From 703e9e8052b8498aa6abf4e5b3dae57a7436d104 Mon Sep 17 00:00:00 2001 From: nold Date: Tue, 11 Jan 2022 22:02:12 +0100 Subject: [PATCH] Change: Ingress External selector & tlsoptions --- .../values/ingress-external.yaml | 29 ++++++++++++++++++- resources/manifests/traefik-tls.yaml | 15 ---------- 2 files changed, 28 insertions(+), 16 deletions(-) delete mode 100644 resources/manifests/traefik-tls.yaml diff --git a/projects/ingress-external/values/ingress-external.yaml b/projects/ingress-external/values/ingress-external.yaml index 293822dc..721f4cae 100644 --- a/projects/ingress-external/values/ingress-external.yaml +++ b/projects/ingress-external/values/ingress-external.yaml @@ -6,7 +6,12 @@ providers: kubernetesCRD: ingressClass: external -globalArguments: [] +kubernetesIngress: + labelSelector: environment=external + namespaces: + - drone + - nextcloud + - gitea ports: web: @@ -15,6 +20,28 @@ ports: tls: enabled: true +globalArguments: [] +additionalArguments: + - "--providers.kubernetesingress.ingressclass=ingress-external" + +ingressRoute: + dashboard: + enabled: false + +tlsOptions: + default: + preferServerCipherSuites: true + minVersion: VersionTLS12 + sniStrict: true + cipherSuites: + - TLS_AES_128_GCM_SHA256 + - TLS_AES_256_GCM_SHA384 + - TLS_CHACHA20_POLY1305_SHA256 + - TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 + - TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 + - TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 + + service: enabled: true type: LoadBalancer diff --git a/resources/manifests/traefik-tls.yaml b/resources/manifests/traefik-tls.yaml deleted file mode 100644 index 936a73db..00000000 --- a/resources/manifests/traefik-tls.yaml +++ /dev/null @@ -1,15 +0,0 @@ -apiVersion: traefik.containo.us/v1alpha1 -kind: TLSOption -metadata: - name: default - namespace: kube-system -spec: - minVersion: VersionTLS12 - sniStrict: true - cipherSuites: - - TLS_AES_128_GCM_SHA256 - - TLS_AES_256_GCM_SHA384 - - TLS_CHACHA20_POLY1305_SHA256 - - TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 - - TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 - - TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384