65 lines
1.5 KiB
YAML
65 lines
1.5 KiB
YAML
apiVersion: traefik.containo.us/v1alpha1
|
|
kind: IngressRoute
|
|
metadata:
|
|
name: {{ .Release.Name }}-tls
|
|
annotations:
|
|
kubernetes.io/ingress.class: traefik
|
|
spec:
|
|
entryPoints:
|
|
- websecure
|
|
tls:
|
|
certResolver: duconet
|
|
routes:
|
|
- match: Host(`{{ .Release.Name }}.ducoterra.net`)
|
|
kind: Rule
|
|
services:
|
|
- name: {{ .Release.Name }}
|
|
port: 8096
|
|
middlewares:
|
|
- name: headers-{{ .Release.Name }}
|
|
---
|
|
apiVersion: traefik.containo.us/v1alpha1
|
|
kind: IngressRoute
|
|
metadata:
|
|
name: {{ .Release.Name }}
|
|
annotations:
|
|
kubernetes.io/ingress.class: traefik
|
|
spec:
|
|
entryPoints:
|
|
- web
|
|
routes:
|
|
- match: Host(`{{ .Release.Name }}.ducoterra.net`)
|
|
kind: Rule
|
|
services:
|
|
- name: {{ .Release.Name }}
|
|
port: 8096
|
|
middlewares:
|
|
- name: httpsredirect-{{ .Release.Name }}
|
|
---
|
|
apiVersion: traefik.containo.us/v1alpha1
|
|
kind: Middleware
|
|
metadata:
|
|
name: httpsredirect-{{ .Release.Name }}
|
|
spec:
|
|
redirectScheme:
|
|
scheme: https
|
|
permanent: true
|
|
---
|
|
apiVersion: traefik.containo.us/v1alpha1
|
|
kind: Middleware
|
|
metadata:
|
|
name: headers-{{ .Release.Name }}
|
|
spec:
|
|
headers:
|
|
customResponseHeaders:
|
|
X-Robots-Tag: "noindex,nofollow,nosnippet,noarchive,notranslate,noimageindex"
|
|
SSLHost: "jellyfin.ducoterra.net"
|
|
SSLForceHost: true
|
|
STSSeconds: "315360000"
|
|
STSIncludeSubdomains: true
|
|
STSPreload: true
|
|
forceSTSHeader: true
|
|
frameDeny: true
|
|
contentTypeNosniff: true
|
|
browserXSSFilter: true
|
|
customFrameOptionsValue: "https://jellyfin.ducoterra.net" |