Commit new Chart releases for TrueCharts
Signed-off-by: TrueCharts-Bot <bot@truecharts.org>
This commit is contained in:
parent
84f8819bd5
commit
1be50135f1
Binary file not shown.
|
@ -22,6 +22,11 @@ title: Changelog
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
@ -92,8 +97,3 @@ title: Changelog
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
## [traefik-25.1.10](https://github.com/truecharts/charts/compare/traefik-25.1.9...traefik-25.1.10) (2024-01-09)
|
|
||||||
|
|
||||||
### Chore
|
|
||||||
|
|
|
@ -10,7 +10,7 @@ apiVersion: v2
|
||||||
appVersion: 2.11.0
|
appVersion: 2.11.0
|
||||||
dependencies:
|
dependencies:
|
||||||
- name: common
|
- name: common
|
||||||
version: 18.0.3
|
version: 18.1.2
|
||||||
repository: oci://tccr.io/truecharts
|
repository: oci://tccr.io/truecharts
|
||||||
condition: ""
|
condition: ""
|
||||||
alias: ""
|
alias: ""
|
||||||
|
@ -36,4 +36,4 @@ sources:
|
||||||
- https://github.com/truecharts/charts/tree/master/charts/enterprise/traefik
|
- https://github.com/truecharts/charts/tree/master/charts/enterprise/traefik
|
||||||
- https://github.com/truecharts/containers/tree/master/apps/traefik
|
- https://github.com/truecharts/containers/tree/master/apps/traefik
|
||||||
type: application
|
type: application
|
||||||
version: 26.2.2
|
version: 26.4.2
|
Binary file not shown.
|
@ -193,6 +193,7 @@ service:
|
||||||
enabled: true
|
enabled: true
|
||||||
port: 80
|
port: 80
|
||||||
protocol: http
|
protocol: http
|
||||||
|
externalTrafficPolicy: local
|
||||||
redirectTo: websecure
|
redirectTo: websecure
|
||||||
# Options: Empty, 0 (ingore), or positive int
|
# Options: Empty, 0 (ingore), or positive int
|
||||||
# redirectPort:
|
# redirectPort:
|
||||||
|
@ -214,6 +215,7 @@ service:
|
||||||
enabled: true
|
enabled: true
|
||||||
port: 443
|
port: 443
|
||||||
protocol: https
|
protocol: https
|
||||||
|
externalTrafficPolicy: local
|
||||||
# -- Configure (Forwarded Headers)[https://doc.traefik.io/traefik/routing/entrypoints/#forwarded-headers] Support
|
# -- Configure (Forwarded Headers)[https://doc.traefik.io/traefik/routing/entrypoints/#forwarded-headers] Support
|
||||||
forwardedHeaders:
|
forwardedHeaders:
|
||||||
enabled: false
|
enabled: false
|
||||||
|
@ -436,6 +438,44 @@ middlewares:
|
||||||
# modSecurityUrl: modSecurity container URL
|
# modSecurityUrl: modSecurity container URL
|
||||||
# timeoutMillis: Configurated timeout
|
# timeoutMillis: Configurated timeout
|
||||||
# maxBodySize: maxBodySize
|
# maxBodySize: maxBodySize
|
||||||
|
crowdsecBouncer: []
|
||||||
|
# - name: modsecurityName
|
||||||
|
# enabled: false
|
||||||
|
# logLevel: DEBUG
|
||||||
|
# updateIntervalSeconds: 60
|
||||||
|
# defaultDecisionSeconds: 60
|
||||||
|
# httpTimeoutSeconds: 10
|
