diff --git a/incubator/timetagger/0.0.13/CHANGELOG.md b/incubator/timetagger/0.0.14/CHANGELOG.md similarity index 87% rename from incubator/timetagger/0.0.13/CHANGELOG.md rename to incubator/timetagger/0.0.14/CHANGELOG.md index 9f619a0fcd6..6bbb75b3176 100644 --- a/incubator/timetagger/0.0.13/CHANGELOG.md +++ b/incubator/timetagger/0.0.14/CHANGELOG.md @@ -2,6 +2,16 @@ +## [timetagger-0.0.14](https://github.com/truecharts/charts/compare/timetagger-0.0.13...timetagger-0.0.14) (2022-09-24) + +### Chore + +- Auto-update chart README [skip ci] + - add missing icon ([#3879](https://github.com/truecharts/charts/issues/3879)) + + + + ## [timetagger-0.0.13](https://github.com/truecharts/charts/compare/timetagger-0.0.11...timetagger-0.0.13) (2022-09-22) ### Chore @@ -87,13 +97,3 @@ - Auto-update chart README [skip ci] - Auto-update chart README [skip ci] - Auto-update chart README [skip ci] - - Auto-update chart README [skip ci] - - refactor Services SCALE GUI - - update docker general non-major ([#3818](https://github.com/truecharts/charts/issues/3818)) - - update helm general non-major ([#3767](https://github.com/truecharts/charts/issues/3767)) - - split serviceSelector ([#3751](https://github.com/truecharts/charts/issues/3751)) - - - - -## [timetagger-0.0.13](https://github.com/truecharts/charts/compare/timetagger-0.0.11...timetagger-0.0.13) (2022-09-20) diff --git a/incubator/timetagger/0.0.13/Chart.lock b/incubator/timetagger/0.0.14/Chart.lock similarity index 80% rename from incubator/timetagger/0.0.13/Chart.lock rename to incubator/timetagger/0.0.14/Chart.lock index c74169a86cc..8a14c81aaf6 100644 --- a/incubator/timetagger/0.0.13/Chart.lock +++ b/incubator/timetagger/0.0.14/Chart.lock @@ -3,4 +3,4 @@ dependencies: repository: https://library-charts.truecharts.org version: 10.5.10 digest: sha256:336e6960f0537ccd930cdb8b5c05714d2489a6ae1d1402322346809b13e4660b -generated: "2022-09-22T13:37:19.075124466Z" +generated: "2022-09-24T23:42:11.588708144Z" diff --git a/incubator/timetagger/0.0.13/Chart.yaml b/incubator/timetagger/0.0.14/Chart.yaml similarity index 98% rename from incubator/timetagger/0.0.13/Chart.yaml rename to incubator/timetagger/0.0.14/Chart.yaml index b32802100ad..fc67d8cfcaf 100644 --- a/incubator/timetagger/0.0.13/Chart.yaml +++ b/incubator/timetagger/0.0.14/Chart.yaml @@ -20,7 +20,7 @@ sources: - https://github.com/truecharts/charts/tree/master/charts/incubator/timetagger - https://timetagger.app - https://github.com/almarklein/timetagger -version: 0.0.13 +version: 0.0.14 annotations: truecharts.org/catagories: | - utilities diff --git a/incubator/timetagger/0.0.13/README.md b/incubator/timetagger/0.0.14/README.md similarity index 100% rename from incubator/timetagger/0.0.13/README.md rename to incubator/timetagger/0.0.14/README.md diff --git a/incubator/timetagger/0.0.13/app-readme.md b/incubator/timetagger/0.0.14/app-readme.md similarity index 100% rename from incubator/timetagger/0.0.13/app-readme.md rename to incubator/timetagger/0.0.14/app-readme.md diff --git a/incubator/timetagger/0.0.13/charts/common-10.5.10.tgz b/incubator/timetagger/0.0.14/charts/common-10.5.10.tgz similarity index 100% rename from incubator/timetagger/0.0.13/charts/common-10.5.10.tgz rename to incubator/timetagger/0.0.14/charts/common-10.5.10.tgz diff --git a/incubator/timetagger/0.0.13/ix_values.yaml b/incubator/timetagger/0.0.14/ix_values.yaml similarity index 100% rename from incubator/timetagger/0.0.13/ix_values.yaml rename to incubator/timetagger/0.0.14/ix_values.yaml diff --git a/incubator/timetagger/0.0.13/questions.yaml b/incubator/timetagger/0.0.14/questions.yaml similarity index 100% rename from incubator/timetagger/0.0.13/questions.yaml rename to incubator/timetagger/0.0.14/questions.yaml diff --git a/incubator/timetagger/0.0.13/templates/common.yaml b/incubator/timetagger/0.0.14/templates/common.yaml similarity index 100% rename from incubator/timetagger/0.0.13/templates/common.yaml rename to incubator/timetagger/0.0.14/templates/common.yaml diff --git a/incubator/timetagger/0.0.13/values.yaml b/incubator/timetagger/0.0.14/values.yaml similarity index 100% rename from incubator/timetagger/0.0.13/values.yaml rename to incubator/timetagger/0.0.14/values.yaml diff --git a/stable/traefik/13.3.11/CHANGELOG.md b/stable/traefik/13.3.11/CHANGELOG.md new file mode 100644 index 00000000000..01a3b86993b --- /dev/null +++ b/stable/traefik/13.3.11/CHANGELOG.md @@ -0,0 +1,99 @@ +# Changelog + + + +## [traefik-13.3.11](https://github.com/truecharts/charts/compare/traefik-14.0.0...traefik-13.3.11) (2022-09-24) + +### Chore + +- regex redirect docs ([#3880](https://github.com/truecharts/charts/issues/3880)) + + + + +## [traefik-13.3.10](https://github.com/truecharts/charts/compare/traefik-13.3.9...traefik-13.3.10) (2022-09-24) + +### Chore + +- Auto-update chart README [skip ci] + - update docker general non-major ([#3860](https://github.com/truecharts/charts/issues/3860)) + + + + +## [traefik-13.3.9](https://github.com/truecharts/charts/compare/traefik-13.3.7...traefik-13.3.9) (2022-09-22) + +### Chore + +- Auto-update chart README [skip ci] + - Auto-update chart README [skip ci] + - Auto-update chart README [skip ci] + - Auto-update chart README [skip ci] + - Auto-update chart README [skip ci] + - Auto-update chart README [skip ci] + - Auto-update chart README [skip ci] + - Auto-update chart README [skip ci] + - Auto-update chart README [skip ci] + - Auto-update chart README [skip ci] + - Auto-update chart README [skip ci] + - Auto-update chart README [skip ci] + - Auto-update chart README [skip ci] + - refactor Services SCALE GUI + - fix prometheus annotations ([#3841](https://github.com/truecharts/charts/issues/3841)) + - update docker general non-major ([#3772](https://github.com/truecharts/charts/issues/3772)) + - update helm general non-major ([#3767](https://github.com/truecharts/charts/issues/3767)) + + + + +## [traefik-13.3.8](https://github.com/truecharts/charts/compare/traefik-13.3.7...traefik-13.3.8) (2022-09-21) + +### Chore + +- Auto-update chart README [skip ci] + - Auto-update chart README [skip ci] + - Auto-update chart README [skip ci] + - Auto-update chart README [skip ci] + - Auto-update chart README [skip ci] + - Auto-update chart README [skip ci] + - Auto-update chart README [skip ci] + - Auto-update chart README [skip ci] + - Auto-update chart README [skip ci] + - Auto-update chart README [skip ci] + - Auto-update chart README [skip ci] + - Auto-update chart README [skip ci] + - refactor Services SCALE GUI + - update docker general non-major ([#3772](https://github.com/truecharts/charts/issues/3772)) + - update helm general non-major ([#3767](https://github.com/truecharts/charts/issues/3767)) + + + + +## [traefik-13.3.8](https://github.com/truecharts/charts/compare/traefik-13.3.7...traefik-13.3.8) (2022-09-21) + +### Chore + +- Auto-update chart README [skip ci] + - Auto-update chart README [skip ci] + - Auto-update chart README [skip ci] + - Auto-update chart README [skip ci] + - Auto-update chart README [skip ci] + - Auto-update chart README [skip ci] + - Auto-update chart README [skip ci] + - Auto-update chart README [skip ci] + - Auto-update chart README [skip ci] + - Auto-update chart README [skip ci] + - Auto-update chart README [skip ci] + - refactor Services SCALE GUI + - update docker general non-major ([#3772](https://github.com/truecharts/charts/issues/3772)) + - update helm general non-major ([#3767](https://github.com/truecharts/charts/issues/3767)) + + + + +## [traefik-13.3.8](https://github.com/truecharts/charts/compare/traefik-13.3.7...traefik-13.3.8) (2022-09-20) + +### Chore + +- Auto-update chart README [skip ci] + - Auto-update chart README [skip ci] diff --git a/stable/traefik/13.3.11/Chart.lock b/stable/traefik/13.3.11/Chart.lock new file mode 100644 index 00000000000..e01c31ad182 --- /dev/null +++ b/stable/traefik/13.3.11/Chart.lock @@ -0,0 +1,6 @@ +dependencies: +- name: common + repository: https://library-charts.truecharts.org + version: 10.5.10 +digest: sha256:336e6960f0537ccd930cdb8b5c05714d2489a6ae1d1402322346809b13e4660b +generated: "2022-09-24T23:42:11.621791117Z" diff --git a/stable/traefik/13.3.11/Chart.yaml b/stable/traefik/13.3.11/Chart.yaml new file mode 100644 index 00000000000..eb481e44bbf --- /dev/null +++ b/stable/traefik/13.3.11/Chart.yaml @@ -0,0 +1,31 @@ +apiVersion: v2 +appVersion: "2.8.7" +dependencies: + - name: common + repository: https://library-charts.truecharts.org + version: 10.5.10 +deprecated: false +description: Traefik is a flexible reverse proxy and Ingress Provider. +home: https://truecharts.org/docs/charts/stable/traefik +icon: https://truecharts.org/img/hotlink-ok/chart-icons/traefik.png +keywords: + - traefik + - ingress +kubeVersion: ">=1.16.0-0" +maintainers: + - email: info@truecharts.org + name: TrueCharts + url: https://truecharts.org +name: traefik +sources: + - https://github.com/truecharts/charts/tree/master/charts/stable/traefik + - https://github.com/traefik/traefik + - https://github.com/traefik/traefik-helm-chart + - https://traefik.io/ +type: application +version: 13.3.11 +annotations: + truecharts.org/catagories: | + - network + truecharts.org/SCALE-support: "true" + truecharts.org/grade: U diff --git a/stable/traefik/13.3.11/README.md b/stable/traefik/13.3.11/README.md new file mode 100644 index 00000000000..2f010408387 --- /dev/null +++ b/stable/traefik/13.3.11/README.md @@ -0,0 +1,108 @@ +# traefik + +Traefik is a flexible reverse proxy and Ingress Provider. + +TrueCharts can be installed as both *normal* Helm Charts or as Apps on TrueNAS SCALE. + +This readme is just an automatically generated general guide on installing our Helm Charts and Apps. +For more information, please click here: [traefik](https://truecharts.org/docs/charts/stable/traefik) + +**This chart is not maintained by the upstream project and any issues with the chart should be raised [here](https://github.com/truecharts/charts/issues/new/choose)** + +## Source Code + +* +* +* +* + +## Requirements + +Kubernetes: `>=1.16.0-0` + +## Dependencies + +| Repository | Name | Version | +|------------|------|---------| +| https://library-charts.truecharts.org | common | 10.5.10 | + +## Installing the Chart + +### TrueNAS SCALE + +To install this Chart on TrueNAS SCALE check our [Quick-Start Guide](https://truecharts.org/docs/manual/SCALE%20Apps/Installing-an-App). + +### Helm + +To install the chart with the release name `traefik` + +```console +helm repo add TrueCharts https://charts.truecharts.org +helm repo update +helm install traefik TrueCharts/traefik +``` + +## Uninstall + +### TrueNAS SCALE + +**Upgrading, Rolling Back and Uninstalling the Chart** + +To upgrade, rollback or delete this Chart from TrueNAS SCALE check our [Quick-Start Guide](https://truecharts.org/docs/manual/SCALE%20Apps/Upgrade-rollback-delete-an-App). + +### Helm + +To uninstall the `traefik` deployment + +```console +helm uninstall traefik +``` + +## Configuration + +### Helm + +#### Available Settings + +Read through the values.yaml file. It has several commented out suggested values. +Other values may be used from the [values.yaml](https://github.com/truecharts/library-charts/tree/main/charts/stable/common/values.yaml) from the [common library](https://github.com/k8s-at-home/library-charts/tree/main/charts/stable/common). + +#### Configure using the command line + +Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`. + +```console +helm install traefik \ + --set env.TZ="America/New York" \ + TrueCharts/traefik +``` + +#### Configure using a yaml file + +Alternatively, a YAML file that specifies the values for the above parameters can be provided while installing the chart. + +```console +helm install traefik TrueCharts/traefik -f values.yaml +``` + +#### Connecting to other charts + +If you need to connect this Chart to other Charts on TrueNAS SCALE, please refer to our [Linking Charts Internally](https://truecharts.org/docs/manual/SCALE%20Apps/linking-apps) quick-start guide. + +## Support + +- Please check our [quick-start guides for TrueNAS SCALE](https://truecharts.org/docs/manual/SCALE%20Apps/Important-MUST-READ). +- See the [Website](https://truecharts.org) +- Check our [Discord](https://discord.gg/tVsPTHWTtr) +- Open a [issue](https://github.com/truecharts/apps/issues/new/choose) + +--- + +## Sponsor TrueCharts + +TrueCharts can only exist due to the incredible effort of our staff. +Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can! + +--- + +All Rights Reserved - The TrueCharts Project diff --git a/stable/traefik/13.3.11/app-readme.md b/stable/traefik/13.3.11/app-readme.md new file mode 100644 index 00000000000..b76832bd9a2 --- /dev/null +++ b/stable/traefik/13.3.11/app-readme.md @@ -0,0 +1,8 @@ +Traefik is a flexible reverse proxy and Ingress Provider. + +This App is supplied by TrueCharts, for more information visit the manual: [https://truecharts.org/docs/charts/stable/traefik](https://truecharts.org/docs/charts/stable/traefik) + +--- + +TrueCharts can only exist due to the incredible effort of our staff. +Please consider making a [donation](https://truecharts.org/docs/about/sponsor) or contributing back to the project any way you can! diff --git a/stable/traefik/13.3.11/charts/common-10.5.10.tgz b/stable/traefik/13.3.11/charts/common-10.5.10.tgz new file mode 100644 index 00000000000..af170c75a6d Binary files /dev/null and b/stable/traefik/13.3.11/charts/common-10.5.10.tgz differ diff --git a/stable/traefik/13.3.11/crds/ingressroute.yaml b/stable/traefik/13.3.11/crds/ingressroute.yaml new file mode 100644 index 00000000000..572adae5f00 --- /dev/null +++ b/stable/traefik/13.3.11/crds/ingressroute.yaml @@ -0,0 +1,209 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + "helm.sh/resource-policy": keep + "helm.sh/hook": pre-install,pre-upgrade,pre-rollback + controller-gen.kubebuilder.io/version: v0.4.1 + creationTimestamp: null + name: ingressroutes.traefik.containo.us +spec: + group: traefik.containo.us + names: + kind: IngressRoute + listKind: IngressRouteList + plural: ingressroutes + singular: ingressroute + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: IngressRoute is an Ingress CRD specification. + properties: + apiVersion: + description: + "APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + type: string + kind: + description: + "Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + type: string + metadata: + type: object + spec: + description: + IngressRouteSpec is a specification for a IngressRouteSpec + resource. + properties: + entryPoints: + items: + type: string + type: array + routes: + items: + description: Route contains the set of routes. + properties: + kind: + enum: + - Rule + type: string + match: + type: string + middlewares: + items: + description: MiddlewareRef is a ref to the Middleware resources. + properties: + name: + type: string + namespace: + type: string + required: + - name + type: object + type: array + priority: + type: integer + services: + items: + description: Service defines an upstream to proxy traffic. + properties: + kind: + enum: + - Service + - TraefikService + type: string + name: + description: + Name is a reference to a Kubernetes Service + object (for a load-balancer of servers), or to a TraefikService + object (service load-balancer, mirroring, etc). The + differentiation between the two is specified in the + Kind field. + type: string + namespace: + type: string + passHostHeader: + type: boolean + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + responseForwarding: + description: + ResponseForwarding holds configuration for + the forward of the response. + properties: + flushInterval: + type: string + type: object + scheme: + type: string + serversTransport: + type: string + sticky: + description: Sticky holds the sticky configuration. + properties: + cookie: + description: + Cookie holds the sticky configuration + based on cookie. + properties: + httpOnly: + type: boolean + name: + type: string + sameSite: + type: string + secure: + type: boolean + type: object + type: object + strategy: + type: string + weight: + description: + Weight should only be specified when Name + references a TraefikService object (and to be precise, + one that embeds a Weighted Round Robin). + type: integer + required: + - name + type: object + type: array + required: + - kind + - match + type: object + type: array + tls: + description: + "TLS contains the TLS certificates configuration of the + routes. To enable Let's Encrypt, use an empty TLS struct, e.g. in + YAML: \n \t tls: {} # inline format \n \t tls: \t secretName: + # block format" + properties: + certResolver: + type: string + domains: + items: + description: Domain holds a domain name with SANs. + properties: + main: + type: string + sans: + items: + type: string + type: array + type: object + type: array + options: + description: + Options is a reference to a TLSOption, that specifies + the parameters of the TLS connection. + properties: + name: + type: string + namespace: + type: string + required: + - name + type: object + secretName: + description: + SecretName is the name of the referenced Kubernetes + Secret to specify the certificate details. + type: string + store: + description: + Store is a reference to a TLSStore, that specifies + the parameters of the TLS store. + properties: + name: + type: string + namespace: + type: string + required: + - name + type: object + type: object + required: + - routes + type: object + required: + - metadata + - spec + type: object + served: true + storage: true +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] diff --git a/stable/traefik/13.3.11/crds/ingressroutetcp.yaml b/stable/traefik/13.3.11/crds/ingressroutetcp.yaml new file mode 