traefik-helmchartconfig.yaml 1.6 KB

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849
  1. apiVersion: helm.cattle.io/v1
  2. kind: HelmChartConfig
  3. metadata:
  4. name: traefik
  5. namespace: kube-system
  6. spec:
  7. valuesContent: |-
  8. ports:
  9. web:
  10. exposedPort: 80
  11. websecure:
  12. exposedPort: 443
  13. additionalArguments:
  14. # Auto cert renewal via cloudflare
  15. #- "--certificatesresolvers.letsencrypt.acme.email=some-email-here"
  16. - "--certificatesresolvers.letsencrypt.acme.email=joshbicking@comcast.net"
  17. - "--certificatesresolvers.letsencrypt.acme.storage=/data/acme.json"
  18. - "--certificatesresolvers.letsencrypt.acme.dnschallenge.provider=cloudflare"
  19. - "--certificatesresolvers.letsencrypt.acme.dnschallenge.resolvers=1.1.1.1:53,8.8.8.8:53"
  20. - "--entrypoints.websecure.http.tls.certResolver=letsencrypt"
  21. - "--entrypoints.websecure.http.tls.domains[0].main=jibby.org"
  22. - "--entrypoints.websecure.http.tls.domains[0].sans=*.jibby.org"
  23. - "--log.level=DEBUG"
  24. # debug, uncomment for testing
  25. #- "--certificatesresolvers.letsencrypt.acme.caServer=https://acme-staging-v02.api.letsencrypt.org/directory"
  26. env:
  27. - name: CLOUDFLARE_EMAIL
  28. valueFrom:
  29. secretKeyRef:
  30. name: cloudflare-secrets
  31. key: email
  32. optional: false
  33. - name: CLOUDFLARE_API_KEY
  34. valueFrom:
  35. secretKeyRef:
  36. name: cloudflare-secrets
  37. key: api-key
  38. optional: false
  39. persistence:
  40. enabled: true
  41. storageClass: ceph-block
  42. # Fix for acme.json file being changed to 660 from 600
  43. podSecurityContext:
  44. fsGroup: null