||||||
|
# crowdsecMode: live
|
||||||
|
# crowdsecAppsecEnabled: false
|
||||||
|
# crowdsecAppsecHost: crowdsec:7422
|
||||||
|
# crowdsecAppsecFailureBlock: true
|
||||||
|
# crowdsecLapiKey: privateKey-foo
|
||||||
|
# crowdsecLapiKeyFile: /etc/traefik/cs-privateKey-foo
|
||||||
|
# crowdsecLapiHost: crowdsec:8080
|
||||||
|
# crowdsecLapiScheme: http
|
||||||
|
# crowdsecLapiTLSInsecureVerify: false
|
||||||
|
# crowdsecCapiMachineId: login
|
||||||
|
# crowdsecCapiPassword: password
|
||||||
|
# crowdsecCapiScenarios:
|
||||||
|
# - crowdsecurity/http-path-traversal-probing
|
||||||
|
# - crowdsecurity/http-xss-probing
|
||||||
|
# - crowdsecurity/http-generic-bf
|
||||||
|
# forwardedHeadersTrustedIPs:
|
||||||
|
# - 10.0.10.23/32
|
||||||
|
# - 10.0.20.0/24
|
||||||
|
# clientTrustedIPs:
|
||||||
|
# - 192.168.1.0/24
|
||||||
|
# forwardedHeadersCustomName: X-Custom-Header
|
||||||
|
# redisCacheEnabled: false
|
||||||
|
# redisCacheHost: "redis:6379"
|
||||||
|
# redisCachePassword: password
|
||||||
|
# redisCacheDatabase: "5"
|
||||||
|
# crowdsecLapiTLSCertificateAuthority: |-
|
||||||
|
# crowdsecLapiTLSCertificateAuthorityFile: /etc/traefik/crowdsec-certs/ca.pem
|
||||||
|
# crowdsecLapiTLSCertificateBouncer: |-
|
||||||
|
# crowdsecLapiTLSCertificateBouncerFile: /etc/traefik/crowdsec-certs/bouncer.pem
|
||||||
|
# crowdsecLapiTLSCertificateBouncerKey: |-
|
||||||
|
# crowdsecLapiTLSCertificateBouncerKeyFile: /etc/traefik/crowdsec-certs/bouncer-key.pem
|
||||||
## Note: body of every request will be buffered in memory while the request is in-flight
|
## Note: body of every request will be buffered in memory while the request is in-flight
|
||||||
## (i.e.: during the security check and during the request processing by traefik and the backend),
|
## (i.e.: during the security check and during the request processing by traefik and the backend),
|
||||||
## so you may want to tune maxBodySize depending on how much RAM you have.
|
## so you may want to tune maxBodySize depending on how much RAM you have.
|
||||||
|
@ -446,6 +486,12 @@ persistence:
|
||||||
enabled: true
|
enabled: true
|
||||||
mountPath: "/plugins-storage"
|
mountPath: "/plugins-storage"
|
||||||
type: emptyDir
|
type: emptyDir
|
||||||
|
crowdsec-bouncer-tls:
|
||||||
|
enabled: "{{ if .Values.middlewares.crowdsecBouncer }}true{{ else }}false{{ end }}"
|
||||||
|
mountPath: "/etc/traefik/crowdsec-certs"
|
||||||
|
type: secret
|
||||||
|
expandObjectName: false
|
||||||
|
objectName: crowdsec-bouncer-tls
|
||||||
portal:
|
portal:
|
||||||
open:
|
open:
|
||||||
enabled: true
|
enabled: true
|
|
@ -180,6 +180,10 @@ args:
|
||||||
{{- if .Values.middlewares.modsecurity }}
|
{{- if .Values.middlewares.modsecurity }}
|
||||||
