homelab/values/traefik.yaml

69 lines
1.6 KiB
YAML

# Apply: helm upgrade --install traefik traefik/traefik -f values/traefik.yaml -n traefik --create-namespace
# Description: Helm values for Traefik v3 ingress controller with Let's Encrypt
deployment:
replicas: 1
affinity:
nodeAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
nodeSelectorTerms:
- matchExpressions:
- key: node-role
operator: In
values:
- primary
ingressClass:
enabled: true
isDefaultClass: true
ports:
web:
port: 8000
exposedPort: 80
http:
redirections:
entryPoint:
to: websecure
scheme: https
permanent: true
priority: 1
websecure:
port: 8443
exposedPort: 443
service:
type: LoadBalancer
spec:
externalTrafficPolicy: Local
additionalArguments:
- "--certificatesresolvers.letsencrypt.acme.httpchallenge=true"
- "--certificatesresolvers.letsencrypt.acme.httpchallenge.entrypoint=web"
- "--certificatesresolvers.letsencrypt.acme.email=nik@nik4nao.com"
- "--certificatesresolvers.letsencrypt.acme.storage=/data/traefik/acme.json"
- "--tracing.otlp=true"
- "--tracing.otlp.grpc=true"
- "--tracing.otlp.grpc.endpoint=otel-collector-opentelemetry-collector.monitoring.svc.cluster.local:4317"
- "--tracing.otlp.grpc.insecure=true"
providers:
kubernetesCRD:
allowCrossNamespace: true
volumes:
- name: traefik-data
hostPath:
path: /data/traefik
type: DirectoryOrCreate
mountPath: /data/traefik
logs:
general:
level: INFO
access:
enabled: true
api:
dashboard: true
insecure: false