Update Ingress

This commit is contained in:
nold 2022-01-05 20:24:47 +01:00
parent f57e43b28a
commit 5a34fbb1ad
17 changed files with 21 additions and 142 deletions

View file

@ -3,6 +3,7 @@ ingress:
enabled: true enabled: true
annotations: annotations:
cert-manager.io/cluster-issuer: vault-issuer cert-manager.io/cluster-issuer: vault-issuer
traefik.ingress.kubernetes.io/router.tls: 'true'
hosts: hosts:
- host: bazarr.dc - host: bazarr.dc
paths: paths:

View file

@ -7,6 +7,7 @@ ingress:
enabled: true enabled: true
annotations: annotations:
cert-manager.io/cluster-issuer: vault-issuer cert-manager.io/cluster-issuer: vault-issuer
traefik.ingress.kubernetes.io/router.tls: 'true'
hosts: hosts:
- host: jackett.dc - host: jackett.dc
paths: paths:

View file

@ -3,6 +3,7 @@ ingress:
enabled: true enabled: true
annotations: annotations:
cert-manager.io/cluster-issuer: vault-issuer cert-manager.io/cluster-issuer: vault-issuer
traefik.ingress.kubernetes.io/router.tls: 'true'
hosts: hosts:
- host: lidarr.dc - host: lidarr.dc
paths: paths:

View file

@ -3,6 +3,7 @@ ingress:
enabled: true enabled: true
annotations: annotations:
cert-manager.io/cluster-issuer: vault-issuer cert-manager.io/cluster-issuer: vault-issuer
traefik.ingress.kubernetes.io/router.tls: 'true'
hosts: hosts:
- host: ombi.dc - host: ombi.dc
paths: paths:

View file

@ -3,6 +3,7 @@ ingress:
enabled: true enabled: true
annotations: annotations:
cert-manager.io/cluster-issuer: vault-issuer cert-manager.io/cluster-issuer: vault-issuer
traefik.ingress.kubernetes.io/router.tls: 'true'
hosts: hosts:
- host: radarr.dc - host: radarr.dc
paths: paths:

View file

@ -6,6 +6,7 @@ ingress:
enabled: true enabled: true
annotations: annotations:
cert-manager.io/cluster-issuer: vault-issuer cert-manager.io/cluster-issuer: vault-issuer
traefik.ingress.kubernetes.io/router.tls: 'true'
hosts: hosts:
- host: sonarr.dc - host: sonarr.dc
paths: paths:

View file

@ -9,6 +9,7 @@ hubble:
enabled: true enabled: true
annotations: annotations:
cert-manager.io/cluster-issuer: vault-issuer cert-manager.io/cluster-issuer: vault-issuer
traefik.ingress.kubernetes.io/router.tls: 'true'
hosts: hosts:
- cilium.dc - cilium.dc
tls: tls:

View file

@ -4,7 +4,7 @@ ingressClass:
providers: providers:
kubernetesCRD: kubernetesCRD:
ingressClass: internal ingressClass: traefik
globalArguments: [] globalArguments: []
@ -23,3 +23,7 @@ service:
externalIPs: externalIPs:
- 192.168.1.11 - 192.168.1.11
logs:
general:
level: DEBUG

View file

@ -3,7 +3,8 @@ ingress:
enabled: true enabled: true
annotations: annotations:
cert-manager.io/cluster-issuer: "vault-issuer" cert-manager.io/cluster-issuer: "vault-issuer"
kubernetes.io/ingress.class: "nginx" traefik.ingress.kubernetes.io/router.tls: 'true'
#FIXME:
nginx.ingress.kubernetes.io/proxy-body-size: 50m nginx.ingress.kubernetes.io/proxy-body-size: 50m
hosts: hosts:

View file

@ -3,7 +3,7 @@ ingress:
enabled: true enabled: true
annotations: annotations:
cert-manager.io/cluster-issuer: "vault-issuer" cert-manager.io/cluster-issuer: "vault-issuer"
kubernetes.io/ingress.class: "nginx" traefik.ingress.kubernetes.io/router.tls: 'true'
hosts: hosts:
- host: pyload.dc - host: pyload.dc
paths: paths:

