Commit new Chart releases for TrueCharts
Signed-off-by: TrueCharts-Bot <bot@truecharts.org>
This commit is contained in:
parent
2371e75f69
commit
95ebedc487
Binary file not shown.
File diff suppressed because it is too large
Load Diff
|
@ -22,6 +22,10 @@ title: Changelog
|
|||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
@ -93,8 +97,4 @@ title: Changelog
|
|||
|
||||
## [traefik-25.1.10](https://github.com/truecharts/charts/compare/traefik-25.1.9...traefik-25.1.10) (2024-01-09)
|
||||
|
||||
### Chore
|
||||
|
||||
|
||||
|
||||
- update container image common to v17.2.22[@e7c9056](https://github.com/e7c9056) by renovate ([#16986](https://github.com/truecharts/charts/issues/16986))
|
||||
### Chore
|
|
@ -4,13 +4,13 @@ annotations:
|
|||
truecharts.org/SCALE-support: "true"
|
||||
truecharts.org/category: network
|
||||
truecharts.org/max_helm_version: "3.14"
|
||||
truecharts.org/min_helm_version: "3.12"
|
||||
truecharts.org/min_helm_version: "3.11"
|
||||
truecharts.org/train: enterprise
|
||||
apiVersion: v2
|
||||
appVersion: 2.11.0
|
||||
dependencies:
|
||||
- name: common
|
||||
version: 18.0.3
|
||||
version: 18.1.2
|
||||
repository: oci://tccr.io/truecharts
|
||||
condition: ""
|
||||
alias: ""
|
||||
|
@ -36,4 +36,4 @@ sources:
|
|||
- https://github.com/truecharts/charts/tree/master/charts/enterprise/traefik
|
||||
- https://github.com/truecharts/containers/tree/master/apps/traefik
|
||||
type: application
|
||||
version: 26.2.0
|
||||
version: 26.4.0
|
Binary file not shown.
File diff suppressed because it is too large
Load Diff
|
@ -128,16 +128,16 @@ metrics:
|
|||
|
||||
globalArguments:
|
||||
- "--global.checknewversion"
|
||||
|
||||
|
||||
configmap:
|
||||
dashboard:
|
||||
enabled: true
|
||||
labels:
|
||||
grafanadasboard: '1'
|
||||
grafana_dashboard: "1"
|
||||
data:
|
||||
traefik.json: >-
|
||||
{{ .Files.Get "dashboard.json" | indent 8 }}
|
||||
|
||||
|
||||
##
|
||||
# -- Additional arguments to be passed at Traefik's binary
|
||||
# All available options available on https://docs.traefik.io/reference/static-configuration/cli/
|
||||
|
@ -193,6 +193,7 @@ service:
|
|||
enabled: true
|
||||
port: 80
|
||||
protocol: http
|
||||
externalTrafficPolicy: local
|
||||
redirectTo: websecure
|
||||
# Options: Empty, 0 (ingore), or positive int
|
||||
# redirectPort:
|
||||
|
@ -214,6 +215,7 @@ service:
|
|||
enabled: true
|
||||
port: 443
|
||||
protocol: https
|
||||
externalTrafficPolicy: local
|
||||
# -- Configure (Forwarded Headers)[https://doc.traefik.io/traefik/routing/entrypoints/#forwarded-headers] Support
|
||||
forwardedHeaders:
|
||||
enabled: false
|
||||
|
@ -436,6 +438,44 @@ middlewares:
|
|||
# modSecurityUrl: modSecurity container URL
|
||||
# timeoutMillis: Configurated timeout
|
||||
# maxBodySize: maxBodySize
|
||||
crowdsecBouncer: []
|
||||
# - name: modsecurityName
|
||||
# enabled: false
|
||||
# logLevel: DEBUG
|
||||
# updateIntervalSeconds: 60
|
||||
# defaultDecisionSeconds: 60
|
||||
# httpTimeoutSeconds: 10
|
||||
# crowdsecMode: live
|
||||
# crowdsecAppsecEnabled: false
|
||||
# crowdsecAppsecHost: crowdsec:7422
|
||||
# crowdsecAppsecFailureBlock: true
|
||||
# crowdsecLapiKey: privateKey-foo
|
||||
# crowdsecLapiKeyFile: /etc/traefik/cs-privateKey-foo
|
||||
# crowdsecLapiHost: crowdsec:8080
|
||||
