Switched to nginx
Signed-off-by: Marcus Noble <github@marcusnoble.co.uk>
This commit is contained in:
parent
36d87d3c12
commit
f516ee38ae
GPG Key ID:
B8F2DB8A7AEBAF78
|
|
@ -62,9 +62,7 @@ metadata:
|
|||
namespace: anniversary
|
||||
annotations:
|
||||
cert-manager.io/cluster-issuer: letsencrypt
|
||||
traefik.ingress.kubernetes.io/frontend-entry-points: http,https
|
||||
traefik.ingress.kubernetes.io/redirect-entry-point: https
|
||||
traefik.ingress.kubernetes.io/redirect-permanent: "true"
|
||||
nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
|
||||
spec:
|
||||
tls:
|
||||
- hosts:
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
apiVersion: argoproj.io/v1alpha1
|
||||
kind: Application
|
||||
metadata:
|
||||
name: traefik-lb
|
||||
name: nginx-lb
|
||||
namespace: argocd
|
||||
finalizers:
|
||||
- resources-finalizer.argocd.argoproj.io
|
||||
|
|
@ -11,7 +11,7 @@ spec:
|
|||
namespace: kube-system
|
||||
name: cluster-fun (scaleway)
|
||||
source:
|
||||
path: manifests/traefik-lb
|
||||
path: manifests/nginx-lb
|
||||
repoURL: "https://git.cluster.fun/AverageMarcus/cluster.fun.git"
|
||||
targetRevision: HEAD
|
||||
syncPolicy:
|
||||
|
|
@ -64,9 +64,7 @@ spec:
|
|||
enabled: true
|
||||
annotations:
|
||||
cert-manager.io/cluster-issuer: letsencrypt
|
||||
traefik.ingress.kubernetes.io/frontend-entry-points: http,https
|
||||
traefik.ingress.kubernetes.io/redirect-entry-point: https
|
||||
traefik.ingress.kubernetes.io/redirect-permanent: "true"
|
||||
nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
|
||||
tls:
|
||||
- hosts:
|
||||
- wallabag.cluster.fun
|
||||
|
|
|
|||
|
|
@ -7,10 +7,9 @@ metadata:
|
|||
app: argo
|
||||
annotations:
|
||||
cert-manager.io/cluster-issuer: letsencrypt
|
||||
traefik.ingress.kubernetes.io/frontend-entry-points: http,https
|
||||
traefik.ingress.kubernetes.io/redirect-entry-point: https
|
||||
traefik.ingress.kubernetes.io/redirect-permanent: "true"
|
||||
nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
|
||||
spec:
|
||||
ingressClassName: nginx
|
||||
tls:
|
||||
- hosts:
|
||||
- argo.cluster.fun
|
||||
|
|
|
|||
|
|
@ -49,10 +49,9 @@ metadata:
|
|||
namespace: base64
|
||||
annotations:
|
||||
cert-manager.io/cluster-issuer: letsencrypt
|
||||
traefik.ingress.kubernetes.io/frontend-entry-points: http,https
|
||||
traefik.ingress.kubernetes.io/redirect-entry-point: https
|
||||
traefik.ingress.kubernetes.io/redirect-permanent: "true"
|
||||
nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
|
||||
spec:
|
||||
ingressClassName: nginx
|
||||
tls:
|
||||
- hosts:
|
||||
- base64.cluster.fun
|
||||
|
|
|
|||
|
|
@ -57,10 +57,9 @@ metadata:
|
|||
namespace: blog
|
||||
annotations:
|
||||
cert-manager.io/cluster-issuer: letsencrypt
|
||||
traefik.ingress.kubernetes.io/frontend-entry-points: http,https
|
||||
traefik.ingress.kubernetes.io/redirect-entry-point: https
|
||||
traefik.ingress.kubernetes.io/redirect-permanent: "true"
|
||||
nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
|
||||
spec:
|
||||
ingressClassName: nginx
|
||||
tls:
|
||||
- hosts:
|
||||
- marcusnoble.co.uk
|
||||
|
|
@ -85,10 +84,9 @@ metadata:
|
|||
namespace: blog
|
||||
annotations:
|
||||
cert-manager.io/cluster-issuer: letsencrypt
|
||||
traefik.ingress.kubernetes.io/frontend-entry-points: http,https
|
||||
traefik.ingress.kubernetes.io/redirect-entry-point: https
|
||||
traefik.ingress.kubernetes.io/redirect-permanent: "true"
|
||||
nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
|
||||
spec:
|
||||
ingressClassName: nginx
|
||||
tls:
|
||||
- hosts:
|
||||
- www.marcusnoble.co.uk
|
||||
|
|
@ -113,10 +111,9 @@ metadata:
|
|||
namespace: blog
|
||||
annotations:
|
||||
cert-manager.io/cluster-issuer: letsencrypt
|
||||
traefik.ingress.kubernetes.io/frontend-entry-points: http,https
|
||||
traefik.ingress.kubernetes.io/redirect-entry-point: https
|
||||
traefik.ingress.kubernetes.io/redirect-permanent: "true"
