traefik v1.7 kubernetes doc fixes
This commit is contained in:
Thom Seddon
parent
9abf5645b7
commit
1ac0ca9732
@ -1,3 +1,3 @@
|
|||||||
resources:
|
bases:
|
||||||
- traefik-forward-auth
|
- traefik-forward-auth
|
||||||
- whoami
|
- whoami
|
||||||
|
|||||||
@ -28,6 +28,9 @@ spec:
|
|||||||
value: "/config"
|
value: "/config"
|
||||||
- name: DOMAIN
|
- name: DOMAIN
|
||||||
value: "example.com"
|
value: "example.com"
|
||||||
|
# INSECURE_COOKIE is required unless using https entrypoint
|
||||||
|
- name: INSECURE_COOKIE
|
||||||
|
value: "true"
|
||||||
# Remove COOKIE_DOMAIN if not using auth host mode
|
# Remove COOKIE_DOMAIN if not using auth host mode
|
||||||
- name: COOKIE_DOMAIN
|
- name: COOKIE_DOMAIN
|
||||||
value: "example.com"
|
value: "example.com"
|
||||||
@ -46,11 +49,11 @@ spec:
|
|||||||
secretKeyRef:
|
secretKeyRef:
|
||||||
name: secrets
|
name: secrets
|
||||||
key: google-client-secret
|
key: google-client-secret
|
||||||
- name: COOKIE_SECRET
|
- name: SECRET
|
||||||
valueFrom:
|
valueFrom:
|
||||||
secretKeyRef:
|
secretKeyRef:
|
||||||
name: secrets
|
name: secrets
|
||||||
key: cookie-secret
|
key: secret
|
||||||
volumeMounts:
|
volumeMounts:
|
||||||
- name: configs
|
- name: configs
|
||||||
mountPath: /config
|
mountPath: /config
|
||||||
|
|||||||
@ -1,3 +1,3 @@
|
|||||||
google-client-id=client-id
|
google-client-id=client-id
|
||||||
google-client-secret=client-secret
|
google-client-secret=client-secret
|
||||||
cookie-secret=something-random
|
secret=something-random
|
||||||
|
|||||||
@ -0,0 +1,3 @@
|
|||||||
|
bases:
|
||||||
|
- traefik
|
||||||
|
- whoami
|
||||||
@ -29,11 +29,9 @@ spec:
|
|||||||
ports:
|
ports:
|
||||||
- name: http
|
- name: http
|
||||||
containerPort: 80
|
containerPort: 80
|
||||||
hostPort: 80
|
|
||||||
protocol: TCP
|
protocol: TCP
|
||||||
- name: https
|
- name: https
|
||||||
containerPort: 443
|
containerPort: 443
|
||||||
hostPort: 443
|
|
||||||
protocol: TCP
|
protocol: TCP
|
||||||
- name: dash
|
- name: dash
|
||||||
containerPort: 8080
|
containerPort: 8080
|
||||||
@ -52,10 +50,14 @@ spec:
|
|||||||
env:
|
env:
|
||||||
- name: CONFIG
|
- name: CONFIG
|
||||||
value: "/config"
|
value: "/config"
|
||||||
- name: COOKIE_DOMAIN
|
|
||||||
value: "example.com"
|
|
||||||
- name: DOMAIN
|
- name: DOMAIN
|
||||||
value: "example.com"
|
value: "example.com"
|
||||||
|
# INSECURE_COOKIE is required if not using a https entrypoint
|
||||||
|
# - name: INSECURE_COOKIE
|
||||||
|
# value: "true"
|
||||||
|
# Remove COOKIE_DOMAIN if not using auth host mode
|
||||||
|
- name: COOKIE_DOMAIN
|
||||||
|
value: "example.com"
|
||||||
- name: AUTH_HOST
|
- name: AUTH_HOST
|
||||||
value: "auth.example.com"
|
value: "auth.example.com"
|
||||||
- name: LOG_LEVEL
|
- name: LOG_LEVEL
|
||||||
@ -70,11 +72,11 @@ spec:
|
|||||||
secretKeyRef:
|
secretKeyRef:
|
||||||
name: secrets
|
name: secrets
|
||||||
key: google-client-secret
|
key: google-client-secret
|
||||||