# crowdsecLapiScheme: http
|
||||
# crowdsecLapiTLSInsecureVerify: false
|
||||
# crowdsecCapiMachineId: login
|
||||
# crowdsecCapiPassword: password
|
||||
# crowdsecCapiScenarios:
|
||||
# - crowdsecurity/http-path-traversal-probing
|
||||
# - crowdsecurity/http-xss-probing
|
||||
# - crowdsecurity/http-generic-bf
|
||||
# forwardedHeadersTrustedIPs:
|
||||
# - 10.0.10.23/32
|
||||
# - 10.0.20.0/24
|
||||
# clientTrustedIPs:
|
||||
# - 192.168.1.0/24
|
||||
# forwardedHeadersCustomName: X-Custom-Header
|
||||
# redisCacheEnabled: false
|
||||
# redisCacheHost: "redis:6379"
|
||||
# redisCachePassword: password
|
||||
# redisCacheDatabase: "5"
|
||||
# crowdsecLapiTLSCertificateAuthority: |-
|
||||
# crowdsecLapiTLSCertificateAuthorityFile: /etc/traefik/crowdsec-certs/ca.pem
|
||||
# crowdsecLapiTLSCertificateBouncer: |-
|
||||
# crowdsecLapiTLSCertificateBouncerFile: /etc/traefik/crowdsec-certs/bouncer.pem
|
||||
# crowdsecLapiTLSCertificateBouncerKey: |-
|
||||
# crowdsecLapiTLSCertificateBouncerKeyFile: /etc/traefik/crowdsec-certs/bouncer-key.pem
|
||||
## Note: body of every request will be buffered in memory while the request is in-flight
|
||||
## (i.e.: during the security check and during the request processing by traefik and the backend),
|
||||
## so you may want to tune maxBodySize depending on how much RAM you have.
|
||||
|
@ -446,6 +486,12 @@ persistence:
|
|||
enabled: true
|
||||
mountPath: "/plugins-storage"
|
||||
type: emptyDir
|
||||
crowdsec-bouncer-tls:
|
||||
enabled: "{{ if .Values.middlewares.crowdsecBouncer }}true{{ else }}false{{ end }}"
|
||||
mountPath: "/etc/traefik/crowdsec-certs"
|
||||
type: secret
|
||||
expandObjectName: false
|
||||
objectName: crowdsec-bouncer-tls
|
||||
portal:
|
||||
open:
|
||||
enabled: true
|
|
@ -180,6 +180,10 @@ args:
|
|||
{{- if .Values.middlewares.modsecurity }}
|
||||
- "--experimental.localPlugins.traefik-modsecurity-plugin.modulename=github.com/acouvreur/traefik-modsecurity-plugin"
|
||||
{{- end }}
|
||||
{{/* CrowdsecBouncer */}}
|
||||
{{- if .Values.middlewares.crowdsecBouncer }}
|
||||
- "--experimental.localPlugins.crowdsec-bouncer.modulename=github.com/maxlerebourg/crowdsec-bouncer-traefik-plugin"
|
||||
{{- end }}
|
||||
{{/* End of ModSecurity */}}
|
||||
{{/* RewriteResponseHeaders */}}
|
||||
{{- if .Values.middlewares.rewriteResponseHeaders }}
|
|
@ -0,0 +1,112 @@
|
|||
{{- range $index, $middlewareData := .Values.middlewares.crowdsecBouncer }}
|
||||
---
|
||||
apiVersion: traefik.io/v1alpha1
|
||||
kind: Middleware
|
||||
metadata:
|
||||
name: {{ ternary (printf "%v-%v" $.Release.Name $middlewareData.name) $middlewareData.name $.Values.ingressClass.enabled }}
|
||||
namespace: {{ $.Release.Namespace }}
|
||||
spec:
|
||||
plugin:
|
||||
bouncer:
|
||||
{{- with $middlewareData.enabled -}}
|
||||
enabled: {{ . }}
|
||||
{{- end -}}
|
||||
{{- with $middlewareData.logLevel -}}
|
||||
logLevel: {{ . }}
|
||||
{{- end -}}
|
||||
{{- with $middlewareData.updateIntervalSeconds -}}
|
||||
updateIntervalSeconds: {{ . }}
|
||||
{{- end -}}
|
||||
{{- with $middlewareData.defaultDecisionSeconds -}}
|
||||
defaultDecisionSeconds: {{ . }}
|
||||
{{- end -}}
|
||||
{{- with $middlewareData.httpTimeoutSeconds -}}
|
||||
httpTimeoutSeconds: {{ . }}
|
||||
{{- end -}}
|
||||
{{- with $middlewareData.crowdsecMode -}}
