70 lines
1.5 KiB
Markdown
70 lines
1.5 KiB
Markdown
# Traefik Config
|
|
|
|
## Holy crap this is hard
|
|
|
|
## Docs
|
|
|
|
Configuration Examples: <https://docs.traefik.io/routing/providers/kubernetes-ingress/>
|
|
CLI Reference: <https://docs.traefik.io/reference/static-configuration/cli/>
|
|
|
|
## Ingress Example
|
|
|
|
```yaml
|
|
apiVersion: traefik.containo.us/v1alpha1
|
|
kind: IngressRoute
|
|
metadata:
|
|
name: traefik-internal-tls
|
|
namespace: kube-system
|
|
annotations:
|
|
kubernetes.io/ingress.class: traefik-internal
|
|
spec:
|
|
entryPoints:
|
|
- websecure
|
|
tls:
|
|
certResolver: myresolver
|
|
domains:
|
|
- main: "*.ducoterra.net"
|
|
routes:
|
|
- match: Host(`traefik-internal.ducoterra.net`)
|
|
kind: Rule
|
|
services:
|
|
- name: traefik-internal-admin
|
|
port: 8080
|
|
middlewares:
|
|
- name: basic-auth
|
|
|
|
---
|
|
|
|
apiVersion: traefik.containo.us/v1alpha1
|
|
kind: IngressRoute
|
|
metadata:
|
|
name: traefik-internal-web
|
|
namespace: kube-system
|
|
annotations:
|
|
kubernetes.io/ingress.class: traefik-internal
|
|
spec:
|
|
entryPoints:
|
|
- web
|
|
routes:
|
|
- match: Host(`traefik-internal.ducoterra.net`)
|
|
kind: Rule
|
|
services:
|
|
- name: traefik-internal-admin
|
|
port: 8080
|
|
middlewares:
|
|
- name: httpsredirect
|
|
```
|
|
|
|
## Create a name.com secret for traefik to use:
|
|
|
|
export USERNAME=
|
|
export TOKEN=
|
|
kubectl create secret generic namedotcom -n kube-system --from-literal=NAMECOM_USERNAME=$USERNAME --from-literal=NAMECOM_API_TOKEN=$TOKEN --from-literal=NAMECOM_SERVER=api.name.com
|
|
|
|
## Create a basic auth secret
|
|
|
|
```bash
|
|
htpasswd -nbB user pass >> users
|
|
kubectl create secret generic authsecret --from-file=users
|
|
```
|