View file

@ -1,128 +0,0 @@
env:
# -- Set the container timezone
TZ: UTC
# -- Folder where Flood stores it's configuration
HOME: "/config"
# -- The host that Flood should listen for web connections on
FLOOD_OPTION_HOST: "0.0.0.0"
# -- The port that Flood should listen for web connections on
FLOOD_OPTION_PORT: "3000"
# -- ADVANCED: rTorrent daemon managed by Flood
FLOOD_OPTION_RTORRENT: "true"
# -- Allowed path for file operations
FLOOD_OPTION_ALLOWEDPATH: "/downloads"
# -- Configures service settings for the chart.
# @default -- See values.yaml
service:
main:
ports:
http:
port: 3000
bittorrent:
enabled: true
type: ClusterIP
ports:
bittorrent:
enabled: true
port: 6881
protocol: TCP
targetPort: 6881
# -- Minimal configuration provided from https://github.com/jesec/rtorrent/blob/master/doc/rtorrent.rc
# @default -- string
config: |
session.use_lock.set = no
method.insert = cfg.basedir, private|const|string, (cat,(fs.homedir),"/.local/share/rtorrent/")
method.insert = cfg.download, private|const|string, (cat,"/downloads/","download/")
method.insert = cfg.logs, private|const|string, (cat,(cfg.download),"log/")
method.insert = cfg.logfile, private|const|string, (cat,(cfg.logs),"rtorrent-",(system.time),".log")
method.insert = cfg.session, private|const|string, (cat,(cfg.basedir),".session/")
method.insert = cfg.watch, private|const|string, (cat,(cfg.download),"watch/")
fs.mkdir.recursive = (cat,(cfg.basedir))
fs.mkdir = (cat,(cfg.download))
fs.mkdir = (cat,(cfg.logs))
fs.mkdir = (cat,(cfg.session))
fs.mkdir = (cat,(cfg.watch))
fs.mkdir = (cat,(cfg.watch),"/load")
fs.mkdir = (cat,(cfg.watch),"/start")
schedule2 = watch_load, 11, 10, ((load.verbose, (cat, (cfg.watch), "load/*.torrent")))
schedule2 = watch_start, 10, 10, ((load.start_verbose, (cat, (cfg.watch), "start/*.torrent")))
dht.add_bootstrap = dht.transmissionbt.com:6881
dht.add_bootstrap = dht.libtorrent.org:25401
throttle.max_uploads.set = 20
throttle.max_uploads.global.set = 50
throttle.min_peers.normal.set = 20
throttle.max_peers.normal.set = 60
throttle.min_peers.seed.set = 30
throttle.max_peers.seed.set = 80
trackers.numwant.set = 80
network.port_range.set = 61086-61086
network.max_open_files.set = 600
network.max_open_sockets.set = 300
pieces.memory.max.set = 1800M
session.path.set = (cat, (cfg.session))
directory.default.set = (cat, (cfg.download))
log.execute = (cat, (cfg.logs), "execute.log")
encoding.add = utf8
system.daemon.set = true
system.umask.set = 0002
system.cwd.set = (directory.default)
network.http.max_open.set = 500
network.http.dns_cache_timeout.set = 25
network.scgi.open_local = (cat,(cfg.basedir),rtorrent.sock)
print = (cat, "Logging to ", (cfg.logfile))
log.open_file = "log", (cfg.logfile)
log.add_output = "info", "log"
ingress:
main:
enabled: true
annotations:
cert-manager.io/cluster-issuer: "vault-issuer"
kubernetes.io/ingress.class: "nginx"
nginx.ingress.kubernetes.io/proxy-body-size: 50m
hosts:
- host: flood.dc
paths:
- path: /
pathType: Prefix
tls:
- secretName: flood.dc-tls
hosts:
- flood.dc
persistence:
config:
enabled: true
mountPath: /config
size: 10M
# use hostpath instead
downloads:
enabled: true
type: hostPath
hostPath: /data/torrent
mountPath: /downloads
## VPN
addons:
vpn:
enabled: true
openvpn:
authSecret: openvpn
configFileSecret: openvpn
securityContext:
capabilities:
add:
- NET_ADMIN
- SYS_MODULE
livenessProbe:
exec:
command:
- sh
- -c
- if [ $(curl -s https://ipinfo.io/country) == 'NL' ]; then exit 0; else exit $?; fi
initialDelaySeconds: 30
periodSeconds: 60
failureThreshold: 3

View file

@ -3,15 +3,7 @@ ingress:
enabled: true enabled: true
annotations: annotations:
cert-manager.io/cluster-issuer: "vault-issuer" cert-manager.io/cluster-issuer: "vault-issuer"
kubernetes.io/ingress.class: "nginx" traefik.ingress.kubernetes.io/router.tls: 'true'
nginx.ingress.kubernetes.io/auth-url: |
https://youtubedl.dc/akprox/auth/nginx
nginx.ingress.kubernetes.io/auth-signin: |
https://youtubedl.dc/akprox/start?rd=$escaped_request_uri
nginx.ingress.kubernetes.io/auth-response-headers: |
Set-Cookie,X-authentik-username,X-authentik-groups,X-authentik-email,X-authentik-name,X-authentik-uid
nginx.ingress.kubernetes.io/auth-snippet: |
proxy_set_header X-Forwarded-Host $http_host;
hosts: hosts:
- host: youtubedl.dc - host: youtubedl.dc
paths: paths:

View file

@ -17,7 +17,7 @@ grafana:
enabled: true enabled: true
annotations: annotations:
cert-manager.io/cluster-issuer: vault-issuer cert-manager.io/cluster-issuer: vault-issuer
kubernetes.io/ingress.class: nginx traefik.ingress.kubernetes.io/router.tls: 'true'
hosts: hosts:
- grafana.dc - grafana.dc
tls: tls:

View file

@ -43,6 +43,7 @@ ingress:
main: main:
annotations: annotations:
cert-manager.io/cluster-issuer: vault-issuer cert-manager.io/cluster-issuer: vault-issuer
traefik.ingress.kubernetes.io/router.tls: 'true'
enabled: true enabled: true
hosts: hosts:
- host: hass.dc - host: hass.dc

View file

@ -49,6 +49,7 @@ ingress:
enabled: true enabled: true
annotations: annotations:
cert-manager.io/cluster-issuer: vault-issuer cert-manager.io/cluster-issuer: vault-issuer
traefik.ingress.kubernetes.io/router.tls: 'true'
hosts: hosts:
- host: music.dc - host: music.dc
paths: paths:

View file

@ -8,6 +8,7 @@ ingress:
tls: true tls: true
annotations: annotations:
cert-manager.io/cluster-issuer: vault-issuer cert-manager.io/cluster-issuer: vault-issuer
traefik.ingress.kubernetes.io/router.tls: 'true'
networkPolicy: networkPolicy:
enabled: true enabled: true

View file

@ -30,7 +30,7 @@ server:
ingress: ingress:
annotations: annotations:
cert-manager.io/cluster-issuer: vault-issuer cert-manager.io/cluster-issuer: vault-issuer
kubernetes.io/ingress.class: nginx traefik.ingress.kubernetes.io/router.tls: 'true'
enabled: true enabled: true
extraPaths: [] extraPaths: []
hosts: hosts: