forked from codeaprendiz/learn_devops
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy path11-traefik-configmap.yaml
65 lines (60 loc) · 1.9 KB
/
11-traefik-configmap.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
kind: ConfigMap
apiVersion: v1
metadata:
name: traefik-config-map
data:
traefik.toml: |-
[global]
checkNewVersion = false
sendAnonymousUsage = false
[retry]
attempts = 3
maxMem = 3
[entryPoints]
[entryPoints.web]
address = ":80"
[entryPoints.web.http]
[entryPoints.web.http.redirections]
[entryPoints.web.http.redirections.entryPoint]
to = "websecure"
scheme = "https"
permanent = true
[entryPoints.websecure]
address = ":443"
[log]
level = "DEBUG"
[accessLog]
[api]
insecure = true
dashboard = true
debug = true
[providers]
[providers.file]
directory = "/etc/traefik"
watch = true
[providers.kubernetesCRD]
[[tls.certificates]]
keyFile = "/var/ssl/start-domain-com-ssl/star_domain.com.key"
certFile = "/var/ssl/start-domain-com-ssl/star_domain_com.chained.crt"
[tls.options]
[tls.options.default]
minVersion = "VersionTLS12"
preferServerCipherSuites = true
cipherSuites = [
"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256",
"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384",
"TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305",
"TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256",
"TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA",
"TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA",
"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384",
"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256",
"TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256",
]
[tls.options.mintls13]
minVersion = "VersionTLS13"
[tls.stores]
[tls.stores.default]
[tls.stores.default.defaultCertificate]
keyFile = "/var/ssl/start-domain-com-ssl/star_domain.com.key"
certFile = "/var/ssl/start-domain-com-ssl/star_domain_com.chained.crt"