diff --git a/k8s/ingresses.in.yaml b/k8s/ingresses.in.yaml new file mode 100644 index 0000000..ee2bc74 --- /dev/null +++ b/k8s/ingresses.in.yaml @@ -0,0 +1,16 @@ +--- +kind: IngressRoute +apiVersion: traefik.containo.us/v1alpha1 +metadata: + namespace: riju + name: docker-registry +spec: + entryPoints: + - docker + routes: + - kind: Rule + match: "Host(`*`)" + services: + - namespace: riju + name: docker-registry + port: 80 diff --git a/k8s/traefik-config.in.yaml b/k8s/traefik-config.in.yaml index de709d8..540346f 100644 --- a/k8s/traefik-config.in.yaml +++ b/k8s/traefik-config.in.yaml @@ -6,29 +6,34 @@ metadata: name: traefik-config data: traefik.yaml: | - entrypoints: + entryPoints: http: - address: ":8000/tcp" + address: ":8000" https: - address: ":8443/tcp" + address: ":8443" http: - tls: true + tls: + certResolver: riju + domains: + - main: k8s.riju.codes healthcheck: - address: ":9000/tcp" + address: ":9000" metrics: - address: ":9100/tcp" + address: ":9100" docker: - address: ":31000/tcp" + address: ":31000" http: - tls: true + tls: + certResolver: riju + domains: + - main: k8s.riju.codes ping: entryPoint: "healthcheck" metrics: prometheus: entryPoint: "metrics" providers: - kubernetescrd: true - kubernetesingress: true + kubernetesCRD: {} certificatesResolvers: riju: acme: diff --git a/k8s/traefik.yaml b/k8s/traefik.yaml index 840a82f..d47954c 100644 --- a/k8s/traefik.yaml +++ b/k8s/traefik.yaml @@ -42,6 +42,16 @@ spec: serviceAccountName: traefik terminationGracePeriodSeconds: 60 hostNetwork: false + initContainers: + - name: volume-permissions + image: busybox:1.35 + command: + - "sh" + - "-c" + - "touch /data/acme.json && chmod -Rv 600 /data/* && chown 65532:65532 /data/acme.json" + volumeMounts: + - name: data + mountPath: /data containers: - image: traefik:v2.9.6 imagePullPolicy: IfNotPresent