From b26cc7a23abda761bafa799900ddc8a54a5dc209 Mon Sep 17 00:00:00 2001 From: Dustin Kaiser <8209087+mrnicegyu11@users.noreply.github.com> Date: Tue, 22 Oct 2024 13:47:51 +0200 Subject: [PATCH] Add portainer (#848) Co-authored-by: Dustin Kaiser --- charts/adminer/values.yaml.gotmpl | 1 + charts/portainer/values.yaml.gotmpl | 68 ++++++++++++++++++++++ charts/traefik/values.insecure.yaml.gotmpl | 9 +++ charts/traefik/values.secure.yaml.gotmpl | 11 +++- 4 files changed, 88 insertions(+), 1 deletion(-) create mode 100644 charts/portainer/values.yaml.gotmpl diff --git a/charts/adminer/values.yaml.gotmpl b/charts/adminer/values.yaml.gotmpl index fb419e49..e78828f5 100644 --- a/charts/adminer/values.yaml.gotmpl +++ b/charts/adminer/values.yaml.gotmpl @@ -52,6 +52,7 @@ ingress: namespace: {{ .Release.Namespace }} cert-manager.io/cluster-issuer: "cert-issuer" traefik.ingress.kubernetes.io/router.entrypoints: websecure + traefik.ingress.kubernetes.io/router.middlewares: traefik-traefik-basic-auth@kubernetescrd # namespace + middleware name tls: - hosts: - {{ requiredEnv "K8S_MONITORING_FQDN" }} diff --git a/charts/portainer/values.yaml.gotmpl b/charts/portainer/values.yaml.gotmpl new file mode 100644 index 00000000..e89f2457 --- /dev/null +++ b/charts/portainer/values.yaml.gotmpl @@ -0,0 +1,68 @@ +# Default values for adminer. +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. + +replicaCount: 1 + +image: + repository: portainer/portainer-ce + pullPolicy: IfNotPresent + +imagePullSecrets: [] +nameOverride: "" +fullnameOverride: "" + +serviceAccount: + # Annotations to add to the service account + annotations: {} + # The name of the service account to use. + # If not set and create is true, a name is generated using the fullname template + name: portainer-sa-clusteradmin + +podAnnotations: {} +podLabels: {} + +podSecurityContext: + {} + +securityContext: + {} + +service: + type: "ClusterIP" + port: 9000 + +ingress: + enabled: true + className: "" + annotations: + namespace: {{ .Release.Namespace }} + cert-manager.io/cluster-issuer: "cert-issuer" + traefik.ingress.kubernetes.io/router.entrypoints: websecure + traefik.ingress.kubernetes.io/router.middlewares: traefik-traefik-basic-auth@kubernetescrd,traefik-portainer-strip-prefix@kubernetescrd # namespace + middleware name + tls: + - hosts: + - {{ requiredEnv "K8S_MONITORING_FQDN" }} + secretName: monitoring-tls + hosts: + - host: {{ requiredEnv "K8S_MONITORING_FQDN" }} + paths: + - path: /portainer + pathType: Prefix + backend: + service: + name: portainer + port: + number: 9000 + + +resources: + limits: + cpu: 2 + memory: 1024Mi + requests: + cpu: 0.1 + memory: 128Mi + +nodeSelector: + ops: "true" diff --git a/charts/traefik/values.insecure.yaml.gotmpl b/charts/traefik/values.insecure.yaml.gotmpl index d63d52c5..2b60aae2 100644 --- a/charts/traefik/values.insecure.yaml.gotmpl +++ b/charts/traefik/values.insecure.yaml.gotmpl @@ -29,6 +29,15 @@ extraObjects: spec: basicAuth: secret: traefik-authorized-users # https://doc.traefik.io/traefik/middlewares/http/basicauth/#users +- apiVersion: traefik.io/v1alpha1 + kind: Middleware + metadata: + name: portainer-strip-prefix + namespace: {{.Release.Namespace}} + spec: + stripPrefix: + prefixes: + - /portainer - apiVersion: networking.k8s.io/v1 kind: Ingress metadata: diff --git a/charts/traefik/values.secure.yaml.gotmpl b/charts/traefik/values.secure.yaml.gotmpl index bf6e46bf..55cfb1ed 100644 --- a/charts/traefik/values.secure.yaml.gotmpl +++ b/charts/traefik/values.secure.yaml.gotmpl @@ -35,10 +35,19 @@ extraObjects: kind: Middleware metadata: name: traefik-basic-auth + namespace: {{.Release.Namespace}} spec: basicAuth: secret: traefik-authorized-users # https://doc.traefik.io/traefik/middlewares/http/basicauth/#users - +- apiVersion: traefik.io/v1alpha1 + kind: Middleware + metadata: + name: portainer-strip-prefix + namespace: {{.Release.Namespace}} + spec: + stripPrefix: + prefixes: + - /portainer - apiVersion: traefik.io/v1alpha1 kind: Middleware metadata: