
name: nextcloud-ingress
|
||||
namespace: nextcloud
|
||||
labels:
|
||||
expose: "true"
|
||||
local: "true"
|
||||
spec:
|
||||
entryPoints:
|
||||
- web
|
||||
- websecure
|
||||
- web-front
|
||||
- websecure-front
|
||||
- web-local
|
||||
- websecure-local
|
||||
routes:
|
||||
- match: Host(`newcloud.steffenillium.de`)
|
||||
kind: Rule
|
||||
|
||||
@ -3,12 +3,10 @@ kind: IngressRoute
|
||||
metadata:
|
||||
name: paperless-ingress
|
||||
namespace: paperless
|
||||
labels:
|
||||
local: "true"
|
||||
spec:
|
||||
entryPoints:
|
||||
- web
|
||||
- websecure
|
||||
- web-local
|
||||
- websecure-local
|
||||
routes:
|
||||
- match: Host(`documents.steffenillium.de`)
|
||||
kind: Rule
|
||||
@ -21,12 +19,10 @@ kind: IngressRoute
|
||||
metadata:
|
||||
name: paperless-ingress-front
|
||||
namespace: paperless
|
||||
labels:
|
||||
expose: "true"
|
||||
spec:
|
||||
entryPoints:
|
||||
- web
|
||||
- websecure
|
||||
- web-front
|
||||
- websecure-front
|
||||
routes:
|
||||
- match: Host(`documents.steffenillium.de`)
|
||||
kind: Rule
|
||||
|
||||
@ -3,13 +3,12 @@ kind: IngressRoute
|
||||
metadata:
|
||||
name: vaultwarden-ingress
|
||||
namespace: vaultwarden
|
||||
labels:
|
||||
expose: "true"
|
||||
local: "true"
|
||||
spec:
|
||||
entryPoints:
|
||||
- web
|
||||
- websecure
|
||||
- web-front
|
||||
- websecure-front
|
||||
- web-local
|
||||
- websecure-local
|
||||
routes:
|
||||
- match: Host(`vault.steffenillium.de`)
|
||||
kind: Rule
|
||||
|
||||
@ -3,13 +3,10 @@ kind: IngressRoute
|
||||
metadata:
|
||||
name: argocd-ui
|
||||
namespace: argocd
|
||||
labels:
|
||||
expose: "false"
|
||||
local: "true"
|
||||
spec:
|
||||
entryPoints:
|
||||
- web
|
||||
- websecure
|
||||
- web-local
|
||||
- websecure-local
|
||||
routes:
|
||||
- match: Host(`argocd.steffenillium.de`)
|
||||
kind: Rule
|
||||
|
||||
22
infrastructure/03-traefik/base/crds/kustomization.yaml
Normal file
22
infrastructure/03-traefik/base/crds/kustomization.yaml
Normal file
@ -0,0 +1,22 @@
|
||||
apiVersion: kustomize.config.k8s.io/v1beta1
|
||||
kind: Kustomization
|
||||
resources:
|
||||
- traefik.containo.us_ingressroutes.yaml
|
||||
- traefik.containo.us_ingressroutetcps.yaml
|
||||
- traefik.containo.us_ingressrouteudps.yaml
|
||||
- traefik.containo.us_middlewares.yaml
|
||||
- traefik.containo.us_middlewaretcps.yaml
|
||||
- traefik.containo.us_serverstransports.yaml
|
||||
- traefik.containo.us_tlsoptions.yaml
|
||||
- traefik.containo.us_tlsstores.yaml
|
||||
- traefik.containo.us_traefikservices.yaml
|
||||
- traefik.io_ingressroutes.yaml
|
||||
- traefik.io_ingressroutetcps.yaml
|
||||
- traefik.io_ingressrouteudps.yaml
|
||||
- traefik.io_middlewares.yaml
|
||||
- traefik.io_middlewaretcps.yaml
|
||||
- traefik.io_serverstransports.yaml
|
||||
- traefik.io_serverstransporttcps.yaml
|
||||
- traefik.io_tlsoptions.yaml
|
||||
- traefik.io_tlsstores.yaml