|
||||
nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
|
||||
spec:
|
||||
ingressClassName: nginx
|
||||
tls:
|
||||
- hosts:
|
||||
- blog.marcusnoble.co.uk
|
||||
|
|
|
|||
|
|
@ -41,4 +41,4 @@ spec:
|
|||
solvers:
|
||||
- http01:
|
||||
ingress:
|
||||
class: traefik
|
||||
class: nginx
|
||||
|
|
|
|||
|
|
@ -5,10 +5,9 @@ metadata:
|
|||
namespace: inlets
|
||||
annotations:
|
||||
cert-manager.io/cluster-issuer: letsencrypt
|
||||
traefik.ingress.kubernetes.io/frontend-entry-points: http,https
|
||||
traefik.ingress.kubernetes.io/redirect-entry-point: https
|
||||
traefik.ingress.kubernetes.io/redirect-permanent: "true"
|
||||
nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
|
||||
spec:
|
||||
ingressClassName: nginx
|
||||
tls:
|
||||
- hosts:
|
||||
- code.cluster.fun
|
||||
|
|
|
|||
|
|
@ -42,10 +42,9 @@ metadata:
|
|||
namespace: cors-proxy
|
||||
annotations:
|
||||
cert-manager.io/cluster-issuer: letsencrypt
|
||||
traefik.ingress.kubernetes.io/frontend-entry-points: http,https
|
||||
traefik.ingress.kubernetes.io/redirect-entry-point: https
|
||||
traefik.ingress.kubernetes.io/redirect-permanent: "true"
|
||||
nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
|
||||
spec:
|
||||
ingressClassName: nginx
|
||||
tls:
|
||||
- hosts:
|
||||
- cors-proxy.cluster.fun
|
||||
|
|
@ -70,10 +69,9 @@ metadata:
|
|||
namespace: cors-proxy
|
||||
annotations:
|
||||
cert-manager.io/cluster-issuer: letsencrypt
|
||||
traefik.ingress.kubernetes.io/frontend-entry-points: http,https
|
||||
traefik.ingress.kubernetes.io/redirect-entry-point: https
|
||||
traefik.ingress.kubernetes.io/redirect-permanent: "true"
|
||||
nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
|
||||
spec:
|
||||
ingressClassName: nginx
|
||||
tls:
|
||||
- hosts:
|
||||
- cors-proxy.marcusnoble.co.uk
|
||||
|
|
|
|||
|
|
@ -62,10 +62,9 @@ metadata:
|
|||
namespace: cv
|
||||
annotations:
|
||||
cert-manager.io/cluster-issuer: letsencrypt
|
||||
traefik.ingress.kubernetes.io/frontend-entry-points: http,https
|
||||
traefik.ingress.kubernetes.io/redirect-entry-point: https
|
||||
traefik.ingress.kubernetes.io/redirect-permanent: "true"
|
||||
nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
|
||||
spec:
|
||||
ingressClassName: nginx
|
||||
tls:
|
||||
- hosts:
|
||||
- cv.marcusnoble.co.uk
|
||||
|
|
|
|||
|
|
@ -111,10 +111,9 @@ metadata:
|
|||
namespace: dashboard
|
||||
annotations:
|
||||
cert-manager.io/cluster-issuer: letsencrypt
|
||||
traefik.ingress.kubernetes.io/frontend-entry-points: http,https
|
||||
traefik.ingress.kubernetes.io/redirect-entry-point: https
|
||||
traefik.ingress.kubernetes.io/redirect-permanent: "true"
|
||||
nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
|
||||
spec:
|
||||
ingressClassName: nginx
|
||||
tls:
|
||||
- hosts:
|
||||
- dash.cluster.fun
|
||||
|
|
|
|||
|
|
@ -7,10 +7,9 @@ metadata:
|
|||
app: downloads-auth
|
||||
annotations:
|
||||
cert-manager.io/cluster-issuer: letsencrypt
|
||||
traefik.ingress.kubernetes.io/frontend-entry-points: http,https
|
||||
traefik.ingress.kubernetes.io/redirect-entry-point: https
|
||||
traefik.ingress.kubernetes.io/redirect-permanent: "true"
|
||||
nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
|
||||
spec:
|
||||
ingressClassName: nginx
|
||||
tls:
|
||||
- hosts:
|
||||
- downloads.cluster.fun
|
||||
|
|
|
|||
|
|
@ -42,10 +42,9 @@ metadata:
|
|||
namespace: feed-fetcher
|
||||
annotations:
|
||||
cert-manager.io/cluster-issuer: letsencrypt
|
||||
traefik.ingress.kubernetes.io/frontend-entry-points: http,https
|
||||
traefik.ingress.kubernetes.io/redirect-entry-point: https
|
||||
traefik.ingress.kubernetes.io/redirect-permanent: "true"
|
||||
nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
|
||||
spec:
|
||||
ingressClassName: nginx
|
||||
tls:
|
||||
- hosts:
|
||||
- feed-fetcher.cluster.fun
|
||||
|
|
|
|||
|
|
@ -96,10 +96,9 @@ metadata:
|
|||
namespace: gitea
|
||||
annotations:
|
||||
cert-manager.io/cluster-issuer: letsencrypt
|
||||
traefik.ingress.kubernetes.io/frontend-entry-points: http,https
|
||||
traefik.ingress.kubernetes.io/redirect-entry-point: https
|
||||
traefik.ingress.kubernetes.io/redirect-permanent: "true"
|
||||
nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
|
||||
spec:
|
||||
ingressClassName: nginx
|
||||
tls:
|
||||
- hosts:
|
||||
- git.cluster.fun
|
||||
|
|
|
|||
|
|
@ -47,10 +47,9 @@ metadata:
|
|||
namespace: goplayground
|
||||
annotations:
|
||||
cert-manager.io/cluster-issuer: letsencrypt
|
||||
traefik.ingress.kubernetes.io/frontend-entry-points: http,https
|
||||
traefik.ingress.kubernetes.io/redirect-entry-point: https
|
||||
traefik.ingress.kubernetes.io/redirect-permanent: "true"
|
||||
nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
|
||||
spec:
|
||||
ingressClassName: nginx
|
||||
tls:
|
||||
- hosts:
|
||||
- go.cluster.fun
|
||||
|
|
|
|||
|
|
@ -49,12 +49,8 @@ spec:
|
|||
core: docker.cluster.fun
|
||||
annotations:
|
||||
cert-manager.io/cluster-issuer: letsencrypt
|
||||
traefik.ingress.kubernetes.io/frontend-entry-points: http,https
|
||||
traefik.ingress.kubernetes.io/redirect-entry-point: https
|
||||
traefik.ingress.kubernetes.io/redirect-permanent: "true"
|
||||
traefik.ingress.kubernetes.io/buffering: |
|
||||
maxrequestbodybytes: "0"
|
||||
maxresponsebodybytes: "0"
|
||||
nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
|
||||
nginx.ingress.kubernetes.io/proxy-body-size: 0
|
||||
portal:
|
||||
replicas: 2
|
||||
priorityClassName: system-cluster-critical
|
||||
|
|
|
|||
|
|
@ -70,7 +70,6 @@ metadata:
|
|||
namespace: inlets
|
||||
annotations:
|
||||
cert-manager.io/cluster-issuer: letsencrypt
|
||||
traefik.ingress.kubernetes.io/frontend-entry-points: http,https
|
||||
spec:
|
||||
tls:
|
||||
- hosts:
|
||||
|
|
@ -95,9 +94,7 @@ metadata:
|
|||
namespace: inlets
|
||||
annotations:
|
||||
cert-manager.io/cluster-issuer: letsencrypt
|
||||
traefik.ingress.kubernetes.io/frontend-entry-points: http,https
|
||||
traefik.ingress.kubernetes.io/redirect-entry-point: https
|
||||
traefik.ingress.kubernetes.io/redirect-permanent: "true"
|
||||
nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
|
||||
spec:
|
||||
tls:
|
||||
- hosts:
|
||||
|
|
@ -138,9 +135,7 @@ metadata:
|
|||
namespace: inlets
|
||||
annotations:
|
||||
cert-manager.io/cluster-issuer: letsencrypt
|
||||
traefik.ingress.kubernetes.io/frontend-entry-points: http,https
|
||||
traefik.ingress.kubernetes.io/redirect-entry-point: https
|
||||
traefik.ingress.kubernetes.io/redirect-permanent: "true"
|
||||
nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
|
||||
spec:
|
||||
tls:
|
||||
- hosts:
|
||||
|
|
@ -165,9 +160,7 @@ metadata:
|
|||
namespace: inlets
|
||||
annotations:
|
||||
cert-manager.io/cluster-issuer: letsencrypt
|
||||
traefik.ingress.kubernetes.io/frontend-entry-points: http,https
|
||||
traefik.ingress.kubernetes.io/redirect-entry-point: https
|
||||
traefik.ingress.kubernetes.io/redirect-permanent: "true"
|
||||
nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
|
||||
spec:
|
||||
tls:
|
||||
- hosts:
|
||||
|
|
@ -193,9 +186,7 @@ metadata:
|
|||
namespace: inlets
|
||||
annotations:
|
||||
cert-manager.io/cluster-issuer: letsencrypt
|
||||
traefik.ingress.kubernetes.io/frontend-entry-points: http,https
|
||||
traefik.ingress.kubernetes.io/redirect-entry-point: https
|
||||
traefik.ingress.kubernetes.io/redirect-permanent: "true"
|
||||
nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
|
||||
spec:
|
||||
tls:
|
||||
- hosts:
|
||||
|
|
@ -221,9 +212,7 @@ metadata:
|
|||
namespace: inlets
|
||||
annotations:
|
||||
cert-manager.io/cluster-issuer: letsencrypt
|
||||
traefik.ingress.kubernetes.io/frontend-entry-points: http,https
|
||||
traefik.ingress.kubernetes.io/redirect-entry-point: https
|
||||
traefik.ingress.kubernetes.io/redirect-permanent: "true"
|
||||
nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
|
||||
spec:
|
||||
tls:
|
||||
- hosts:
|
||||
|
|
|
|||
|
|
@ -7,10 +7,9 @@ metadata:
|
|||
app: jackett-auth
|
||||
annotations:
|
||||
cert-manager.io/cluster-issuer: letsencrypt
|
||||
traefik.ingress.kubernetes.io/frontend-entry-points: http,https
|
||||
traefik.ingress.kubernetes.io/redirect-entry-point: https
|
||||
traefik.ingress.kubernetes.io/redirect-permanent: "true"
|
||||
nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
|
||||
spec:
|
||||
ingressClassName: nginx
|
||||
tls:
|
||||
- hosts:
|
||||
- jackett.cluster.fun
|
||||
|
|
|
|||
|
|
@ -144,10 +144,9 @@ metadata:
|
|||
namespace: chat
|
||||
annotations:
|
||||
cert-manager.io/cluster-issuer: letsencrypt
|
||||
traefik.ingress.kubernetes.io/frontend-entry-points: http,https
|
||||
traefik.ingress.kubernetes.io/redirect-entry-point: https
|
||||
traefik.ingress.kubernetes.io/redirect-permanent: "true"
|
||||
nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
|
||||
spec:
|
||||
ingressClassName: nginx
|
||||
tls:
|
||||
- hosts:
|
||||
- matrix.cluster.fun
|
||||
|
|
@ -180,10 +179,9 @@ metadata:
|
|||
namespace: chat
|
||||
annotations:
|
||||
cert-manager.io/cluster-issuer: letsencrypt
|
||||
traefik.ingress.kubernetes.io/frontend-entry-points: http,https
|
||||
traefik.ingress.kubernetes.io/redirect-entry-point: https
|
||||
traefik.ingress.kubernetes.io/redirect-permanent: "true"
|
||||
nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
|
||||
spec:
|
||||
ingressClassName: nginx
|
||||
tls:
|
||||
- hosts:
|
||||
- chat.cluster.fun
|
||||
|
|
|
|||
|
|
@ -7,10 +7,9 @@ metadata:
|
|||
app: grafana
|
||||
annotations:
|
||||
cert-manager.io/cluster-issuer: letsencrypt
|
||||
traefik.ingress.kubernetes.io/frontend-entry-points: http,https
|
||||
traefik.ingress.kubernetes.io/redirect-entry-point: https
|
||||
traefik.ingress.kubernetes.io/redirect-permanent: "true"
|
||||
nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
|
||||
spec:
|
||||
ingressClassName: nginx
|
||||
tls:
|
||||
- hosts:
|
||||
- grafana.cluster.fun
|
||||
|
|
@ -36,10 +35,9 @@ metadata:
|
|||
app: prometheus
|
||||
annotations:
|
||||
cert-manager.io/cluster-issuer: letsencrypt
|
||||
traefik.ingress.kubernetes.io/frontend-entry-points: http,https
|
||||
traefik.ingress.kubernetes.io/redirect-entry-point: https
|
||||
traefik.ingress.kubernetes.io/redirect-permanent: "true"
|
||||
nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
|
||||
spec:
|
||||
ingressClassName: nginx
|
||||
tls:
|
||||
- hosts:
|
||||
- prometheus.cluster.fun
|
||||
|
|
@ -75,12 +73,11 @@ metadata:
|
|||
app: prometheus-cloud
|
||||
annotations:
|
||||
cert-manager.io/cluster-issuer: letsencrypt
|
||||
traefik.ingress.kubernetes.io/frontend-entry-points: http,https
|
||||
traefik.ingress.kubernetes.io/redirect-entry-point: https
|
||||
traefik.ingress.kubernetes.io/redirect-permanent: "true"
|
||||
nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
|
||||
ingress.kubernetes.io/auth-type: basic
|
||||
ingress.kubernetes.io/auth-secret: prometheus-credentials
|
||||
spec:
|
||||
ingressClassName: nginx
|
||||
tls:
|
||||
- hosts:
|
||||
- prometheus-cloud.cluster.fun
|
||||
|
|
|
|||
|
|
@ -36,9 +36,7 @@ spec:
|
|||
enabled: true
|
||||
annotations:
|
||||
cert-manager.io/cluster-issuer: letsencrypt
|
||||
traefik.ingress.kubernetes.io/frontend-entry-points: http,https
|
||||
traefik.ingress.kubernetes.io/redirect-entry-point: https
|
||||
traefik.ingress.kubernetes.io/redirect-permanent: "true"
|
||||
nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
|
||||
tls:
|
||||
- hosts:
|
||||
- nextcloud.cluster.fun
|
||||
|
|
|
|||
|
|
@ -0,0 +1,125 @@
|
|||
kind: Service
|
||||
apiVersion: v1
|
||||
metadata:
|
||||
name: nginx-ingress-service
|
||||
namespace: kube-system
|
||||
spec:
|
||||
selector:
|
||||
app.kubernetes.io/name: ingress-nginx
|
||||
ports:
|
||||
- protocol: TCP
|
||||
port: 80
|
||||
name: http
|
||||
- protocol: TCP
|
||||
port: 443
|
||||
name: https
|
||||
type: LoadBalancer
|
||||
|
||||
---
|
||||
|
||||
apiVersion: v1
|
||||
kind: ConfigMap
|
||||
metadata:
|
||||
annotations:
|
||||
meta.helm.sh/release-name: kapsule-ingress
|
||||
meta.helm.sh/release-namespace: kube-system
|
||||
labels:
|
||||
app.kubernetes.io/managed-by: Helm
|
||||
app.kubernetes.io/name: ingress-nginx
|
||||
app.kubernetes.io/part-of: ingress-nginx
|
||||
k8s.scw.cloud/ingress: nginx
|
||||
k8s.scw.cloud/object: ConfigMap
|
||||
k8s.scw.cloud/system: ingress
|
||||
name: ingress-nginx-configuration
|
||||
namespace: kube-system
|
||||
data:
|
||||
log-format-upstream: '{"time": "$time_iso8601", "remote_addr": "$proxy_protocol_addr", "x_forward_for": "$proxy_add_x_forwarded_for", "request_id": "$req_id", "remote_user": "$remote_user", "bytes_sent": $bytes_sent, "request_time": $request_time, "status": $status, "host": "$host", "request_proto": "$server_protocol", "path": "$uri", "request_query": "$args", "request_length": $request_length, "duration": $request_time,"method": "$request_method", "http_referrer": "$http_referer", "http_user_agent": "$http_user_agent" }'
|
||||
|
||||
---
|
||||
apiVersion: apps/v1
|
||||
kind: DaemonSet
|
||||
metadata:
|
||||
annotations:
|
||||
deprecated.daemonset.template.generation: "2"
|
||||
meta.helm.sh/release-name: kapsule-ingress
|
||||
meta.helm.sh/release-namespace: kube-system
|
||||
labels:
|
||||
app.kubernetes.io/managed-by: Helm
|
||||
app.kubernetes.io/name: ingress-nginx
|
||||
app.kubernetes.io/part-of: ingress-nginx
|
||||
k8s.scw.cloud/ingress: nginx
|
||||
k8s.scw.cloud/object: DaemonSet
|
||||
k8s.scw.cloud/system: ingress
|
||||
name: nginx-ingress
|
||||
namespace: kube-system
|
||||
spec:
|
||||
selector:
|
||||
matchLabels:
|
||||
app.kubernetes.io/name: ingress-nginx
|
||||
app.kubernetes.io/part-of: ingress-nginx
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
app.kubernetes.io/name: ingress-nginx
|
||||
app.kubernetes.io/part-of: ingress-nginx
|
||||
spec:
|
||||
containers:
|
||||
- args:
|
||||
- /nginx-ingress-controller
|
||||
- --election-id=ingress-controller-leader-nginx
|
||||
- --controller-class=k8s.io/ingress-nginx
|
||||
- --configmap=$(POD_NAMESPACE)/ingress-nginx-configuration
|
||||
- --tcp-services-configmap=$(POD_NAMESPACE)/ingress-nginx-tcp-services
|
||||
- --udp-services-configmap=$(POD_NAMESPACE)/ingress-nginx-udp-services
|
||||
- --annotations-prefix=nginx.ingress.kubernetes.io
|
||||
- --watch-ingress-without-class
|
||||
env:
|
||||
- name: POD_NAME
|
||||
valueFrom:
|
||||
fieldRef:
|
||||
apiVersion: v1
|
||||
fieldPath: metadata.name
|
||||
- name: POD_NAMESPACE
|
||||
valueFrom:
|
||||
fieldRef:
|
||||
apiVersion: v1
|
||||
fieldPath: metadata.namespace
|
||||
image: k8s.gcr.io/ingress-nginx/controller:v1.0.0-beta.1
|
||||
imagePullPolicy: IfNotPresent
|
||||
livenessProbe:
|
||||
failureThreshold: 3
|
||||
httpGet:
|
||||
path: /healthz
|
||||
port: 10254
|
||||
scheme: HTTP
|
||||
initialDelaySeconds: 10
|
||||
periodSeconds: 10
|
||||
successThreshold: 1
|
||||
timeoutSeconds: 10
|
||||
name: nginx-ingress-controller
|
||||
ports:
|
||||
- containerPort: 80
|
||||
hostPort: 80
|
||||
name: http
|
||||
protocol: TCP
|
||||
- containerPort: 443
|
||||
hostPort: 443
|
||||
name: https
|
||||
protocol: TCP
|
||||
readinessProbe:
|
||||
failureThreshold: 3
|
||||
httpGet:
|
||||
path: /healthz
|
||||
port: 10254
|
||||
scheme: HTTP
|
||||
periodSeconds: 10
|
||||
successThreshold: 1
|
||||
timeoutSeconds: 10
|
||||
securityContext:
|
||||
allowPrivilegeEscalation: true
|
||||
capabilities:
|
||||
add:
|
||||
- NET_BIND_SERVICE
|
||||
drop:
|
||||
- ALL
|
||||
runAsUser: 101
|
||||
|
|
@ -91,9 +91,7 @@ metadata:
|
|||
namespace: node-red
|
||||
annotations:
|
