030-ingress.yaml 1.8 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081
  1. #####################################################
  2. # Secure traefik dashboard with https and basic auth
  3. #####################################################
  4. apiVersion: traefik.containo.us/v1alpha1
  5. kind: IngressRoute
  6. metadata:
  7. name: traefik-dashboard
  8. spec:
  9. routes:
  10. - match: Host(`traefik.monteasua.com.br`)
  11. kind: Rule
  12. services:
  13. - name: api@internal
  14. kind: TraefikService
  15. middlewares:
  16. - name: basic-auth
  17. tls:
  18. secretName: monteasua-com-br-tls
  19. ###############################
  20. # Middleware for basicAuth
  21. ###############################
  22. ---
  23. apiVersion: traefik.containo.us/v1alpha1
  24. kind: Middleware
  25. metadata:
  26. name: basic-auth
  27. spec:
  28. basicAuth:
  29. secret: authsecret
  30. ---
  31. apiVersion: v1
  32. kind: Secret
  33. metadata:
  34. name: authsecret
  35. namespace: default
  36. data:
  37. users: |2
  38. ZXVnZW5pdWNhcnZhbGhvOiRhcHIxJHZ5NTYwNEI2JDRMSkVqMjNycnNuSGt5RFhY
  39. c1hnLzEKCg==
  40. ###############################
  41. # Middleware for HTTP->HTTPS
  42. # This middleware is not needed in case of:
  43. # entrypoints.web.http.redirections.entryPoint.to=websecure
  44. ###############################
  45. ---
  46. apiVersion: traefik.containo.us/v1alpha1
  47. kind: Middleware
  48. metadata:
  49. name: https-redirect
  50. spec:
  51. redirectScheme:
  52. scheme: https
  53. permanent: true
  54. #port: 443
  55. ###############################
  56. # Middleware for CORS
  57. ###############################
  58. ---
  59. apiVersion: traefik.containo.us/v1alpha1
  60. kind: Middleware
  61. metadata:
  62. name: cors-all
  63. spec:
  64. headers:
  65. accessControlAllowMethods:
  66. - "GET"
  67. - "OPTIONS"
  68. - "PUT"
  69. - "POST"
  70. accessControlAllowOriginList:
  71. - "origin-list-or-null"
  72. accessControlMaxAge: 100
  73. accessControlAllowHeaders:
  74. - "Content-Type"
  75. addVaryHeader: true
  76. customRequestHeaders:
  77. X-Forwarded-Proto: "https"