59 lines
1.8 KiB
YAML
59 lines
1.8 KiB
YAML
{{- $values := .Values }}
|
|
---
|
|
apiVersion: traefik.io/v1alpha1
|
|
kind: Middleware
|
|
metadata:
|
|
name: {{ ternary (printf "%v-compress" $.Release.Name) "compress" $.Values.ingressClass.enabled }}
|
|
namespace: tc-system
|
|
spec:
|
|
compress: {}
|
|
---
|
|
# Here, an average of 300 requests per second is allowed.
|
|
# In addition, a burst of 200 requests is allowed.
|
|
apiVersion: traefik.io/v1alpha1
|
|
kind: Middleware
|
|
metadata:
|
|
name: {{ ternary (printf "%v-basic-ratelimit" $.Release.Name) "basic-ratelimit" $.Values.ingressClass.enabled }}
|
|
namespace: tc-system
|
|
spec:
|
|
rateLimit:
|
|
average: 600
|
|
burst: 400
|
|
---
|
|
apiVersion: traefik.io/v1alpha1
|
|
kind: Middleware
|
|
metadata:
|
|
name: {{ ternary (printf "%v-basic-secure-headers" $.Release.Name) "basic-secure-headers" $.Values.ingressClass.enabled }}
|
|
namespace: tc-system
|
|
spec:
|
|
headers:
|
|
accessControlAllowMethods:
|
|
- GET
|
|
- OPTIONS
|
|
- HEAD
|
|
- PUT
|
|
accessControlMaxAge: 100
|
|
stsSeconds: 63072000
|
|
# stsIncludeSubdomains: false
|
|
# stsPreload: false
|
|
forceSTSHeader: true
|
|
contentTypeNosniff: true
|
|
browserXssFilter: true
|
|
referrerPolicy: same-origin
|
|
customRequestHeaders:
|
|
X-Forwarded-Proto: "https"
|
|
customResponseHeaders:
|
|
server: ''
|
|
---
|
|
apiVersion: traefik.io/v1alpha1
|
|
kind: Middleware
|
|
metadata:
|
|
name: {{ ternary (printf "%v-chain-basic" $.Release.Name) "chain-basic" $.Values.ingressClass.enabled }}
|
|
namespace: tc-system
|
|
spec:
|
|
chain:
|
|
middlewares:
|
|
- name: {{ ternary (printf "%v-basic-ratelimit" $.Release.Name) "basic-ratelimit" $.Values.ingressClass.enabled }}
|
|
- name: {{ ternary (printf "%v-basic-secure-headers" $.Release.Name) "basic-secure-headers" $.Values.ingressClass.enabled }}
|
|
- name: {{ ternary (printf "%v-compress" $.Release.Name) "compress" $.Values.ingressClass.enabled }}
|