{{- if (eq .Values.controller "traefik") }} --- apiVersion: helm.toolkit.fluxcd.io/v2beta2 kind: HelmRelease metadata: name: traefik spec: chart: spec: sourceRef: kind: HelmRepository name: traefik chart: traefik install: {{- toYaml .Values.commons.helm.release.install | nindent 4 }} test: {{- toYaml .Values.commons.helm.release.test | nindent 4 }} upgrade: {{- toYaml .Values.commons.helm.release.upgrade | nindent 4 }} driftDetection: {{- toYaml .Values.commons.helm.release.driftDetection | nindent 4 }} interval: 10m values: deployment: enabled: {{ toYaml (not .Values.external) }} kind: DaemonSet updateStrategy: rollingUpdate: maxUnavailable: 1 maxSurge: 0 service: enabled: false ipFamilyPolicy: PreferDualStack ipFamilies: - IPv6 - IPv4 tolerations: - key: "CriticalAddonsOnly" operator: "Exists" - key: "node-role.kubernetes.io/control-plane" operator: "Exists" effect: "NoSchedule" - key: "node-role.kubernetes.io/master" operator: "Exists" effect: "NoSchedule" priorityClassName: "system-cluster-critical" ports: web: hostPort: 80 websecure: hostPort: 443 http3: enabled: true providers: kubernetesIngress: publishedService: enabled: true ingressRoute: dashboard: enabled: {{ toYaml (not .Values.external) }} matchRule: Host(`lb.{{ .Values.commons.ingress.domain }}`) && (PathPrefix(`/api`, `/dashboard`)) entryPoints: - "traefik" - "websecure" {{- if .Values.external }} hub: enabled: false ingressClass: enabled: false isDefaultClass: true rbac: enabled: false {{- end }} metrics: prometheus: {{- if (.Capabilities.APIVersions.Has "monitoring.coreos.com/v1/ServiceMonitor") }} service: enabled: true serviceMonitor: additionalLabels: {{- toYaml $.Values.commons.prometheus.monitor.labels | nindent 12 }} {{- end }} {{- end }}