furyhawk/cloudy
1
0
Fork 0
mirror of https://github.com/furyhawk/cloudy.git synced 2026-05-22 16:06:51 +00:00
Code Issues Packages Projects Releases Wiki Activity

refactor: Update Traefik ingress routes file paths

Browse Source
This commit is contained in:
Teck Meng
2024-08-14 20:13:51 +08:00
parent d4037c7218
commit 7ca0e8e5ad
3 changed files with 90 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files
kubernetes/talos/extra.yaml
+65
View File
@@ -0,0 +1,65 @@
# Create an IngressRoute for the dashboard
ingressRoute:
dashboard:
# -- Create an IngressRoute for the dashboard
enabled: true
# -- Additional ingressRoute annotations (e.g. for kubernetes.io/ingress.class)
annotations: {}
# -- Additional ingressRoute labels (e.g. for filtering IngressRoute by custom labels)
labels: {}
# -- The router match rule used for the dashboard ingressRoute
matchRule: PathPrefix(`/dashboard`) || PathPrefix(`/api`)
# -- The internal service used for the dashboard ingressRoute
services:
- name: api@internal
kind: TraefikService
# -- Specify the allowed entrypoints to use for the dashboard ingress route, (e.g. traefik, web, websecure).
# By default, it's using traefik entrypoint, which is not exposed.
# /!\ Do not expose your dashboard without any protection over the internet /!\
entryPoints: ["traefik"]
# -- Additional ingressRoute middlewares (e.g. for authentication)
middlewares:
- name: traefik-dashboard-auth
tls: {}
healthcheck:
# -- Create an IngressRoute for the healthcheck probe
enabled: false
# -- Additional ingressRoute annotations (e.g. for kubernetes.io/ingress.class)
annotations: {}
# -- Additional ingressRoute labels (e.g. for filtering IngressRoute by custom labels)
labels: {}
# -- The router match rule used for the healthcheck ingressRoute
matchRule: PathPrefix(`/ping`)
# -- The internal service used for the healthcheck ingressRoute
services:
- name: ping@internal
kind: TraefikService
# -- Specify the allowed entrypoints to use for the healthcheck ingress route, (e.g. traefik, web, websecure).
# By default, it's using traefik entrypoint, which is not exposed.
entryPoints: ["traefik"]
# -- Additional ingressRoute middlewares (e.g. for authentication)
middlewares: []
# -- TLS options (e.g. secret containing certificate)
tls: {}
# Add custom middlewares : authentication and redirection
# Create the custom middlewares used by the IngressRoute dashboard (can also be created in another way).
# /!\ Yes, you need to replace "changeme" password with a better one. /!\
extraObjects:
- apiVersion: v1
kind: Secret
metadata:
name: traefik-dashboard-auth-secret
type: kubernetes.io/basic-auth
stringData:
username: admin
password: changeme
- apiVersion: traefik.io/v1alpha1
kind: Middleware
metadata:
name: traefik-dashboard-auth
spec:
basicAuth:
secret: traefik-dashboard-auth-secret
kubernetes/talos/traefik.yaml
+21 -2
View File
@@ -192,7 +192,8 @@ ingressRoute:
# /!\ Do not expose your dashboard without any protection over the internet /!\ # /!\ Do not expose your dashboard without any protection over the internet /!\
entryPoints: ["traefik"] entryPoints: ["traefik"]
# -- Additional ingressRoute middlewares (e.g. for authentication) # -- Additional ingressRoute middlewares (e.g. for authentication)
middlewares: [] middlewares:
- name: traefik-dashboard-auth
# -- TLS options (e.g. secret containing certificate) # -- TLS options (e.g. secret containing certificate)
tls: {} tls: {}
healthcheck: healthcheck:
@@ -913,7 +914,25 @@ podSecurityContext:
# #
# In some cases, it can avoid the need for additional, extended or adhoc deployments. # In some cases, it can avoid the need for additional, extended or adhoc deployments.
# See #595 for more details and traefik/tests/values/extra.yaml for example. # See #595 for more details and traefik/tests/values/extra.yaml for example.
extraObjects: [] # Create the custom middlewares used by the IngressRoute dashboard (can also be created in another way).
# /!\ Yes, you need to replace "changeme" password with a better one. /!\
extraObjects:
- apiVersion: v1
kind: Secret
metadata:
name: traefik-dashboard-auth-secret
type: kubernetes.io/basic-auth
stringData:
username: admin
password: changeme
- apiVersion: traefik.io/v1alpha1
kind: Middleware
metadata:
name: traefik-dashboard-auth
spec:
basicAuth:
secret: traefik-dashboard-auth-secret
# -- This field override the default Release Namespace for Helm. # -- This field override the default Release Namespace for Helm.
# It will not affect optional CRDs such as `ServiceMonitor` and `PrometheusRules` # It will not affect optional CRDs such as `ServiceMonitor` and `PrometheusRules`
swarm/emqx.yml
+4
View File
@@ -1,6 +1,9 @@
services: services:
emqx1: emqx1:
image: emqx:latest image: emqx:latest
environment:
EMQX_NAME: emqx_node1
EMQX_HOST: 127.0.0.1
healthcheck: healthcheck:
test: ["CMD", "/opt/emqx/bin/emqx", "ctl", "status"] test: ["CMD", "/opt/emqx/bin/emqx", "ctl", "status"]
interval: 60s interval: 60s
@@ -8,6 +11,7 @@ services:
retries: 5 retries: 5
volumes: volumes:
- /var/data/emqx-data1:/opt/emqx/data - /var/data/emqx-data1:/opt/emqx/data
- /var/data/emqx-etc1:/opt/emqx/etc
networks: networks:
- traefik-public - traefik-public
# ports: # ports: