Nik Afiq
83f46c9748
feat(gitea): create PersistentVolume and PersistentVolumeClaim for Gitea feat(gitea): add script to create Gitea runner registration token secret feat(gitea): deploy Gitea Actions runner with Docker socket access feat(media): deploy JDownloader with Ingress configuration feat(media): set up Jellyfin media server with NFS and Ingress feat(media): configure qBittorrent deployment with Ingress feat(monitoring): add Grafana Loki datasource ConfigMap feat(monitoring): create Grafana admin credentials secret feat(monitoring): define PersistentVolumes for monitoring stack feat(network): implement DDNS CronJob for Porkbun DNS updates feat(network): create secret for Porkbun DDNS API credentials feat(network): set up Glances service and Ingress for Debian node fix(network): patch Pi-hole DNS services with external IPs feat(network): configure Traefik dashboard Ingress with Authentik auth feat(network): set up Watch Party service and Ingress for Mac Mini refactor(values): update Helm values files for various services
63 lines
1.4 KiB
YAML
63 lines
1.4 KiB
YAML
# Apply: helm upgrade --install traefik traefik/traefik -f values/traefik.yaml -n traefik --create-namespace
|
|
# Description: Helm values for Traefik v3 ingress controller with Let's Encrypt
|
|
|
|
deployment:
|
|
replicas: 1
|
|
affinity:
|
|
nodeAffinity:
|
|
requiredDuringSchedulingIgnoredDuringExecution:
|
|
nodeSelectorTerms:
|
|
- matchExpressions:
|
|
- key: node-role
|
|
operator: In
|
|
values:
|
|
- primary
|
|
|
|
ingressClass:
|
|
enabled: true
|
|
isDefaultClass: true
|
|
|
|
ports:
|
|
web:
|
|
port: 8000
|
|
exposedPort: 80
|
|
http:
|
|
redirections:
|
|
entryPoint:
|
|
to: websecure
|
|
scheme: https
|
|
permanent: true
|
|
priority: 1
|
|
websecure:
|
|
port: 8443
|
|
exposedPort: 443
|
|
|
|
service:
|
|
type: LoadBalancer
|
|
|
|
additionalArguments:
|
|
- "--certificatesresolvers.letsencrypt.acme.httpchallenge=true"
|
|
- "--certificatesresolvers.letsencrypt.acme.httpchallenge.entrypoint=web"
|
|
- "--certificatesresolvers.letsencrypt.acme.email=nik.afiq98@ymail.com"
|
|
- "--certificatesresolvers.letsencrypt.acme.storage=/data/traefik/acme.json"
|
|
|
|
providers:
|
|
kubernetesCRD:
|
|
allowCrossNamespace: true
|
|
|
|
volumes:
|
|
- name: traefik-data
|
|
hostPath:
|
|
path: /data/traefik
|
|
type: DirectoryOrCreate
|
|
mountPath: /data/traefik
|
|
|
|
logs:
|
|
general:
|
|
level: INFO
|
|
access:
|
|
enabled: true
|
|
|
|
api:
|
|
dashboard: true
|
|
insecure: false |