diff --git a/stable/traefik/.helmignore b/stable/traefik/.helmignore new file mode 100644 index 000000000000..f0c131944441 --- /dev/null +++ b/stable/traefik/.helmignore @@ -0,0 +1,21 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*~ +# Various IDEs +.project +.idea/ +*.tmproj diff --git a/stable/traefik/Chart.yaml b/stable/traefik/Chart.yaml new file mode 100755 index 000000000000..3c921f54dfc3 --- /dev/null +++ b/stable/traefik/Chart.yaml @@ -0,0 +1,18 @@ +apiVersion: v1 +name: traefik +version: 1.1.0-rc3-a +description: A Traefik based Kubernetes ingress controller with Let's Encrypt support +keywords: +- traefik +- ingress +- acme +- letsencrypt +home: http://traefik.io/ +sources: +- https://github.com/containous/traefik +- https://github.com/krancour/charts/tree/master/traefik +maintainers: +- name: Deis + email: engineering@deis.com +engine: gotpl +icon: http://traefik.io/traefik.logo.png diff --git a/stable/traefik/README.md b/stable/traefik/README.md new file mode 100644 index 000000000000..dba16d0431ca --- /dev/null +++ b/stable/traefik/README.md @@ -0,0 +1,105 @@ +# Traefik + +[Traefik](http://traefik.io/) is a modern HTTP reverse proxy and load balancer made to deploy +microservices with ease. + +__DISCLAIMER:__ While this chart has been well-tested, testers have encountered occasional issues +with the Traefik software itself. Be advised that your mileage may vary. + +## Introduction + +This chart bootstraps Traefik as a Kubernetes ingress controller with optional support for SSL and +Let's Encrypt. + +__NOTE:__ Operators will typically wish to install this component into the `kube-system` namespace +where that namespace's default service account will ensure adequate privileges to watch `Ingress` +resources _cluster-wide_. + +## Prerequisites + +- Kubernetes 1.4+ with Beta APIs enabled +- You are deploying the chart to a cluster with a cloud provider capable of provisioning an +external load balancer (e.g. AWS or GKE) +- You control DNS for the domain(s) you intend to route through Traefik +- __Suggested:__ PV provisioner support in the underlying infrastructure + +## Installing the Chart + +To install the chart with the release name `my-release`: + +```bash +$ helm install stable/traefik --name my-release --namespace kube-system +``` + +After installing the chart, create DNS records for applicable domains to direct inbound traffic to +the load balancer. You can use the commands below to find the load balancer's IP/hostname: + +__NOTE:__ It may take a few minutes for this to become available. + +You can watch the status by running: + +```bash +$ kubectl get svc my-release-traefik --namespace kube-system -w +``` + +Once `EXTERNAL-IP` is no longer ``: + +```bash +$ kubectl describe service my-release-traefik -n kube-system | grep Ingress | awk '{print $3}' +``` + +__NOTE:__ If ACME support is enabled, it is only _after_ this step is complete that Traefik will be +able to successfully use the ACME protocol to obtain certificates from Let's Encrypt. + +## Uninstalling the Chart + +To uninstall/delete the `my-release` deployment: + +```bash +$ helm delete my-release +``` + +The