73 lines
1.6 KiB
Nix
73 lines
1.6 KiB
Nix
{ lib, myLib, ... }: {
|
|
kubernetes.resources = {
|
|
helmChartConfigs = {
|
|
traefik = {
|
|
# Override Traefik's service with a static load balancer IP.
|
|
# Create endpoint for HTTPS on port 444.
|
|
# Allow external name services for servers in LAN.
|
|
spec.valuesContent = lib.generators.toYAML { } {
|
|
providers.kubernetesIngress.allowExternalNameServices = true;
|
|
service.loadBalancerIP = myLib.globals.traefikIPv4;
|
|
|
|
ports = {
|
|
localsecure = {
|
|
port = 8444;
|
|
expose = true;
|
|
exposedPort = 444;
|
|
protocol = "TCP";
|
|
|
|
tls = {
|
|
enabled = true;
|
|
options = "";
|
|
certResolver = "";
|
|
domains = [ ];
|
|
};
|
|
};
|
|
|
|
web.redirectTo.port = "websecure";
|
|
};
|
|
};
|
|
};
|
|
};
|
|
|
|
services = {
|
|
esrom.spec = {
|
|
type = "ExternalName";
|
|
externalName = "esrom.dmz";
|
|
|
|
ports.web = {
|
|
port = 80;
|
|
targetPort = 80;
|
|
};
|
|
};
|
|
|
|
traefik-dashboard.spec = {
|
|
selector = {
|
|
"app.kubernetes.io/name" = "traefik";
|
|
"app.kubernetes.io/instance" = "traefik-kube-system";
|
|
};
|
|
|
|
ports.web = {
|
|
port = 80;
|
|
targetPort = "traefik";
|
|
};
|
|
};
|
|
};
|
|
};
|
|
|
|
lab = {
|
|
ingresses.esrom = {
|
|
host = "esrom.kun.is";
|
|
|
|
service = {
|
|
name = "esrom";
|
|
portName = "web";
|
|
};
|
|
};
|
|
|
|
tailscaleIngresses.traefik-dashboard = {
|
|
host = "traefik";
|
|
service.name = "traefik-dashboard";
|
|
};
|
|
};
|
|
}
|