mirror of
https://github.com/ChristianLempa/boilerplates.git
synced 2024-11-28 19:23:22 +01:00
98 lines
3.1 KiB
YAML
98 lines
3.1 KiB
YAML
additionalArguments:
|
|
# Configure your CertificateResolver here...
|
|
#
|
|
# HTTP Challenge
|
|
# ---
|
|
# Generic Example:
|
|
# - --certificatesresolvers.generic.acme.email=your-email@example.com
|
|
# - --certificatesresolvers.generic.acme.caServer=https://acme-v02.api.letsencrypt.org/directory
|
|
# - --certificatesresolvers.generic.acme.httpChallenge.entryPoint=web
|
|
# - --certificatesresolvers.generic.acme.storage=/ssl-certs/acme-generic.json
|
|
#
|
|
# Prod / Staging Example:
|
|
# - --certificatesresolvers.staging.acme.email=your-email@example.com
|
|
# - --certificatesresolvers.staging.acme.caServer=https://acme-staging-v02.api.letsencrypt.org/directory
|
|
# - --certificatesresolvers.staging.acme.httpChallenge.entryPoint=web
|
|
# - --certificatesresolvers.staging.acme.storage=/ssl-certs/acme-staging.json
|
|
# - --certificatesresolvers.production.acme.email=your-email@example.com
|
|
# - --certificatesresolvers.production.acme.caServer=https://acme-v02.api.letsencrypt.org/directory
|
|
# - --certificatesresolvers.production.acme.httpChallenge.entryPoint=web
|
|
# - --certificatesresolvers.production.acme.storage=/ssl-certs/acme-production.json
|
|
#
|
|
# DNS Challenge
|
|
# ---
|
|
# Cloudflare Example:
|
|
# - --certificatesresolvers.cloudflare.acme.dnschallenge.provider=cloudflare
|
|
# - --certificatesresolvers.cloudflare.acme.email=your-email@example.com
|
|
# - --certificatesresolvers.cloudflare.acme.dnschallenge.resolvers=1.1.1.1
|
|
# - --certificatesresolvers.cloudflare.acme.storage=/ssl-certs/acme-cloudflare.json
|
|
#
|
|
# Generic (replace with your DNS provider):
|
|
# - --certificatesresolvers.generic.acme.dnschallenge.provider=generic
|
|
# - --certificatesresolvers.generic.acme.email=your-email@example.com
|
|
# - --certificatesresolvers.generic.acme.storage=/ssl-certs/acme-generic.json
|
|
|
|
logs:
|
|
# Configure log settings here...
|
|
general:
|
|
level: ERROR
|
|
|
|
ports:
|
|
# Configure your entrypoints here...
|
|
web:
|
|
# (optional) Permanent Redirect to HTTPS
|
|
# redirectTo:
|
|
# port: websecure
|
|
websecure:
|
|
tls:
|
|
enabled: true
|
|
# (optional) Set a Default CertResolver
|
|
# certResolver: cloudflare
|
|
|
|
|
|
env:
|
|
# Set your environment variables here...
|
|
#
|
|
# DNS Challenge Credentials
|
|
# ---
|
|
# Cloudflare Example:
|
|
# - name: CF_API_EMAIL
|
|
# valueFrom:
|
|
# secretKeyRef:
|
|
# key: email
|
|
# name: cloudflare-credentials
|
|
# - name: CF_API_KEY
|
|
# valueFrom:
|
|
# secretKeyRef:
|
|
# key: apiKey
|
|
# name: cloudflare-credentials
|
|
|
|
# Disable Dashboard
|
|
ingressRoute:
|
|
dashboard:
|
|
enabled: false
|
|
|
|
# Persistent Storage
|
|
persistence:
|
|
enabled: true
|
|
name: ssl-certs
|
|
size: 1Gi
|
|
path: /ssl-certs
|
|
|
|
deployment:
|
|
initContainers:
|
|
# The "volume-permissions" init container is required if you run into permission issues.
|
|
# Related issue: https://github.com/containous/traefik/issues/6972
|
|
- name: volume-permissions
|
|
image: busybox:1.36.1
|
|
command: ["sh", "-c", "chmod -Rv 600 /ssl-certs/*"]
|
|
volumeMounts:
|
|
- name: ssl-certs
|
|
mountPath: /ssl-certs
|
|
|
|
# Set Traefik as your default Ingress Controller, according to Kubernetes 1.19+ changes.
|
|
ingressClass:
|
|
enabled: true
|
|
isDefaultClass: true
|
|
|