command removes all the Kubernetes components associated with the chart and deletes the +release. + +## Configuration + +The following tables lists the configurable parameters of the Traefik chart and their default values. + +| Parameter | Description | Default | +| ------------------------------- | -------------------------------------------------------------------- | ----------------------------------------- | +| `imageTag` | The version of the official Traefik image to use | `v1.1.0-rc3` | +| `serviceType` | A valid Kubernetes service type | `LoadBalancer` | +| `cpuRequest` | Initial share of CPU requested per Traefik pod | `100m` | +| `memoryRequest` | Initial share of memory requested per Traefik pod | `20Mi` | +| `cpuLimit` | CPU limit per Traefik pod | `200m` | +| `memoryLimit` | Memory limit per Traefik pod | `30Mi` | +| `ssl.enabled` | Whether to enable HTTPS | `false` | +| `ssl.enforced` | Whether to redirect HTTP requests to HTTPS | `false` | +| `ssl.defaultCert` | Base64 encoded default certficate | A self-signed certificate | +| `ssl.defaultKey` | Base64 encoded private key for the certificate above | The private key for the certificate above | +| `acme.enabled` | Whether to use Let's Encrypt to obtain certificates | `false` | +| `acme.email` | Email address to be used in certificates obtained from Let's Encrypt | `admin@example.com` | +| `acme.staging` | Whether to get certs from Let's Encrypt's staging environment | `true` | +| `acme.persistence.enabled` | Create a volume to store ACME certs (if ACME is enabled) | `true` | +| `acme.persistence.storageClass` | Type of `StorageClass` to request-- will be cluster-specific | `generic` | +| `acme.persistence.accessMode` | `ReadWriteOnce` or `ReadOnly` | `ReadWriteOnce` | +| `acme.persistence.size` | Minimum size of the volume requested | `1Gi` | +| `dashboard.enabled` | Whether to enable the Traefik dashboard | `false` | +| `dashboard.domain` | Domain for the Traefik dashboard | `traefik.example.com` | +| `gzip.enabled` | Whether to use gzip compression | `true` | + +Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`. For example: + +```bash +$ helm install --name my-release --namespace kube-system --set dashboard.enabled=true,dashboard.domain=traefik.example.com stable/traefik +``` + +The above command enables the Traefik dashboard on the domain `traefik.example.com`. + +Alternatively, a YAML file that specifies the values for the parameters can be provided while +installing the chart. For example: + +```bash +$ helm install --name my-release --namespace kube-system --values values.yaml stable/traefik +``` diff --git a/stable/traefik/templates/NOTES.txt b/stable/traefik/templates/NOTES.txt new file mode 100644 index 000000000000..2897bfffd28f --- /dev/null +++ b/stable/traefik/templates/NOTES.txt @@ -0,0 +1,15 @@ +Getting Started: + +1. Get Traefik's load balancer IP/hostname: + + NOTE: It may take a few minutes for this to become available. + + You can watch the status by running: + + $ kubectl get svc {{ template "fullname" . }} --namespace {{ .Release.Namespace }} -w + + Once 'EXTERNAL-IP' is no longer '': + + $ kubectl describe svc {{ template "fullname" . }} --namespace {{ .Release.Namespace }} | grep Ingress | awk '{print $3}' + +2. Configure DNS records corresponding to Kubernetes ingress resources to point to the load balancer IP/hostname found in step 1 diff --git a/stable/traefik/templates/_helpers.tpl b/stable/traefik/templates/_helpers.tpl new file mode 100644 index 000000000000..f777fc72eb4f --- /dev/null +++ b/stable/traefik/templates/_helpers.tpl @@ -0,0 +1,9 @@ +{{/* vim: set filetype=mustache: */}} + +{{/* +Create a default fully qualified app name. +We truncate at 24 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +*/}} +{{- define "fullname" -}} +{{- printf "%s-%s" .Release.Name .Chart.Name | trunc 24 -}} +{{- end -}} diff --git a/stable/traefik/templates/acme-pvc.yaml b/stable/traefik/templates/acme-pvc.yaml new file mode 100644 index 000000000000..5ee63d277bdd --- /dev/null +++ b/stable/traefik/templates/acme-pvc.yaml @@ -0,0 +1,19 @@ +{{- if and .Values.acme.enabled .Values.acme.persistence.enabled }} +kind: PersistentVolumeClaim +apiVersion: v1 +metadata: + name: {{ template "fullname" . }}-acme + labels: + app: {{ template "fullname" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" + annotations: + volume.alpha.kubernetes.io/storage-class: {{ .Values.acme.persistence.storageClass | quote }} +spec: + accessModes: + - {{ .Values.acme.persistence.accessMode | quote }} + resources: + requests: + storage: {{ .Values.acme.persistence.size | quote }} +{{- end }} diff --git a/stable/traefik/templates/configmap.yaml b/stable/traefik/templates/configmap.yaml new file mode 100644 index 000000000000..611bcdf55aa6 --- /dev/null +++ b/stable/traefik/templates/configmap.yaml @@ -0,0 +1,50 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ template "fullname" . }} + labels: + app: {{ template "fullname" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" +data: + traefik.toml: | + # traefik.toml + logLevel = "INFO" + {{- if .Values.ssl.enabled }} + defaultEntryPoints = ["http","https"] + {{- else }} + defaultEntryPoints = ["http"] + {{- end }} + [entryPoints] + [entryPoints.http] + address = ":80" + compress = {{ .Values.gzip.enabled }} + {{- if and .Values.ssl.enabled .Values.ssl.enforced }} + [entryPoints.http.redirect] + entryPoint = "https" + {{- end }} + {{- if .Values.ssl.enabled }} + [entryPoints.https] + address = ":443" + compress = {{ .Values.gzip.enabled }} + [entryPoints.https.tls] + [[entryPoints.https.tls.certificates]] + CertFile = "/ssl/tls.crt" + KeyFile = "/ssl/tls.key" + {{- end }} + [kubernetes] + {{- if .Values.acme.enabled }} + [acme] + email = "{{ .Values.acme.email }}" + storage = "/acme/acme.json" + entryPoint = "https" + onHostRule = true + {{- if .Values.acme.staging }} + caServer = "https://acme-staging.api.letsencrypt.org/directory" + {{- end }} + {{- end }} + {{- if .Values.dashboard.enabled }} + [web] + address = ":8080" + {{- end }} diff --git a/stable/traefik/templates/dashboard-ingress.yaml b/stable/traefik/templates/dashboard-ingress.yaml new file mode 100644 index 000000000000..3397cb2e6987 --- /dev/null +++ b/stable/traefik/templates/dashboard-ingress.yaml @@ -0,0 +1,19 @@ +{{- if .Values.dashboard.enabled }} +apiVersion: extensions/v1beta1 +kind: Ingress +metadata: + name: {{ template "fullname" . }}-dashboard + labels: + app: {{ template "fullname" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" +spec: + rules: + - host: {{ .Values.dashboard.domain }} + http: + paths: + - backend: + serviceName: {{ template "fullname" . }}-dashboard + servicePort: 80 +{{- end }} diff --git a/stable/traefik/templates/dashboard-service.yaml b/stable/traefik/templates/dashboard-service.yaml new file mode 100644 index 000000000000..7ad97dbae05e --- /dev/null +++ b/stable/traefik/templates/dashboard-service.yaml @@ -0,0 +1,17 @@ +{{- if .Values.dashboard.enabled }} +apiVersion: v1 +kind: Service +metadata: + name: {{ template "fullname" . }}-dashboard + labels: + app: {{ template "fullname" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" +spec: + selector: + app: {{ template "fullname" . }} + ports: + - port: 80 + targetPort: 8080 +{{- end }} diff --git a/stable/traefik/templates/default-cert-secret.yaml b/stable/traefik/templates/default-cert-secret.yaml new file mode 100644 index 000000000000..27270e3a586f --- /dev/null +++ b/stable/traefik/templates/default-cert-secret.yaml @@ -0,0 +1,15 @@ +{{- if .Values.ssl.enabled }} +apiVersion: v1 +kind: Secret +metadata: + name: {{ template "fullname" . }}-default-cert + labels: + app: {{ template "fullname" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" +type: Opaque +data: + tls.crt: {{ .Values.ssl.defaultCert }} + tls.key: {{ .Values.ssl.defaultKey }} +{{- end }} diff --git a/stable/traefik/templates/deployment.yaml b/stable/traefik/templates/deployment.yaml new file mode 100644 index 000000000000..3a7303320c58 --- /dev/null +++ b/stable/traefik/templates/deployment.yaml @@ -0,0 +1,86 @@ +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + name: {{ template "fullname" . }} + labels: + app: {{ template "fullname" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" +spec: + replicas: 1 + selector: + matchLabels: + app: {{ template "fullname" . }} + template: + metadata: + labels: + app: {{ template "fullname" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" + spec: + terminationGracePeriodSeconds: 60 + containers: + - image: traefik:{{ .Values.imageTag }} + name: {{ template "fullname" . }} + resources: + requests: + cpu: "{{.Values.cpuRequest}}" + memory: "{{.Values.memoryRequest}}" + limits: + cpu: "{{.Values.cpuLimit}}" + memory: "{{.Values.memoryLimit}}" + readinessProbe: + tcpSocket: + port: 80 + failureThreshold: 1 + initialDelaySeconds: 10 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 2 + livenessProbe: + tcpSocket: + port: 80 + failureThreshold: 3 + initialDelaySeconds: 10 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 2 + volumeMounts: + - mountPath: /config + name: config + {{- if .Values.ssl.enabled }} + - mountPath: /ssl + name: ssl + {{- end }} + {{- if .Values.acme.enabled }} + - mountPath: /acme + name: acme + {{- end }} + ports: + - containerPort: 80 + - containerPort: 443 + {{- if .Values.dashboard.enabled }} + - containerPort: 8080 + {{- end }} + args: + - --configfile=/config/traefik.toml + volumes: + - name: config + configMap: + name: {{ template "fullname" . }} + {{- if .Values.ssl.enabled }} + - name: ssl + secret: + secretName: {{ template "fullname" . }}-default-cert + {{- end }} + {{- if .Values.acme.enabled }} + - name: acme + {{- if .Values.acme.persistence.enabled }} + persistentVolumeClaim: + claimName: {{ template "fullname" . }}-acme + {{- else }} + emptyDir: {} + {{- end }} + {{- end }} diff --git a/stable/traefik/templates/service.yaml b/stable/traefik/templates/service.yaml new file mode 100644 index 000000000000..466e5a5645f2 --- /dev/null +++ b/stable/traefik/templates/service.yaml @@ -0,0 +1,18 @@ +apiVersion: v1 +kind: Service +metadata: + name: {{ template "fullname" . }} + labels: + app: {{ template "fullname" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" +spec: + type: {{ .Values.serviceType }} + selector: + app: {{ template "fullname" . }} + ports: + - port: 80 + name: http + - port: 443 + name: https diff --git a/stable/traefik/values.yaml b/stable/traefik/values.yaml new file mode 100644 index 000000000000..29f99520472f --- /dev/null +++ b/stable/traefik/values.yaml @@ -0,0 +1,28 @@ +# Default values for Traefik +imageTag: v1.1.0-rc3 +serviceType: LoadBalancer +cpuRequest: 100m +memoryRequest: 20Mi +cpuLimit: 100m +memoryLimit: 30Mi +ssl: + enabled: false + enforced: false + defaultCert: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUVtekNDQTRPZ0F3SUJBZ0lKQUpBR1FsTW1DMGt5TUEwR0NTcUdTSWIzRFFFQkJRVUFNSUdQTVFzd0NRWUQKVlFRR0V3SlZVekVSTUE4R0ExVUVDQk1JUTI5c2IzSmhaRzh4RURBT0JnTlZCQWNUQjBKdmRXeGtaWEl4RkRBUwpCZ05WQkFvVEMwVjRZVzF3YkdWRGIzSndNUXN3Q1FZRFZRUUxFd0pKVkRFV01CUUdBMVVFQXhRTktpNWxlR0Z0CmNHeGxMbU52YlRFZ01CNEdDU3FHU0liM0RRRUpBUllSWVdSdGFXNUFaWGhoYlhCc1pTNWpiMjB3SGhjTk1UWXgKTURJME1qRXdPVFV5V2hjTk1UY3hNREkwTWpFd09UVXlXakNCanpFTE1Ba0dBMVVFQmhNQ1ZWTXhFVEFQQmdOVgpCQWdUQ0VOdmJHOXlZV1J2TVJBd0RnWURWUVFIRXdkQ2IzVnNaR1Z5TVJRd0VnWURWUVFLRXd0RmVHRnRjR3hsClEyOXljREVMTUFrR0ExVUVDeE1DU1ZReEZqQVVCZ05WQkFNVURTb3VaWGhoYlhCc1pTNWpiMjB4SURBZUJna3EKaGtpRzl3MEJDUUVXRVdGa2JXbHVRR1Y0WVcxd2JHVXVZMjl0TUlJQklqQU5CZ2txaGtpRzl3MEJBUUVGQUFPQwpBUThBTUlJQkNnS0NBUUVBdHVKOW13dzlCYXA2SDROdUhYTFB6d1NVZFppNGJyYTFkN1ZiRUJaWWZDSStZNjRDCjJ1dThwdTNhVTVzYXVNYkQ5N2pRYW95VzZHOThPUHJlV284b3lmbmRJY3RFcmxueGpxelUyVVRWN3FEVHk0bkEKNU9aZW9SZUxmZXFSeGxsSjE0VmlhNVFkZ3l3R0xoRTlqZy9jN2U0WUp6bmg5S1dZMnFjVnhEdUdEM2llaHNEbgphTnpWNFdGOWNJZm1zOHp3UHZPTk5MZnNBbXc3dUhUKzNiSzEzSUloeDI3ZmV2cXVWcENzNDFQNnBzdStWTG4yCjVIRHk0MXRoQkN3T0wrTithbGJ0ZktTcXM3TEFzM25RTjFsdHpITHZ5MGE1RGhkakpUd2tQclQrVXhwb0tCOUgKNFpZazErRUR0N09QbGh5bzM3NDFRaE4vSkNZK2RKbkFMQnNValFJREFRQUJvNEgzTUlIME1CMEdBMVVkRGdRVwpCQlJwZVc1dFhMdHh3TXJvQXM5d2RNbTUzVVVJTERDQnhBWURWUjBqQklHOE1JRzVnQlJwZVc1dFhMdHh3TXJvCkFzOXdkTW01M1VVSUxLR0JsYVNCa2pDQmp6RUxNQWtHQTFVRUJoTUNWVk14RVRBUEJnTlZCQWdUQ0VOdmJHOXkKWVdSdk1SQXdEZ1lEVlFRSEV3ZENiM1ZzWkdWeU1SUXdFZ1lEVlFRS0V3dEZlR0Z0Y0d4bFEyOXljREVMTUFrRwpBMVVFQ3hNQ1NWUXhGakFVQmdOVkJBTVVEU291WlhoaGJYQnNaUzVqYjIweElEQWVCZ2txaGtpRzl3MEJDUUVXCkVXRmtiV2x1UUdWNFlXMXdiR1V1WTI5dGdna0FrQVpDVXlZTFNUSXdEQVlEVlIwVEJBVXdBd0VCL3pBTkJna3EKaGtpRzl3MEJBUVVGQUFPQ0FRRUFjR1hNZms4TlpzQit0OUtCemwxRmw2eUlqRWtqSE8wUFZVbEVjU0QyQjRiNwpQeG5NT2pkbWdQcmF1SGI5dW5YRWFMN3p5QXFhRDZ0YlhXVTZSeENBbWdMYWpWSk5aSE93NDVOMGhyRGtXZ0I4CkV2WnRRNTZhbW13QzFxSWhBaUE2MzkwRDNDc2V4N2dMNm5KbzdrYnIxWVdVRzN6SXZveGR6OFlEclpOZVdLTEQKcFJ2V2VuMGxNYnBqSVJQNFhac25DNDVDOWdWWGRoM0xSZTErd3lRcTZoOVFQaWxveG1ENk5wRTlpbVRPbjJBNQovYkozVktJekFNdWRlVTZrcHlZbEpCemRHMXVhSFRqUU9Xb3NHaXdlQ0tWVVhGNlV0aXNWZGRyeFF0aDZFTnlXCnZJRnFhWng4NCtEbFNDYzkzeWZrL0dsQnQrU0tHNDZ6RUhNQjlocVBiQT09Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K + defaultKey: LS0tLS1CRUdJTiBSU0EgUFJJVkFURSBLRVktLS0tLQpNSUlFb3dJQkFBS0NBUUVBdHVKOW13dzlCYXA2SDROdUhYTFB6d1NVZFppNGJyYTFkN1ZiRUJaWWZDSStZNjRDCjJ1dThwdTNhVTVzYXVNYkQ5N2pRYW95VzZHOThPUHJlV284b3lmbmRJY3RFcmxueGpxelUyVVRWN3FEVHk0bkEKNU9aZW9SZUxmZXFSeGxsSjE0VmlhNVFkZ3l3R0xoRTlqZy9jN2U0WUp6bmg5S1dZMnFjVnhEdUdEM2llaHNEbgphTnpWNFdGOWNJZm1zOHp3UHZPTk5MZnNBbXc3dUhUKzNiSzEzSUloeDI3ZmV2cXVWcENzNDFQNnBzdStWTG4yCjVIRHk0MXRoQkN3T0wrTithbGJ0ZktTcXM3TEFzM25RTjFsdHpITHZ5MGE1RGhkakpUd2tQclQrVXhwb0tCOUgKNFpZazErRUR0N09QbGh5bzM3NDFRaE4vSkNZK2RKbkFMQnNValFJREFRQUJBb0lCQUhrTHhka0dxNmtCWWQxVAp6MkU4YWFENnhneGpyY2JSdGFCcTc3L2hHbVhuQUdaWGVWcE81MG1SYW8wbHZ2VUgwaE0zUnZNTzVKOHBrdzNmCnRhWTQxT1dDTk1PMlYxb1MvQmZUK3Zsblh6V1hTemVQa0pXd2lIZVZMdVdEaVVMQVBHaWl4emF2RFMyUnlQRmEKeGVRdVNhdE5pTDBGeWJGMG5Zd3pST3ZoL2VSa2NKVnJRZlZudU1melFkOGgyMzZlb1UxU3B6UnhSNklubCs5UApNc1R2Wm5OQmY5d0FWcFo5c1NMMnB1V1g3SGNSMlVnem5oMDNZWUZJdGtDZndtbitEbEdva09YWHBVM282aWY5ClRIenBleHdubVJWSmFnRG85bTlQd2t4QXowOW80cXExdHJoU1g1U2p1K0xyNFJvOHg5bytXdUF1VnVwb0lHd0wKMWVseERFRUNnWUVBNzVaWGp1enNJR09PMkY5TStyYVFQcXMrRHZ2REpzQ3gyZnRudk1WWVJKcVliaGt6YnpsVQowSHBCVnk3NmE3WmF6Umxhd3RGZ3ljMlpyQThpM0F3K3J6d1pQclNJeWNieC9nUVduRzZlbFF1Y0FFVWdXODRNCkdSbXhKUGlmOGRQNUxsZXdRalFjUFJwZVoxMzlYODJreGRSSEdma1pscHlXQnFLajBTWExRSEVDZ1lFQXcybkEKbUVXdWQzZFJvam5zbnFOYjBlYXdFUFQrbzBjZ2RyaENQOTZQK1pEekNhcURUblZKV21PeWVxRlk1eVdSSEZOLwpzbEhXU2lTRUFjRXRYZys5aGlMc0RXdHVPdzhUZzYyN2VrOEh1UUtMb2tWWEFUWG1NZG9xOWRyQW9INU5hV2lECmRSY3dEU2EvamhIN3RZV1hKZDA4VkpUNlJJdU8vMVZpbDBtbEk5MENnWUVBb2lsNkhnMFNUV0hWWDNJeG9raEwKSFgrK1ExbjRYcFJ5VEg0eldydWY0TjlhYUxxNTY0QThmZGNodnFiWGJHeEN6U3RxR1E2cW1peUU1TVpoNjlxRgoyd21zZEpxeE14RnEzV2xhL0lxSzM0cTZEaHk3cUNld1hKVGRKNDc0Z3kvY0twZkRmeXZTS1RGZDBFejNvQTZLCmhqUUY0L2lNYnpxUStQREFQR0YrVHFFQ2dZQmQ1YnZncjJMMURzV1FJU3M4MHh3MDBSZDdIbTRaQVAxdGJuNk8KK0IvUWVNRC92UXBaTWV4c1hZbU9lV2Noc3FCMnJ2eW1MOEs3WDY1NnRWdGFYay9nVzNsM3ZVNTdYSFF4Q3RNUwpJMVYvcGVSNHRiN24yd0ZncFFlTm1XNkQ4QXk4Z0xiaUZhRkdRSDg5QWhFa0dTd1d5cWJKc2NoTUZZOUJ5OEtUCkZaVWZsUUtCZ0V3VzJkVUpOZEJMeXNycDhOTE1VbGt1ZnJxbllpUTNTQUhoNFZzWkg1TXU0MW55Yi95NUUyMW4KMk55d3ltWGRlb3VJcFZjcUlVTXl0L3FKRmhIcFJNeVEyWktPR0QyWG5YaENNVlRlL0FQNDJod294Nm02QkZpQgpvemZFa2wwak5uZmREcjZrL1p2MlQ1TnFzaWxaRXJBQlZGOTBKazdtUFBIa0Q2R1ZMUUJ4Ci0tLS0tRU5EIFJTQSBQUklWQVRFIEtFWS0tLS0tCg== +acme: + enabled: false + email: admin@example.com + staging: true + # Save ACME certs to a persistent volume. WARNING: If you do not do this, you will re-request + # certs every time a pod (re-)starts and you WILL be rate limited! + persistence: + enabled: true + storageClass: generic + accessMode: ReadWriteOnce + size: 1Gi +dashboard: + enabled: false + domain: traefik.example.com +gzip: + enabled: true