cloudflared.yaml 2.8 KB

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980818283848586878889909192
  1. # https://github.com/cloudflare/argo-tunnel-examples/blob/master/named-tunnel-k8s/cloudflared.yaml
  2. ---
  3. apiVersion: apps/v1
  4. kind: Deployment
  5. metadata:
  6. name: cloudflared
  7. namespace: kube-system
  8. spec:
  9. selector:
  10. matchLabels:
  11. app: cloudflared
  12. replicas: 3
  13. template:
  14. metadata:
  15. labels:
  16. app: cloudflared
  17. spec:
  18. containers:
  19. - name: cloudflared
  20. image: cloudflare/cloudflared:2022.6.3
  21. args:
  22. - tunnel
  23. - --config
  24. - /etc/cloudflared/config/config.yaml
  25. - run
  26. ports:
  27. - containerPort: 2000
  28. name: metrics
  29. livenessProbe:
  30. httpGet:
  31. path: /ready
  32. port: 2000
  33. failureThreshold: 1
  34. initialDelaySeconds: 10
  35. periodSeconds: 10
  36. volumeMounts:
  37. - name: config
  38. mountPath: /etc/cloudflared/config
  39. readOnly: true
  40. - name: creds
  41. mountPath: /etc/cloudflared/creds
  42. readOnly: true
  43. volumes:
  44. - name: creds
  45. secret:
  46. secretName: tunnel-credentials
  47. - name: config
  48. configMap:
  49. name: cloudflared
  50. items:
  51. - key: config.yaml
  52. path: config.yaml
  53. ---
  54. apiVersion: v1
  55. kind: ConfigMap
  56. metadata:
  57. name: cloudflared
  58. namespace: kube-system
  59. data:
  60. config.yaml: |
  61. tunnel: example-tunnel
  62. credentials-file: /etc/cloudflared/creds/credentials.json
  63. metrics: 0.0.0.0:2000
  64. ingress:
  65. - hostname: jibby.org
  66. service: http://jekyll-service.blog.svc.cluster.local:80
  67. - hostname: nextcloud.jibby.org
  68. service: http://nextcloud.nextcloud.svc.cluster.local:8080
  69. - hostname: gogs.jibby.org
  70. service: http://gogs-service.gogs.svc.cluster.local:3000
  71. - hostname: matrix.jibby.org
  72. service: http://matrix-service.matrix.svc.cluster.local:8008
  73. - hostname: selfoss.jibby.org
  74. service: http://selfoss-service.selfoss.svc.cluster.local:8888
  75. - hostname: plex.jibby.org
  76. service: http://plex-service.plex.svc.cluster.local:32400
  77. - hostname: jellyfin.jibby.org
  78. service: http://jellyfin-service.plex.svc.cluster.local:8096
  79. - hostname: s3.jibby.org
  80. service: http://rook-ceph-rgw-ceph-objectstore.rook-ceph.svc.cluster.local:6980
  81. - hostname: miniflux.jibby.org
  82. service: http://miniflux-service.miniflux.svc.cluster.local:8080
  83. - hostname: vaultwarden.jibby.org
  84. service: http://vaultwarden-service.vaultwarden.svc.cluster.local:80
  85. - hostname: vaultwarden.jibby.org
  86. path: /notifications/hub.*
  87. service: http://vaultwarden-service.vaultwarden.svc.cluster.local:3012
  88. - hostname: mastodon.jibby.org
  89. service: http://mastodon-service.mastodon.svc.cluster.local:3000
  90. - hostname: streaming-mastodon.jibby.org
  91. service: http://mastodon-service.mastodon.svc.cluster.local:4000
  92. - service: http_status:404