From 4483b2fa8ea0b4e79cf077f7b8bf268ba528d92b Mon Sep 17 00:00:00 2001 From: baschno Date: Thu, 2 May 2024 13:54:22 +0200 Subject: [PATCH] Add files via upload --- 01_metallb_config.yml | 20 ++++++++++++++++ 02_traefik_values.yml | 52 +++++++++++++++++++++++++++++++++++++++++ 03_default_headers.yml | 17 ++++++++++++++ 04_secret_dashboard.yml | 9 +++++++ README.md | 9 +++++++ 5 files changed, 107 insertions(+) create mode 100644 01_metallb_config.yml create mode 100644 02_traefik_values.yml create mode 100644 03_default_headers.yml create mode 100644 04_secret_dashboard.yml create mode 100644 README.md diff --git a/01_metallb_config.yml b/01_metallb_config.yml new file mode 100644 index 0000000..f70a926 --- /dev/null +++ b/01_metallb_config.yml @@ -0,0 +1,20 @@ +# Metallb address pool +apiVersion: metallb.io/v1beta1 +kind: IPAddressPool +metadata: + name: cluster-pool + namespace: metallb +spec: + addresses: + - 192.168.178.230-192.168.178.250 + +--- +# L2 configuration +apiVersion: metallb.io/v1beta1 +kind: L2Advertisement +metadata: + name: metallb-homelab + namespace: metallb +spec: + ipAddressPools: + - cluster-pool \ No newline at end of file diff --git a/02_traefik_values.yml b/02_traefik_values.yml new file mode 100644 index 0000000..914c2bb --- /dev/null +++ b/02_traefik_values.yml @@ -0,0 +1,52 @@ +globalArguments: + - "--global.sendanonymoususage=false" + - "--global.checknewversion=false" + +additionalArguments: + - "--serversTransport.insecureSkipVerify=true" + - "--log.level=INFO" + +deployment: + enabled: true + replicas: 1 + annotations: {} + podAnnotations: {} + additionalContainers: [] + initContainers: [] + +ports: + web: + redirectTo: + port: websecure + priority: 10 + websecure: + tls: + enabled: true + +ingressRoute: + dashboard: + enabled: false + +providers: + kubernetesCRD: + enabled: true + ingressClass: traefik-external + allowExternalNameServices: true + kubernetesIngress: + enabled: true + allowExternalNameServices: true + publishedService: + enabled: false + +rbac: + enabled: true + +service: + enabled: true + type: LoadBalancer + annotations: {} + labels: {} + spec: + loadBalancerIP: 192.168.178.231 # IP in the MetalLB range from metallb config.yaml + loadBalancerSourceRanges: [] + externalIPs: [] \ No newline at end of file diff --git a/03_default_headers.yml b/03_default_headers.yml new file mode 100644 index 0000000..3c318da --- /dev/null +++ b/03_default_headers.yml @@ -0,0 +1,17 @@ +apiVersion: traefik.containo.us/v1alpha1 +kind: Middleware +metadata: + name: default-headers + namespace: default +spec: + headers: + browserXssFilter: true + contentTypeNosniff: true + forceSTSHeader: true + stsIncludeSubdomains: true + stsPreload: true + stsSeconds: 15552000 + customFrameOptionsValue: SAMEORIGIN + customRequestHeaders: + X-Forwarded-Proto: https + diff --git a/04_secret_dashboard.yml b/04_secret_dashboard.yml new file mode 100644 index 0000000..3fb5105 --- /dev/null +++ b/04_secret_dashboard.yml @@ -0,0 +1,9 @@ +--- +apiVersion: v1 +kind: Secret +metadata: + name: traefik-dashboard-auth + namespace: traefik +type: Opaque +data: + users: cG9wZTokYXByMSRCNTVxbUFoWSRLS3BDVmJvUUd5VTFnOVg4WVpiUXAvCgo= \ No newline at end of file diff --git a/README.md b/README.md new file mode 100644 index 0000000..95bebc1 --- /dev/null +++ b/README.md @@ -0,0 +1,9 @@ +Current Setup + +https://ryan-pope.com/posts/Homelab-to-k3s/ + +https://blog.chicho.com.ar/how-to-deploy-a-kubernetes-cluster-with-k3s/ + +https://picluster.ricsanfre.com/docs/traefik/ + +https://k3s.rocks/metrics/