100644 index 00000000000..127a41767e1 --- /dev/null +++ b/stable/traefik/13.3.11/crds/ingressroutetcp.yaml @@ -0,0 +1,169 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + "helm.sh/resource-policy": keep + "helm.sh/hook": pre-install,pre-upgrade,pre-rollback + controller-gen.kubebuilder.io/version: v0.4.1 + creationTimestamp: null + name: ingressroutetcps.traefik.containo.us +spec: + group: traefik.containo.us + names: + kind: IngressRouteTCP + listKind: IngressRouteTCPList + plural: ingressroutetcps + singular: ingressroutetcp + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: IngressRouteTCP is an Ingress CRD specification. + properties: + apiVersion: + description: + "APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + type: string + kind: + description: + "Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + type: string + metadata: + type: object + spec: + description: + IngressRouteTCPSpec is a specification for a IngressRouteTCPSpec + resource. + properties: + entryPoints: + items: + type: string + type: array + routes: + items: + description: RouteTCP contains the set of routes. + properties: + match: + type: string + middlewares: + description: + Middlewares contains references to MiddlewareTCP + resources. + items: + description: + ObjectReference is a generic reference to a Traefik + resource. + properties: + name: + type: string + namespace: + type: string + required: + - name + type: object + type: array + services: + items: + description: ServiceTCP defines an upstream to proxy traffic. + properties: + name: + type: string + namespace: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + proxyProtocol: + description: ProxyProtocol holds the ProxyProtocol configuration. + properties: + version: + type: integer + type: object + terminationDelay: + type: integer + weight: + type: integer + required: + - name + - port + type: object + type: array + required: + - match + type: object + type: array + tls: + description: + "TLSTCP contains the TLS certificates configuration of + the routes. To enable Let's Encrypt, use an empty TLS struct, e.g. + in YAML: \n \t tls: {} # inline format \n \t tls: \t secretName: + # block format" + properties: + certResolver: + type: string + domains: + items: + description: Domain holds a domain name with SANs. + properties: + main: + type: string + sans: + items: + type: string + type: array + type: object + type: array + options: + description: + Options is a reference to a TLSOption, that specifies + the parameters of the TLS connection. + properties: + name: + type: string + namespace: + type: string + required: + - name + type: object + passthrough: + type: boolean + secretName: + description: + SecretName is the name of the referenced Kubernetes + Secret to specify the certificate details. + type: string + store: + description: + Store is a reference to a TLSStore, that specifies + the parameters of the TLS store. + properties: + name: + type: string + namespace: + type: string + required: + - name + type: object + type: object + required: + - routes + type: object + required: + - metadata + - spec + type: object + served: true + storage: true +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] diff --git a/stable/traefik/13.3.11/crds/ingressrouteudp.yaml b/stable/traefik/13.3.11/crds/ingressrouteudp.yaml new file mode 100644 index 00000000000..2ed2b6969b2 --- /dev/null +++ b/stable/traefik/13.3.11/crds/ingressrouteudp.yaml @@ -0,0 +1,87 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + "helm.sh/resource-policy": keep + "helm.sh/hook": pre-install,pre-upgrade,pre-rollback + controller-gen.kubebuilder.io/version: v0.4.1 + creationTimestamp: null + name: ingressrouteudps.traefik.containo.us +spec: + group: traefik.containo.us + names: + kind: IngressRouteUDP + listKind: IngressRouteUDPList + plural: ingressrouteudps + singular: ingressrouteudp + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: IngressRouteUDP is an Ingress CRD specification. + properties: + apiVersion: + description: + "APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + type: string + kind: + description: + "Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + type: string + metadata: + type: object + spec: + description: + IngressRouteUDPSpec is a specification for a IngressRouteUDPSpec + resource. + properties: + entryPoints: + items: + type: string + type: array + routes: + items: + description: RouteUDP contains the set of routes. + properties: + services: + items: + description: ServiceUDP defines an upstream to proxy traffic. + properties: + name: + type: string + namespace: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + weight: + type: integer + required: + - name + - port + type: object + type: array + type: object + type: array + required: + - routes + type: object + required: + - metadata + - spec + type: object + served: true + storage: true +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] diff --git a/stable/traefik/13.3.11/crds/middlewares.yaml b/stable/traefik/13.3.11/crds/middlewares.yaml new file mode 100644 index 00000000000..714d151151f --- /dev/null +++ b/stable/traefik/13.3.11/crds/middlewares.yaml @@ -0,0 +1,587 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + "helm.sh/resource-policy": keep + "helm.sh/hook": pre-install,pre-upgrade,pre-rollback + controller-gen.kubebuilder.io/version: v0.4.1 + creationTimestamp: null + name: middlewares.traefik.containo.us +spec: + group: traefik.containo.us + names: + kind: Middleware + listKind: MiddlewareList + plural: middlewares + singular: middleware + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: Middleware is a specification for a Middleware resource. + properties: + apiVersion: + description: + "APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + type: string + kind: + description: + "Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + type: string + metadata: + type: object + spec: + description: MiddlewareSpec holds the Middleware configuration. + properties: + addPrefix: + description: AddPrefix holds the AddPrefix configuration. + properties: + prefix: + type: string + type: object + basicAuth: + description: BasicAuth holds the HTTP basic authentication configuration. + properties: + headerField: + type: string + realm: + type: string + removeHeader: + type: boolean + secret: + type: string + type: object + buffering: + description: Buffering holds the request/response buffering configuration. + properties: + maxRequestBodyBytes: + format: int64 + type: integer + maxResponseBodyBytes: + format: int64 + type: integer + memRequestBodyBytes: + format: int64 + type: integer + memResponseBodyBytes: + format: int64 + type: integer + retryExpression: + type: string + type: object + chain: + description: Chain holds a chain of middlewares. + properties: + middlewares: + items: + description: MiddlewareRef is a ref to the Middleware resources. + properties: + name: + type: string + namespace: + type: string + required: + - name + type: object + type: array + type: object + circuitBreaker: + description: CircuitBreaker holds the circuit breaker configuration. + properties: + expression: + type: string + type: object + compress: + description: Compress holds the compress configuration. + properties: + excludedContentTypes: + items: + type: string + type: array + type: object + contentType: + description: + ContentType middleware - or rather its unique `autoDetect` + option - specifies whether to let the `Content-Type` header, if + it has not been set by the backend, be automatically set to a value + derived from the contents of the response. As a proxy, the default + behavior should be to leave the header alone, regardless of what + the backend did with it. However, the historic default was to always + auto-detect and set the header if it was nil, and it is going to + be kept that way in order to support users currently relying on + it. This middleware exists to enable the correct behavior until + at least the default one can be changed in a future version. + properties: + autoDetect: + type: boolean + type: object + digestAuth: + description: DigestAuth holds the Digest HTTP authentication configuration. + properties: + headerField: + type: string + realm: + type: string + removeHeader: + type: boolean + secret: + type: string + type: object + errors: + description: ErrorPage holds the custom error page configuration. + properties: + query: + type: string + service: + description: Service defines an upstream to proxy traffic. + properties: + kind: + enum: + - Service + - TraefikService + type: string + name: + description: + Name is a reference to a Kubernetes Service object + (for a load-balancer of servers), or to a TraefikService + object (service load-balancer, mirroring, etc). The differentiation + between the two is specified in the Kind field. + type: string + namespace: + type: string + passHostHeader: + type: boolean + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + responseForwarding: + description: + ResponseForwarding holds configuration for the + forward of the response. + properties: + flushInterval: + type: string + type: object + scheme: + type: string + serversTransport: + type: string + sticky: + description: Sticky holds the sticky configuration. + properties: + cookie: + description: + Cookie holds the sticky configuration based + on cookie. + properties: + httpOnly: + type: boolean + name: + type: string + sameSite: + type: string + secure: + type: boolean + type: object + type: object + strategy: + type: string + weight: + description: + Weight should only be specified when Name references + a TraefikService object (and to be precise, one that embeds + a Weighted Round Robin). + type: integer + required: + - name + type: object + status: + items: + type: string + type: array + type: object + forwardAuth: + description: ForwardAuth holds the http forward authentication configuration. + properties: + address: + type: string + authRequestHeaders: + items: + type: string + type: array + authResponseHeaders: + items: + type: string + type: array + authResponseHeadersRegex: + type: string + tls: + description: ClientTLS holds TLS specific configurations as client. + properties: + caOptional: + type: boolean + caSecret: + type: string + certSecret: + type: string + insecureSkipVerify: + type: boolean + type: object + trustForwardHeader: + type: boolean + type: object + headers: + description: Headers holds the custom header configuration. + properties: + accessControlAllowCredentials: + description: + AccessControlAllowCredentials is only valid if true. + false is ignored. + type: boolean + accessControlAllowHeaders: + description: + AccessControlAllowHeaders must be used in response + to a preflight request with Access-Control-Request-Headers set. + items: + type: string + type: array + accessControlAllowMethods: + description: + AccessControlAllowMethods must be used in response + to a preflight request with Access-Control-Request-Method set. + items: + type: string + type: array + accessControlAllowOriginList: + description: + AccessControlAllowOriginList is a list of allowable + origins. Can also be a wildcard origin "*". + items: + type: string + type: array + accessControlAllowOriginListRegex: + description: + AccessControlAllowOriginListRegex is a list of allowable + origins written following the Regular Expression syntax (https://golang.org/pkg/regexp/). + items: + type: string + type: array + accessControlExposeHeaders: + description: + AccessControlExposeHeaders sets valid headers for + the response. + items: + type: string + type: array + accessControlMaxAge: + description: + AccessControlMaxAge sets the time that a preflight + request may be cached. + format: int64 + type: integer + addVaryHeader: + description: + AddVaryHeader controls if the Vary header is automatically + added/updated when the AccessControlAllowOriginList is set. + type: boolean + allowedHosts: + items: + type: string + type: array + browserXssFilter: + type: boolean + contentSecurityPolicy: + type: string + contentTypeNosniff: + type: boolean + customBrowserXSSValue: + type: string + customFrameOptionsValue: + type: string + customRequestHeaders: + additionalProperties: + type: string + type: object + customResponseHeaders: + additionalProperties: + type: string + type: object + featurePolicy: + type: string + forceSTSHeader: + type: boolean + frameDeny: + type: boolean + hostsProxyHeaders: + items: + type: string + type: array + isDevelopment: + type: boolean + publicKey: + type: string + referrerPolicy: + type: string + sslForceHost: + description: "Deprecated: use RedirectRegex instead." + type: boolean + sslHost: + description: "Deprecated: use RedirectRegex instead." + type: string + sslProxyHeaders: + additionalProperties: + type: string + type: object + sslRedirect: + description: + "Deprecated: use EntryPoint redirection or RedirectScheme + instead." + type: boolean + sslTemporaryRedirect: + description: + "Deprecated: use EntryPoint redirection or RedirectScheme + instead." + type: boolean + stsIncludeSubdomains: + type: boolean + stsPreload: + type: boolean + stsSeconds: + format: int64 + type: integer + type: object + inFlightReq: + description: + InFlightReq limits the number of requests being processed + and served concurrently. + properties: + amount: + format: int64 + type: integer + sourceCriterion: + description: + SourceCriterion defines what criterion is used to + group requests as originating from a common source. If none + are set, the default is to use the request's remote address + field. All fields are mutually exclusive. + properties: + ipStrategy: + description: IPStrategy holds the ip strategy configuration. + properties: + depth: + type: integer + excludedIPs: + items: + type: string + type: array + type: object + requestHeaderName: + type: string + requestHost: + type: boolean + type: object + type: object + ipWhiteList: + description: IPWhiteList holds the ip white list configuration. + properties: + ipStrategy: + description: IPStrategy holds the ip strategy configuration. + properties: + depth: + type: integer + excludedIPs: + items: + type: string + type: array + type: object + sourceRange: + items: + type: string + type: array + type: object + passTLSClientCert: + description: PassTLSClientCert holds the TLS client cert headers configuration. + properties: + info: + description: + TLSClientCertificateInfo holds the client TLS certificate + info configuration. + properties: + issuer: + description: + TLSCLientCertificateDNInfo holds the client TLS + certificate distinguished name info configuration. cf https://tools.ietf.org/html/rfc3739 + properties: + commonName: + type: boolean + country: + type: boolean + domainComponent: + type: boolean + locality: + type: boolean + organization: + type: boolean + province: + type: boolean + serialNumber: + type: boolean + type: object + notAfter: + type: boolean + notBefore: + type: boolean + sans: + type: boolean + serialNumber: + type: boolean + subject: + description: + TLSCLientCertificateDNInfo holds the client TLS + certificate distinguished name info configuration. cf https://tools.ietf.org/html/rfc3739 + properties: + commonName: + type: boolean + country: + type: boolean + domainComponent: + type: boolean + locality: + type: boolean + organization: + type: boolean + province: + type: boolean + serialNumber: + type: boolean + type: object + type: object + pem: + type: boolean + type: object + plugin: + additionalProperties: + x-kubernetes-preserve-unknown-fields: true + type: object + rateLimit: + description: + RateLimit holds the rate limiting configuration for a + given router. + properties: + average: + format: int64 + type: integer + burst: + format: int64 + type: integer + period: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + sourceCriterion: + description: + SourceCriterion defines what criterion is used to + group requests as originating from a common source. If none + are set, the default is to use the request's remote address + field. All fields are mutually exclusive. + properties: + ipStrategy: + description: IPStrategy holds the ip strategy configuration. + properties: + depth: + type: integer + excludedIPs: + items: + type: string + type: array + type: object + requestHeaderName: + type: string + requestHost: + type: boolean + type: object + type: object + redirectRegex: + description: RedirectRegex holds the redirection configuration. + properties: + permanent: + type: boolean + regex: + type: string + replacement: + type: string + type: object + redirectScheme: + description: RedirectScheme holds the scheme redirection configuration. + properties: + permanent: + type: boolean + port: + type: string + scheme: + type: string + type: object + replacePath: + description: ReplacePath holds the ReplacePath configuration. + properties: + path: + type: string + type: object + replacePathRegex: + description: ReplacePathRegex holds the ReplacePathRegex configuration. + properties: + regex: + type: string + replacement: + type: string + type: object + retry: + description: Retry holds the retry configuration. + properties: + attempts: + type: integer + initialInterval: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + type: object + stripPrefix: + description: StripPrefix holds the StripPrefix configuration. + properties: + forceSlash: + type: boolean + prefixes: + items: + type: string + type: array + type: object + stripPrefixRegex: + description: StripPrefixRegex holds the StripPrefixRegex configuration. + properties: + regex: + items: + type: string + type: array + type: object + type: object + required: + - metadata + - spec + type: object + served: true + storage: true +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] diff --git a/stable/traefik/13.3.11/crds/middlewarestcp.yaml b/stable/traefik/13.3.11/crds/middlewarestcp.yaml new file mode 100644 index 00000000000..32c41e532de --- /dev/null +++ b/stable/traefik/13.3.11/crds/middlewarestcp.yaml @@ -0,0 +1,61 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + "helm.sh/resource-policy": keep + "helm.sh/hook": pre-install,pre-upgrade,pre-rollback + controller-gen.kubebuilder.io/version: v0.4.1 + creationTimestamp: null + name: middlewaretcps.traefik.containo.us +spec: + group: traefik.containo.us + names: + kind: MiddlewareTCP + listKind: MiddlewareTCPList + plural: middlewaretcps + singular: middlewaretcp + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: MiddlewareTCP is a specification for a MiddlewareTCP resource. + properties: + apiVersion: + description: + "APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + type: string + kind: + description: + "Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + type: string + metadata: + type: object + spec: + description: MiddlewareTCPSpec holds the MiddlewareTCP configuration. + properties: + ipWhiteList: + description: TCPIPWhiteList holds the TCP ip white list configuration. + properties: + sourceRange: + items: + type: string + type: array + type: object + type: object + required: + - metadata + - spec + type: object + served: true + storage: true +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] diff --git a/stable/traefik/13.3.11/crds/serverstransports.yaml b/stable/traefik/13.3.11/crds/serverstransports.yaml new file mode 100644 index 00000000000..a5f5206abad --- /dev/null +++ b/stable/traefik/13.3.11/crds/serverstransports.yaml @@ -0,0 +1,108 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + "helm.sh/resource-policy": keep + "helm.sh/hook": pre-install,pre-upgrade,pre-rollback + controller-gen.kubebuilder.io/version: v0.4.1 + creationTimestamp: null + name: serverstransports.traefik.containo.us +spec: + group: traefik.containo.us + names: + kind: ServersTransport + listKind: ServersTransportList + plural: serverstransports + singular: serverstransport + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: ServersTransport is a specification for a ServersTransport resource. + properties: + apiVersion: + description: + "APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + type: string + kind: + description: + "Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + type: string + metadata: + type: object + spec: + description: + ServersTransportSpec options to configure communication between + Traefik and the servers. + properties: + certificatesSecrets: + description: Certificates for mTLS. + items: + type: string + type: array + disableHTTP2: + description: Disable HTTP/2 for connections with backend servers. + type: boolean + forwardingTimeouts: + description: Timeouts for requests forwarded to the backend servers. + properties: + dialTimeout: + anyOf: + - type: integer + - type: string + description: + The amount of time to wait until a connection to + a backend server can be established. If zero, no timeout exists. + x-kubernetes-int-or-string: true + idleConnTimeout: + anyOf: + - type: integer + - type: string + description: + The maximum period for which an idle HTTP keep-alive + connection will remain open before closing itself. + x-kubernetes-int-or-string: true + responseHeaderTimeout: + anyOf: + - type: integer + - type: string + description: + The amount of time to wait for a server's response + headers after fully writing the request (including its body, + if any). If zero, no timeout exists. + x-kubernetes-int-or-string: true + type: object + insecureSkipVerify: + description: Disable SSL certificate verification. + type: boolean + maxIdleConnsPerHost: + description: + If non-zero, controls the maximum idle (keep-alive) to + keep per-host. If zero, DefaultMaxIdleConnsPerHost is used. + type: integer + rootCAsSecrets: + description: Add cert file for self-signed certificate. + items: + type: string + type: array + serverName: + description: ServerName used to contact the server. + type: string + type: object + required: + - metadata + - spec + type: object + served: true + storage: true +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] diff --git a/stable/traefik/13.3.11/crds/tlsoptions.yaml b/stable/traefik/13.3.11/crds/tlsoptions.yaml new file mode 100644 index 00000000000..054ffe6cf5a --- /dev/null +++ b/stable/traefik/13.3.11/crds/tlsoptions.yaml @@ -0,0 +1,92 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + "helm.sh/resource-policy": keep + "helm.sh/hook": pre-install,pre-upgrade,pre-rollback + controller-gen.kubebuilder.io/version: v0.4.1 + creationTimestamp: null + name: tlsoptions.traefik.containo.us +spec: + group: traefik.containo.us + names: + kind: TLSOption + listKind: TLSOptionList + plural: tlsoptions + singular: tlsoption + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: TLSOption is a specification for a TLSOption resource. + properties: + apiVersion: + description: + "APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + type: string + kind: + description: + "Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + type: string + metadata: + type: object + spec: + description: TLSOptionSpec configures TLS for an entry point. + properties: + cipherSuites: + items: + type: string + type: array + clientAuth: + description: + ClientAuth defines the parameters of the client authentication + part of the TLS connection, if any. + properties: + clientAuthType: + description: + ClientAuthType defines the client authentication + type to apply. + enum: + - NoClientCert + - RequestClientCert + - VerifyClientCertIfGiven + - RequireAndVerifyClientCert + type: string + secretNames: + description: + SecretName is the name of the referenced Kubernetes + Secret to specify the certificate details. + items: + type: string + type: array + type: object + curvePreferences: + items: + type: string + type: array + maxVersion: + type: string + minVersion: + type: string + preferServerCipherSuites: + type: boolean + sniStrict: + type: boolean + type: object + required: + - metadata + - spec + type: object + served: true + storage: true +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] diff --git a/stable/traefik/13.3.11/crds/tlsstores.yaml b/stable/traefik/13.3.11/crds/tlsstores.yaml new file mode 100644 index 00000000000..0fd2501746c --- /dev/null +++ b/stable/traefik/13.3.11/crds/tlsstores.yaml @@ -0,0 +1,68 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + "helm.sh/resource-policy": keep + "helm.sh/hook": pre-install,pre-upgrade,pre-rollback + controller-gen.kubebuilder.io/version: v0.4.1 + creationTimestamp: null + name: tlsstores.traefik.containo.us +spec: + group: traefik.containo.us + names: + kind: TLSStore + listKind: TLSStoreList + plural: tlsstores + singular: tlsstore + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: TLSStore is a specification for a TLSStore resource. + properties: + apiVersion: + description: + "APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + type: string + kind: + description: + "Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + type: string + metadata: + type: object + spec: + description: TLSStoreSpec configures a TLSStore resource. + properties: + defaultCertificate: + description: + DefaultCertificate holds a secret name for the TLSOption + resource. + properties: + secretName: + description: + SecretName is the name of the referenced Kubernetes + Secret to specify the certificate details. + type: string + required: + - secretName + type: object + required: + - defaultCertificate + type: object + required: + - metadata + - spec + type: object + served: true + storage: true +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] diff --git a/stable/traefik/13.3.11/crds/traefikservices.yaml b/stable/traefik/13.3.11/crds/traefikservices.yaml new file mode 100644 index 00000000000..c96892c41e0 --- /dev/null +++ b/stable/traefik/13.3.11/crds/traefikservices.yaml @@ -0,0 +1,289 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + "helm.sh/resource-policy": keep + "helm.sh/hook": pre-install,pre-upgrade,pre-rollback + controller-gen.kubebuilder.io/version: v0.4.1 + creationTimestamp: null + name: traefikservices.traefik.containo.us +spec: + group: traefik.containo.us + names: + kind: TraefikService + listKind: TraefikServiceList + plural: traefikservices + singular: traefikservice + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: + TraefikService is the specification for a service (that an IngressRoute + refers to) that is usually not a terminal service (i.e. not a pod of servers), + as opposed to a Kubernetes Service. That is to say, it usually refers to + other (children) services, which themselves can be TraefikServices or Services. + properties: + apiVersion: + description: + "APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + type: string + kind: + description: + "Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + type: string + metadata: + type: object + spec: + description: + ServiceSpec defines whether a TraefikService is a load-balancer + of services or a mirroring service. + properties: + mirroring: + description: + Mirroring defines a mirroring service, which is composed + of a main load-balancer, and a list of mirrors. + properties: + kind: + enum: + - Service + - TraefikService + type: string + maxBodySize: + format: int64 + type: integer + mirrors: + items: + description: + MirrorService defines one of the mirrors of a Mirroring + service. + properties: + kind: + enum: + - Service + - TraefikService + type: string + name: + description: + Name is a reference to a Kubernetes Service + object (for a load-balancer of servers), or to a TraefikService + object (service load-balancer, mirroring, etc). The differentiation + between the two is specified in the Kind field. + type: string + namespace: + type: string + passHostHeader: + type: boolean + percent: + type: integer + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + responseForwarding: + description: + ResponseForwarding holds configuration for + the forward of the response. + properties: + flushInterval: + type: string + type: object + scheme: + type: string + serversTransport: + type: string + sticky: + description: Sticky holds the sticky configuration. + properties: + cookie: + description: + Cookie holds the sticky configuration based + on cookie. + properties: + httpOnly: + type: boolean + name: + type: string + sameSite: + type: string + secure: + type: boolean + type: object + type: object + strategy: + type: string + weight: + description: + Weight should only be specified when Name references + a TraefikService object (and to be precise, one that embeds + a Weighted Round Robin). + type: integer + required: + - name + type: object + type: array + name: + description: + Name is a reference to a Kubernetes Service object + (for a load-balancer of servers), or to a TraefikService object + (service load-balancer, mirroring, etc). The differentiation + between the two is specified in the Kind field. + type: string + namespace: + type: string + passHostHeader: + type: boolean + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + responseForwarding: + description: + ResponseForwarding holds configuration for the forward + of the response. + properties: + flushInterval: + type: string + type: object + scheme: + type: string + serversTransport: + type: string + sticky: + description: Sticky holds the sticky configuration. + properties: + cookie: + description: + Cookie holds the sticky configuration based on + cookie. + properties: + httpOnly: + type: boolean + name: + type: string + sameSite: + type: string + secure: + type: boolean + type: object + type: object + strategy: + type: string + weight: + description: + Weight should only be specified when Name references + a TraefikService object (and to be precise, one that embeds + a Weighted Round Robin). + type: integer + required: + - name + type: object + weighted: + description: WeightedRoundRobin defines a load-balancer of services. + properties: + services: + items: + description: Service defines an upstream to proxy traffic. + properties: + kind: + enum: + - Service + - TraefikService + type: string + name: + description: + Name is a reference to a Kubernetes Service + object (for a load-balancer of servers), or to a TraefikService + object (service load-balancer, mirroring, etc). The differentiation + between the two is specified in the Kind field. + type: string + namespace: + type: string + passHostHeader: + type: boolean + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + responseForwarding: + description: + ResponseForwarding holds configuration for + the forward of the response. + properties: + flushInterval: + type: string + type: object + scheme: + type: string + serversTransport: + type: string + sticky: + description: Sticky holds the sticky configuration. + properties: + cookie: + description: + Cookie holds the sticky configuration based + on cookie. + properties: + httpOnly: + type: boolean + name: + type: string + sameSite: + type: string + secure: + type: boolean + type: object + type: object + strategy: + type: string + weight: + description: + Weight should only be specified when Name references + a TraefikService object (and to be precise, one that embeds + a Weighted Round Robin). + type: integer + required: + - name + type: object + type: array + sticky: + description: Sticky holds the sticky configuration. + properties: + cookie: + description: + Cookie holds the sticky configuration based on + cookie. + properties: + httpOnly: + type: boolean + name: + type: string + sameSite: + type: string + secure: + type: boolean + type: object + type: object + type: object + type: object + required: + - metadata + - spec + type: object + served: true + storage: true +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] diff --git a/stable/traefik/13.3.11/ix_values.yaml b/stable/traefik/13.3.11/ix_values.yaml new file mode 100644 index 00000000000..c980da8e168 --- /dev/null +++ b/stable/traefik/13.3.11/ix_values.yaml @@ -0,0 +1,387 @@ +image: + repository: tccr.io/truecharts/traefik + # defaults to appVersion + tag: 2.8.7@sha256:6aed036bb4faf8fa769f94b5eff931b73885043f870509344620098b9220f13c + pullPolicy: IfNotPresent + +# -- Use ingressClass. Ignored if Traefik version < 2.3 / kubernetes < 1.18.x +ingressClass: + # true is not unit-testable yet, pending https://github.com/rancher/helm-unittest/pull/12 + enabled: false + isDefaultClass: false + # Use to force a networking.k8s.io API Version for certain CI/CD applications. E.g. "v1beta1" + fallbackApiVersion: "" + +# -- Deprecated (will be removed later) +# -- Activate Pilot integration +pilot: + enabled: false + token: "" + # Toggle Pilot Dashboard + # dashboard: false + +# -- Create an IngressRoute for the dashboard +ingressRoute: + dashboard: + enabled: true + # Additional ingressRoute annotations (e.g. for kubernetes.io/ingress.class) + annotations: {} + # Additional ingressRoute labels (e.g. for filtering IngressRoute by custom labels) + labels: {} + +podAnnotations: + prometheus.io/scrape: "true" + prometheus.io/path: "/metrics" + prometheus.io/port: "9180" + +# +# -- Configure providers +providers: + kubernetesCRD: + enabled: true + namespaces: + [] + # - "default" + kubernetesIngress: + enabled: true + # labelSelector: environment=production,method=traefik + namespaces: + [] + # - "default" + # IP used for Kubernetes Ingress endpoints + publishedService: + enabled: true + # Published Kubernetes Service to copy status from. Format: namespace/servicename + # By default this Traefik service + # pathOverride: "" + +# -- Logs +# https://docs.traefik.io/observability/logs/ +logs: + # Traefik logs concern everything that happens to Traefik itself (startup, configuration, events, shutdown, and so on). + general: + # By default, the level is set to ERROR. Alternative logging levels are DEBUG, PANIC, FATAL, ERROR, WARN, and INFO. + level: ERROR + # -- Set the format of General Logs to be either Common Log Format or JSON. For more information: https://doc.traefik.io/traefik/observability/logs/#format + format: common + access: + # To enable access logs + enabled: false + # To write the logs in an asynchronous fashion, specify a bufferingSize option. + # This option represents the number of log lines Traefik will keep in memory before writing + # them to the selected output. In some cases, this option can greatly help performances. + # bufferingSize: 100 + # Filtering https://docs.traefik.io/observability/access-logs/#filtering + filters: + {} + # statuscodes: "200,300-302" + # retryattempts: true + # minduration: 10ms + # Fields + # https://docs.traefik.io/observability/access-logs/#limiting-the-fieldsincluding-headers + fields: + general: + defaultmode: keep + names: + {} + # Examples: + # ClientUsername: drop + headers: + defaultmode: drop + names: + {} + # Examples: + # User-Agent: redact + # Authorization: drop + # Content-Type: keep + # -- Set the format of Access Logs to be either Common Log Format or JSON. For more information: https://doc.traefik.io/traefik/observability/access-logs/#format + format: common + +metrics: + # datadog: + # address: 127.0.0.1:8125 + # influxdb: + # address: localhost:8089 + # protocol: udp + prometheus: + entryPoint: metrics + # statsd: + # address: localhost:8125 + +globalArguments: + - "--global.checknewversion" + +## +# -- Additional arguments to be passed at Traefik's binary +# All available options available on https://docs.traefik.io/reference/static-configuration/cli/ +## Use curly braces to pass values: `helm install --set="additionalArguments={--providers.kubernetesingress.ingressclass=traefik-internal,--log.level=DEBUG}"` +additionalArguments: + - "--metrics.prometheus" + - "--ping" + - "--serverstransport.insecureskipverify=true" + - "--providers.kubernetesingress.allowexternalnameservices=true" + +# -- TLS Options to be created as TLSOption CRDs +# https://doc.traefik.io/tccr.io/truecharts/https/tls/#tls-options +# Example: +tlsOptions: + default: + sniStrict: false + minVersion: VersionTLS12 + curvePreferences: + - CurveP521 + - CurveP384 + cipherSuites: + - TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 + - TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 + - TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305 + - TLS_AES_128_GCM_SHA256 + - TLS_AES_256_GCM_SHA384 + - TLS_CHACHA20_POLY1305_SHA256 + +# -- Options for the main traefik service, where the entrypoints traffic comes from +# from. +service: + main: + type: LoadBalancer + ports: + main: + port: 9000 + targetPort: 9000 + protocol: HTTP + # -- Forwarded Headers should never be enabled on Main entrypoint + forwardedHeaders: + enabled: false + # -- Proxy Protocol should never be enabled on Main entrypoint + proxyProtocol: + enabled: false + tcp: + enabled: true + type: LoadBalancer + ports: + web: + enabled: true + port: 9080 + protocol: HTTP + redirectTo: websecure + # Options: Empty, 0 (ingore), or positive int + # redirectPort: + # -- Configure (Forwarded Headers)[https://doc.traefik.io/traefik/routing/entrypoints/#forwarded-headers] Support + forwardedHeaders: + enabled: false + # -- List of trusted IP and CIDR references + trustedIPs: [] + # -- Trust all forwarded headers + insecureMode: false + # -- Configure (Proxy Protocol Headers)[https://doc.traefik.io/traefik/routing/entrypoints/#proxyprotocol] Support + proxyProtocol: + enabled: false + # -- Only IPs in trustedIPs will lead to remote client address replacement + trustedIPs: [] + # -- Trust every incoming connection + insecureMode: false + websecure: + enabled: true + port: 9443 + protocol: HTTPS + # -- Configure (Forwarded Headers)[https://doc.traefik.io/traefik/routing/entrypoints/#forwarded-headers] Support + forwardedHeaders: + enabled: false + # -- List of trusted IP and CIDR references + trustedIPs: [] + # -- Trust all forwarded headers + insecureMode: false + # -- Configure (Proxy Protocol Headers)[https://doc.traefik.io/traefik/routing/entrypoints/#proxyprotocol] Support + proxyProtocol: + enabled: false + # -- Only IPs in trustedIPs will lead to remote client address replacement + trustedIPs: [] + # -- Trust every incoming connection + insecureMode: false + # tcpexample: + # enabled: true + # targetPort: 9443 + # protocol: TCP + # tls: + # enabled: false + # # this is the name of a TLSOption definition + # options: "" + # certResolver: "" + # domains: [] + # # - main: example.com + # # sans: + # # - foo.example.com + # # - bar.example.com + metrics: + enabled: true + type: ClusterIP + ports: + metrics: + enabled: true + port: 9180 + targetPort: 9180 + protocol: HTTP + # -- Forwarded Headers should never be enabled on Metrics entrypoint + forwardedHeaders: + enabled: false + # -- Proxy Protocol should never be enabled on Metrics entrypoint + proxyProtocol: + enabled: false + udp: + enabled: false + +# probes: +# # -- Liveness probe configuration +# # @default -- See below +# liveness: +# # -- sets the probe type when not using a custom probe +# # @default -- "TCP" +# type: HTTP +# # -- If a HTTP probe is used (default for HTTP/HTTPS services) this path is used +# # @default -- "/" +# path: "/ping" + +# # -- Redainess probe configuration +# # @default -- See below +# readiness: +# # -- sets the probe type when not using a custom probe +# # @default -- "TCP" +# type: HTTP +# # -- If a HTTP probe is used (default for HTTP/HTTPS services) this path is used +# # @default -- "/" +# path: "/ping" + +# # -- Startup probe configuration +# # @default -- See below +# startup: +# # -- sets the probe type when not using a custom probe +# # @default -- "TCP" +# type: HTTP +# # -- If a HTTP probe is used (default for HTTP/HTTPS services) this path is used +# # @default -- "/" +# path: "/ping" + +# -- Whether Role Based Access Control objects like roles and rolebindings should be created +rbac: + main: + enabled: true + rules: + - apiGroups: + - "" + resources: + - services + - endpoints + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - extensions + - networking.k8s.io + resources: + - ingresses + - ingressclasses + verbs: + - get + - list + - watch + - apiGroups: + - extensions + - networking.k8s.io + resources: + - ingresses/status + verbs: + - update + - apiGroups: + - traefik.containo.us + resources: + - ingressroutes + - ingressroutetcps + - ingressrouteudps + - middlewares + - middlewaretcps + - tlsoptions + - tlsstores + - traefikservices + - serverstransports + verbs: + - get + - list + - watch + +# -- The service account the pods will use to interact with the Kubernetes API +serviceAccount: + main: + enabled: true + +# -- SCALE Middleware Handlers +middlewares: + basicAuth: [] + # - name: basicauthexample + # users: + # - username: testuser + # password: testpassword + forwardAuth: [] + # - name: forwardAuthexample + # address: https://auth.example.com/ + # authResponseHeaders: + # - X-Secret + # - X-Auth-User + # authRequestHeaders: + # - "Accept" + # - "X-CustomHeader" + # authResponseHeadersRegex: "^X-" + # trustForwardHeader: true + chain: [] + # - name: chainname + # middlewares: + # - name: compress + redirectScheme: [] + # - name: redirectSchemeName + # scheme: https + # permanent: true + rateLimit: [] + # - name: rateLimitName + # average: 300 + # burst: 200 + redirectRegex: [] + # - name: redirectRegexName + # regex: putregexhere + # replacement: replacementurlhere + # permanent: false + stripPrefixRegex: [] + # - name: stripPrefixRegexName + # regex: [] + ipWhiteList: [] + # - name: ipWhiteListName + # sourceRange: [] + # ipStrategy: + # depth: 2 + # excludedIPs: [] + # -- Currently requires to enable Traefik Pilot. + # -- Until it's deprecated. + themePark: [] + # - name: themeParkName + # -- Supported apps, lower case name + # -- https://docs.theme-park.dev/themes + # app: appnamehere + # -- Supported themes, lower case name + # -- https://docs.theme-park.dev/themes/APPNAMEHERE + # -- https://docs.theme-park.dev/community-themes + # theme: themenamehere + # -- https://theme-park.dev or a self hosted url + # baseUrl: https://theme-park.dev + themeParkVersion: v1.2.1 + +portalhook: + enabled: true + +persistence: + plugins: + enabled: true + mountPath: "/plugins-storage" + type: emptyDir + +portal: + enabled: true diff --git a/stable/traefik/13.3.11/questions.yaml b/stable/traefik/13.3.11/questions.yaml new file mode 100644 index 00000000000..cfee0f1ba6d --- /dev/null +++ b/stable/traefik/13.3.11/questions.yaml @@ -0,0 +1,2856 @@ +groups: + - name: Container Image + description: Image to be used for container + - name: Controller + description: Configure Workload Deployment + - name: Container Configuration + description: Additional Container Configuration + - name: App Configuration + description: App Specific Config Options + - name: Networking and Services + description: Configure Network and Services for Container + - name: Storage and Persistence + description: Persist and Share Data that is Separate from the Container + - name: Ingress + description: Ingress Configuration + - name: Security and Permissions + description: Configure Security Context and Permissions + - name: Resources and Devices + description: "Specify Resources/Devices to be Allocated to Workload" + - name: Middlewares + description: Traefik Middlewares + - name: Metrics + description: Metrics + - name: Addons + description: Addon Configuration + - name: Advanced + description: Advanced Configuration + - name: Documentation + description: Documentation +portals: + open: + protocols: + - "http" + host: + - "$kubernetes-resource_configmap_portal_host" + ports: + - "$kubernetes-resource_configmap_portal_port" + path: "/dashboard/" +questions: + - variable: global + label: Global Settings + group: Controller + schema: + type: dict + hidden: true + attrs: + - variable: isSCALE + label: Flag this is SCALE + schema: + type: boolean + default: true + hidden: true + - variable: controller + group: Controller + label: "" + schema: + additional_attrs: true + type: dict + attrs: + - variable: advanced + label: Show Advanced Controller Settings + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: type + description: Please specify type of workload to deploy + label: (Advanced) Controller Type + schema: + type: string + required: true + enum: + - value: deployment + description: Deployment + - value: statefulset + description: Statefulset + - value: daemonset + description: Daemonset + default: deployment + - variable: replicas + description: Number of desired pod replicas + label: Desired Replicas + schema: + type: int + required: true + default: 1 + - variable: strategy + description: Please specify type of workload to deploy + label: (Advanced) Update Strategy + schema: + type: string + required: true + enum: + - value: Recreate + description: "Recreate: Kill existing pods before creating new ones" + - value: RollingUpdate + description: "RollingUpdate: Create new pods and then kill old ones" + - value: OnDelete + description: "(Legacy) OnDelete: ignore .spec.template changes" + default: Recreate + - variable: expert + label: Show Expert Configuration Options + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: labelsList + label: Controller Labels + schema: + type: list + default: [] + items: + - variable: labelItem + label: Label + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: Name + schema: + type: string + - variable: value + label: Value + schema: + type: string + - variable: annotationsList + label: Controller Annotations + schema: + type: list + default: [] + items: + - variable: annotationItem + label: Label + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: Name + schema: + type: string + - variable: value + label: Value + schema: + type: string + - variable: customextraargs + group: Controller + label: "Extra Args" + description: "Do not click this unless you know what you are doing" + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: extraArgs + label: Extra Args + schema: + type: list + default: [] + items: + - variable: arg + label: Arg + schema: + type: string + - variable: TZ + label: Timezone + group: Container Configuration + schema: + type: string + default: "Etc/UTC" + $ref: + - "definitions/timezone" + - variable: envList + label: Extra Environment Variables + description: "Please be aware that some variables are set in the background, adding duplicates here might cause issues or prevent the app from starting..." + group: Container Configuration + schema: + type: list + default: [] + items: + - variable: envItem + label: Environment Variable + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: Name + schema: + type: string + - variable: value + label: Value + schema: + type: string + - variable: expertpodconf + group: Container Configuration + label: Show Expert Configuration + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: tty + label: Enable TTY + description: Determines whether containers in a pod runs with TTY enabled. By default pod has it disabled. + group: Workload Details + schema: + type: boolean + default: false + - variable: stdin + label: Enable STDIN + description: Determines whether containers in a pod runs with stdin enabled. By default pod has it disabled. + group: Workload Details + schema: + type: boolean + default: false + - variable: termination + group: Container Configuration + label: Termination settings + schema: + additional_attrs: true + type: dict + attrs: + - variable: gracePeriodSeconds + label: Grace Period Seconds + schema: + type: int + default: 10 + - variable: podLabelsList + group: Container Configuration + label: Pod Labels + schema: + type: list + default: [] + items: + - variable: podLabelItem + label: Label + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: Name + schema: + type: string + - variable: value + label: Value + schema: + type: string + - variable: podAnnotationsList + group: Container Configuration + label: Pod Annotations + schema: + type: list + default: [] + items: + - variable: podAnnotationItem + label: Label + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: Name + schema: + type: string + - variable: value + label: Value + schema: + type: string + - variable: ingressClass + label: "ingressClass" + group: "App Configuration" + schema: + additional_attrs: true + type: dict + attrs: + - variable: enabled + label: "Enable" + description: "When enabled, ingressClass will match the entered name of this app" + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: isDefaultClass + label: "isDefaultClass" + schema: + type: boolean + default: false + - variable: logs + label: "Logs" + group: "App Configuration" + schema: + additional_attrs: true + type: dict + attrs: + - variable: general + label: "General Logs" + schema: + additional_attrs: true + type: dict + attrs: + - variable: level + label: "Log Level" + schema: + type: string + default: "ERROR" + enum: + - value: "INFO" + description: "Info" + - value: "WARN" + description: "Warnings" + - value: "ERROR" + description: "Errors" + - value: "FATAL" + description: "Fatal Errors" + - value: "PANIC" + description: "Panics" + - value: "DEBUG" + description: "Debug" + - variable: format + label: "General Log format" + schema: + type: string + default: "common" + enum: + - value: "common" + description: "Common Log Format" + - value: "json" + description: "JSON" + - variable: access + label: "Access Logs" + schema: + additional_attrs: true + type: dict + attrs: + - variable: enabled + label: "Enable" + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: enabledFilters + label: "Enable Filters" + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: filters + label: "Filters" + schema: + additional_attrs: true + type: dict + attrs: + - variable: statuscodes + label: "Status codes" + schema: + type: string + default: "200,300-302" + - variable: retryattempts + label: "retryattempts" + schema: + type: boolean + default: true + - variable: minduration + label: "minduration" + schema: + type: string + default: "10ms" + - variable: fields + label: "Fields" + schema: + additional_attrs: true + type: dict + attrs: + - variable: general + label: "General" + schema: + additional_attrs: true + type: dict + attrs: + - variable: defaultmode + label: "Default Mode" + schema: + type: string + default: "keep" + enum: + - value: "keep" + description: "Keep" + - value: "drop" + description: "Drop" + - variable: headers + label: "Headers" + schema: + additional_attrs: true + type: dict + attrs: + - variable: defaultmode + label: "Default Mode" + schema: + type: string + default: "drop" + enum: + - value: "keep" + description: "Keep" + - value: "drop" + description: "Drop" + - variable: format + label: "Access Log format" + schema: + type: string + default: "common" + enum: + - value: "common" + description: "Common Log Format" + - value: "json" + description: "JSON" + - variable: middlewares + label: "" + group: "Middlewares" + schema: + additional_attrs: true + type: dict + attrs: + - variable: basicAuth + label: "basicAuth" + schema: + type: list + default: [] + items: + - variable: basicAuthEntry + label: "" + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: "Name" + schema: + type: string + required: true + default: "" + - variable: users + label: "Users" + schema: + type: list + default: [] + items: + - variable: usersEntry + label: "" + schema: + additional_attrs: true + type: dict + attrs: + - variable: username + label: "Username" + schema: + type: string + required: true + default: "" + - variable: password + label: "Password" + schema: + type: string + required: true + default: "" + - variable: forwardAuth + label: "forwardAuth" + schema: + type: list + default: [] + items: + - variable: basicAuthEntry + label: "" + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: "Name" + schema: + type: string + required: true + default: "" + - variable: address + label: "Address" + schema: + type: string + required: true + default: "" + - variable: trustForwardHeader + label: "trustForwardHeader" + schema: + type: boolean + default: false + - variable: authResponseHeadersRegex + label: "authResponseHeadersRegex" + schema: + type: string + default: "" + - variable: authResponseHeaders + label: "authResponseHeaders" + schema: + type: list + default: [] + items: + - variable: authResponseHeadersEntry + label: "" + schema: + type: string + default: "" + - variable: authRequestHeaders + label: "authRequestHeaders" + schema: + type: list + default: [] + items: + - variable: authRequestHeadersEntry + label: "" + schema: + type: string + default: "" + - variable: chain + label: "chain" + schema: + type: list + default: [] + items: + - variable: chainEntry + label: "" + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: "Name" + schema: + type: string + required: true + - variable: middlewares + label: "Middlewares to Chain" + schema: + type: list + default: [] + items: + - variable: name + label: "Name" + schema: + type: string + required: true + default: "" + - variable: redirectScheme + label: "redirectScheme" + schema: + type: list + default: [] + items: + - variable: redirectSchemeEntry + label: "" + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: "Name" + schema: + type: string + required: true + - variable: scheme + label: "Scheme" + schema: + type: string + required: true + default: "https" + enum: + - value: "https" + description: "https" + - value: "http" + description: "http" + - variable: permanent + label: "Permanent" + schema: + type: boolean + default: false + - variable: rateLimit + label: "rateLimit" + schema: + type: list + default: [] + items: + - variable: rateLimitEntry + label: "" + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: "Name" + schema: + type: string + required: true + - variable: average + label: "Average" + schema: + type: int + required: true + default: 300 + - variable: burst + label: "Burst" + schema: + type: int + required: true + default: 200 + - variable: redirectRegex + label: "redirectRegex" + schema: + type: list + default: [] + items: + - variable: redirectRegexEntry + label: "" + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: "Name" + schema: + type: string + required: true + - variable: regex + label: "Regex" + schema: + type: string + required: true + default: "" + - variable: replacement + label: "Replacement" + schema: + type: string + required: true + default: "" + - variable: permanent + label: "Permanent" + schema: + type: boolean + default: false + - variable: stripPrefixRegex + label: "stripPrefixRegex" + schema: + type: list + default: [] + items: + - variable: stripPrefixRegexEntry + label: "" + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: "Name" + schema: + type: string + required: true + - variable: regex + label: "Regex" + schema: + type: list + default: [] + items: + - variable: regexEntry + label: "Regex" + schema: + type: string + required: true + default: "" + - variable: ipWhiteList + label: "ipWhiteList" + schema: + type: list + default: [] + items: + - variable: ipWhiteListEntry + label: "" + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: "Name" + schema: + type: string + required: true + default: "" + - variable: sourceRange + label: "Source Range" + schema: + type: list + default: [] + items: + - variable: sourceRangeEntry + label: "" + schema: + type: string + required: true + default: "" + - variable: ipStrategy + label: "IP Strategy" + schema: + additional_attrs: true + type: dict + attrs: + - variable: depth + label: "Depth" + schema: + type: int + required: true + - variable: excludedIPs + label: "Excluded IPs" + schema: + type: list + default: [] + items: + - variable: excludedIPsEntry + label: "" + schema: + type: string + required: true + default: "" + - variable: themePark + label: "theme.park" + schema: + type: list + default: [] + items: + - variable: themeParkEntry + label: "" + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: "Name" + description: This is a 3rd party plugin and not maintained by TrueCharts, + for more information go to traefik-themepark + schema: + type: string + required: true + - variable: appName + label: App Name + description: Lower case, name of the app to be themed. +
Go to https://docs.theme-park.dev/themes/ to see supported apps. + schema: + type: string + required: true + - variable: themeName + label: Theme Name + description: Lower case, name of the theme to be applied. +
Go to https://docs.theme-park.dev/theme-options/ to see supported themes. + schema: + type: string + required: true + - variable: baseUrl + label: Base URL + description: Replace `https://theme-park.dev` URL for self-hosting reference. + schema: + type: string + required: true + default: https://theme-park.dev + - variable: addons + label: Addons + schema: + type: list + default: [] + items: + - variable: addonEntry + label: "Addon" + description: Currently only supports 'darker' and '4k-logo' for *arr apps. +
Go to https://docs.theme-park.dev/themes/addons/ for Addon information. +
Go to https://github.com/packruler/traefik-themepark for more context on plugin + schema: + type: string + required: true + default: "" + - variable: service + group: "Networking and Services" + label: "Configure Service Entrypoint" + schema: + additional_attrs: true + type: dict + attrs: + - variable: main + label: "Main Service" + description: "The Primary service on which the healthcheck runs, often the webUI" + schema: + additional_attrs: true + type: dict + attrs: + - variable: enabled + label: Enable the Service + schema: + type: boolean + default: true + hidden: true + - variable: type + label: Service Type + description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer" + schema: + type: string + default: LoadBalancer + enum: + - value: LoadBalancer + description: LoadBalancer (Expose Ports) + - value: ClusterIP + description: ClusterIP (Do Not Expose Ports) + - value: Simple + description: Deprecated CHANGE THIS + - variable: loadBalancerIP + label: LoadBalancer IP + description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB" + schema: + show_if: [["type", "=", "LoadBalancer"]] + type: string + default: "" + - variable: advancedsvcset + label: Show Advanced Service Settings + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: externalIPs + label: "External IP's" + description: "External IP's" + schema: + type: list + default: [] + items: + - variable: externalIP + label: External IP + schema: + type: string + - variable: ipFamilyPolicy + label: IP Family Policy + description: Specify the IP Policy + schema: + type: string + default: SingleStack + enum: + - value: SingleStack + description: SingleStack + - value: PreferDualStack + description: PreferDualStack + - value: RequireDualStack + description: RequireDualStack + - variable: ipFamilies + label: IP Families + description: The IP Families that should be used + schema: + type: list + default: [] + items: + - variable: ipFamily + label: IP Family + schema: + type: string + - variable: ports + label: "Service's Port(s) Configuration" + schema: + additional_attrs: true + type: dict + attrs: + - variable: main + label: "Main Entrypoint Configuration" + schema: + additional_attrs: true + type: dict + attrs: + - variable: advanced + label: Show Advanced Settings + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: enabled + label: Enable the Port + schema: + type: boolean + hidden: true + default: true + - variable: protocol + label: Port Type + schema: + type: string + default: HTTP + enum: + - value: HTTP + description: HTTP + - value: HTTPS + description: HTTPS + - value: TCP + description: TCP + - value: UDP + description: UDP + - variable: nodePort + label: Node Port (Optional) + description: This port gets exposed to the node. Only considered when service type is NodePort, Simple or LoadBalancer + schema: + type: int + min: 9000 + max: 65535 + - variable: targetPort + label: "Target Port" + description: "The internal(!) port on the container the Application runs on" + schema: + type: int + default: 9000 + - variable: port + label: "Entrypoints Port" + schema: + type: int + default: 9000 + required: true + - variable: tcp + label: "TCP Service" + description: "The tcp Entrypoint service" + schema: + additional_attrs: true + type: dict + attrs: + - variable: enabled + label: Enable the Service + schema: + type: boolean + default: true + hidden: true + - variable: type + label: Service Type + description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer" + schema: + type: string + default: LoadBalancer + enum: + - value: LoadBalancer + description: LoadBalancer (Expose Ports) + - value: ClusterIP + description: ClusterIP (Do Not Expose Ports) + - value: Simple + description: Deprecated CHANGE THIS + - variable: loadBalancerIP + label: LoadBalancer IP + description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB" + schema: + show_if: [["type", "=", "LoadBalancer"]] + type: string + default: "" + - variable: advancedsvcset + label: Show Advanced Service Settings + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: externalIPs + label: "External IP's" + description: "External IP's" + schema: + type: list + default: [] + items: + - variable: externalIP + label: External IP + schema: + type: string + - variable: ipFamilyPolicy + label: IP Family Policy + description: Specify the IP Policy + schema: + type: string + default: SingleStack + enum: + - value: SingleStack + description: SingleStack + - value: PreferDualStack + description: PreferDualStack + - value: RequireDualStack + description: RequireDualStack + - variable: ipFamilies + label: IP Families + description: The IP Families that should be used + schema: + type: list + default: [] + items: + - variable: ipFamily + label: IP Family + schema: + type: string + - variable: ports + label: "Service's Port(s) Configuration" + schema: + additional_attrs: true + type: dict + attrs: + - variable: web + label: "web Entrypoint Configuration" + schema: + additional_attrs: true + type: dict + attrs: + - variable: port + label: "Entrypoints Port" + schema: + type: int + default: 9080 + required: true + - variable: advanced + label: Show Advanced Settings + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: enabled + label: Enable the Port + schema: + type: boolean + hidden: true + default: true + - variable: protocol + label: Port Type + schema: + type: string + default: HTTP + enum: + - value: HTTP + description: HTTP + - value: HTTPS + description: HTTPS + - value: TCP + description: TCP + - value: UDP + description: UDP + - variable: nodePort + label: Node Port (Optional) + description: This port gets exposed to the node. Only considered when service type is NodePort, Simple or LoadBalancer + schema: + type: int + min: 9000 + max: 65535 + - variable: targetPort + label: "Target Port" + description: "The internal(!) port on the container the Application runs on" + schema: + type: int + - variable: redirectPort + label: "Redirect to Port" + schema: + type: int + - variable: redirectTo + label: "Redirect to Entrypoint" + schema: + type: string + default: "websecure" + - variable: forwardedHeaders + label: Accept Forwarded Headers + schema: + additional_attrs: true + type: dict + attrs: + - variable: enabled + label: Enable + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: trustedIPs + label: Trusted IPs + description: Trust Forwarded Headers from specific IPs. + schema: + type: list + default: [] + items: + - variable: trustedIPsEntry + label: "" + schema: + type: string + required: true + default: "" + - variable: insecureMode + label: Insecure Mode + description: Always Trust Forwarded Headers + schema: + type: boolean + default: false + - variable: proxyProtocol + label: Accept Proxy Protocol connections + description: If Proxy Protocol header parsing is enabled for the entry point, this entry point can accept connections with or without Proxy Protocol headers. + schema: + additional_attrs: true + type: dict + attrs: + - variable: enabled + label: Enable + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: trustedIPs + label: Trusted IPs + description: Only IPs in trustedIPs will lead to remote client address replacement + schema: + type: list + default: [] + items: + - variable: trustedIPsEntry + label: "" + schema: + type: string + required: true + default: "" + - variable: insecureMode + label: Insecure Mode + description: Trust every incoming connection + schema: + type: boolean + default: false + - variable: websecure + label: "websecure Entrypoints Configuration" + schema: + additional_attrs: true + type: dict + attrs: + - variable: port + label: "Entrypoints Port" + schema: + type: int + default: 9443 + required: true + - variable: advanced + label: Show Advanced Settings + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: enabled + label: Enable the Port + schema: + type: boolean + hidden: true + default: true + - variable: protocol + label: Port Type + schema: + type: string + default: HTTPS + enum: + - value: HTTP + description: HTTP + - value: HTTPS + description: HTTPS + - value: TCP + description: TCP + - value: UDP + description: UDP + - variable: nodePort + label: Node Port (Optional) + description: This port gets exposed to the node. Only considered when service type is NodePort, Simple or LoadBalancer + schema: + type: int + min: 9000 + max: 65535 + - variable: targetPort + label: "Target Port" + description: "The internal(!) port on the container the Application runs on" + schema: + type: int + - variable: redirectPort + label: "Redirect to Port" + schema: + type: int + - variable: redirectTo + label: "Redirect to Entrypoint" + schema: + type: string + - variable: forwardedHeaders + label: Accept Forwarded Headers + schema: + additional_attrs: true + type: dict + attrs: + - variable: enabled + label: Enable + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: trustedIPs + label: Trusted IPs + description: Trust Forwarded Headers from specific IPs. + schema: + type: list + default: [] + items: + - variable: trustedIPsEntry + label: "" + schema: + type: string + required: true + default: "" + - variable: insecureMode + label: Insecure Mode + description: Always Trust Forwarded Headers + schema: + type: boolean + default: false + - variable: proxyProtocol + label: Accept Proxy Protocol connections + description: If Proxy Protocol header parsing is enabled for the entry point, this entry point can accept connections with or without Proxy Protocol headers. + schema: + additional_attrs: true + type: dict + attrs: + - variable: enabled + label: Enable + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: trustedIPs + label: Trusted IPs + description: Only IPs in trustedIPs will lead to remote client address replacement + schema: + type: list + default: [] + items: + - variable: trustedIPsEntry + label: "" + schema: + type: string + required: true + default: "" + - variable: insecureMode + label: Insecure Mode + description: Trust every incoming connection + schema: + type: boolean + default: false + - variable: tls + label: "websecure Entrypoints Configuration" + schema: + type: dict + hidden: true + attrs: + - variable: enabled + label: "Enabled" + schema: + type: boolean + default: true + hidden: true + - variable: portsList + label: "Additional TCP Entrypoints" + schema: + type: list + default: [] + items: + - variable: portsListEntry + label: "Custom Entrypoints" + schema: + additional_attrs: true + type: dict + attrs: + - variable: enabled + label: "Enable the port" + schema: + type: boolean + default: true + hidden: true + - variable: name + label: "Entrypoints Name" + schema: + type: string + default: "" + - variable: protocol + label: "Entrypoints Type" + schema: + type: string + default: "TCP" + enum: + - value: HTTP + description: "HTTP" + - value: "HTTPS" + description: "HTTPS" + - value: TCP + description: "TCP" + - variable: port + label: "Port" + description: "This port exposes the container port on the service" + schema: + type: int + required: true + - variable: tls + label: "websecure Entrypoints Configuration" + schema: + additional_attrs: true + type: dict + attrs: + - variable: enabled + label: "Enabled" + schema: + type: boolean + default: true + - variable: redirectPort + label: "Redirect to Port" + schema: + type: int + - variable: redirectTo + label: "Redirect to Entrypoint" + schema: + type: string + - variable: forwardedHeaders + label: Accept Forwarded Headers + schema: + additional_attrs: true + type: dict + attrs: + - variable: enabled + label: Enable + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: trustedIPs + label: Trusted IPs + description: Trust Forwarded Headers from specific IPs. + schema: + type: list + default: [] + items: + - variable: trustedIPsEntry + label: "" + schema: + type: string + required: true + default: "" + - variable: insecureMode + label: Insecure Mode + description: Always Trust Forwarded Headers + schema: + type: boolean + default: false + - variable: proxyProtocol + label: Accept Proxy Protocol connections + description: If Proxy Protocol header parsing is enabled for the entry point, this entry point can accept connections with or without Proxy Protocol headers. + schema: + additional_attrs: true + type: dict + attrs: + - variable: enabled + label: Enable + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: trustedIPs + label: Trusted IPs + description: Only IPs in trustedIPs will lead to remote client address replacement + schema: + type: list + default: [] + items: + - variable: trustedIPsEntry + label: "" + schema: + type: string + required: true + default: "" + - variable: insecureMode + label: Insecure Mode + description: Trust every incoming connection + schema: + type: boolean + default: false + - variable: ingress + label: "" + group: Ingress + schema: + additional_attrs: true + type: dict + attrs: + - variable: main + label: "Main Ingress" + schema: + additional_attrs: true + type: dict + attrs: + - variable: enabled + label: Enable Ingress + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: hosts + label: Hosts + schema: + type: list + default: [] + items: + - variable: hostEntry + label: Host + schema: + additional_attrs: true + type: dict + attrs: + - variable: host + label: HostName + schema: + type: string + default: "" + required: true + - variable: paths + label: Paths + schema: + type: list + default: [] + items: + - variable: pathEntry + label: Host + schema: + additional_attrs: true + type: dict + attrs: + - variable: path + label: Path + schema: + type: string + required: true + default: "/" + - variable: pathType + label: Path Type + schema: + type: string + required: true + default: Prefix + - variable: tls + label: TLS-Settings + schema: + type: list + default: [] + items: + - variable: tlsEntry + label: Host + schema: + additional_attrs: true + type: dict + attrs: + - variable: hosts + label: Certificate Hosts + schema: + type: list + default: [] + items: + - variable: host + label: Host + schema: + type: string + default: "" + required: true + - variable: scaleCert + label: Select TrueNAS SCALE Certificate + schema: + type: int + $ref: + - "definitions/certificate" + - variable: entrypoint + label: (Advanced) Traefik Entrypoint + description: Entrypoint used by Traefik when using Traefik as Ingress Provider + schema: + type: string + default: websecure + required: true + - variable: middlewares + label: Traefik Middlewares + description: Add previously created Traefik Middlewares to this Ingress + schema: + type: list + default: [] + items: + - variable: name + label: Name + schema: + type: string + default: "" + required: true + - variable: expert + label: Show Expert Configuration Options + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: enableFixedMiddlewares + description: These middlewares enforce a number of best practices. + label: Enable Default Middlewares + schema: + type: boolean + default: true + - variable: ingressClassName + label: IngressClass Name + schema: + type: string + default: "" + - variable: labelsList + label: Labels + schema: + type: list + default: [] + items: + - variable: labelItem + label: Label + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: Name + schema: + type: string + - variable: value + label: Value + schema: + type: string + - variable: annotationsList + label: Annotations + schema: + type: list + default: [] + items: + - variable: annotationItem + label: Label + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: Name + schema: + type: string + - variable: value + label: Value + schema: + type: string + - variable: ingressList + label: Add Manual Custom Ingresses + group: Ingress + schema: + type: list + default: [] + items: + - variable: ingressListEntry + label: Custom Ingress + schema: + additional_attrs: true + type: dict + attrs: + - variable: enabled + label: Enable Ingress + schema: + type: boolean + default: true + hidden: true + - variable: name + label: Name + schema: + type: string + default: "" + - variable: ingressClassName + label: IngressClass Name + schema: + type: string + default: "" + - variable: labelsList + label: Labels + schema: + type: list + default: [] + items: + - variable: labelItem + label: Label + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: Name + schema: + type: string + - variable: value + label: Value + schema: + type: string + - variable: annotationsList + label: Annotations + schema: + type: list + default: [] + items: + - variable: annotationItem + label: Label + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: Name + schema: + type: string + - variable: value + label: Value + schema: + type: string + - variable: hosts + label: Hosts + schema: + type: list + default: [] + items: + - variable: hostEntry + label: Host + schema: + additional_attrs: true + type: dict + attrs: + - variable: host + label: HostName + schema: + type: string + default: "" + required: true + - variable: paths + label: Paths + schema: + type: list + default: [] + items: + - variable: pathEntry + label: Host + schema: + additional_attrs: true + type: dict + attrs: + - variable: path + label: Path + schema: + type: string + required: true + default: "/" + - variable: pathType + label: Path Type + schema: + type: string + required: true + default: Prefix + - variable: service + label: Linked Service + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: Service Name + schema: + type: string + default: "" + - variable: port + label: Service Port + schema: + type: int + - variable: tls + label: TLS-Settings + schema: + type: list + default: [] + items: + - variable: tlsEntry + label: Host + schema: + additional_attrs: true + type: dict + attrs: + - variable: hosts + label: Certificate Hosts + schema: + type: list + default: [] + items: + - variable: host + label: Host + schema: + type: string + default: "" + required: true + - variable: scaleCert + label: Select TrueNAS SCALE Certificate + schema: + type: int + $ref: + - "definitions/certificate" + - variable: entrypoint + label: Traefik Entrypoint + description: Entrypoint used by Traefik when using Traefik as Ingress Provider + schema: + type: string + default: websecure + required: true + - variable: middlewares + label: Traefik Middlewares + description: Add previously created Traefik Middlewares to this Ingress + schema: + type: list + default: [] + items: + - variable: name + label: Name + schema: + type: string + default: "" + required: true + - variable: security + label: Container Security Settings + group: Security and Permissions + schema: + type: dict + additional_attrs: true + attrs: + - variable: editsecurity + label: Change PUID / UMASK values + description: By enabling this you override default set values. + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: PUID + label: Process User ID - PUID + description: When supported by the container, this sets the User ID running the Application Process. Not supported by all Apps + schema: + type: int + default: 568 + - variable: UMASK + label: UMASK + description: When supported by the container, this sets the UMASK for the App. Not supported by all Apps + schema: + type: string + default: "002" + - variable: advancedSecurity + label: Show Advanced Security Settings + group: Security and Permissions + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: securityContext + label: Security Context + schema: + additional_attrs: true + type: dict + attrs: + - variable: privileged + label: "Privileged mode" + schema: + type: boolean + default: false + - variable: readOnlyRootFilesystem + label: "ReadOnly Root Filesystem" + schema: + type: boolean + default: true + - variable: allowPrivilegeEscalation + label: "Allow Privilege Escalation" + schema: + type: boolean + default: false + - variable: runAsNonRoot + label: "runAsNonRoot" + schema: + type: boolean + default: true + - variable: capabilities + label: Capabilities + schema: + additional_attrs: true + type: dict + attrs: + - variable: drop + label: Drop Capability + schema: + type: list + default: [] + items: + - variable: dropEntry + label: "" + schema: + type: string + - variable: add + label: Add Capability + schema: + type: list + default: [] + items: + - variable: addEntry + label: "" + schema: + type: string + - variable: podSecurityContext + group: Security and Permissions + label: Pod Security Context + schema: + additional_attrs: true + type: dict + attrs: + - variable: runAsUser + label: "runAsUser" + description: "The UserID of the user running the application" + schema: + type: int + default: 568 + - variable: runAsGroup + label: "runAsGroup" + description: "The groupID this App of the user running the application" + schema: + type: int + default: 568 + - variable: fsGroup + label: "fsGroup" + description: "The group that should own ALL storage." + schema: + type: int + default: 568 + - variable: fsGroupChangePolicy + label: "When should we take ownership?" + schema: + type: string + default: OnRootMismatch + enum: + - value: OnRootMismatch + description: OnRootMismatch + - value: Always + description: Always + - variable: supplementalGroups + label: Supplemental Groups + schema: + type: list + default: [] + items: + - variable: supplementalGroupsEntry + label: Supplemental Group + schema: + type: int + + - variable: advancedresources + label: Set Custom Resource Limits/Requests (Advanced) + group: Resources and Devices + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: resources + label: "" + schema: + additional_attrs: true + type: dict + attrs: + - variable: limits + label: Advanced Limit Resource Consumption + schema: + additional_attrs: true + type: dict + attrs: + - variable: cpu + label: CPU + description: "1000m means 1 hyperthread. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation" + schema: + type: string + default: 4000m + valid_chars: '^(?!^0(\.0|m|)$)([0-9]+)(\.[0-9]|m?)$' + - variable: memory + label: RAM + description: "1Gi means 1 Gibibyte RAM. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation" + schema: + type: string + default: 8Gi + valid_chars: '^(?!^0(e[0-9]|[EPTGMK]i?|)$)([0-9]+)(|[EPTGMK]i?|e[0-9]+)$' + - variable: requests + label: "Minimum Resources Required (request)" + schema: + additional_attrs: true + type: dict + attrs: + - variable: cpu + label: CPU + description: "1000m means 1 hyperthread. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation" + schema: + type: string + default: 10m + valid_chars: '^(?!^0(\.0|m|)$)([0-9]+)(\.[0-9]|m?)$' + - variable: memory + label: "RAM" + description: "1Gi means 1 Gibibyte RAM. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation" + schema: + type: string + default: 50Mi + valid_chars: '^(?!^0(e[0-9]|[EPTGMK]i?|)$)([0-9]+)(|[EPTGMK]i?|e[0-9]+)$' + - variable: deviceList + label: Mount USB Devices + group: Resources and Devices + schema: + type: list + default: [] + items: + - variable: deviceListEntry + label: Device + schema: + additional_attrs: true + type: dict + attrs: + - variable: enabled + label: Enable the Storage + schema: + type: boolean + default: true + - variable: type + label: (Advanced) Type of Storage + description: Sets the persistence type + schema: + type: string + default: hostPath + hidden: true + - variable: readOnly + label: readOnly + schema: + type: boolean + default: false + - variable: hostPath + label: Host Device Path + description: Path to the device on the host system + schema: + type: path + - variable: mountPath + label: Container Device Path + description: Path inside the container the device is mounted + schema: + type: string + default: "/dev/ttyACM0" + # Specify GPU configuration + - variable: scaleGPU + label: GPU Configuration + group: Resources and Devices + schema: + type: dict + $ref: + - "definitions/gpuConfiguration" + attrs: [] +# - variable: autoscaling +# group: Advanced +# label: (Advanced) Horizontal Pod Autoscaler +# schema: +# additional_attrs: true +# type: dict +# attrs: +# - variable: enabled +# label: Enabled +# schema: +# type: boolean +# default: false +# show_subquestions_if: true +# subquestions: +# - variable: target +# label: Target +# description: Deployment name, Defaults to Main Deployment +# schema: +# type: string +# default: "" +# - variable: minReplicas +# label: Minimum Replicas +# schema: +# type: int +# default: 1 +# - variable: maxReplicas +# label: Maximum Replicas +# schema: +# type: int +# default: 5 +# - variable: targetCPUUtilizationPercentage +# label: Target CPU Utilization Percentage +# schema: +# type: int +# default: 80 +# - variable: targetMemoryUtilizationPercentage +# label: Target Memory Utilization Percentage +# schema: +# type: int +# default: 80 +# - variable: networkPolicy +# group: Advanced +# label: (Advanced) Network Policy +# schema: +# additional_attrs: true +# type: dict +# attrs: +# - variable: enabled +# label: Enabled +# schema: +# type: boolean +# default: false +# show_subquestions_if: true +# subquestions: +# - variable: policyType +# label: Policy Type +# schema: +# type: string +# default: "" +# enum: +# - value: "" +# description: Default +# - value: ingress +# description: Ingress +# - value: egress +# description: Egress +# - value: ingress-egress +# description: Ingress and Egress +# - variable: egress +# label: Egress +# schema: +# type: list +# default: [] +# items: +# - variable: egressEntry +# label: "" +# schema: +# additional_attrs: true +# type: dict +# attrs: +# - variable: to +# label: To +# schema: +# type: list +# default: [] +# items: +# - variable: toEntry +# label: "" +# schema: +# additional_attrs: true +# type: dict +# attrs: +# - variable: ipBlock +# label: IP Block +# schema: +# additional_attrs: true +# type: dict +# attrs: +# - variable: cidr +# label: CIDR +# schema: +# type: string +# default: "" +# - variable: except +# label: Except +# schema: +# type: list +# default: [] +# items: +# - variable: exceptint +# label: "" +# schema: +# type: string +# - variable: namespaceSelector +# label: Namespace Selector +# schema: +# additional_attrs: true +# type: dict +# attrs: +# - variable: matchExpressions +# label: Match Expressions +# schema: +# type: list +# default: [] +# items: +# - variable: expressionEntry +# label: "" +# schema: +# additional_attrs: true +# type: dict +# attrs: +# - variable: key +# label: Key +# schema: +# type: string +# - variable: operator +# label: Operator +# schema: +# type: string +# default: TCP +# enum: +# - value: In +# description: In +# - value: NotIn +# description: NotIn +# - value: Exists +# description: Exists +# - value: DoesNotExist +# description: DoesNotExist +# - variable: values +# label: Values +# schema +# type: list +# default: [] +# items: +# - variable: value +# label: "" +# schema: +# type: string +# - variable: podSelector +# label: "" +# schema: +# additional_attrs: true +# type: dict +# attrs: +# - variable: matchExpressions +# label: Match Expressions +# schema: +# type: list +# default: [] +# items: +# - variable: expressionEntry +# label: "" +# schema: +# additional_attrs: true +# type: dict +# attrs: +# - variable: key +# label: Key +# schema: +# type: string +# - variable: operator +# label: Operator +# schema: +# type: string +# default: TCP +# enum: +# - value: In +# description: In +# - value: NotIn +# description: NotIn +# - value: Exists +# description: Exists +# - value: DoesNotExist +# description: DoesNotExist +# - variable: values +# label: Values +# schema: +# type: list +# default: [] +# items: +# - variable: value +# label: "" +# schema: +# type: string +# - variable: ports +# label: Ports +# schema: +# type: list +# default: [] +# items: +# - variable: portsEntry +# label: "" +# schema: +# additional_attrs: true +# type: dict +# attrs: +# - variable: port +# label: Port +# schema: +# type: int +# - variable: endPort +# label: End Port +# schema: +# type: int +# - variable: protocol +# label: Protocol +# schema: +# type: string +# default: TCP +# enum: +# - value: TCP +# description: TCP +# - value: UDP +# description: UDP +# - value: SCTP +# description: SCTP +# - variable: ingress +# label: Ingress +# schema: +# type: list +# default: [] +# items: +# - variable: ingressEntry +# label: "" +# schema: +# additional_attrs: true +# type: dict +# attrs: +# - variable: from +# label: From +# schema: +# type: list +# default: [] +# items: +# - variable: fromEntry +# label: "" +# schema: +# additional_attrs: true +# type: dict +# attrs: +# - variable: ipBlock +# label: IP Block +# schema: +# additional_attrs: true +# type: dict +# attrs: +# - variable: cidr +# label: CIDR +# schema: +# type: string +# default: "" +# - variable: except +# label: Except +# schema: +# type: list +# default: [] +# items: +# - variable: exceptint +# label: "" +# schema: +# type: string +# - variable: namespaceSelector +# label: Namespace Selector +# schema: +# additional_attrs: true +# type: dict +# attrs: +# - variable: matchExpressions +# label: Match Expressions +# schema: +# type: list +# default: [] +# items: +# - variable: expressionEntry +# label: "" +# schema: +# additional_attrs: true +# type: dict +# attrs: +# - variable: key +# label: Key +# schema: +# type: string +# - variable: operator +# label: Operator +# schema: +# type: string +# default: TCP +# enum: +# - value: In +# description: In +# - value: NotIn +# description: NotIn +# - value: Exists +# description: Exists +# - value: DoesNotExist +# description: DoesNotExist +# - variable: values +# label: Values +# schema: +# type: list +# default: [] +# items: +# - variable: value +# label: "" +# schema: +# type: string +# - variable: podSelector +# label: "" +# schema: +# additional_attrs: true +# type: dict +# attrs: +# - variable: matchExpressions +# label: Match Expressions +# schema: +# type: list +# default: [] +# items: +# - variable: expressionEntry +# label: "" +# schema: +# additional_attrs: true +# type: dict +# attrs: +# - variable: key +# label: Key +# schema: +# type: string +# - variable: operator +# label: Operator +# schema: +# type: string +# default: TCP +# enum: +# - value: In +# description: In +# - value: NotIn +# description: NotIn +# - value: Exists +# description: Exists +# - value: DoesNotExist +# description: DoesNotExist +# - variable: values +# label: Values +# schema: +# type: list +# default: [] +# items: +# - variable: value +# label: "" +# schema: +# type: string +# - variable: ports +# label: Ports +# schema: +# type: list +# default: [] +# items: +# - variable: portsEntry +# label: "" +# schema: +# additional_attrs: true +# type: dict +# attrs: +# - variable: port +# label: Port +# schema: +# type: int +# - variable: endPort +# label: End Port +# schema: +# type: int +# - variable: protocol +# label: Protocol +# schema: +# type: string +# default: TCP +# enum: +# - value: TCP +# description: TCP +# - value: UDP +# description: UDP +# - value: SCTP +# description: SCTP + + - variable: addons + group: Addons + label: "" + schema: + additional_attrs: true + type: dict + attrs: + - variable: vpn + label: VPN + schema: + additional_attrs: true + type: dict + attrs: + - variable: type + label: Type + schema: + type: string + default: disabled + enum: + - value: disabled + description: disabled + - value: openvpn + description: OpenVPN + - value: wireguard + description: Wireguard + - value: tailscale + description: Tailscale + - variable: openvpn + label: OpenVPN Settings + schema: + type: dict + show_if: [["type", "=", "openvpn"]] + attrs: + - variable: username + label: Authentication Username (Optional) + description: Authentication Username, Optional + schema: + type: string + default: "" + - variable: password + label: Authentication Password + description: Authentication Credentials + schema: + type: string + default: "" + required: true + - variable: tailscale + label: Tailscale Settings + schema: + type: dict + show_if: [["type", "=", "tailscale"]] + attrs: + - variable: authkey + label: Authentication Key + description: Provide an auth key to automatically authenticate the node as your user account. + schema: + type: string + private: true + default: "" + - variable: accept_dns + label: Accept DNS + description: Accept DNS configuration from the admin console. + schema: + type: boolean + default: false + - variable: userspace + label: Userspace + description: Userspace Networking mode allows running Tailscale where you do not have access to create a VPN tunnel device. + schema: + type: boolean + default: false + - variable: routes + label: Routes + description: Expose physical subnet routes to your entire Tailscale network. + schema: + type: string + default: "" + - variable: dest_ip + label: Destination IP + description: Tells the DNAT mechanism which Destination IP to set in the IP header, and where to send packets that are matched. + schema: + type: string + default: "" + - variable: sock5_server + label: Sock5 Server + description: Sock5 Server + schema: + type: string + default: "" + - variable: extra_args + label: Extra Args + description: Extra Args + schema: + type: string + default: "" + - variable: daemon_extra_args + label: Tailscale Daemon Extra Args + description: Tailscale Daemon Extra Args + schema: + type: string + default: "" + - variable: killSwitch + label: Enable Killswitch + schema: + type: boolean + show_if: [["type", "!