feat!: configure traefik, add jellyfin

2025-12-23 20:43:55 -08:00
parent 3302b71a39
commit b77e496b31
7 changed files with 143 additions and 9 deletions
--- a/nix/homelab/kustomize/traefik/config.yaml
+++ b/nix/homelab/kustomize/traefik/config.yaml
@@ -0,0 +1,75 @@
+apiVersion: helm.cattle.io/v1
+kind: HelmChartConfig
+metadata:
+  name: traefik
+  namespace: kube-system
+spec:
+  valuesContent: |-
+    ports:
+      web:
+        port: 80
+        nodePort: 30000
+        redirections:
+          entryPoint:
+            to: websecure
+            scheme: https
+            permanent: true 
+      websecure:
+        port: 443
+        nodePort: 30001
+
+      ssh:
+        port: 22
+        expose:
+          default: true
+        exposedPort: 22
+        protocol: TCP
+
+    persistence:
+        enabled: true
+        size: 128Mi
+
+    api:
+      dashboard: true
+      insecure: true
+    
+    ingressRoute:
+      dashboard:
+        enabled: true
+        matchRule: Host(`traefik.lucalise.ca`)
+        entryPoints:
+          - websecure
+
+    ingressClass:
+      enabled: false
+    providers:
+      kubernetesIngress:
+         enabled: false
+      kubernetesGateway:
+         enabled: true
+    gateway:
+      listeners:
+        web:
+          port: 80
+          protocol: HTTP
+          namespacePolicy:
+            from: All
+        websecure:
+          port: 443
+          protocol: HTTPS
+          namespacePolicy:
+            from: All
+          mode: Terminate
+          certificateRefs:    
+            - kind: Secret
+              name: wildcard-lucalise.ca-tls
+              group: ""
+    logs:
+      general:
+        level: INFO
+      # This enables access logs, outputting them to Traefik's standard output by default. The [Access Logs Documentation](https://doc.traefik.io/traefik/observability/access-logs/) covers formatting, filtering, and output options.
+      access:
+        enabled: true
+    metrics:
+      prometheus:
+        enabled: false