Commit new Chart releases for TrueCharts

Signed-off-by: TrueCharts-Bot <bot@truecharts.org>
This commit is contained in:
TrueCharts-Bot 2024-03-04 14:03:09 +00:00
parent 2371e75f69
commit 95ebedc487
84 changed files with 1741 additions and 1624 deletions

File diff suppressed because it is too large Load Diff

View File

@ -22,6 +22,10 @@ title: Changelog
@ -94,7 +98,3 @@ title: Changelog
## [traefik-25.1.10](https://github.com/truecharts/charts/compare/traefik-25.1.9...traefik-25.1.10) (2024-01-09)
### Chore
- update container image common to v17.2.22[@e7c9056](https://github.com/e7c9056) by renovate ([#16986](https://github.com/truecharts/charts/issues/16986))

View File

@ -4,13 +4,13 @@ annotations:
truecharts.org/SCALE-support: "true"
truecharts.org/category: network
truecharts.org/max_helm_version: "3.14"
truecharts.org/min_helm_version: "3.12"
truecharts.org/min_helm_version: "3.11"
truecharts.org/train: enterprise
apiVersion: v2
appVersion: 2.11.0
dependencies:
- name: common
version: 18.0.3
version: 18.1.2
repository: oci://tccr.io/truecharts
condition: ""
alias: ""
@ -36,4 +36,4 @@ sources:
- https://github.com/truecharts/charts/tree/master/charts/enterprise/traefik
- https://github.com/truecharts/containers/tree/master/apps/traefik
type: application
version: 26.2.0
version: 26.4.0

Binary file not shown.

File diff suppressed because it is too large Load Diff

View File

@ -133,7 +133,7 @@ configmap:
dashboard:
enabled: true
labels:
grafanadasboard: '1'
grafana_dashboard: "1"
data:
traefik.json: >-
{{ .Files.Get "dashboard.json" | indent 8 }}
@ -193,6 +193,7 @@ service:
enabled: true
port: 80
protocol: http
externalTrafficPolicy: local
redirectTo: websecure
# Options: Empty, 0 (ingore), or positive int
# redirectPort:
@ -214,6 +215,7 @@ service:
enabled: true
port: 443
protocol: https
externalTrafficPolicy: local
# -- Configure (Forwarded Headers)[https://doc.traefik.io/traefik/routing/entrypoints/#forwarded-headers] Support
forwardedHeaders:
enabled: false
@ -436,6 +438,44 @@ middlewares:
# modSecurityUrl: modSecurity container URL
# timeoutMillis: Configurated timeout
# maxBodySize: maxBodySize
crowdsecBouncer: []
# - name: modsecurityName
# enabled: false
# logLevel: DEBUG
# updateIntervalSeconds: 60
# defaultDecisionSeconds: 60
# httpTimeoutSeconds: 10
# crowdsecMode: live
# crowdsecAppsecEnabled: false
# crowdsecAppsecHost: crowdsec:7422
# crowdsecAppsecFailureBlock: true
# crowdsecLapiKey: privateKey-foo
# crowdsecLapiKeyFile: /etc/traefik/cs-privateKey-foo
# crowdsecLapiHost: crowdsec:8080
# crowdsecLapiScheme: http
# crowdsecLapiTLSInsecureVerify: false
# crowdsecCapiMachineId: login
# crowdsecCapiPassword: password
# crowdsecCapiScenarios:
# - crowdsecurity/http-path-traversal-probing
# - crowdsecurity/http-xss-probing
# - crowdsecurity/http-generic-bf
# forwardedHeadersTrustedIPs:
# - 10.0.10.23/32
# - 10.0.20.0/24
# clientTrustedIPs:
# - 192.168.1.0/24
# forwardedHeadersCustomName: X-Custom-Header
# redisCacheEnabled: false
# redisCacheHost: "redis:6379"
# redisCachePassword: password
# redisCacheDatabase: "5"
# crowdsecLapiTLSCertificateAuthority: |-
# crowdsecLapiTLSCertificateAuthorityFile: /etc/traefik/crowdsec-certs/ca.pem
# crowdsecLapiTLSCertificateBouncer: |-
# crowdsecLapiTLSCertificateBouncerFile: /etc/traefik/crowdsec-certs/bouncer.pem
# crowdsecLapiTLSCertificateBouncerKey: |-
# crowdsecLapiTLSCertificateBouncerKeyFile: /etc/traefik/crowdsec-certs/bouncer-key.pem
## Note: body of every request will be buffered in memory while the request is in-flight
## (i.e.: during the security check and during the request processing by traefik and the backend),
## so you may want to tune maxBodySize depending on how much RAM you have.
@ -446,6 +486,12 @@ persistence:
enabled: true
mountPath: "/plugins-storage"
type: emptyDir
crowdsec-bouncer-tls:
enabled: "{{ if .Values.middlewares.crowdsecBouncer }}true{{ else }}false{{ end }}"
mountPath: "/etc/traefik/crowdsec-certs"
type: secret
expandObjectName: false
objectName: crowdsec-bouncer-tls
portal:
open:
enabled: true

View File

@ -180,6 +180,10 @@ args:
{{- if .Values.middlewares.modsecurity }}
- "--experimental.localPlugins.traefik-modsecurity-plugin.modulename=github.com/acouvreur/traefik-modsecurity-plugin"
{{- end }}
{{/* CrowdsecBouncer */}}
{{- if .Values.middlewares.crowdsecBouncer }}
- "--experimental.localPlugins.crowdsec-bouncer.modulename=github.com/maxlerebourg/crowdsec-bouncer-traefik-plugin"
{{- end }}
{{/* End of ModSecurity */}}
{{/* RewriteResponseHeaders */}}
{{- if .Values.middlewares.rewriteResponseHeaders }}

View File

@ -0,0 +1,112 @@
{{- range $index, $middlewareData := .Values.middlewares.crowdsecBouncer }}
---
apiVersion: traefik.io/v1alpha1
kind: Middleware
metadata:
name: {{ ternary (printf "%v-%v" $.Release.Name $middlewareData.name) $middlewareData.name $.Values.ingressClass.enabled }}
namespace: {{ $.Release.Namespace }}
spec:
plugin:
bouncer:
{{- with $middlewareData.enabled -}}
enabled: {{ . }}
{{- end -}}
{{- with $middlewareData.logLevel -}}
logLevel: {{ . }}
{{- end -}}
{{- with $middlewareData.updateIntervalSeconds -}}
updateIntervalSeconds: {{ . }}
{{- end -}}
{{- with $middlewareData.defaultDecisionSeconds -}}
defaultDecisionSeconds: {{ . }}
{{- end -}}
{{- with $middlewareData.httpTimeoutSeconds -}}
httpTimeoutSeconds: {{ . }}
{{- end -}}
{{- with $middlewareData.crowdsecMode -}}
crowdsecMode: {{ . }}
{{- end -}}
{{- with $middlewareData.crowdsecAppsecEnabled -}}
crowdsecAppsecEnabled: {{ . }}
{{- end -}}
{{- with $middlewareData.crowdsecAppsecHost -}}
crowdsecAppsecHost: {{ . }}
{{- end -}}
{{- with $middlewareData.crowdsecAppsecFailureBlock -}}
crowdsecAppsecFailureBlock: {{ . }}
{{- end -}}
{{- with $middlewareData.crowdsecLapiKey -}}
crowdsecLapiKey: {{ . }}
{{- end -}}
{{- with $middlewareData.crowdsecLapiKeyFile -}}
crowdsecLapiKeyFile: {{ . }}
{{- end -}}
{{- with $middlewareData.crowdsecLapiHost -}}
crowdsecLapiHost: {{ . }}
{{- end -}}
{{- with $middlewareData.crowdsecLapiScheme -}}
crowdsecLapiScheme: {{ . }}
{{- end -}}
{{- with $middlewareData.crowdsecLapiTLSInsecureVerify -}}
crowdsecLapiTLSInsecureVerify: {{ . }}
{{- end -}}
{{- with $middlewareData.crowdsecCapiMachineId -}}
crowdsecCapiMachineId: {{ . }}
{{- end -}}
{{- with $middlewareData.crowdsecCapiPassword -}}
crowdsecCapiPassword: {{ . }}
{{- end -}}
{{- if $middlewareData.crowdsecCapiScenarios -}}
crowdsecCapiScenarios:
{{- range $middlewareData.crowdsecCapiScenarios -}}
- {{ . }}
{{- end -}}
{{- end -}}
{{- if $middlewareData.forwardedHeadersTrustedIPs -}}
forwardedHeadersTrustedIPs:
{{- range $middlewareData.forwardedHeadersTrustedIPs -}}
- {{ . }}
{{- end -}}
{{- end -}}
{{- if $middlewareData.clientTrustedIPs -}}
clientTrustedIPs:
{{- range $middlewareData.clientTrustedIPs -}}
- {{ . }}
{{- end -}}
{{- end -}}
{{- with $middlewareData.forwardedHeadersCustomName -}}
forwardedHeadersCustomName: {{ . }}
{{- end -}}
{{- with $middlewareData.redisCacheEnabled -}}
redisCacheEnabled: {{ . }}
{{- end -}}
{{- with $middlewareData.redisCacheHost -}}
redisCacheHost: {{ . }}
{{- end -}}
{{- with $middlewareData.redisCachePassword -}}
redisCachePassword: {{ . }}
{{- end -}}
{{- with $middlewareData.redisCacheDatabase -}}
redisCacheDatabase: {{ . }}
{{- end -}}
{{- with $middlewareData.crowdsecLapiTLSCertificateAuthority -}}
crowdsecLapiTLSCertificateAuthority: {{ . }}
{{- end -}}
{{- with $middlewareData.crowdsecLapiTLSCertificateAuthorityFile -}}
crowdsecLapiTLSCertificateAuthorityFile: {{ . }}
{{- end -}}
{{- with $middlewareData.crowdsecLapiTLSCertificateBouncer -}}
crowdsecLapiTLSCertificateBouncer: {{ . }}
{{- end -}}
{{- with $middlewareData.crowdsecLapiTLSCertificateBouncerFile -}}
crowdsecLapiTLSCertificateBouncerFile: {{ . }}
{{- end -}}
{{- with $middlewareData.crowdsecLapiTLSCertificateBouncerKey -}}
crowdsecLapiTLSCertificateBouncerKey: {{ . }}
{{- end -}}
{{- with $middlewareData.crowdsecLapiTLSCertificateBouncerKeyFile -}}
crowdsecLapiTLSCertificateBouncerKeyFile: {{ . }}
{{- end -}}
{{- end -}}