kube/traefik/application-extras.yml

---
apiVersion: traefik.containo.us/v1alpha1
kind: Middleware
metadata:
  name: sso
spec:
  chain:
    middlewares:
      - name: chain-k6-authelia-auth
        namespace: authelia
---
apiVersion: v1
kind: Service
metadata:
  name: traefik-dashboard
  namespace: traefik
spec:
  selector:
    app.kubernetes.io/name: traefik
    app.kubernetes.io/instance: k6
  ports:
    - protocol: TCP
      port: 9000
      targetPort: 9000
---
apiVersion: v1
kind: Service
metadata:
  name: traefik-metrics
  namespace: traefik
  annotations:
    prometheus.io/scrape: 'true'
    prometheus.io/port: '9100'
spec:
  selector:
    app.kubernetes.io/name: traefik
    app.kubernetes.io/instance: k6
  ports:
    - protocol: TCP
      port: 9100
      targetPort: 9100
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: traefik-dashboard
  namespace: traefik
  annotations:
    kubernetes.io/ingress.class: traefik
    cert-manager.io/cluster-issuer: default
    # Keep IP address in sync with values.yaml
    external-dns.alpha.kubernetes.io/target: 193.40.103.36
    traefik.ingress.kubernetes.io/router.entrypoints: websecure
    traefik.ingress.kubernetes.io/router.middlewares: traefik-sso@kubernetescrd,traefik-dashboard-redirect@kubernetescrd
    traefik.ingress.kubernetes.io/router.tls: "true"
spec:
  rules:
  - host: traefik.k-space.ee
    http:
      paths:
      - pathType: Prefix
        path: "/"
        backend:
          service:
            name: traefik-dashboard
            port:
              number: 9000
  tls:
  - hosts:
    - traefik.k-space.ee
    secretName: traefik-tls
---
apiVersion: traefik.containo.us/v1alpha1
kind: Middleware
metadata:
  name: dashboard-redirect
spec:
  redirectRegex:
    regex: ^https://traefik.k-space.ee/?$
    replacement: https://traefik.k-space.ee/dashboard/
    permanent: false
---
apiVersion: networking.k8s.io/v1
kind: NetworkPolicy
metadata:
  name: traefik
spec:
  podSelector:
    matchLabels:
      app.kubernetes.io/name: traefik
  policyTypes:
  - Ingress
  - Egress
  ingress:
  - from:
    - ipBlock:
        cidr: 0.0.0.0/0
  - ports:
    - port: 80
    - port: 443
  egress:
  - {}
---
apiVersion: traefik.containo.us/v1alpha1
kind: Middleware
metadata:
  name: block-metrics
spec:
  replacePathRegex:
    regex: ^/metrics
    replacement: /
Initial commit 2022-08-16 09:40:54 +00:00			`---`
			`apiVersion: traefik.containo.us/v1alpha1`
			`kind: Middleware`
			`metadata:`
			`name: sso`
			`spec:`
			`chain:`
			`middlewares:`
			`- name: chain-k6-authelia-auth`
			`namespace: authelia`
			`---`
			`apiVersion: v1`
			`kind: Service`
			`metadata:`
			`name: traefik-dashboard`
			`namespace: traefik`
			`spec:`
			`selector:`
			`app.kubernetes.io/name: traefik`
			`app.kubernetes.io/instance: k6`
			`ports:`
			`- protocol: TCP`
			`port: 9000`
			`targetPort: 9000`
			`---`
			`apiVersion: v1`
			`kind: Service`
			`metadata:`
			`name: traefik-metrics`
			`namespace: traefik`
			`annotations:`
			`prometheus.io/scrape: 'true'`
			`prometheus.io/port: '9100'`
			`spec:`
			`selector:`
			`app.kubernetes.io/name: traefik`
			`app.kubernetes.io/instance: k6`
			`ports:`
			`- protocol: TCP`
			`port: 9100`
			`targetPort: 9100`
			`---`
			`apiVersion: networking.k8s.io/v1`
			`kind: Ingress`
			`metadata:`
			`name: traefik-dashboard`
			`namespace: traefik`
			`annotations:`
			`kubernetes.io/ingress.class: traefik`
			`cert-manager.io/cluster-issuer: default`
			`# Keep IP address in sync with values.yaml`
			`external-dns.alpha.kubernetes.io/target: 193.40.103.36`
			`traefik.ingress.kubernetes.io/router.entrypoints: websecure`
			`traefik.ingress.kubernetes.io/router.middlewares: traefik-sso@kubernetescrd,traefik-dashboard-redirect@kubernetescrd`
			`traefik.ingress.kubernetes.io/router.tls: "true"`
			`spec:`
			`rules:`
			`- host: traefik.k-space.ee`
			`http:`
			`paths:`
			`- pathType: Prefix`
			`path: "/"`
			`backend:`
			`service:`
			`name: traefik-dashboard`
			`port:`
			`number: 9000`
			`tls:`
			`- hosts:`
			`- traefik.k-space.ee`
			`secretName: traefik-tls`
			`---`
			`apiVersion: traefik.containo.us/v1alpha1`
			`kind: Middleware`
			`metadata:`
			`name: dashboard-redirect`
			`spec:`
			`redirectRegex:`
			`regex: ^https://traefik.k-space.ee/?$`
			`replacement: https://traefik.k-space.ee/dashboard/`
			`permanent: false`
			`---`
			`apiVersion: networking.k8s.io/v1`
			`kind: NetworkPolicy`
			`metadata:`
			`name: traefik`
			`spec:`
			`podSelector:`
			`matchLabels:`
			`app.kubernetes.io/name: traefik`
			`policyTypes:`
			`- Ingress`
			`- Egress`
			`ingress:`
			`- from:`
			`- ipBlock:`
			`cidr: 0.0.0.0/0`
			`- ports:`
			`- port: 80`
			`- port: 443`
			`egress:`
			`- {}`
			`---`
			`apiVersion: traefik.containo.us/v1alpha1`
			`kind: Middleware`
			`metadata:`
			`name: block-metrics`
			`spec:`
			`replacePathRegex:`
			`regex: ^/metrics`
			`replacement: /`