work in progress
This commit is contained in:
commit
5f68c259f5
17 changed files with 994 additions and 0 deletions
66
templates/dashboard-ingress.yaml
Normal file
66
templates/dashboard-ingress.yaml
Normal file
|
|
@ -0,0 +1,66 @@
|
|||
{% if traefik_version | regex_search('(^1.)') %}
|
||||
apiVersion: extensions/v1beta1
|
||||
kind: Ingress
|
||||
metadata:
|
||||
annotations:
|
||||
{% if ingress_whitelist is defined %}
|
||||
ingress.kubernetes.io/whitelist-source-range: "{% for acl_whitelist in ingress_whitelist %}{{ acl_whitelist }}{% if not loop.last %}, {% endif %}{% endfor %}"
|
||||
{% endif %}
|
||||
traefik.frontend.priority: "20"
|
||||
{% if basic_auth is defined %}
|
||||
traefik.ingress.kubernetes.io/auth-type: basic
|
||||
traefik.ingress.kubernetes.io/auth-secret: basic-auth
|
||||
{% endif %}
|
||||
ingress.kubernetes.io/custom-request-headers: "Authorization:Bearer {{ token_value.stdout | b64decode }}"
|
||||
labels:
|
||||
k8s-app: kubernetes-dashboard
|
||||
name: kubernetes-dashboard
|
||||
namespace: kubernetes-dashboard
|
||||
spec:
|
||||
rules:
|
||||
- host: dashboard.{{ ingress_domain }}
|
||||
http:
|
||||
paths:
|
||||
- backend:
|
||||
serviceName: kubernetes-dashboard
|
||||
servicePort: 443
|
||||
{% else %}
|
||||
{% if traefik_version | regex_search('(^2.)') %}
|
||||
apiVersion: traefik.containo.us/v1alpha1
|
||||
kind: IngressRoute
|
||||
metadata:
|
||||
labels:
|
||||
k8s-app: kubernetes-dashboard
|
||||
name: kubernetes-dashboard
|
||||
namespace: kubernetes-dashboard
|
||||
spec:
|
||||
entryPoints:
|
||||
- https
|
||||
routes:
|
||||
- kind: Rule
|
||||
match: Host(`dashboard.{{ ingress_domain }}`)
|
||||
priority: 12
|
||||
middlewares:
|
||||
{% if ingress_whitelist is defined %}
|
||||
- name: traefik-ipwhitelist
|
||||
namespace: traefik
|
||||
{% endif %}
|
||||
{% if basic_auth is defined %}
|
||||
- name: basic-auth
|
||||
namespace: traefik
|
||||
{% endif %}
|
||||
- name: kubernetes-dashboard-auth
|
||||
services:
|
||||
- name: kubernetes-dashboard
|
||||
passHostHeader: true
|
||||
port: 443
|
||||
responseForwarding:
|
||||
flushInterval: 100ms
|
||||
weight: 1
|
||||
tls:
|
||||
options:
|
||||
name: default
|
||||
namespace: traefik
|
||||
secretName: wildcard-cluster
|
||||
{% endif %}
|
||||
{% endif %}
|
||||
5
templates/drone-Namespace.yaml.j2
Normal file
5
templates/drone-Namespace.yaml.j2
Normal file
|
|
@ -0,0 +1,5 @@
|
|||
apiVersion: v1
|
||||
kind: Namespace
|
||||
metadata:
|
||||
name: drone
|
||||
|
||||
8
templates/drone-runner/drone-runner-Secret.yaml.j2
Normal file
8
templates/drone-runner/drone-runner-Secret.yaml.j2
Normal file
|
|
@ -0,0 +1,8 @@
|
|||
apiVersion: v1
|
||||
kind: Secret
|
||||
metadata:
|
||||
name: drone-runner
|
||||
namespace: drone
|
||||
type: Opaque
|
||||
stringData:
|
||||
DRONE_RPC_SECRET: {{ drone_secret }}
|
||||
Loading…
Add table
Add a link
Reference in a new issue