catalog/premium/traefik/26.10.18/templates/middlewares/basic-middleware.yaml

58 lines
1.8 KiB
YAML

---
apiVersion: traefik.io/v1alpha1
kind: Middleware
metadata:
name: {{ ternary (printf "%v-compress" $.Release.Name) "compress" $.Values.ingressClass.enabled }}
namespace: {{ $.Release.Namespace }}
spec:
compress: {}
---
# Here, an average of 300 requests per second is allowed.
# In addition, a burst of 200 requests is allowed.
apiVersion: traefik.io/v1alpha1
kind: Middleware
metadata:
name: {{ ternary (printf "%v-basic-ratelimit" $.Release.Name) "basic-ratelimit" $.Values.ingressClass.enabled }}
namespace: {{ $.Release.Namespace }}
spec:
rateLimit:
average: 600
burst: 400
---
apiVersion: traefik.io/v1alpha1
kind: Middleware
metadata:
name: {{ ternary (printf "%v-basic-secure-headers" $.Release.Name) "basic-secure-headers" $.Values.ingressClass.enabled }}
namespace: {{ $.Release.Namespace }}
spec:
headers:
accessControlAllowMethods:
- GET
- OPTIONS
- HEAD
- PUT
accessControlMaxAge: 100
stsSeconds: 63072000
# stsIncludeSubdomains: false
# stsPreload: false
forceSTSHeader: true
contentTypeNosniff: true
browserXssFilter: true
referrerPolicy: same-origin
customRequestHeaders:
X-Forwarded-Proto: "https"
customResponseHeaders:
server: ''
---
apiVersion: traefik.io/v1alpha1
kind: Middleware
metadata:
name: {{ ternary (printf "%v-chain-basic" $.Release.Name) "chain-basic" $.Values.ingressClass.enabled }}
namespace: {{ $.Release.Namespace }}
spec:
chain:
middlewares:
- name: {{ ternary (printf "%v-basic-ratelimit" $.Release.Name) "basic-ratelimit" $.Values.ingressClass.enabled }}
- name: {{ ternary (printf "%v-basic-secure-headers" $.Release.Name) "basic-secure-headers" $.Values.ingressClass.enabled }}
- name: {{ ternary (printf "%v-compress" $.Release.Name) "compress" $.Values.ingressClass.enabled }}