|
||||
- traefik.io_traefikservices.yaml
|
||||
@ -5,7 +5,7 @@ metadata:
|
||||
namespace: traefik
|
||||
spec:
|
||||
minReadySeconds: 0
|
||||
replicas: 1
|
||||
replicas: 3
|
||||
selector:
|
||||
matchLabels:
|
||||
app: traefik
|
||||
@ -22,26 +22,37 @@ spec:
|
||||
spec:
|
||||
containers:
|
||||
- resources: {}
|
||||
name: traefik
|
||||
args:
|
||||
- --global.sendanonymoususage=false
|
||||
- --global.checknewversion=false
|
||||
- --entrypoints.metrics.address=:9100/tcp
|
||||
- --entrypoints.traefik.address=:9000/tcp
|
||||
- --entrypoints.web.address=:8000/tcp
|
||||
- --entrypoints.web.transport.respondingTimeouts.readTimeout=300
|
||||
- --entrypoints.web.transport.respondingTimeouts.idleTimeout=0
|
||||
- --entrypoints.websecure.address=:8443/tcp
|
||||
- --entrypoints.websecure.http.middlewares=traefik-default-headers
|
||||
- --entrypoints.websecure.http.tls=true
|
||||
- --entrypoints.websecure.transport.respondingTimeouts.readTimeout=300
|
||||
- --entrypoints.websecure.transport.respondingTimeouts.idleTimeout=0
|
||||
- --entrypoints.dns.address=:53/udp
|
||||
|
||||
- --entrypoints.web-local.address=:8000/tcp
|
||||
- --entrypoints.web-local.transport.respondingTimeouts.readTimeout=300
|
||||
- --entrypoints.web-local.transport.respondingTimeouts.idleTimeout=0
|
||||
- --entrypoints.web-local.http.redirections.entryPoint.to=websecure-local
|
||||
- --entrypoints.web-local.http.redirections.entryPoint.scheme=https
|
||||
|
||||
- --entrypoints.websecure-local.address=:8443/tcp
|
||||
- --entrypoints.websecure-local.http.middlewares=traefik-default-headers
|
||||
- --entrypoints.websecure-local.http.tls=true
|
||||
- --entrypoints.websecure-local.transport.respondingTimeouts.readTimeout=300
|
||||
- --entrypoints.websecure-local.transport.respondingTimeouts.idleTimeout=0
|
||||
|
||||
- --certificatesResolvers.default.acme.caServer=https://acme-staging-v02.api.letsencrypt.org/directory
|
||||
- --certificatesResolvers.default.acme.email=steffen.illium@gmail.com
|
||||
- --certificatesResolvers.default.acme.dnsChallenge.provider=ionos
|
||||
- --certificatesResolvers.default.acme.storage=/certs/acme.json
|
||||
|
||||
- --api.dashboard=true
|
||||
- --ping=true
|
||||
- --metrics.prometheus=true
|
||||
- --metrics.prometheus.entrypoint=metrics
|
||||
- --providers.kubernetescrd
|
||||
- --providers.kubernetescrd.labelSelector=local=true
|
||||
# - --providers.kubernetescrd.labelSelector=local=true
|
||||
- --providers.kubernetescrd.allowExternalNameServices=true
|
||||
|
||||
- --log.level=WARN
|
||||
@ -59,6 +70,11 @@ spec:
|
||||
valueFrom:
|
||||
fieldRef:
|
||||
fieldPath: metadata.namespace
|
||||
- name: IONOS_API_KEY
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: ionos-secret
|
||||
key: IONOS_API_KEY
|
||||
image: docker.io/traefik:latest
|
||||
imagePullPolicy: IfNotPresent
|
||||
livenessProbe:
|
