From 75e559b63a6e1e09b9469e82e18f04203eca8d78 Mon Sep 17 00:00:00 2001
From: tehNooB <125163838+JamesTurland@users.noreply.github.com>
Date: Thu, 19 Oct 2023 16:22:13 +0100
Subject: [PATCH] Create values.yaml

---
 .../Helm/Traefik/values.yaml                  | 81 +++++++++++++++++++
 1 file changed, 81 insertions(+)
 create mode 100644 Kubernetes/Traefik-Crowdsec-PiHole/Helm/Traefik/values.yaml

diff --git a/Kubernetes/Traefik-Crowdsec-PiHole/Helm/Traefik/values.yaml b/Kubernetes/Traefik-Crowdsec-PiHole/Helm/Traefik/values.yaml
new file mode 100644
index 0000000..c1bf5cf
--- /dev/null
+++ b/Kubernetes/Traefik-Crowdsec-PiHole/Helm/Traefik/values.yaml
@@ -0,0 +1,81 @@
+globalArguments:
+  - "--global.sendanonymoususage=false"
+  - "--global.checknewversion=true"
+
+additionalArguments:
+  - "--serversTransport.insecureSkipVerify=true"
+  - "--log.level=INFO"
+  - "--experimental.plugins.bouncer.moduleName=github.com/maxlerebourg/crowdsec-bouncer-traefik-plugin" # add crowdsec
+  - "--experimental.plugins.bouncer.version=v1.1.16" # you will need to update this from time to time
+  - "--entrypoints.web.http.middlewares=traefik-bouncer@kubernetescrd"
+  - "--entrypoints.websecure.http.middlewares=traefik-bouncer@kubernetescrd"
+  - "--providers.kubernetescrd"
+
+deployment:
+  enabled: true
+  replicas: 2 # we have 2 worker nodes
+  annotations: {}
+  podAnnotations: {}
+  additionalContainers: []
+  initContainers: []
+
+nodeSelector: 
+  worker: "true" # assign pods to worker nodes
+
+ports:
+  web:
+    redirectTo: websecure
+  websecure:
+    tls:
+      enabled: true
+  wireguard: # example of other entrypoint (e.g., wireguard through proxy)
+    port: 51820
+    expose: true
+    exposedPort: 51820
+    protocol: UDP
+      
+ingressRoute:
+  dashboard:
+    enabled: false
+
+providers:
+  kubernetesCRD:
+    enabled: true
+    ingressClass: traefik-external
+    allowExternalNameServices: true
+    allowCrossNamespace: true
+  kubernetesIngress:
+    enabled: true
+    allowExternalNameServices: true
+    publishedService:
+      enabled: false
+
+rbac:
+  enabled: true
+
+service:
+  enabled: true
+  type: LoadBalancer
+  annotations: {}
+  labels: {}
+  spec:
+    loadBalancerIP: 192.168.3.65 # this should be an IP in the MetalLB range
+    externalTrafficPolicy: Local
+  loadBalancerSourceRanges: []
+  externalIPs: []
+
+logs:
+  access:
+    enabled: true
+
+experimental:
+  plugins:
+    enabled: true
+
+volumes:
+  - name: crowdsec-bouncer-tls
+    mountPath: /etc/traefik/crowdsec-certs/
+    type: secret
+
+image:
+  pullPolicy: Always # whenever we delete the pod it will pull the newest - change as you wish