Use helm to deploy traefik

2021-01-19 00:00:47 +01:00 · 2021-01-19 00:00:47 +01:00 · 88bdd20377
commit 88bdd20377
parent bdbf908070
51 changed files with 16 additions and 1432 deletions
--- a/templates/traefik-file-provider.yml.j2
+++ b/templates/traefik-file-provider.yml.j2
@ -1,73 +0,0 @@
---
-apiVersion: v1
-kind: ConfigMap
-metadata:
-  name: traefik-file-provider
-  namespace: traefik
-data:
-  traefik-middlewares.yaml: |
-    http:
-      middlewares:
-        compress:
-          compress:
-            excludedContentTypes: ["text/event-stream"]
-        rate-limit:
-          rateLimit:
-            average: 100
-            burst: 50
-        security_headers:
-          headers:
-            accessControlAllowMethods: ["GET", "OPTIONS", "PUT"]
-            accessControlAllowOrigin: "origin-list-or-null"
-            accessControlMaxAge: 100
-            addVaryHeader: true
-            browserXssFilter: true
-            contentTypeNosniff: true
-            forceSTSHeader: true
-            frameDeny: true
-            stsIncludeSubdomains: true
-            stsPreload: true
-            customFrameOptionsValue: "SAMEORIGIN"
-            referrerPolicy: "same-origin"
-            featurePolicy: "vibrate 'self'"
-            stsSeconds: 315360000
-            sslRedirect: true
-            contentSecurityPolicy: "default-src 'self' 'unsafe-inline'"
-    #        customResponseHeaders:
-    #          X-Robots-Tag: "none,noarchive,nosnippet,notranslate,noimageindex,"
-    #          server: ""
-{% if ingress_whitelist is defined %}
-        traefik-ipwhitelist:
-          ipWhiteList:
-            sourceRange:
-{% for acl_whitelist in ingress_whitelist %}
-              - {{ acl_whitelist }}
-{% endfor %}
-{% endif %}
-{% if basic_auth|bool %}
-        basic-auth:
-          basicAuth:
-            removeHeader: true
-            usersFile: "/etc/traefik/basic-auth/basic_auth"
-    #        users:
-    #          - {{ basic_auth_data }}
-{% endif %}
-        authelia:
-          forwardAuth:
-            address: "http://authelia:9091/api/verify?rd=https://login.example.com/"
-            trustForwardHeader: true
-            authReponseHeaders: ["Remote-User", "Remote-Groups", "Remote-Name", "Remote-Email"]
-
-  traefik-tls-defaults-options.yaml: |
-    tls:
-      options:
-          default:
-            sniStrict: true
-            minVersion: VersionTLS12
-            curvePreferences:
-              - CurveP521
-              - CurveP384
-            cipherSuites:
-              - TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
-              - TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
-              - TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305