- "--experimental.localPlugins.traefik-modsecurity-plugin.modulename=github.com/acouvreur/traefik-modsecurity-plugin"
|
- "--experimental.localPlugins.traefik-modsecurity-plugin.modulename=github.com/acouvreur/traefik-modsecurity-plugin"
|
||||||
{{- end }}
|
{{- end }}
|
||||||
|
{{/* CrowdsecBouncer */}}
|
||||||
|
{{- if .Values.middlewares.crowdsecBouncer }}
|
||||||
|
- "--experimental.localPlugins.crowdsec-bouncer.modulename=github.com/maxlerebourg/crowdsec-bouncer-traefik-plugin"
|
||||||
|
{{- end }}
|
||||||
{{/* End of ModSecurity */}}
|
{{/* End of ModSecurity */}}
|
||||||
{{/* RewriteResponseHeaders */}}
|
{{/* RewriteResponseHeaders */}}
|
||||||
{{- if .Values.middlewares.rewriteResponseHeaders }}
|
{{- if .Values.middlewares.rewriteResponseHeaders }}
|
|
@ -0,0 +1,112 @@
|
||||||
|
{{- range $index, $middlewareData := .Values.middlewares.crowdsecBouncer }}
|
||||||
|
---
|
||||||
|
apiVersion: traefik.io/v1alpha1
|
||||||
|
kind: Middleware
|
||||||
|
metadata:
|
||||||
|
name: {{ ternary (printf "%v-%v" $.Release.Name $middlewareData.name) $middlewareData.name $.Values.ingressClass.enabled }}
|
||||||
|
namespace: {{ $.Release.Namespace }}
|
||||||
|
spec:
|
||||||
|
plugin:
|
||||||
|
bouncer:
|
||||||
|
{{- with $middlewareData.enabled -}}
|
||||||
|
enabled: {{ . }}
|
||||||
|
{{- end -}}
|
||||||
|
{{- with $middlewareData.logLevel -}}
|
||||||
|
logLevel: {{ . }}
|
||||||
|
{{- end -}}
|
||||||
|
{{- with $middlewareData.updateIntervalSeconds -}}
|
||||||
|
updateIntervalSeconds: {{ . }}
|
||||||
|
{{- end -}}
|
||||||
|
{{- with $middlewareData.defaultDecisionSeconds -}}
|
||||||
|
defaultDecisionSeconds: {{ . }}
|
||||||
|
{{- end -}}
|
||||||
|
{{- with $middlewareData.httpTimeoutSeconds -}}
|
||||||
|
httpTimeoutSeconds: {{ . }}
|
||||||
|
{{- end -}}
|
||||||
|
{{- with $middlewareData.crowdsecMode -}}
|
||||||
|
crowdsecMode: {{ . }}
|
||||||
|
{{- end -}}
|
||||||
|
{{- with $middlewareData.crowdsecAppsecEnabled -}}
|
||||||
|
crowdsecAppsecEnabled: {{ . }}
|
||||||
|
{{- end -}}
|
||||||
|
{{- with $middlewareData.crowdsecAppsecHost -}}
|
||||||
|
crowdsecAppsecHost: {{ . }}
|
||||||
|
{{- end -}}
|
||||||
|
{{- with $middlewareData.crowdsecAppsecFailureBlock -}}
|
||||||
|
crowdsecAppsecFailureBlock: {{ . }}
|
||||||
|
{{- end -}}
|
||||||
|
{{- with $middlewareData.crowdsecLapiKey -}}
|
||||||
|
crowdsecLapiKey: {{ . }}
|
||||||
|
{{- end -}}
|
||||||
|
{{- with $middlewareData.crowdsecLapiKeyFile -}}
|
||||||
|
crowdsecLapiKeyFile: {{ . }}
|
||||||
|
{{- end -}}
|
||||||
|
{{- with $middlewareData.crowdsecLapiHost -}}
|
||||||
|
crowdsecLapiHost: {{ . }}
|
||||||
|
{{- end -}}
|
||||||
|
{{- with $middlewareData.crowdsecLapiScheme -}}
|
||||||
|
crowdsecLapiScheme: {{ . }}
|
||||||
|