||||
@ -71,7 +87,6 @@ spec:
|
||||
periodSeconds: 10
|
||||
successThreshold: 1
|
||||
timeoutSeconds: 2
|
||||
name: traefik
|
||||
ports:
|
||||
- containerPort: 53
|
||||
name: dns
|
||||
@ -82,11 +97,17 @@ spec:
|
||||
- containerPort: 9000
|
||||
name: traefik
|
||||
protocol: TCP
|
||||
- containerPort: 80
|
||||
name: web-local
|
||||
protocol: TCP
|
||||
- containerPort: 443
|
||||
name: websecure-local
|
||||
protocol: TCP
|
||||
- containerPort: 8000
|
||||
name: web
|
||||
name: web-front
|
||||
protocol: TCP
|
||||
- containerPort: 8443
|
||||
name: websecure
|
||||
name: websecure-front
|
||||
protocol: TCP
|
||||
readinessProbe:
|
||||
failureThreshold: 1
|
||||
@ -105,10 +126,15 @@ spec:
|
||||
- NET_BIND_SERVICE
|
||||
readOnlyRootFilesystem: true
|
||||
volumeMounts:
|
||||
- mountPath: /data
|
||||
name: data
|
||||
- mountPath: /tmp
|
||||
name: tmp
|
||||
- mountPath: /certs
|
||||
name: traefik-pvc
|
||||
subPath: certs
|
||||
- mountPath: /data
|
||||
name: traefik-pvc
|
||||
subPath: data
|
||||
- mountPath: /tmp
|
||||
name: traefik-pvc
|
||||
subPath: tmp
|
||||
securityContext:
|
||||
fsGroupChangePolicy: OnRootMismatch
|
||||
runAsGroup: 65532
|
||||
@ -117,8 +143,7 @@ spec:
|
||||
serviceAccountName: traefik
|
||||
terminationGracePeriodSeconds: 60
|
||||
volumes:
|
||||
- emptyDir: {}
|
||||
name: data
|
||||
- emptyDir: {}
|
||||
name: tmp
|
||||
- name: traefik-pvc
|
||||
persistentVolumeClaim:
|
||||
claimName: traefik-pvc
|
||||
|
||||
|
||||
@ -1,12 +1,12 @@
|
||||
apiVersion: kustomize.config.k8s.io/v1beta1
|
||||
kind: Kustomization
|
||||
|
||||
resources:
|
||||
# Deployment
|
||||
- cert
|
||||
- crds
|
||||
- deployment-traefik.yaml
|
||||
# Objects
|
||||
- traefik-service.yaml
|
||||
- networking
|
||||
- security
|
||||
|
||||
|
||||
- traefik-middleware-default-headers.yaml
|
||||
- traefik-namespace.yaml
|
||||
- traefik-pvc.yaml
|
||||
- traefik-service.yaml
|
||||
|
||||
@ -1,5 +1,4 @@
|
||||
apiVersion: kustomize.config.k8s.io/v1beta1
|
||||
kind: Kustomization
|
||||
|
||||
resources:
|
||||
- networking-ingressclass-traefik.yaml
|
||||
- networking-ingressclass-traefik.yaml
|
||||
|
||||
@ -3,8 +3,6 @@ kind: Middleware
|
||||
metadata:
|
||||
name: authentik-middleware
|
||||
namespace: traefik
|
||||
labels:
|
||||
expose: "true"
|
||||
spec:
|
||||
forwardAuth:
|
||||
address: https://auth.steffenillium.de/outpost.goauthentik.io/auth/traefik
|
||||
@ -3,9 +3,6 @@ kind: Middleware
|
||||
metadata:
|
||||
name: default-headers
|
||||
namespace: traefik
|
||||
labels:
|
||||
local: "true"
|
||||
expose: "true"
|
||||
|
||||
spec:
|
||||
headers:
|
||||
@ -3,12 +3,10 @@ kind: IngressRoute
|
||||
metadata:
|
||||
name: fritz-ingress
|
||||
namespace: traefik
|
||||
labels:
|
||||
local: "true"
|
||||
spec:
|
||||
entryPoints:
|
||||
- web
|
||||
- websecure
|
||||
- web-local
|
||||
- websecure-local
|
||||
routes:
|
||||
- match: Host(`fritz.steffenillium.de`)
|
||||
kind: Rule
|
||||
@ -21,12 +19,10 @@ kind: IngressRoute
|
||||
metadata:
|
||||
name: fritz-ingress-front
|
||||
namespace: traefik
|
||||
labels:
|
||||
expose: "true"
|
||||
spec:
|
||||
entryPoints:
|
||||
- web
|
||||
- websecure
|
||||
- web-front
|
||||
- websecure-front
|
||||
routes:
|
||||
- match: Host(`fritz.steffenillium.de`)
|
||||
kind: Rule
|
||||
@ -3,13 +3,12 @@ kind: IngressRoute
|
||||
metadata:
|
||||
name: home-assistant-ingress
|
||||
namespace: traefik
|
||||
labels:
|
||||
expose: "true"
|
||||
local: "true"
|
||||
spec:
|
||||
entryPoints:
|
||||
- web
|
||||
- websecure
|
||||
- web-front
|
||||
- websecure-front
|
||||
- web-local
|
||||
- websecure-local
|
||||
routes:
|
||||
- match: Host(`home.steffenillium.de`)
|
||||
kind: Rule
|
||||
@ -1,10 +1,6 @@
|
||||
apiVersion: kustomize.config.k8s.io/v1beta1
|
||||
kind: Kustomization
|
||||
|
||||
namespace: traefik
|
||||
|
||||
resources:
|
||||
- overlay-external
|
||||
- overlay-internal
|
||||
- shared
|
||||
|
||||
- base
|
||||
- foreign
|
||||
- patches/traefik-service-patch.yaml
|
||||
|
||||
@ -1,16 +0,0 @@
|
||||
apiVersion: kustomize.config.k8s.io/v1beta1
|
||||
kind: Kustomization
|
||||
|
||||
namespace: traefik
|
||||
|
||||
namePrefix: front-
|
||||
|
||||
components:
|
||||
- ../../../components/front-region-selector.yaml
|
||||
|
||||
resources:
|
||||
- ../base
|
||||
|
||||
patches:
|
||||
- path: patches/traefik-service-patch.yaml
|
||||
- path: patches/traefik-deployment-patch.yaml
|
||||
@ -1,72 +0,0 @@
|
||||
apiVersion: apps/v1
|
||||
kind: Deployment
|
||||
metadata:
|
||||
name: traefik
|
||||
namespace: traefik
|
||||
spec:
|
||||
selector:
|
||||
matchLabels:
|
||||
app: front-traefik
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
app: front-traefik
|
||||
spec:
|
||||
hostNetwork: false
|
||||
containers:
|
||||
- name: traefik
|
||||
env:
|
||||
- name: IONOS_API_KEY
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: ionos-secret
|
||||
key: IONOS_API_KEY
|
||||
args:
|
||||
- --serversTransport.insecureSkipVerify=false
|
||||
# Shared
|
||||
- --global.sendanonymoususage=false
|
||||
- --global.checknewversion=false
|
||||
# - --entrypoints.dns.address=:53/udp
|
||||
- --entrypoints.metrics.address=:9100/tcp
|
||||
- --entrypoints.traefik.address=:9000/tcp
|
||||
- --entrypoints.web.address=:8000/tcp
|
||||
- --entrypoints.web.http.redirections.entryPoint.to=websecure
|
||||
- --entrypoints.web.http.redirections.entryPoint.scheme=https
|
||||
- --entrypoints.websecure.address=:8443/tcp
|
||||
- --entrypoints.websecure.http.middlewares=traefik-default-headers
|
||||
- --entrypoints.websecure.http.tls=true
|
||||
|
||||
- --api.dashboard=false
|
||||
- --ping=true
|
||||
- --metrics.prometheus=true
|
||||
- --metrics.prometheus.entrypoint=metrics
|
||||
- --providers.kubernetescrd
|
||||
- --providers.kubernetescrd.labelSelector=expose=true
|
||||
- --providers.kubernetescrd.allowExternalNameServices=true
|
||||
- --providers.kubernetescrd.allowCrossNamespace=false
|
||||
|
||||
- --log.level=WARN
|
||||
- --accesslog=true
|
||||
- --accesslog.fields.defaultmode=keep
|
||||
- --accesslog.fields.headers.defaultmode=drop
|
||||
|
||||
- --certificatesResolvers.default.acme.caServer=https://acme-staging-v02.api.letsencrypt.org/directory
|
||||
- --certificatesResolvers.default.acme.email=steffen.illium@gmail.com
|
||||
- --certificatesResolvers.default.acme.dnsChallenge.provider=ionos
|
||||
- --certificatesResolvers.default.acme.storage=/certs/acme.json
|
||||
|
||||
volumeMounts:
|
||||
- mountPath: /certs
|
||||
name: traefik-pvc
|
||||
subPath: certs
|
||||
- mountPath: /data
|
||||
name: traefik-pvc
|
||||
subPath: data
|
||||
- mountPath: /tmp
|
||||
name: traefik-pvc
|
||||
subPath: tmp
|
||||
resources: {}
|
||||
volumes:
|
||||
- name: traefik-pvc
|
||||
persistentVolumeClaim:
|
||||
claimName: traefik-pvc
|
||||
@ -1,26 +0,0 @@
|
||||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
name: traefik
|
||||
namespace: traefik
|
||||
spec:
|
||||
type: NodePort
|
||||
selector:
|
||||
app: local-traefik
|
||||
ports:
|
||||
- name: web
|
||||
port: 80
|
||||
protocol: TCP
|
||||
targetPort: 8000
|
||||
- name: websecure
|
||||
port: 443
|
||||
protocol: TCP
|
||||
targetPort: 8443
|
||||
- name: dns
|
||||
port: 53
|
||||
protocol: UDP
|
||||
targetPort: 53
|
||||
- name: traefik
|
||||
port: 9000
|
||||
protocol: TCP
|
||||
targetPort: 9000
|
||||
@ -1,17 +0,0 @@
|
||||
apiVersion: kustomize.config.k8s.io/v1beta1
|
||||
kind: Kustomization
|
||||
|
||||
namespace: traefik
|
||||
|
||||
namePrefix: local-
|
||||
|
||||
components:
|
||||
- ../../../components/local-region-selector.yaml
|
||||
|
||||
resources:
|
||||
- traefik-ingress-dashboard-local.yaml
|
||||
- ../base
|
||||
|
||||
patches:
|
||||
- path: patches/traefik-deployment-patch.yaml
|
||||
- path: patches/traefik-service-patch.yaml
|
||||
@ -1,13 +0,0 @@
|
||||
apiVersion: apps/v1
|
||||
kind: Deployment
|
||||
metadata:
|
||||
name: traefik
|
||||
namespace: traefik
|
||||
spec:
|
||||
selector:
|
||||
matchLabels:
|
||||
app: local-traefik
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
app: local-traefik
|
||||
@ -1,35 +0,0 @@
|
||||
apiVersion: traefik.io/v1alpha1
|
||||
kind: IngressRoute
|
||||
metadata:
|
||||
labels:
|
||||
local: "true"
|
||||
name: traefik-dashboard-local
|
||||
namespace: traefik
|
||||
spec:
|
||||
entryPoints:
|
||||
- websecure
|
||||
- web
|
||||
routes:
|
||||
- kind: Rule
|
||||
match: Host(`tr-local.steffenillium.de`)
|
||||
services:
|
||||
- kind: TraefikService
|
||||
name: api@internal
|
||||
---
|
||||
apiVersion: traefik.io/v1alpha1
|
||||
kind: IngressRoute
|
||||
metadata:
|
||||
labels:
|
||||
local: "true"
|
||||
name: traefik-dashboard-front
|
||||
namespace: traefik
|
||||
spec:
|
||||
entryPoints:
|
||||
- websecure
|
||||
- web
|
||||
routes:
|
||||
- kind: Rule
|
||||
match: Host(`tr-front.steffenillium.de`)
|
||||
services:
|
||||
- name: traefik-dashboard-front-internal
|
||||
port: 9000
|
||||
@ -9,14 +9,25 @@ spec:
|
||||
selector:
|
||||
app: local-traefik
|
||||
ports:
|
||||
- name: web
|
||||
# Local
|
||||
- name: web-local
|
||||
port: 80
|
||||
protocol: TCP
|
||||
targetPort: 8000
|
||||
- name: websecure
|
||||
targetPort: web-local
|
||||
- name: websecure-local
|
||||
port: 443
|
||||
protocol: TCP
|
||||
targetPort: 8443
|
||||
targetPort: websecure-local
|
||||
# Front
|
||||
- name: web-front
|
||||
port: 8000
|
||||
protocol: TCP
|
||||
targetPort: web-front
|
||||
- name: websecure-front
|
||||
port: 8443
|
||||
protocol: TCP
|
||||
targetPort: websecure-front
|
||||
|
||||
- name: dns
|
||||
port: 53
|
||||
protocol: UDP
|
||||
@ -24,4 +35,4 @@ spec:
|
||||
- name: traefik
|
||||
port: 9000
|
||||
protocol: TCP
|
||||
targetPort: 9000
|
||||
targetPort: traefik
|
||||
@ -1,23 +0,0 @@
|
||||
---
|
||||
kind: Kustomization
|
||||
apiVersion: kustomize.config.k8s.io/v1beta1
|
||||
resources:
|
||||
- traefik.containo.us_ingressroutes.yaml
|
||||
- traefik.containo.us_ingressroutetcps.yaml
|
||||
- traefik.containo.us_ingressrouteudps.yaml
|
||||
- traefik.containo.us_middlewares.yaml
|
||||
- traefik.containo.us_middlewaretcps.yaml
|
||||
- traefik.containo.us_serverstransports.yaml
|
||||
- traefik.containo.us_tlsoptions.yaml
|
||||
- traefik.containo.us_tlsstores.yaml
|
||||
- traefik.containo.us_traefikservices.yaml
|
||||
- traefik.io_ingressroutes.yaml
|
||||
- traefik.io_ingressroutetcps.yaml
|
||||
- traefik.io_ingressrouteudps.yaml
|
||||
- traefik.io_middlewares.yaml
|
||||
- traefik.io_middlewaretcps.yaml
|
||||
- traefik.io_serverstransports.yaml
|
||||
- traefik.io_serverstransporttcps.yaml
|
||||
- traefik.io_tlsoptions.yaml
|
||||
- traefik.io_tlsstores.yaml
|
||||
- traefik.io_traefikservices.yaml
|
||||
@ -1,10 +0,0 @@
|
||||
apiVersion: kustomize.config.k8s.io/v1beta1
|
||||
kind: Kustomization
|
||||
|
||||
resources:
|
||||
- foreign
|
||||
- cert
|
||||
- base/traefik-middleware-default-headers.yaml
|
||||
- base/traefik-pvc.yaml
|
||||
- crds
|
||||
- base/traefik-namespace.yaml
|
||||
@ -1,14 +1,14 @@
|
||||
apiVersion: traefik.io/v1alpha1
|
||||
kind: IngressRoute
|
||||
metadata:
|
||||
labels:
|
||||
expose: "true"
|
||||
name: website-ingress
|
||||
namespace: website
|
||||
spec:
|
||||
entryPoints:
|
||||
- web
|
||||
- websecure
|
||||
- web-front
|
||||
- websecure-front
|
||||
- web-local
|
||||
- websecure-local
|
||||
routes:
|
||||
- match: Host(`www.steffenillium.de`) || Host(`steffenillium.de`)
|
||||
kind: Rule
|
||||
|
||||
Reference in New Issue
Block a user