- name: COOKIE_SECRET
|
- name: SECRET
|
||||||
valueFrom:
|
valueFrom:
|
||||||
secretKeyRef:
|
secretKeyRef:
|
||||||
name: secrets
|
name: secrets
|
||||||
key: cookie-secret
|
key: secret
|
||||||
volumeMounts:
|
volumeMounts:
|
||||||
- name: configs
|
- name: configs
|
||||||
mountPath: /config
|
mountPath: /config
|
||||||
|
|||||||
@ -18,7 +18,7 @@ configMapGenerator:
|
|||||||
- name: configs
|
- name: configs
|
||||||
files:
|
files:
|
||||||
- configs/traefik.toml
|
- configs/traefik.toml
|
||||||
- config/traefik-forward-auth.ini
|
- configs/traefik-forward-auth.ini
|
||||||
|
|
||||||
#
|
#
|
||||||
# Secrets
|
# Secrets
|
||||||
|
|||||||
@ -1,3 +1,3 @@
|
|||||||
google-client-id=client-id
|
google-client-id=client-id
|
||||||
google-client-secret=client-secret
|
google-client-secret=client-secret
|
||||||
cookie-secret=something-random
|
secret=something-random
|
||||||
|
|||||||
@ -1,4 +1,26 @@
|
|||||||
#
|
#
|
||||||
|
# Traefik Service
|
||||||
|
#
|
||||||
|
apiVersion: v1
|
||||||
|
kind: Service
|
||||||
|
metadata:
|
||||||
|
name: traefik
|
||||||
|
labels:
|
||||||
|
app: traefik
|
||||||
|
spec:
|
||||||
|
# Use NodePort if required
|
||||||
|
type: LoadBalancer
|
||||||
|
selector:
|
||||||
|
app: traefik
|
||||||
|
ports:
|
||||||
|
- name: http
|
||||||
|
port: 80
|
||||||
|
targetPort: 80
|
||||||
|
- name: https
|
||||||
|
port: 443
|
||||||
|
targetPort: 443
|
||||||
|
---
|
||||||
|
#
|
||||||
# Auth Service
|
# Auth Service
|
||||||
#
|
#
|
||||||
apiVersion: v1
|
apiVersion: v1
|
||||||
|
|||||||
@ -29,6 +29,9 @@ spec:
|
|||||||
env:
|
env:
|
||||||
- name: DOMAIN
|
- name: DOMAIN
|
||||||
value: "example.com"
|
value: "example.com"
|
||||||
|
# INSECURE_COOKIE is required unless using https entrypoint
|
||||||
|
- name: INSECURE_COOKIE
|
||||||
|
value: "true"
|
||||||
- name: PROVIDERS_GOOGLE_CLIENT_ID
|
- name: PROVIDERS_GOOGLE_CLIENT_ID
|
||||||
valueFrom:
|
valueFrom:
|
||||||
secretKeyRef:
|
secretKeyRef:
|
||||||
@ -39,11 +42,11 @@ spec:
|
|||||||
secretKeyRef:
|
secretKeyRef:
|
||||||
name: secrets
|
name: secrets
|
||||||
key: traefik-forward-auth-google-client-secret
|
key: traefik-forward-auth-google-client-secret
|
||||||
- name: COOKIE_SECRET
|
- name: SECRET
|
||||||
valueFrom:
|
valueFrom:
|
||||||
secretKeyRef:
|
secretKeyRef:
|
||||||
name: secrets
|
name: secrets
|
||||||
key: traefik-forward-auth-cookie-secret
|
key: traefik-forward-auth-secret
|
||||||
|
|
||||||
---
|
---
|
||||||
#
|
#
|
||||||
@ -84,4 +87,4 @@ type: Opaque
|
|||||||
data:
|
data:
|
||||||
traefik-forward-auth-google-client-id: base64-client-id
|
traefik-forward-auth-google-client-id: base64-client-id
|
||||||
traefik-forward-auth-google-client-secret: base64-client-secret
|
traefik-forward-auth-google-client-secret: base64-client-secret
|
||||||
traefik-forward-auth-cookie-secret: base64-something-random
|
traefik-forward-auth-secret: base64-something-random
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user