{{- end -}}
|
||||||
|
{{- with $middlewareData.crowdsecLapiTLSInsecureVerify -}}
|
||||||
|
crowdsecLapiTLSInsecureVerify: {{ . }}
|
||||||
|
{{- end -}}
|
||||||
|
{{- with $middlewareData.crowdsecCapiMachineId -}}
|
||||||
|
crowdsecCapiMachineId: {{ . }}
|
||||||
|
{{- end -}}
|
||||||
|
{{- with $middlewareData.crowdsecCapiPassword -}}
|
||||||
|
crowdsecCapiPassword: {{ . }}
|
||||||
|
{{- end -}}
|
||||||
|
{{- if $middlewareData.crowdsecCapiScenarios -}}
|
||||||
|
crowdsecCapiScenarios:
|
||||||
|
{{- range $middlewareData.crowdsecCapiScenarios -}}
|
||||||
|
- {{ . }}
|
||||||
|
{{- end -}}
|
||||||
|
{{- end -}}
|
||||||
|
{{- if $middlewareData.forwardedHeadersTrustedIPs -}}
|
||||||
|
forwardedHeadersTrustedIPs:
|
||||||
|
{{- range $middlewareData.forwardedHeadersTrustedIPs -}}
|
||||||
|
- {{ . }}
|
||||||
|
{{- end -}}
|
||||||
|
{{- end -}}
|
||||||
|
{{- if $middlewareData.clientTrustedIPs -}}
|
||||||
|
clientTrustedIPs:
|
||||||
|
{{- range $middlewareData.clientTrustedIPs -}}
|
||||||
|
- {{ . }}
|
||||||
|
{{- end -}}
|
||||||
|
{{- end -}}
|
||||||
|
{{- with $middlewareData.forwardedHeadersCustomName -}}
|
||||||
|
forwardedHeadersCustomName: {{ . }}
|
||||||
|
{{- end -}}
|
||||||
|
{{- with $middlewareData.redisCacheEnabled -}}
|
||||||
|
redisCacheEnabled: {{ . }}
|
||||||
|
{{- end -}}
|
||||||
|
{{- with $middlewareData.redisCacheHost -}}
|
||||||
|
redisCacheHost: {{ . }}
|
||||||
|
{{- end -}}
|
||||||
|
{{- with $middlewareData.redisCachePassword -}}
|
||||||
|
redisCachePassword: {{ . }}
|
||||||
|
{{- end -}}
|
||||||
|
{{- with $middlewareData.redisCacheDatabase -}}
|
||||||
|
redisCacheDatabase: {{ . }}
|
||||||
|
{{- end -}}
|
||||||
|
{{- with $middlewareData.crowdsecLapiTLSCertificateAuthority -}}
|
||||||
|
crowdsecLapiTLSCertificateAuthority: {{ . }}
|
||||||
|
{{- end -}}
|
||||||
|
{{- with $middlewareData.crowdsecLapiTLSCertificateAuthorityFile -}}
|
||||||
|
crowdsecLapiTLSCertificateAuthorityFile: {{ . }}
|
||||||
|
{{- end -}}
|
||||||
|
{{- with $middlewareData.crowdsecLapiTLSCertificateBouncer -}}
|
||||||
|
crowdsecLapiTLSCertificateBouncer: {{ . }}
|
||||||
|
{{- end -}}
|
||||||
|
{{- with $middlewareData.crowdsecLapiTLSCertificateBouncerFile -}}
|
||||||
|
crowdsecLapiTLSCertificateBouncerFile: {{ . }}
|
||||||
|
{{- end -}}
|
||||||
|
{{- with $middlewareData.crowdsecLapiTLSCertificateBouncerKey -}}
|
||||||
|
crowdsecLapiTLSCertificateBouncerKey: {{ . }}
|
||||||
|
{{- end -}}
|
||||||
|
{{- with $middlewareData.crowdsecLapiTLSCertificateBouncerKeyFile -}}
|
||||||
|
crowdsecLapiTLSCertificateBouncerKeyFile: {{ . }}
|
||||||
|
{{- end -}}
|
||||||
|
|
||||||
|
|
||||||
|
{{- end -}}
|
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Loading…
Reference in New Issue