dev.cm/k3s
1
0
派生 0
代码 议题 拉取请求 活动

feat(nginx): 新增nginx ingress配置

浏览代码
这个提交包含在:
rohow
2024-04-12 14:23:13 +08:00
未验证
父节点 c42a9b6e05
当前提交 4ab8e25766
修改 14 个文件,包含 119 行新增90 行删除
下载 Patch 文件 下载 Diff 文件 展开所有文件 折叠所有文件
apps/gitea/ingress-http.yaml
+18
查看文件
@@ -0,0 +1,18 @@
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: gitea-http
namespace: infra-devops
spec:
ingressClassName: nginx
rules:
- host: git.dev.cm
http:
paths:
- pathType: Prefix
path: "/"
backend:
service:
name: gitea-http
port:
number: 3000
apps/gitea/ingressroute-http.yaml
-19
查看文件
@@ -1,19 +0,0 @@
apiVersion: traefik.containo.us/v1alpha1
kind: IngressRoute
metadata:
name: gitea-http
namespace: infra-devops
spec:
entryPoints:
- websecure
routes:
- kind: Rule
match: Host(`git.dev.cm`)
middlewares:
- name: compress
- name: cache
services:
- kind: Service
name: gitea-http
namespace: infra-devops
port: 3000
apps/gitea/ingressroute-ssh.yaml
-14
查看文件
@@ -1,14 +0,0 @@
apiVersion: traefik.containo.us/v1alpha1
kind: IngressRouteTCP
metadata:
name: gitea-ssh
namespace: infra-devops
spec:
entryPoints:
- ssh
routes:
- match: HostSNI(`*`)
services:
- name: gitea-ssh
namespace: infra-devops
port: 22
apps/gitea/loadbalancer-ssh.yaml
+14
查看文件
@@ -0,0 +1,14 @@
apiVersion: v1
kind: Service
metadata:
name: gitea-ssh-lb
namespace: infra-devops
spec:
selector:
app.kubernetes.io/name: gitea
app.kubernetes.io/instance: gitea
ports:
- protocol: TCP
port: 22
targetPort: 22
type: LoadBalancer
apps/nas/todo.yaml → apps/local-service/todo.yaml
查看文件
certs/certificate-dev-cm.yaml
-12
查看文件
@@ -13,15 +13,3 @@ spec:
- "dev.cm"
- "*.dev.cm"
- "*.node.dev.cm"
---
apiVersion: traefik.containo.us/v1alpha1
kind: TLSStore
metadata:
name: default
namespace: kube-system
spec:
certificates:
- secretName: dev-cm-crt
defaultCertificate:
secretName: dev-cm-crt
core/nginx/helmchart.yaml
+43
查看文件
@@ -0,0 +1,43 @@
apiVersion: helm.cattle.io/v1
kind: HelmChart
metadata:
name: ingress-nginx
namespace: kube-system
spec:
chart: ingress-nginx
repo: https://kubernetes.github.io/ingress-nginx
targetNamespace: kube-system
version: 4.10.0
set:
valuesContent: |-
fullnameOverride: ingress-nginx
controller:
affinity:
nodeAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
nodeSelectorTerms:
- matchExpressions:
- key: svccontroller.k3s.cattle.io/enablelb
operator: In
values:
- "true"
tolerations:
- key: "node-role.kubernetes.io/master"
operator: "Exists"
effect: "NoSchedule"
kind: DaemonSet
hostNetwork: true
dnsPolicy: None
dnsConfig:
nameservers:
- 169.254.20.10
- 10.43.0.10
hostNetwork: true
hostPort:
enabled: true
service:
enabled: false
publishService:
enabled: false
config:
use-forwarded-headers: "true"
core/traefik/helmchartconfig.yaml
+4 -1
查看文件
@@ -50,8 +50,11 @@ spec:
port: 8022
expose: true
exposedPort: 22
providers:
kubernetesCRD:
allowCrossNamespace: true
additionalArguments:
- "--experimental.plugins.souin.moduleName=github.com/darkweak/souin"
- "--experimental.plugins.cache.moduleName=github.com/darkweak/souin"
- "--experimental.plugins.souin.version=v1.6.47"
experimental:
plugins:
core/traefik/ingressroute-internal.yaml
-1
查看文件
@@ -11,7 +11,6 @@ spec:
match: Host(`gateway.dev.cm`)
middlewares:
- name: compress
- name: cache
services:
- kind: TraefikService
name: dashboard@internal
core/traefik/middleware/middleware-cache.yaml
-11
查看文件
@@ -1,11 +0,0 @@
apiVersion: traefik.containo.us/v1alpha1
kind: Middleware
metadata:
name: cache
namespace: kube-system
spec:
plugin:
souin:
default_cache:
ttl: 3600s
default_cache_control: public, max-age=86400
install/master-init.config.yaml
+4
查看文件
@@ -5,3 +5,7 @@ tls-san:
# 网络相关
vpn-auth: "name=tailscale,joinKey=tskey-auth-ksJXXH4CNTRL-4WRkX448yC6W6yhytK1FD68HMDK4zStw"
# 组件相关
disable:
- traefik
install/master.config.yaml
+4
查看文件
@@ -6,3 +6,7 @@ tls-san:
# 网络相关
vpn-auth: "name=tailscale,joinKey=tskey-auth-ksJXXH4CNTRL-4WRkX448yC6W6yhytK1FD68HMDK4zStw"
# 组件相关
disable:
- traefik