=", "disabled"]] + default: true + - variable: excludedNetworks_IPv4 + label: Killswitch Excluded IPv4 networks + description: List of Killswitch Excluded IPv4 Addresses + schema: + type: list + show_if: [["type", "!=", "disabled"]] + default: [] + items: + - variable: networkv4 + label: IPv4 Network + schema: + type: string + required: true + - variable: excludedNetworks_IPv6 + label: Killswitch Excluded IPv6 networks + description: "List of Killswitch Excluded IPv6 Addresses" + schema: + type: list + show_if: [["type", "!=", "disabled"]] + default: [] + items: + - variable: networkv6 + label: IPv6 Network + schema: + type: string + required: true + - variable: configFile + label: VPN Config File Location + schema: + type: dict + show_if: [["type", "!=", "disabled"]] + attrs: + - variable: enabled + label: Enabled + schema: + type: boolean + default: true + hidden: true + - variable: type + label: Type + schema: + type: string + default: hostPath + hidden: true + - variable: hostPathType + label: hostPathType + schema: + type: string + default: File + hidden: true + - variable: noMount + label: noMount + schema: + type: boolean + default: true + hidden: true + - variable: hostPath + label: Full Path to File + description: "Path to your local VPN config file for example: /mnt/tank/vpn.conf or /mnt/tank/vpn.ovpn" + schema: + type: string + default: "" + - variable: envList + label: VPN Environment Variables + schema: + type: list + show_if: [["type", "!=", "disabled"]] + default: [] + items: + - variable: envItem + label: Environment Variable + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: Name + schema: + type: string + required: true + - variable: value + label: Value + schema: + type: string + required: true + - variable: codeserver + label: Codeserver + schema: + additional_attrs: true + type: dict + attrs: + - variable: enabled + label: Enabled + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: git + label: Git Settings + schema: + additional_attrs: true + type: dict + attrs: + - variable: deployKey + description: Raw SSH Private Key + label: Deploy Key + schema: + type: string + - variable: deployKeyBase64 + description: Base64-encoded SSH private key. When both variables are set, the raw SSH key takes precedence + label: Deploy Key Base64 + schema: + type: string + - variable: service + label: "" + schema: + additional_attrs: true + type: dict + attrs: + - variable: type + label: Service Type + description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer" + schema: + type: string + default: LoadBalancer + enum: + - value: NodePort + description: Deprecated CHANGE THIS + - value: ClusterIP + description: ClusterIP + - value: LoadBalancer + description: LoadBalancer + - variable: loadBalancerIP + label: LoadBalancer IP + description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB" + schema: + show_if: [["type", "=", "LoadBalancer"]] + type: string + default: "" + - variable: advancedsvcset + label: Show Advanced Service Settings + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: externalIPs + label: "External IP's" + description: "External IP's" + schema: + type: list + default: [] + items: + - variable: externalIP + label: External IP + schema: + type: string + - variable: ipFamilyPolicy + label: IP Family Policy + description: Specify the IP Policy + schema: + type: string + default: SingleStack + enum: + - value: SingleStack + description: SingleStack + - value: PreferDualStack + description: PreferDualStack + - value: RequireDualStack + description: RequireDualStack + - variable: ipFamilies + label: IP Families + description: (Advanced) The IP Families that should be used + schema: + type: list + default: [] + items: + - variable: ipFamily + label: IP Family + schema: + type: string + - variable: ports + label: "" + schema: + additional_attrs: true + type: dict + attrs: + - variable: codeserver + label: "" + schema: + additional_attrs: true + type: dict + attrs: + - variable: port + label: Port + schema: + type: int + default: 36107 + - variable: nodePort + description: Leave Empty to Disable + label: nodePort DEPRECATED + schema: + type: int + default: 36107 + - variable: envList + label: Codeserver Environment Variables + schema: + type: list + show_if: [["type", "!=", "disabled"]] + default: [] + items: + - variable: envItem + label: Environment Variable + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: Name + schema: + type: string + required: true + - variable: value + label: Value + schema: + type: string + required: true + - variable: promtail + label: Promtail + schema: + additional_attrs: true + type: dict + attrs: + - variable: enabled + label: Enabled + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: loki + label: Loki URL + schema: + type: string + required: true + - variable: logs + label: Log Paths + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: Name + schema: + type: string + required: true + - variable: path + label: Path + schema: + type: string + required: true + - variable: args + label: Promtail Command Line Arguments + schema: + type: list + show_if: [["type", "!=", "disabled"]] + default: [] + items: + - variable: arg + label: Arg + schema: + type: string + required: true + - variable: envList + label: Promtail Environment Variables + schema: + type: list + show_if: [["type", "!=", "disabled"]] + default: [] + items: + - variable: envItem + label: Environment Variable + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: Name + schema: + type: string + required: true + - variable: value + label: Value + schema: + type: string + required: true + - variable: netshoot + label: Netshoot + schema: + additional_attrs: true + type: dict + attrs: + - variable: enabled + label: Enabled + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: envList + label: Netshoot Environment Variables + schema: + type: list + show_if: [["type", "!=", "disabled"]] + default: [] + items: + - variable: envItem + label: Environment Variable + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: Name + schema: + type: string + required: true + - variable: value + label: Value + schema: + type: string + required: true + - variable: docs + group: Documentation + label: Please read the documentation at https://truecharts.org + description: Please read the documentation at +
https://truecharts.org + schema: + additional_attrs: true + type: dict + attrs: + - variable: confirmDocs + label: I have checked the documentation + schema: + type: boolean + default: true + - variable: donateNag + group: Documentation + label: Please consider supporting TrueCharts, see https://truecharts.org/docs/about/sponsor + description: Please consider supporting TrueCharts, see +
https://truecharts.org/sponsor + schema: + additional_attrs: true + type: dict + attrs: + - variable: confirmDonate + label: I have considered donating + schema: + type: boolean + default: true + hidden: true diff --git a/stable/traefik/13.3.11/templates/_args.tpl b/stable/traefik/13.3.11/templates/_args.tpl new file mode 100644 index 00000000000..68c640bf0df --- /dev/null +++ b/stable/traefik/13.3.11/templates/_args.tpl @@ -0,0 +1,166 @@ +{{/* Define the args */}} +{{- define "traefik.args" -}} +args: + {{/* merge all ports */}} + {{- $ports := dict }} + {{- range $.Values.service }} + {{- range $name, $value := .ports }} + {{- $_ := set $ports $name $value }} + {{- end }} + {{- end }} + {{/* start of actual arguments */}} + {{- with .Values.globalArguments }} + {{- range . }} + - {{ . | quote }} + {{- end }} + {{- end }} + {{- range $name, $config := $ports }} + {{- if $config }} + {{- if or ( eq $config.protocol "HTTP" ) ( eq $config.protocol "HTTPS" ) ( eq $config.protocol "TCP" ) }} + {{- $_ := set $config "protocol" "TCP" }} + {{- end }} + - "--entryPoints.{{$name}}.address=:{{ $config.port }}/{{ default "tcp" $config.protocol | lower }}" + {{- end }} + {{- end }} + - "--api.dashboard=true" + - "--ping=true" + {{- if .Values.metrics }} + {{- if .Values.metrics.datadog }} + - "--metrics.datadog=true" + - "--metrics.datadog.address={{ .Values.metrics.datadog.address }}" + {{- end }} + {{- if .Values.metrics.influxdb }} + - "--metrics.influxdb=true" + - "--metrics.influxdb.address={{ .Values.metrics.influxdb.address }}" + - "--metrics.influxdb.protocol={{ .Values.metrics.influxdb.protocol }}" + {{- end }} + {{- if .Values.metrics.prometheus }} + - "--metrics.prometheus=true" + - "--metrics.prometheus.entrypoint={{ .Values.metrics.prometheus.entryPoint }}" + {{- end }} + {{- if .Values.metrics.statsd }} + - "--metrics.statsd=true" + - "--metrics.statsd.address={{ .Values.metrics.statsd.address }}" + {{- end }} + {{- end }} + {{- if .Values.providers.kubernetesCRD.enabled }} + - "--providers.kubernetescrd" + {{- end }} + {{- if .Values.providers.kubernetesIngress.enabled }} + - "--providers.kubernetesingress" + {{- if .Values.providers.kubernetesIngress.publishedService.enabled }} + - "--providers.kubernetesingress.ingressendpoint.publishedservice={{ template "providers.kubernetesIngress.publishedServicePath" . }}" + {{- end }} + {{- if .Values.providers.kubernetesIngress.labelSelector }} + - "--providers.kubernetesingress.labelSelector={{ .Values.providers.kubernetesIngress.labelSelector }}" + {{- end }} + {{- end }} + {{- if and .Values.rbac.enabled .Values.rbac.namespaced }} + {{- if .Values.providers.kubernetesCRD.enabled }} + - "--providers.kubernetescrd.namespaces={{ template "providers.kubernetesCRD.namespaces" . }}" + {{- end }} + {{- if .Values.providers.kubernetesIngress.enabled }} + - "--providers.kubernetesingress.namespaces={{ template "providers.kubernetesIngress.namespaces" . }}" + {{- end }} + {{- end }} + {{- if .Values.ingressClass.enabled }} + - "--providers.kubernetesingress.ingressclass={{ .Release.Name }}" + {{- end }} + {{- range $entrypoint, $config := $ports }} + {{/* add args for proxyProtocol support */}} + {{- if $config.proxyProtocol }} + {{- if $config.proxyProtocol.enabled }} + {{- if $config.proxyProtocol.insecureMode }} + - "--entrypoints.{{ $entrypoint }}.proxyProtocol.insecure" + {{- end }} + {{- if not ( empty $config.proxyProtocol.trustedIPs ) }} + - "--entrypoints.{{ $entrypoint }}.proxyProtocol.trustedIPs={{ join "," $config.proxyProtocol.trustedIPs }}" + {{- end }} + {{- end }} + {{- end }} + {{/* add args for forwardedHeaders support */}} + {{- if $config.forwardedHeaders.enabled }} + {{- if not ( empty $config.forwardedHeaders.trustedIPs ) }} + - "--entrypoints.{{ $entrypoint }}.forwardedHeaders.trustedIPs={{ join "," $config.forwardedHeaders.trustedIPs }}" + {{- end }} + {{- if $config.forwardedHeaders.insecureMode }} + - "--entrypoints.{{ $entrypoint }}.forwardedHeaders.insecure" + {{- end }} + {{- end }} + {{/* end forwardedHeaders configuration */}} + {{- if $config.redirectTo }} + {{- $toPort := index $ports $config.redirectTo }} + - "--entrypoints.{{ $entrypoint }}.http.redirections.entryPoint.to=:{{ $toPort.port }}" + - "--entrypoints.{{ $entrypoint }}.http.redirections.entryPoint.scheme=https" + {{- else if $config.redirectPort }} + {{ if gt $config.redirectPort 0.0 }} + - "--entrypoints.{{ $entrypoint }}.http.redirections.entryPoint.to=:{{ $config.redirectPort }}" + - "--entrypoints.{{ $entrypoint }}.http.redirections.entryPoint.scheme=https" + {{- end }} + {{- end }} + {{- if or ( $config.tls ) ( eq $config.protocol "HTTPS" ) }} + {{- if or ( $config.tls.enabled ) ( eq $config.protocol "HTTPS" ) }} + - "--entrypoints.{{ $entrypoint }}.http.tls=true" + {{- if $config.tls.options }} + - "--entrypoints.{{ $entrypoint }}.http.tls.options={{ $config.tls.options }}" + {{- end }} + {{- if $config.tls.certResolver }} + - "--entrypoints.{{ $entrypoint }}.http.tls.certResolver={{ $config.tls.certResolver }}" + {{- end }} + {{- if $config.tls.domains }} + {{- range $index, $domain := $config.tls.domains }} + {{- if $domain.main }} + - "--entrypoints.{{ $entrypoint }}.http.tls.domains[{{ $index }}].main={{ $domain.main }}" + {{- end }} + {{- if $domain.sans }} + - "--entrypoints.{{ $entrypoint }}.http.tls.domains[{{ $index }}].sans={{ join "," $domain.sans }}" + {{- end }} + {{- end }} + {{- end }} + {{- end }} + {{- end }} + {{- end }} + {{- with .Values.logs }} + - "--log.format={{ .general.format }}" + {{- if ne .general.level "ERROR" }} + - "--log.level={{ .general.level | upper }}" + {{- end }} + {{- if .access.enabled }} + - "--accesslog=true" + - "--accesslog.format={{ .access.format }}" + {{- if .access.bufferingsize }} + - "--accesslog.bufferingsize={{ .access.bufferingsize }}" + {{- end }} + {{- if .access.filters }} + {{- if .access.filters.statuscodes }} + - "--accesslog.filters.statuscodes={{ .access.filters.statuscodes }}" + {{- end }} + {{- if .access.filters.retryattempts }} + - "--accesslog.filters.retryattempts" + {{- end }} + {{- if .access.filters.minduration }} + - "--accesslog.filters.minduration={{ .access.filters.minduration }}" + {{- end }} + {{- end }} + - "--accesslog.fields.defaultmode={{ .access.fields.general.defaultmode }}" + {{- range $fieldname, $fieldaction := .access.fields.general.names }} + - "--accesslog.fields.names.{{ $fieldname }}={{ $fieldaction }}" + {{- end }} + - "--accesslog.fields.headers.defaultmode={{ .access.fields.headers.defaultmode }}" + {{- range $fieldname, $fieldaction := .access.fields.headers.names }} + - "--accesslog.fields.headers.names.{{ $fieldname }}={{ $fieldaction }}" + {{- end }} + {{- end }} + {{- end }} + {{/* theme.park */}} + {{- if .Values.middlewares.themePark }} + - "--experimental.plugins.traefik-themepark.modulename=github.com/packruler/traefik-themepark" + - "--experimental.plugins.traefik-themepark.version={{ .Values.middlewares.themeParkVersion }}" + {{- end }} + {{/* End of theme.park */}} + {{- with .Values.additionalArguments }} + {{- range . }} + - {{ . | quote }} + {{- end }} + {{- end }} +{{- end -}} diff --git a/stable/traefik/13.3.11/templates/_helpers.tpl b/stable/traefik/13.3.11/templates/_helpers.tpl new file mode 100644 index 00000000000..ab55e4e7ec6 --- /dev/null +++ b/stable/traefik/13.3.11/templates/_helpers.tpl @@ -0,0 +1,22 @@ +{{/* +Construct the path for the providers.kubernetesingress.ingressendpoint.publishedservice. +By convention this will simply use the / to match the name of the +service generated. +Users can provide an override for an explicit service they want bound via `.Values.providers.kubernetesIngress.publishedService.pathOverride` +*/}} +{{- define "providers.kubernetesIngress.publishedServicePath" -}} +{{- $fullName := include "tc.common.names.fullname" . -}} +{{- $defServiceName := printf "%s/%s-tcp" .Release.Namespace $fullName -}} +{{- $servicePath := default $defServiceName .Values.providers.kubernetesIngress.publishedService.pathOverride }} +{{- print $servicePath | trimSuffix "-" -}} +{{- end -}} + +{{/* +Construct a comma-separated list of whitelisted namespaces +*/}} +{{- define "providers.kubernetesIngress.namespaces" -}} +{{- default .Release.Namespace (join "," .Values.providers.kubernetesIngress.namespaces) }} +{{- end -}} +{{- define "providers.kubernetesCRD.namespaces" -}} +{{- default .Release.Namespace (join "," .Values.providers.kubernetesCRD.namespaces) }} +{{- end -}} diff --git a/stable/traefik/13.3.11/templates/_ingressclass.tpl b/stable/traefik/13.3.11/templates/_ingressclass.tpl new file mode 100644 index 00000000000..909e249d6a5 --- /dev/null +++ b/stable/traefik/13.3.11/templates/_ingressclass.tpl @@ -0,0 +1,24 @@ +{{/* Define the ingressClass */}} +{{- define "traefik.ingressClass" -}} +--- +{{ if .Values.ingressClass.enabled }} + {{- if .Capabilities.APIVersions.Has "networking.k8s.io/v1/IngressClass" }} +apiVersion: networking.k8s.io/v1 + {{- else if .Capabilities.APIVersions.Has "networking.k8s.io/v1beta1/IngressClass" }} +apiVersion: networking.k8s.io/v1beta1 + {{- else if or (eq .Values.ingressClass.fallbackApiVersion "v1beta1") (eq .Values.ingressClass.fallbackApiVersion "v1") }} +apiVersion: {{ printf "networking.k8s.io/%s" .Values.ingressClass.fallbackApiVersion }} + {{- else }} + {{- fail "\n\n ERROR: You must have at least networking.k8s.io/v1beta1 to use ingressClass" }} + {{- end }} +kind: IngressClass +metadata: + annotations: + ingressclass.kubernetes.io/is-default-class: {{ .Values.ingressClass.isDefaultClass | quote }} + labels: + {{- include "tc.common.labels" . | nindent 4 }} + name: {{ .Release.Name }} +spec: + controller: traefik.io/ingress-controller +{{- end }} +{{- end }} diff --git a/stable/traefik/13.3.11/templates/_ingressroute.tpl b/stable/traefik/13.3.11/templates/_ingressroute.tpl new file mode 100644 index 00000000000..7f012c92350 --- /dev/null +++ b/stable/traefik/13.3.11/templates/_ingressroute.tpl @@ -0,0 +1,25 @@ +{{/* Define the ingressRoute */}} +{{- define "traefik.ingressRoute" -}} +{{ if .Values.ingressRoute.dashboard.enabled }} +--- +apiVersion: traefik.containo.us/v1alpha1 +kind: IngressRoute +metadata: + name: {{ include "tc.common.names.fullname" . }}-dashboard + annotations: + {{- with .Values.ingressRoute.dashboard.annotations }} + {{- toYaml . | nindent 4 }} + {{- end }} + labels: + {{- include "tc.common.labels" . | nindent 4 }} +spec: + entryPoints: + - main + routes: + - match: PathPrefix(`/dashboard`) || PathPrefix(`/api`) + kind: Rule + services: + - name: api@internal + kind: TraefikService +{{ end }} +{{- end -}} diff --git a/stable/traefik/13.3.11/templates/_portalhook.tpl b/stable/traefik/13.3.11/templates/_portalhook.tpl new file mode 100644 index 00000000000..e3586c5d4e9 --- /dev/null +++ b/stable/traefik/13.3.11/templates/_portalhook.tpl @@ -0,0 +1,26 @@ +{{/* Define the portalHook */}} +{{- define "traefik.portalhook" -}} +{{- if .Values.portalhook.enabled }} +{{- $namespace := ( printf "ix-%s" .Release.Name ) }} +{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }} +{{- $namespace = "default" }} +{{- end }} +--- + +apiVersion: v1 +kind: ConfigMap +metadata: + name: portalhook + namespace: {{ $namespace }} +data: + {{- $ports := dict }} + {{- range $.Values.service }} + {{- range $name, $value := .ports }} + {{- $_ := set $ports $name $value }} + {{- end }} + {{- end }} + {{- range $name, $value := $ports }} + {{ $name }}: {{ $value.port | quote }} + {{- end }} +{{- end }} +{{- end -}} diff --git a/stable/traefik/13.3.11/templates/_tlsoptions.tpl b/stable/traefik/13.3.11/templates/_tlsoptions.tpl new file mode 100644 index 00000000000..3e5aad3bee9 --- /dev/null +++ b/stable/traefik/13.3.11/templates/_tlsoptions.tpl @@ -0,0 +1,12 @@ +{{/* Define the tlsOptions */}} +{{- define "traefik.tlsOptions" -}} +{{- range $name, $config := .Values.tlsOptions }} +--- +apiVersion: traefik.containo.us/v1alpha1 +kind: TLSOption +metadata: + name: {{ $name }} +spec: + {{- toYaml $config | nindent 2 }} +{{- end }} +{{- end -}} diff --git a/stable/traefik/13.3.11/templates/common.yaml b/stable/traefik/13.3.11/templates/common.yaml new file mode 100644 index 00000000000..c933a3d08e0 --- /dev/null +++ b/stable/traefik/13.3.11/templates/common.yaml @@ -0,0 +1,24 @@ +{{/* Make sure all variables are set properly */}} +{{- include "tc.common.loader.init" . }} + +{{- if .Values.metrics }} +{{- if .Values.metrics.prometheus }} +{{- $_ := set .Values.podAnnotations "prometheus.io/scrape" "true" -}} +{{- $_ := set .Values.podAnnotations "prometheus.io/path" "/metrics" -}} +{{- $_ := set .Values.podAnnotations "prometheus.io/port" "9180" -}} +{{- end }} +{{- end }} + +{{- $newArgs := (include "traefik.args" . | fromYaml) }} +{{- $_ := set .Values "newArgs" $newArgs -}} +{{- $mergedargs := concat .Values.args .Values.newArgs.args }} +{{- $_ := set .Values "args" $mergedargs -}} + +{{- include "traefik.portalhook" . }} +{{- include "traefik.tlsOptions" . }} +{{- include "traefik.ingressRoute" . }} +{{- include "traefik.ingressClass" . }} + + +{{/* Render the templates */}} +{{ include "tc.common.loader.apply" . }} diff --git a/stable/traefik/13.3.11/templates/middlewares/basic-middleware.yaml b/stable/traefik/13.3.11/templates/middlewares/basic-middleware.yaml new file mode 100644 index 00000000000..9ba8e5c5d93 --- /dev/null +++ b/stable/traefik/13.3.11/templates/middlewares/basic-middleware.yaml @@ -0,0 +1,62 @@ +{{- $values := .Values }} +{{- $namespace := ( printf "ix-%s" .Release.Name ) }} +{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }} +{{- $namespace = "default" }} +{{- end }} +--- +apiVersion: traefik.containo.us/v1alpha1 +kind: Middleware +metadata: + name: compress + namespace: {{ $namespace }} +spec: + compress: {} +--- +# Here, an average of 300 requests per second is allowed. +# In addition, a burst of 200 requests is allowed. +apiVersion: traefik.containo.us/v1alpha1 +kind: Middleware +metadata: + name: basic-ratelimit + namespace: {{ $namespace }} +spec: + rateLimit: + average: 600 + burst: 400 +--- +apiVersion: traefik.containo.us/v1alpha1 +kind: Middleware +metadata: + name: basic-secure-headers + namespace: {{ $namespace }} +spec: + headers: + accessControlAllowMethods: + - GET + - OPTIONS + - HEAD + - PUT + accessControlMaxAge: 100 + stsSeconds: 63072000 + # stsIncludeSubdomains: false + # stsPreload: false + forceSTSHeader: true + contentTypeNosniff: true + browserXssFilter: true + referrerPolicy: same-origin + customRequestHeaders: + X-Forwarded-Proto: "https" + customResponseHeaders: + server: '' +--- +apiVersion: traefik.containo.us/v1alpha1 +kind: Middleware +metadata: + name: chain-basic + namespace: {{ $namespace }} +spec: + chain: + middlewares: + - name: basic-ratelimit + - name: basic-secure-headers + - name: compress diff --git a/stable/traefik/13.3.11/templates/middlewares/basicauth.yaml b/stable/traefik/13.3.11/templates/middlewares/basicauth.yaml new file mode 100644 index 00000000000..ccb541742f0 --- /dev/null +++ b/stable/traefik/13.3.11/templates/middlewares/basicauth.yaml @@ -0,0 +1,34 @@ +{{- $values := .Values }} +{{- $namespace := ( printf "ix-%s" .Release.Name ) }} +{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }} +{{- $namespace = "default" }} +{{- end }} +{{ range $index, $middlewareData := .Values.middlewares.basicAuth }} +--- +{{- $users := list }} +{{ range $index, $userdata := $middlewareData.users }} + {{ $users = append $users ( htpasswd $userdata.username $userdata.password ) }} +{{ end }} + +apiVersion: v1 +kind: Secret +metadata: + name: {{printf "%v-%v" $middlewareData.name "secret" }} + namespace: {{ $namespace }} +type: Opaque +stringData: + users: | + {{- range $index, $user := $users }} + {{ printf "%s" $user }} + {{- end }} +--- +# Declaring the user list +apiVersion: traefik.containo.us/v1alpha1 +kind: Middleware +metadata: + name: {{ $middlewareData.name }} + namespace: {{ $namespace }} +spec: + basicAuth: + secret: {{printf "%v-%v" $middlewareData.name "secret" }} +{{ end }} diff --git a/stable/traefik/13.3.11/templates/middlewares/chain.yaml b/stable/traefik/13.3.11/templates/middlewares/chain.yaml new file mode 100644 index 00000000000..f87994f7956 --- /dev/null +++ b/stable/traefik/13.3.11/templates/middlewares/chain.yaml @@ -0,0 +1,21 @@ +{{- $values := .Values }} +{{- $namespace := ( printf "ix-%s" .Release.Name ) }} +{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }} +{{- $namespace = "default" }} +{{- end }} +{{ range $index, $middlewareData := .Values.middlewares.chain }} + +--- +# Declaring the user list +apiVersion: traefik.containo.us/v1alpha1 +kind: Middleware +metadata: + name: {{ $middlewareData.name }} + namespace: {{ $namespace }} +spec: + chain: + middlewares: + {{ range $index, $middleware := .middlewares }} + - name: {{ printf "%v-%v@%v" $namespace $middleware "kubernetescrd" }} + {{ end }} +{{ end }} diff --git a/stable/traefik/13.3.11/templates/middlewares/forwardauth.yaml b/stable/traefik/13.3.11/templates/middlewares/forwardauth.yaml new file mode 100644 index 00000000000..7a3e32fdbf7 --- /dev/null +++ b/stable/traefik/13.3.11/templates/middlewares/forwardauth.yaml @@ -0,0 +1,30 @@ +{{- $values := .Values }} +{{- $namespace := ( printf "ix-%s" .Release.Name ) }} +{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }} +{{- $namespace = "default" }} +{{- end }} +{{ range $index, $middlewareData := .Values.middlewares.forwardAuth }} +--- +apiVersion: traefik.containo.us/v1alpha1 +kind: Middleware +metadata: + name: {{ $middlewareData.name }} + namespace: {{ $namespace }} +spec: + forwardAuth: + address: {{ $middlewareData.address }} + {{- with $middlewareData.authResponseHeaders }} + authResponseHeaders: + {{- toYaml . | nindent 4 }} + {{- end }} + {{- with $middlewareData.authRequestHeaders }} + authRequestHeaders: + {{- toYaml . | nindent 4 }} + {{- end }} + {{- if $middlewareData.authResponseHeadersRegex }} + authResponseHeadersRegex: {{ $middlewareData.authResponseHeadersRegex }} + {{- end }} + {{- if $middlewareData.trustForwardHeader }} + trustForwardHeader: true + {{- end }} +{{ end }} diff --git a/stable/traefik/13.3.11/templates/middlewares/ipwhitelist.yaml b/stable/traefik/13.3.11/templates/middlewares/ipwhitelist.yaml new file mode 100644 index 00000000000..1179245017e --- /dev/null +++ b/stable/traefik/13.3.11/templates/middlewares/ipwhitelist.yaml @@ -0,0 +1,33 @@ +{{- $values := .Values }} +{{- $namespace := ( printf "ix-%s" .Release.Name ) }} +{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }} +{{- $namespace = "default" }} +{{- end }} +{{ range $index, $middlewareData := .Values.middlewares.ipWhiteList }} + +--- +# Declaring the user list +apiVersion: traefik.containo.us/v1alpha1 +kind: Middleware +metadata: + name: {{ $middlewareData.name }} + namespace: {{ $namespace }} +spec: + ipWhiteList: + sourceRange: + {{- range $middlewareData.sourceRange }} + - {{ . }} + {{- end }} + {{- if $middlewareData.ipStrategy }} + ipStrategy: + {{- if $middlewareData.ipStrategy.depth }} + depth: {{ $middlewareData.ipStrategy.depth }} + {{- end }} + {{- if $middlewareData.ipStrategy.excludedIPs }} + excludedIPs: + {{- range $middlewareData.ipStrategy.excludedIPs }} + - {{ . }} + {{- end }} + {{- end }} + {{- end }} +{{ end }} diff --git a/stable/traefik/13.3.11/templates/middlewares/ratelimit.yaml b/stable/traefik/13.3.11/templates/middlewares/ratelimit.yaml new file mode 100644 index 00000000000..144b9d8bf38 --- /dev/null +++ b/stable/traefik/13.3.11/templates/middlewares/ratelimit.yaml @@ -0,0 +1,19 @@ +{{- $values := .Values }} +{{- $namespace := ( printf "ix-%s" .Release.Name ) }} +{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }} +{{- $namespace = "default" }} +{{- end }} +{{ range $index, $middlewareData := .Values.middlewares.rateLimit }} + +--- +# Declaring the user list +apiVersion: traefik.containo.us/v1alpha1 +kind: Middleware +metadata: + name: {{ $middlewareData.name }} + namespace: {{ $namespace }} +spec: + rateLimit: + average: {{ $middlewareData.average }} + burst: {{ $middlewareData.burst }} +{{ end }} diff --git a/stable/traefik/13.3.11/templates/middlewares/redirectScheme.yaml b/stable/traefik/13.3.11/templates/middlewares/redirectScheme.yaml new file mode 100644 index 00000000000..f2413f84e19 --- /dev/null +++ b/stable/traefik/13.3.11/templates/middlewares/redirectScheme.yaml @@ -0,0 +1,19 @@ +{{- $values := .Values }} +{{- $namespace := ( printf "ix-%s" .Release.Name ) }} +{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }} +{{- $namespace = "default" }} +{{- end }} +{{ range $index, $middlewareData := .Values.middlewares.redirectScheme }} + +--- +# Declaring the user list +apiVersion: traefik.containo.us/v1alpha1 +kind: Middleware +metadata: + name: {{ $middlewareData.name }} + namespace: {{ $namespace }} +spec: + redirectScheme: + scheme: {{ $middlewareData.scheme }} + permanent: {{ $middlewareData.permanent }} +{{ end }} diff --git a/stable/traefik/13.3.11/templates/middlewares/redirectregex.yaml b/stable/traefik/13.3.11/templates/middlewares/redirectregex.yaml new file mode 100644 index 00000000000..46e3e724dd6 --- /dev/null +++ b/stable/traefik/13.3.11/templates/middlewares/redirectregex.yaml @@ -0,0 +1,20 @@ +{{- $values := .Values }} +{{- $namespace := ( printf "ix-%s" .Release.Name ) }} +{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }} +{{- $namespace = "default" }} +{{- end }} +{{ range $index, $middlewareData := .Values.middlewares.redirectRegex }} + +--- +# Declaring the user list +apiVersion: traefik.containo.us/v1alpha1 +kind: Middleware +metadata: + name: {{ $middlewareData.name }} + namespace: {{ $namespace }} +spec: + redirectRegex: + regex: {{ $middlewareData.regex | quote }} + replacement: {{ $middlewareData.replacement | quote }} + permanent: {{ $middlewareData.permanent }} +{{ end }} diff --git a/stable/traefik/13.3.11/templates/middlewares/stripPrefixRegex.yaml b/stable/traefik/13.3.11/templates/middlewares/stripPrefixRegex.yaml new file mode 100644 index 00000000000..007c166ff39 --- /dev/null +++ b/stable/traefik/13.3.11/templates/middlewares/stripPrefixRegex.yaml @@ -0,0 +1,20 @@ +{{- $values := .Values }} +{{- $namespace := ( printf "ix-%s" .Release.Name ) }} +{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }} +{{- $namespace = "default" }} +{{- end }} + +{{ range $index, $middlewareData := .Values.middlewares.stripPrefixRegex }} +--- +apiVersion: traefik.containo.us/v1alpha1 +kind: Middleware +metadata: + name: {{ $middlewareData.name }} + namespace: {{ $namespace }} +spec: + stripPrefixRegex: + regex: + {{- range $middlewareData.regex }} + - {{ . | quote }} + {{- end }} +{{ end }} diff --git a/stable/traefik/13.3.11/templates/middlewares/tc-chains.yaml b/stable/traefik/13.3.11/templates/middlewares/tc-chains.yaml new file mode 100644 index 00000000000..409766daa89 --- /dev/null +++ b/stable/traefik/13.3.11/templates/middlewares/tc-chains.yaml @@ -0,0 +1,29 @@ +{{- $values := .Values }} +{{- $namespace := ( printf "ix-%s" .Release.Name ) }} +{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }} +{{- $namespace = "default" }} +{{- end }} +--- +apiVersion: traefik.containo.us/v1alpha1 +kind: Middleware +metadata: + name: tc-opencors-chain + namespace: {{ $namespace }} +spec: + chain: + middlewares: + - name: basic-ratelimit + - name: tc-opencors-headers + - name: compress +--- +apiVersion: traefik.containo.us/v1alpha1 +kind: Middleware +metadata: + name: tc-closedcors-chain + namespace: {{ $namespace }} +spec: + chain: + middlewares: + - name: basic-ratelimit + - name: tc-closedcors-headers + - name: compress diff --git a/stable/traefik/13.3.11/templates/middlewares/tc-headers.yaml b/stable/traefik/13.3.11/templates/middlewares/tc-headers.yaml new file mode 100644 index 00000000000..a0462f1fd73 --- /dev/null +++ b/stable/traefik/13.3.11/templates/middlewares/tc-headers.yaml @@ -0,0 +1,62 @@ +{{- $values := .Values }} +{{- $namespace := ( printf "ix-%s" .Release.Name ) }} +{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }} +{{- $namespace = "default" }} +{{- end }} +--- +apiVersion: traefik.containo.us/v1alpha1 +kind: Middleware +metadata: + name: tc-opencors-headers + namespace: {{ $namespace }} +spec: + headers: + accessControlAllowHeaders: + - '*' + accessControlAllowMethods: + - GET + - OPTIONS + - HEAD + - PUT + - POST + accessControlAllowOriginList: + - '*' + accessControlMaxAge: 100 + browserXssFilter: true + contentTypeNosniff: true + customRequestHeaders: + X-Forwarded-Proto: https + customResponseHeaders: + server: "" + forceSTSHeader: true + referrerPolicy: same-origin + sslForceHost: true + sslRedirect: true + stsSeconds: 63072000 +--- +apiVersion: traefik.containo.us/v1alpha1 +kind: Middleware +metadata: + name: tc-closedcors-headers + namespace: {{ $namespace }} +spec: + headers: + accessControlAllowMethods: + - GET + - OPTIONS + - HEAD + - PUT + accessControlMaxAge: 100 + sslRedirect: true + stsSeconds: 63072000 + # stsIncludeSubdomains: false + # stsPreload: false + forceSTSHeader: true + contentTypeNosniff: true + browserXssFilter: true + sslForceHost: true + referrerPolicy: same-origin + customRequestHeaders: + X-Forwarded-Proto: "https" + customResponseHeaders: + server: '' diff --git a/stable/traefik/13.3.11/templates/middlewares/tc-nextcloud.yaml b/stable/traefik/13.3.11/templates/middlewares/tc-nextcloud.yaml new file mode 100644 index 00000000000..6a3019d56c5 --- /dev/null +++ b/stable/traefik/13.3.11/templates/middlewares/tc-nextcloud.yaml @@ -0,0 +1,25 @@ +{{- $values := .Values }} +{{- $namespace := ( printf "ix-%s" .Release.Name ) }} +{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }} +{{- $namespace = "default" }} +{{- end }} +--- +apiVersion: traefik.containo.us/v1alpha1 +kind: Middleware +metadata: + name: tc-nextcloud-redirectregex-dav + namespace: {{ $namespace }} +spec: + redirectRegex: + regex: "https://(.*)/.well-known/(card|cal)dav" + replacement: "https://${1}/remote.php/dav/" +--- +apiVersion: traefik.containo.us/v1alpha1 +kind: Middleware +metadata: + name: tc-nextcloud-chain + namespace: {{ $namespace }} +spec: + chain: + middlewares: + - name: tc-nextcloud-redirectregex-dav diff --git a/stable/traefik/13.3.11/templates/middlewares/theme-park.yaml b/stable/traefik/13.3.11/templates/middlewares/theme-park.yaml new file mode 100644 index 00000000000..92a4257e279 --- /dev/null +++ b/stable/traefik/13.3.11/templates/middlewares/theme-park.yaml @@ -0,0 +1,26 @@ +{{- $values := .Values }} +{{- $namespace := ( printf "ix-%s" .Release.Name ) }} +{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }} +{{- $namespace = "default" }} +{{- end }} +{{- range $index, $middlewareData := .Values.middlewares.themePark }} + +--- +apiVersion: traefik.containo.us/v1alpha1 +kind: Middleware +metadata: + name: {{ $middlewareData.name }} + namespace: {{ $namespace }} +spec: + plugin: + traefik-themepark: + app: {{ $middlewareData.appName }} + theme: {{ $middlewareData.themeName }} + baseUrl: {{ $middlewareData.baseUrl }} + {{- if $middlewareData.addons }} + addons: + {{- range $middlewareData.addons }} + - {{ . | quote }} + {{- end }} + {{- end }} +{{- end }} diff --git a/stable/traefik/13.3.11/values.yaml b/stable/traefik/13.3.11/values.yaml new file mode 100644 index 00000000000..e69de29bb2d