|
||||
crowdsecMode: {{ . }}
|
||||
{{- end -}}
|
||||
{{- with $middlewareData.crowdsecAppsecEnabled -}}
|
||||
crowdsecAppsecEnabled: {{ . }}
|
||||
{{- end -}}
|
||||
{{- with $middlewareData.crowdsecAppsecHost -}}
|
||||
crowdsecAppsecHost: {{ . }}
|
||||
{{- end -}}
|
||||
{{- with $middlewareData.crowdsecAppsecFailureBlock -}}
|
||||
crowdsecAppsecFailureBlock: {{ . }}
|
||||
{{- end -}}
|
||||
{{- with $middlewareData.crowdsecLapiKey -}}
|
||||
crowdsecLapiKey: {{ . }}
|
||||
{{- end -}}
|
||||
{{- with $middlewareData.crowdsecLapiKeyFile -}}
|
||||
crowdsecLapiKeyFile: {{ . }}
|
||||
{{- end -}}
|
||||
{{- with $middlewareData.crowdsecLapiHost -}}
|
||||
crowdsecLapiHost: {{ . }}
|
||||
{{- end -}}
|
||||
{{- with $middlewareData.crowdsecLapiScheme -}}
|
||||
crowdsecLapiScheme: {{ . }}
|
||||
{{- end -}}
|
||||
{{- with $middlewareData.crowdsecLapiTLSInsecureVerify -}}
|
||||
crowdsecLapiTLSInsecureVerify: {{ . }}
|
||||
{{- end -}}
|
||||
{{- with $middlewareData.crowdsecCapiMachineId -}}
|
||||
crowdsecCapiMachineId: {{ . }}
|
||||
{{- end -}}
|
||||
{{- with $middlewareData.crowdsecCapiPassword -}}
|
||||
crowdsecCapiPassword: {{ . }}
|
||||
{{- end -}}
|
||||
{{- if $middlewareData.crowdsecCapiScenarios -}}
|
||||
crowdsecCapiScenarios:
|
||||
{{- range $middlewareData.crowdsecCapiScenarios -}}
|
||||
- {{ . }}
|
||||
{{- end -}}
|
||||
{{- end -}}
|
||||
{{- if $middlewareData.forwardedHeadersTrustedIPs -}}
|
||||
forwardedHeadersTrustedIPs:
|
||||
{{- range $middlewareData.forwardedHeadersTrustedIPs -}}
|
||||
- {{ . }}
|
||||
{{- end -}}
|
||||
{{- end -}}
|
||||
{{- if $middlewareData.clientTrustedIPs -}}
|
||||
clientTrustedIPs:
|
||||
{{- range $middlewareData.clientTrustedIPs -}}
|
||||
- {{ . }}
|
||||
{{- end -}}
|
||||
{{- end -}}
|
||||
{{- with $middlewareData.forwardedHeadersCustomName -}}
|
||||
forwardedHeadersCustomName: {{ . }}
|
||||
{{- end -}}
|
||||
{{- with $middlewareData.redisCacheEnabled -}}
|
||||
redisCacheEnabled: {{ . }}
|
||||
{{- end -}}
|
||||
{{- with $middlewareData.redisCacheHost -}}
|
||||
redisCacheHost: {{ . }}
|
||||
{{- end -}}
|
||||
{{- with $middlewareData.redisCachePassword -}}
|
||||
redisCachePassword: {{ . }}
|
||||
{{- end -}}
|
||||
{{- with $middlewareData.redisCacheDatabase -}}
|
||||
redisCacheDatabase: {{ . }}
|
||||
{{- end -}}
|
||||
{{- with $middlewareData.crowdsecLapiTLSCertificateAuthority -}}
|
||||
crowdsecLapiTLSCertificateAuthority: {{ . }}
|
||||
{{- end -}}
|
||||
{{- with $middlewareData.crowdsecLapiTLSCertificateAuthorityFile -}}
|
||||
crowdsecLapiTLSCertificateAuthorityFile: {{ . }}
|
||||
{{- end -}}
|
||||
{{- with $middlewareData.crowdsecLapiTLSCertificateBouncer -}}
|
||||
crowdsecLapiTLSCertificateBouncer: {{ . }}
|
||||
{{- end -}}
|
||||
{{- with $middlewareData.crowdsecLapiTLSCertificateBouncerFile -}}
|
||||
crowdsecLapiTLSCertificateBouncerFile: {{ . }}
|
||||
{{- end -}}
|
||||
{{- with $middlewareData.crowdsecLapiTLSCertificateBouncerKey -}}
|
||||
crowdsecLapiTLSCertificateBouncerKey: {{ . }}
|
||||
{{- end -}}
|
||||
{{- with $middlewareData.crowdsecLapiTLSCertificateBouncerKeyFile -}}
|
||||
crowdsecLapiTLSCertificateBouncerKeyFile: {{ . }}
|
||||
{{- end -}}
|
||||
|
||||
|
||||
{{- end -}}
|
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Loading…
Reference in New Issue