Skip to content

Instantly share code, notes, and snippets.

@senseab

senseab/k3s-patch.yml

Last active May 19, 2022 09:48
Show Gist options

  • Select an option

    Learn more about clone URLs
  • Save senseab/a78b56a21344328185c819a9eff192d7 to your computer and use it in GitHub Desktop.

Select an option

Learn more about clone URLs
Save senseab/a78b56a21344328185c819a9eff192d7 to your computer and use it in GitHub Desktop.
Download ZIP
use traefik acme with cloudflare on k3s
Raw
k3s-patch.yml
# TODO: STILL WIP
# use `traefik.ingress.kubernetes.io/router.tls.certresolver: default` annotation for kubernetes ingress.
---
apiVersion: v1
kind: Secret
metadata:
name: cloudflare-api-token-secret
namespace: kube-system
data:
api-token: OMITTED
email: OMITTED
type: Opaque
---
apiVersion: helm.cattle.io/v1
kind: HelmChartConfig
metadata:
name: traefik
namespace: kube-system
spec:
valuesContent: |-
persistence:
enabled: true
additionalArguments:
- "[email protected]"
- "--certificatesresolvers.default.acme.storage=/data/acme.json"
- "--certificatesresolvers.default.acme.dnsChallenge.provider=cloudflare"
- "--certificatesresolvers.default.acme.dnsChallenge.resolvers=1.1.1.1:53,8.8.8.8:53"
env:
- name: CLOUDFLARE_EMAIL
valueFrom:
secretKeyRef:
key: email
name: cloudflare-api-token-secret
- name: CLOUDFLARE_API_KEY
valueFrom:
secretKeyRef:
key: api-token
name: cloudflare-api-token-secret
service:
ipFamilyPolicy: PreferDualStack
ipFamilies:
- IPv4
- IPv6
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment