nomad/kubs
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Traefik values

Browse source
This commit is contained in:
nomadics9 2025-01-12 02:51:35 +03:00
parent 7e5dfd0423
commit 37c3a17628
1 changed files with 435 additions and 65 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

500
charts/traefik/values.yaml
View file

@ -1,75 +1,445 @@
ports:
web:
port: 80
targetPort: 80
nodePort: 30808
websecure:
port: 443
targetPort: 443
nodePort: 30443
ssh:
port: 2222
targetport: 2222
nodePort: 30222
rbac:
enabled: true
serviceAccount:
name: traefik
providers:
kubernetesIngress:
namespaces: []
kubernetesCRD:
namespaces: []
kubernetesGateway:
namespaces: []
service:
type: LoadBalancer
spec:
externalTrafficPolicy: Local
nodeSelector:
kubernetes.io/hostname: alaskarserver
additionalArguments: additionalArguments:
- "--entrypoints.web.forwardedHeaders.trustedIPs=0.0.0.0/0" - --entrypoints.web.forwardedHeaders.trustedIPs=0.0.0.0/0
- "--entrypoints.websecure.forwardedHeaders.trustedIPs=0.0.0.0/0" - --entrypoints.websecure.forwardedHeaders.trustedIPs=0.0.0.0/0
- "--entrypoints.ssh.address=:2222" - --entrypoints.ssh.address=:2222
- "--providers.kubernetescrd.allowCrossNamespace=true" - --providers.kubernetescrd.allowCrossNamespace=true
- "--log.level=INFO" - --log.level=INFO
additionalVolumeMounts: []
ingressClass: affinity: {}
enabled: true autoscaling:
isDefaultClass: true enabled: false
name: traefik-ingress
persistence:
enabled: true
existingClaim: nfs-ssd-traefik-pvc # Persistent storage for ACME certificates
subPath: certs
initContainers:
- name: volume-permissions
image: busybox:latest
command: ["sh", "-c", "mkdir -p /data && touch /data/acme.json && chmod 600 /data/acme.json"]
volumeMounts:
- name: data
mountPath: /data
certificatesResolvers: certificatesResolvers:
le: le:
acme: acme:
email: sager@alaskar.dev email: sager@alaskar.dev
storage: /data/acme.json
httpChallenge: httpChallenge:
entryPoint: web entryPoint: web
storage: /data/acme.json
commonLabels: {}
core:
defaultRuleSyntax: ''
deployment:
additionalContainers: []
additionalVolumes: []
annotations: {}
dnsConfig: {}
dnsPolicy: ''
enabled: true
healthchecksHost: ''
healthchecksPort: null
healthchecksScheme: null
hostAliases: []
imagePullSecrets: []
initContainers: []
kind: Deployment
labels: {}
lifecycle: {}
livenessPath: ''
minReadySeconds: 0
podAnnotations: {}
podLabels: {}
readinessPath: ''
replicas: 1
revisionHistoryLimit: null
runtimeClassName: ''
shareProcessNamespace: false
terminationGracePeriodSeconds: 60
env: []
envFrom: []
experimental: experimental:
abortOnPluginFailure: false
kubernetesGateway:
enabled: false
plugins: plugins:
traefik-umami-feeder: traefik-umami-feeder:
moduleName: "github.com/astappiev/traefik-umami-feeder" moduleName: github.com/astappiev/traefik-umami-feeder
version: "v1.2.0" version: v1.2.0
extraObjects: []
gateway:
annotations: {}
enabled: true
infrastructure: {}
listeners:
web:
hostname: ''
namespacePolicy: null
port: 8000
protocol: HTTP
name: ''
namespace: ''
gatewayClass:
enabled: true
labels: {}
name: ''
globalArguments:
- --global.checknewversion
- --global.sendanonymoususage
hostNetwork: false
hub:
apimanagement:
admission:
listenAddr: ''
secretName: ''
enabled: false
redis:
cluster: null
database: null
endpoints: ''
password: ''
sentinel:
masterset: ''
password: ''
username: ''
timeout: ''
tls:
ca: ''
cert: ''
insecureSkipVerify: false
key: ''
username: ''
sendlogs: null
token: ''
image:
pullPolicy: IfNotPresent
registry: docker.io
repository: traefik
tag: null
ingressClass:
enabled: true
isDefaultClass: true
name: traefik-ingress
ingressRoute:
dashboard:
annotations: {}
enabled: false
entryPoints:
- traefik
labels: {}
matchRule: PathPrefix(`/dashboard`) || PathPrefix(`/api`)
middlewares: []
services:
- kind: TraefikService
name: api@internal
tls: {}
healthcheck:
annotations: {}
enabled: false
entryPoints:
- traefik
labels: {}
matchRule: PathPrefix(`/ping`)
middlewares: []
services:
- kind: TraefikService
name: ping@internal
tls: {}
initContainers:
- command:
- sh
- -c
- mkdir -p /data && touch /data/acme.json && chmod 600 /data/acme.json
image: busybox:latest
name: volume-permissions
volumeMounts:
- mountPath: /data
name: data
instanceLabelOverride: ''
livenessProbe:
failureThreshold: 3
initialDelaySeconds: 2
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 2
logs:
access:
addInternals: false
bufferingSize: null
enabled: false
fields:
general:
defaultmode: keep
names: {}
headers:
defaultmode: drop
names: {}
filters:
minduration: ''
retryattempts: false
statuscodes: ''
format: null
general:
filePath: ''
format: null
level: INFO
noColor: false
metrics:
addInternals: false
otlp:
addEntryPointsLabels: null
addRoutersLabels: null
addServicesLabels: null
enabled: false
explicitBoundaries: []
grpc:
enabled: false
endpoint: ''
insecure: false
tls:
ca: ''
cert: ''
insecureSkipVerify: false
key: ''
http:
enabled: false
endpoint: ''
headers: {}
tls:
ca: ''
cert: ''
insecureSkipVerify: null
key: ''
pushInterval: ''
prometheus:
addEntryPointsLabels: null
addRoutersLabels: null
addServicesLabels: null
buckets: ''
disableAPICheck: null
entryPoint: metrics
manualRouting: false
prometheusRule:
additionalLabels: {}
enabled: false
namespace: ''
service:
annotations: {}
enabled: false
labels: {}
serviceMonitor:
additionalLabels: {}
enableHttp2: false
enabled: false
followRedirects: false
honorLabels: false
honorTimestamps: false
interval: ''
jobLabel: ''
metricRelabelings: []
namespace: ''
namespaceSelector: {}
relabelings: []
scrapeTimeout: ''
namespaceOverride: ''
nodeSelector:
kubernetes.io/hostname: alaskarserver
persistence:
accessMode: ReadWriteOnce
annotations: {}
enabled: true
existingClaim: nfs-ssd-traefik-pvc
name: data
path: /data
size: 128Mi
storageClass: ''
subPath: certs
volumeName: ''
podDisruptionBudget:
enabled: false
maxUnavailable: null
minAvailable: null
podSecurityContext:
runAsGroup: 65532
runAsNonRoot: true
runAsUser: 65532
podSecurityPolicy:
enabled: false
ports:
metrics:
expose:
default: false
exposedPort: 9100
port: 9100
protocol: TCP
ssh:
nodePort: 30222
port: 2222
targetport: 2222
traefik:
expose:
default: false
exposedPort: 8080
hostIP: null
hostPort: null
port: 8080
protocol: TCP
web:
expose:
default: true
exposedPort: 80
forwardedHeaders:
insecure: false
trustedIPs: []
nodePort: 30808
port: 80
protocol: TCP
proxyProtocol:
insecure: false
trustedIPs: []
redirectTo: {}
targetPort: 80
transport:
keepAliveMaxRequests: null
keepAliveMaxTime: null
lifeCycle:
graceTimeOut: null
requestAcceptGraceTimeout: null
respondingTimeouts:
idleTimeout: null
readTimeout: null
writeTimeout: null
websecure:
allowACMEByPass: false
appProtocol: null
containerPort: null
expose:
default: true
exposedPort: 443
forwardedHeaders:
insecure: false
trustedIPs: []
hostPort: null
http3:
advertisedPort: null
enabled: false
middlewares: []
nodePort: 30443
port: 443
protocol: TCP
proxyProtocol:
insecure: false
trustedIPs: []
targetPort: 443
tls:
certResolver: ''
domains: []
enabled: true
options: ''
transport:
keepAliveMaxRequests: null
keepAliveMaxTime: null
lifeCycle:
graceTimeOut: null
requestAcceptGraceTimeout: null
respondingTimeouts:
idleTimeout: null
readTimeout: null
writeTimeout: null
priorityClassName: ''
providers:
file:
content: ''
enabled: false
watch: true
kubernetesCRD:
allowCrossNamespace: false
allowEmptyServices: true
allowExternalNameServices: false
enabled: true
ingressClass: ''
namespaces: []
nativeLBByDefault: false
kubernetesGateway:
enabled: false
experimentalChannel: false
labelselector: ''
namespaces: []
nativeLBByDefault: false
statusAddress:
hostname: ''
ip: ''
service:
name: '{{ (include "traefik.fullname" .) }}'
namespace: '{{ .Release.Namespace }}'
kubernetesIngress:
allowEmptyServices: true
allowExternalNameServices: false
enabled: true
ingressClass: null
namespaces: []
nativeLBByDefault: false
publishedService:
enabled: true
pathOverride: ''
rbac:
aggregateTo: []
enabled: true
namespaced: false
secretResourceNames: []
readinessProbe:
failureThreshold: 1
initialDelaySeconds: 2
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 2
resources: {}
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
readOnlyRootFilesystem: true
service:
additionalServices: {}
annotations: {}
annotationsTCP: {}
annotationsUDP: {}
enabled: true
externalIPs: []
labels: {}
loadBalancerSourceRanges: []
single: true
spec:
externalTrafficPolicy: Local
type: LoadBalancer
serviceAccount:
name: traefik
serviceAccountAnnotations: {}
startupProbe: {}
tlsOptions: {}
tlsStore: {}
tolerations: []
topologySpreadConstraints: []
tracing:
addInternals: false
capturedRequestHeaders: []
capturedResponseHeaders: []
globalAttributes: {}
otlp:
enabled: false
grpc:
enabled: false
endpoint: ''
insecure: false
tls:
ca: ''
cert: ''
insecureSkipVerify: false
key: ''
http:
enabled: false
endpoint: ''
headers: {}
tls:
ca: ''
cert: ''
insecureSkipVerify: false
key: ''
safeQueryParams: []
sampleRate: null
serviceName: null
updateStrategy:
rollingUpdate:
maxSurge: 1
maxUnavailable: 0
type: RollingUpdate
volumes: []