mirror of
https://github.com/JamesTurland/JimsGarage.git
synced 2024-11-22 07:50:19 +00:00
Create values.yaml
This commit is contained in:
tehNooB
GitHub
parent
1a299ef01d
commit
75e559b63a
1 changed files with 81 additions and 0 deletions
81
Kubernetes/Traefik-Crowdsec-PiHole/Helm/Traefik/values.yaml
Normal file
81
Kubernetes/Traefik-Crowdsec-PiHole/Helm/Traefik/values.yaml
Normal file
|
|
@ -0,0 +1,81 @@
|
||||||
|
globalArguments:
|
||||||
|
- "--global.sendanonymoususage=false"
|
||||||
|
- "--global.checknewversion=true"
|
||||||
|
|
||||||
|
additionalArguments:
|
||||||
|
- "--serversTransport.insecureSkipVerify=true"
|
||||||
|
- "--log.level=INFO"
|
||||||
|
- "--experimental.plugins.bouncer.moduleName=github.com/maxlerebourg/crowdsec-bouncer-traefik-plugin" # add crowdsec
|
||||||
|
- "--experimental.plugins.bouncer.version=v1.1.16" # you will need to update this from time to time
|
||||||
|
- "--entrypoints.web.http.middlewares=traefik-bouncer@kubernetescrd"
|
||||||
|
- "--entrypoints.websecure.http.middlewares=traefik-bouncer@kubernetescrd"
|
||||||
|
- "--providers.kubernetescrd"
|
||||||
|
|
||||||
|
deployment:
|
||||||
|
enabled: true
|
||||||
|
replicas: 2 # we have 2 worker nodes
|
||||||
|
annotations: {}
|
||||||
|
podAnnotations: {}
|
||||||
|
additionalContainers: []
|
||||||
|
initContainers: []
|
||||||
|
|
||||||
|
nodeSelector:
|
||||||
|
worker: "true" # assign pods to worker nodes
|
||||||
|
|
||||||
|
ports:
|
||||||
|
web:
|
||||||
|
redirectTo: websecure
|
||||||
|
websecure:
|
||||||
|
tls:
|
||||||
|
enabled: true
|
||||||
|
wireguard: # example of other entrypoint (e.g., wireguard through proxy)
|
||||||
|
port: 51820
|
||||||
|
expose: true
|
||||||
|
exposedPort: 51820
|
||||||
|
protocol: UDP
|
||||||
|
|
||||||
|
ingressRoute:
|
||||||
|
dashboard:
|
||||||
|
enabled: false
|
||||||
|
|
||||||
|
providers:
|
||||||
|
kubernetesCRD:
|
||||||
|
enabled: true
|
||||||
|
ingressClass: traefik-external
|
||||||
|
allowExternalNameServices: true
|
||||||
|
allowCrossNamespace: true
|
||||||
|
kubernetesIngress:
|
||||||
|
enabled: true
|
||||||
|
allowExternalNameServices: true
|
||||||
|
publishedService:
|
||||||
|
enabled: false
|
||||||
|
|
||||||
|
rbac:
|
||||||
|
enabled: true
|
||||||
|
|
||||||
|
service:
|
||||||
|
enabled: true
|
||||||
|
type: LoadBalancer
|
||||||
|
annotations: {}
|
||||||
|
labels: {}
|
||||||
|
spec:
|
||||||
|
loadBalancerIP: 192.168.3.65 # this should be an IP in the MetalLB range
|
||||||
|
externalTrafficPolicy: Local
|
||||||
|
loadBalancerSourceRanges: []
|
||||||
|
externalIPs: []
|
||||||
|
|
||||||
|
logs:
|
||||||
|
access:
|
||||||
|
enabled: true
|
||||||
|
|
||||||
|
experimental:
|
||||||
|
plugins:
|
||||||
|
enabled: true
|
||||||
|
|
||||||
|
volumes:
|
||||||
|
- name: crowdsec-bouncer-tls
|
||||||
|
mountPath: /etc/traefik/crowdsec-certs/
|
||||||
|
type: secret
|
||||||
|
|
||||||
|
image:
|
||||||
|
pullPolicy: Always # whenever we delete the pod it will pull the newest - change as you wish
|
||||||
Loading…
Reference in a new issue