34 lines
972 B
Nix
34 lines
972 B
Nix
{ lib, myLib, ... }: {
|
|
kubernetes.resources.helmChartConfigs = {
|
|
traefik = {
|
|
metadata.namespace = "kube-system";
|
|
|
|
# Override Traefik's service with a static load balancer IP.
|
|
# Create endpoint for HTTPS on port 444.
|
|
# Allow external name services for esrom.
|
|
spec.valuesContent = lib.generators.toYAML { } {
|
|
# service.annotations."metallb.universe.tf/loadBalancerIPs" = myLib.globals.traefikIPv4;
|
|
providers.kubernetesIngress.allowExternalNameServices = true;
|
|
service.loadBalancerIP = myLib.globals.traefikIPv4;
|
|
|
|
ports = {
|
|
localsecure = {
|
|
port = 8444;
|
|
expose = true;
|
|
exposedPort = 444;
|
|
protocol = "TCP";
|
|
|
|
tls = {
|
|
enabled = true;
|
|
options = "";
|
|
certResolver = "";
|
|
domains = [ ];
|
|
};
|
|
};
|
|
|
|
web.redirectTo = "websecure";
|
|
};
|
|
};
|
|
};
|
|
};
|
|
}
|