services/jellyfin
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

upgrade to new ingress spec

Browse Source
This commit is contained in:
ducoterra
2021-01-08 11:11:51 -05:00
parent 4328d48ae7
commit 9f0edd2170
1 changed files with 29 additions and 47 deletions
Download Patch File Download Diff File Expand all files Collapse all files

76
helm/templates/ingress.yaml
View File

@@ -1,83 +1,65 @@
apiVersion: traefik.containo.us/v1alpha1 apiVersion: traefik.containo.us/v1alpha1
kind: IngressRoute kind: IngressRoute
metadata: metadata:
name: {{ .Release.Name }}-internal-tls name: {{ .Release.Name }}-tls
annotations: annotations:
kubernetes.io/ingress.class: traefik-internal kubernetes.io/ingress.class: traefik
spec: spec:
entryPoints: entryPoints:
- websecure - websecure
tls: tls:
certResolver: myresolver certResolver: duconet
domains:
- main: "*.ducoterra.net"
routes: routes:
- match: Host(`jellyfin.ducoterra.net`) - match: Host(`{{ .Release.Name }}.ducoterra.net`)
kind: Rule kind: Rule
services: services:
- name: {{ .Release.Name }} - name: {{ .Release.Name }}
port: 8096 port: 8096
middlewares: middlewares:
- name: {{ .Release.Name }} - name: headers-{{ .Release.Name }}
--- ---
apiVersion: traefik.containo.us/v1alpha1 apiVersion: traefik.containo.us/v1alpha1
kind: IngressRoute kind: IngressRoute
metadata: metadata:
name: {{ .Release.Name }}-internal-web name: {{ .Release.Name }}
annotations: annotations:
kubernetes.io/ingress.class: traefik-internal kubernetes.io/ingress.class: traefik
spec: spec:
entryPoints: entryPoints:
- web - web
routes: routes:
- match: Host(`jellyfin.ducoterra.net`) - match: Host(`{{ .Release.Name }}.ducoterra.net`)
kind: Rule kind: Rule
services: services:
- name: {{ .Release.Name }} - name: {{ .Release.Name }}
port: 8096 port: 8096
middlewares: middlewares:
- name: httpsredirect - name: httpsredirect-{{ .Release.Name }}
--- ---
apiVersion: traefik.containo.us/v1alpha1 apiVersion: traefik.containo.us/v1alpha1
kind: IngressRoute kind: Middleware
metadata: metadata:
name: {{ .Release.Name }}-external-tls name: httpsredirect-{{ .Release.Name }}
annotations:
kubernetes.io/ingress.class: traefik-external
spec: spec:
entryPoints: redirectScheme:
- websecure scheme: https
tls: permanent: true
certResolver: myresolver
routes:
- match: Host(`jellyfin.ducoterra.net`)
kind: Rule
services:
- name: {{ .Release.Name }}
port: 8096
middlewares:
- name: {{ .Release.Name }}
--- ---
apiVersion: traefik.containo.us/v1alpha1 apiVersion: traefik.containo.us/v1alpha1
kind: IngressRoute kind: Middleware
metadata: metadata:
name: {{ .Release.Name }}-external-web name: headers-{{ .Release.Name }}
annotations:
kubernetes.io/ingress.class: traefik-external
spec: spec:
entryPoints: headers:
- web customResponseHeaders:
routes: X-Robots-Tag: "noindex,nofollow,nosnippet,noarchive,notranslate,noimageindex"
- match: Host(`jellyfin.ducoterra.net`) SSLHost: "jellyfin.ducoterra.net"
kind: Rule SSLForceHost: true
services: STSSeconds: "315360000"
- name: {{ .Release.Name }} STSIncludeSubdomains: true
port: 8096 STSPreload: true
middlewares: forceSTSHeader: true
- name: httpsredirect frameDeny: true
contentTypeNosniff: true
browserXSSFilter: true
customFrameOptionsValue: "https://jellyfin.ducoterra.net"