||||
cert-manager.io/cluster-issuer: letsencrypt
|
||||
traefik.ingress.kubernetes.io/frontend-entry-points: http,https
|
||||
traefik.ingress.kubernetes.io/redirect-entry-point: https
|
||||
traefik.ingress.kubernetes.io/redirect-permanent: "true"
|
||||
nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
|
||||
spec:
|
||||
tls:
|
||||
- hosts:
|
||||
|
|
|
|||
|
|
@ -47,10 +47,9 @@ metadata:
|
|||
namespace: opengraph
|
||||
annotations:
|
||||
cert-manager.io/cluster-issuer: letsencrypt
|
||||
traefik.ingress.kubernetes.io/frontend-entry-points: http,https
|
||||
traefik.ingress.kubernetes.io/redirect-entry-point: https
|
||||
traefik.ingress.kubernetes.io/redirect-permanent: "true"
|
||||
nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
|
||||
spec:
|
||||
ingressClassName: nginx
|
||||
tls:
|
||||
- hosts:
|
||||
- opengraph.cluster.fun
|
||||
|
|
|
|||
|
|
@ -108,10 +108,9 @@ metadata:
|
|||
namespace: outline
|
||||
annotations:
|
||||
cert-manager.io/cluster-issuer: letsencrypt
|
||||
traefik.ingress.kubernetes.io/frontend-entry-points: http,https
|
||||
traefik.ingress.kubernetes.io/redirect-entry-point: https
|
||||
traefik.ingress.kubernetes.io/redirect-permanent: "true"
|
||||
nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
|
||||
spec:
|
||||
ingressClassName: nginx
|
||||
tls:
|
||||
- hosts:
|
||||
- outline.cluster.fun
|
||||
|
|
|
|||
|
|
@ -80,9 +80,7 @@ metadata:
|
|||
namespace: paradoxfox
|
||||
annotations:
|
||||
cert-manager.io/cluster-issuer: letsencrypt
|
||||
traefik.ingress.kubernetes.io/frontend-entry-points: http,https
|
||||
traefik.ingress.kubernetes.io/redirect-entry-point: https
|
||||
traefik.ingress.kubernetes.io/redirect-permanent: "true"
|
||||
nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
|
||||
spec:
|
||||
tls:
|
||||
- hosts:
|
||||
|
|
@ -108,9 +106,7 @@ metadata:
|
|||
namespace: paradoxfox
|
||||
annotations:
|
||||
cert-manager.io/cluster-issuer: letsencrypt
|
||||
traefik.ingress.kubernetes.io/frontend-entry-points: http,https
|
||||
traefik.ingress.kubernetes.io/redirect-entry-point: https
|
||||
traefik.ingress.kubernetes.io/redirect-permanent: "true"
|
||||
nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
|
||||
spec:
|
||||
tls:
|
||||
- hosts:
|
||||
|
|
|
|||
|
|
@ -7,9 +7,7 @@ metadata:
|
|||
app: printer-auth
|
||||
annotations:
|
||||
cert-manager.io/cluster-issuer: letsencrypt
|
||||
traefik.ingress.kubernetes.io/frontend-entry-points: http,https
|
||||
traefik.ingress.kubernetes.io/redirect-entry-point: https
|
||||
traefik.ingress.kubernetes.io/redirect-permanent: "true"
|
||||
nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
|
||||
spec:
|
||||
tls:
|
||||
- hosts:
|
||||
|
|
|
|||
|
|
@ -47,10 +47,9 @@ metadata:
|
|||
namespace: qr
|
||||
annotations:
|
||||
cert-manager.io/cluster-issuer: letsencrypt
|
||||
traefik.ingress.kubernetes.io/frontend-entry-points: http,https
|
||||
traefik.ingress.kubernetes.io/redirect-entry-point: https
|
||||
traefik.ingress.kubernetes.io/redirect-permanent: "true"
|
||||
nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
|
||||
spec:
|
||||
ingressClassName: nginx
|
||||
tls:
|
||||
- hosts:
|
||||
- qr.cluster.fun
|
||||
|
|
|
|||
|
|
@ -7,10 +7,9 @@ metadata:
|
|||
app: radarr
|
||||
annotations:
|
||||
cert-manager.io/cluster-issuer: letsencrypt
|
||||
traefik.ingress.kubernetes.io/frontend-entry-points: http,https
|
||||
traefik.ingress.kubernetes.io/redirect-entry-point: https
|
||||
traefik.ingress.kubernetes.io/redirect-permanent: "true"
|
||||
nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
|
||||
spec:
|
||||
ingressClassName: nginx
|
||||
tls:
|
||||
- hosts:
|
||||
- radarr.cluster.fun
|
||||
|
|
|
|||
|
|
@ -131,10 +131,9 @@ metadata:
|
|||
namespace: rss
|
||||
annotations:
|
||||
cert-manager.io/cluster-issuer: letsencrypt
|
||||
traefik.ingress.kubernetes.io/frontend-entry-points: http,https
|
||||
traefik.ingress.kubernetes.io/redirect-entry-point: https
|
||||
traefik.ingress.kubernetes.io/redirect-permanent: "true"
|
||||
nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
|
||||
spec:
|
||||
ingressClassName: nginx
|
||||
tls:
|
||||
- hosts:
|
||||
- rss.cluster.fun
|
||||
|
|
|
|||
|
|
@ -7,10 +7,9 @@ metadata:
|
|||
app: sonarr
|
||||
annotations:
|
||||
cert-manager.io/cluster-issuer: letsencrypt
|
||||
traefik.ingress.kubernetes.io/frontend-entry-points: http,https
|
||||
traefik.ingress.kubernetes.io/redirect-entry-point: https
|
||||
traefik.ingress.kubernetes.io/redirect-permanent: "true"
|
||||
nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
|
||||
spec:
|
||||
ingressClassName: nginx
|
||||
tls:
|
||||
- hosts:
|
||||
- sonarr.cluster.fun
|
||||
|
|
|
|||
|
|
@ -45,9 +45,7 @@ metadata:
|
|||
namespace: svg-to-dxf
|
||||
annotations:
|
||||
cert-manager.io/cluster-issuer: letsencrypt
|
||||
traefik.ingress.kubernetes.io/frontend-entry-points: http,https
|
||||
traefik.ingress.kubernetes.io/redirect-entry-point: https
|
||||
traefik.ingress.kubernetes.io/redirect-permanent: "true"
|
||||
nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
|
||||
spec:
|
||||
tls:
|
||||
- hosts:
|
||||
|
|
|
|||
|
|
@ -47,10 +47,9 @@ metadata:
|
|||
namespace: talks
|
||||
annotations:
|
||||
cert-manager.io/cluster-issuer: letsencrypt
|
||||
traefik.ingress.kubernetes.io/frontend-entry-points: http,https
|
||||
traefik.ingress.kubernetes.io/redirect-entry-point: https
|
||||
traefik.ingress.kubernetes.io/redirect-permanent: "true"
|
||||
nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
|
||||
spec:
|
||||
ingressClassName: nginx
|
||||
tls:
|
||||
- hosts:
|
||||
- talks.marcusnoble.co.uk
|
||||
|
|
|
|||
|
|
@ -45,9 +45,7 @@ metadata:
|
|||
namespace: text-to-dxf
|
||||
annotations:
|
||||
cert-manager.io/cluster-issuer: letsencrypt
|
||||
traefik.ingress.kubernetes.io/frontend-entry-points: http,https
|
||||
traefik.ingress.kubernetes.io/redirect-entry-point: https
|
||||
traefik.ingress.kubernetes.io/redirect-permanent: "true"
|
||||
nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
|
||||
spec:
|
||||
tls:
|
||||
- hosts:
|
||||
|
|
|
|||
|
|
@ -47,10 +47,9 @@ metadata:
|
|||
namespace: til
|
||||
annotations:
|
||||
cert-manager.io/cluster-issuer: letsencrypt
|
||||
traefik.ingress.kubernetes.io/frontend-entry-points: http,https
|
||||
traefik.ingress.kubernetes.io/redirect-entry-point: https
|
||||
traefik.ingress.kubernetes.io/redirect-permanent: "true"
|
||||
nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
|
||||
spec:
|
||||
ingressClassName: nginx
|
||||
tls:
|
||||
- hosts:
|
||||
- til.marcusnoble.co.uk
|
||||
|
|
|
|||
|
|
@ -1,75 +0,0 @@
|
|||
kind: Service
|
||||
apiVersion: v1
|
||||
metadata:
|
||||
name: traefik-ingress-service
|
||||
namespace: kube-system
|
||||
spec:
|
||||
selector:
|
||||
k8s-app: traefik-ingress-lb
|
||||
ports:
|
||||
- protocol: TCP
|
||||
port: 80
|
||||
name: http
|
||||
- protocol: TCP
|
||||
port: 443
|
||||
name: https
|
||||
type: LoadBalancer
|
||||
|
||||
---
|
||||
|
||||
apiVersion: apps/v1
|
||||
kind: DaemonSet
|
||||
metadata:
|
||||
labels:
|
||||
k8s-app: traefik-ingress-lb
|
||||
k8s.scw.cloud/ingress: traefik
|
||||
k8s.scw.cloud/object: DaemonSet
|
||||
k8s.scw.cloud/system: ingress
|
||||
name: ingress-traefik
|
||||
namespace: kube-system
|
||||
spec:
|
||||
revisionHistoryLimit: 10
|
||||
selector:
|
||||
matchLabels:
|
||||
k8s-app: traefik-ingress-lb
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
k8s-app: traefik-ingress-lb
|
||||
name: ingress-traefik
|
||||
spec:
|
||||
containers:
|
||||
- args:
|
||||
- --api
|
||||
- --kubernetes
|
||||
- --logLevel=INFO
|
||||
- --defaultentrypoints=http,https
|
||||
- --entrypoints=Name:https Address::443 TLS
|
||||
- --entrypoints=Name:http Address::80
|
||||
- --accesslog=true
|
||||
- --accesslog.format=json
|
||||
image: docker.io/traefik:1.7
|
||||
imagePullPolicy: IfNotPresent
|
||||
name: ingress-traefik
|
||||
ports:
|
||||
- containerPort: 80
|
||||
hostPort: 80
|
||||
name: http
|
||||
protocol: TCP
|
||||
- containerPort: 443
|
||||
hostPort: 443
|
||||
name: https
|
||||
protocol: TCP
|
||||
- containerPort: 8080
|
||||
name: admin
|
||||
protocol: TCP
|
||||
securityContext:
|
||||
capabilities:
|
||||
add:
|
||||
- NET_BIND_SERVICE
|
||||
drop:
|
||||
- ALL
|
||||
dnsPolicy: ClusterFirst
|
||||
restartPolicy: Always
|
||||
serviceAccount: ingress-traefik
|
||||
serviceAccountName: ingress-traefik
|
||||
|
|
@ -7,10 +7,9 @@ metadata:
|
|||
app: transmission
|
||||
annotations:
|
||||
cert-manager.io/cluster-issuer: letsencrypt
|
||||
traefik.ingress.kubernetes.io/frontend-entry-points: http,https
|
||||
traefik.ingress.kubernetes.io/redirect-entry-point: https
|
||||
traefik.ingress.kubernetes.io/redirect-permanent: "true"
|
||||
nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
|
||||
spec:
|
||||
ingressClassName: nginx
|
||||
tls:
|
||||
- hosts:
|
||||
- transmission.cluster.fun
|
||||
|
|
|
|||
|
|
@ -69,9 +69,7 @@ metadata:
|
|||
namespace: tweetsvg
|
||||
annotations:
|
||||
cert-manager.io/cluster-issuer: letsencrypt
|
||||
traefik.ingress.kubernetes.io/frontend-entry-points: http,https
|
||||
traefik.ingress.kubernetes.io/redirect-entry-point: https
|
||||
traefik.ingress.kubernetes.io/redirect-permanent: "true"
|
||||
nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
|
||||
spec:
|
||||
tls:
|
||||
- hosts:
|
||||
|
|
|
|||
|
|
@ -66,10 +66,9 @@ metadata:
|
|||
namespace: twitter-profile-pic
|
||||
annotations:
|
||||
cert-manager.io/cluster-issuer: letsencrypt
|
||||
traefik.ingress.kubernetes.io/frontend-entry-points: http,https
|
||||
traefik.ingress.kubernetes.io/redirect-entry-point: https
|
||||
traefik.ingress.kubernetes.io/redirect-permanent: "true"
|
||||
nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
|
||||
spec:
|
||||
ingressClassName: nginx
|
||||
tls:
|
||||
- hosts:
|
||||
- twitter-profile-pic.marcusnoble.co.uk
|
||||
|
|
@ -93,10 +92,9 @@ metadata:
|
|||
namespace: twitter-profile-pic
|
||||
annotations:
|
||||
cert-manager.io/cluster-issuer: letsencrypt
|
||||
traefik.ingress.kubernetes.io/frontend-entry-points: http,https
|
||||
traefik.ingress.kubernetes.io/redirect-entry-point: https
|
||||
traefik.ingress.kubernetes.io/redirect-permanent: "true"
|
||||
nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
|
||||
spec:
|
||||
ingressClassName: nginx
|
||||
tls:
|
||||
- hosts:
|
||||
- twitter-profile-pic.jsoxford.com
|
||||
|
|
@ -121,10 +119,9 @@ metadata:
|
|||
namespace: twitter-profile-pic
|
||||
annotations:
|
||||
cert-manager.io/cluster-issuer: letsencrypt
|
||||
traefik.ingress.kubernetes.io/frontend-entry-points: http,https
|
||||
traefik.ingress.kubernetes.io/redirect-entry-point: https
|
||||
traefik.ingress.kubernetes.io/redirect-permanent: "true"
|
||||
nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
|
||||
spec:
|
||||
ingressClassName: nginx
|
||||
tls:
|
||||
- hosts:
|
||||
- twitter-profile-pic.cluster.fun
|
||||
|
|
|
|||
|
|
@ -86,9 +86,7 @@ metadata:
|
|||
app: tekton-dashboard-auth
|
||||
annotations:
|
||||
cert-manager.io/cluster-issuer: letsencrypt
|
||||
traefik.ingress.kubernetes.io/frontend-entry-points: http,https
|
||||
traefik.ingress.kubernetes.io/redirect-entry-point: https
|
||||
traefik.ingress.kubernetes.io/redirect-permanent: "true"
|
||||
nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
|
||||
spec:
|
||||
tls:
|
||||
- hosts:
|
||||
|
|
|
|||
|
|
@ -4,7 +4,7 @@ resource "scaleway_k8s_cluster_beta" "k8s-cluster" {
|
|||
version = "1.22.2"
|
||||
cni = "weave"
|
||||
enable_dashboard = false
|
||||
ingress = "traefik"
|
||||
ingress = "nginx"
|
||||
|
||||
feature_gates = [
|
||||
"HPAScaleToZero",
|
||||
|
|
|
|||
Loading…
Reference in New Issue