init

traefik-repo/traefik/data/basic.auth.example

@@ -0,0 +1,3 @@
+# admin \ admin
+
+admin:$apr1$edqYaaX4$LcYGU242kPrNQVKBZpQ8x.

traefik-repo/traefik/data/custom/middlewares.yml

@@ -0,0 +1,6 @@
+ http:
+  middlewares:
+    redirect-to-https:
+      redirectScheme:
+        scheme: https
+        permanent: true

traefik-repo/traefik/data/custom/pve.domainru.yml.example

@@ -0,0 +1,15 @@
+tcp:
+  routers:
+    pve:
+      entryPoints:
+        - https
+      rule: "HostSNI(`pve.domain.ru`)"
+      service: pve-service
+      tls:
+        certResolver: letsEncrypt
+        passthrough: true
+  services:
+    pve-service:
+      loadBalancer:
+        servers:
+          - address: 192.168.1.2:8006

traefik-repo/traefik/data/custom/rke.domain.ru.yml.example

@@ -0,0 +1,32 @@
+http:
+  routers:
+    rke:
+      entryPoints:
+      - https
+      rule: Host(`rke.domain.ru`)
+      service: rke-service
+      tls:
+        certResolver: letsEncrypt
+  services:
+    rke-service:
+      loadBalancer:
+        servers:
+        - url: http://192.168.9.200
+        passHostHeader: true
+
+tcp:
+  routers:
+    rke-api:
+      entryPoints:
+        - k8s-api
+      rule: "HostSNI(`*`)"
+      service: rke-api-service
+      tls:
+        passthrough: true
+  services:
+    rke-api-service:
+      loadBalancer:
+        servers:
+          - address: 192.168.9.201:6443
+          - address: 192.168.9.202:6443
+          - address: 192.168.9.203:6443

traefik-repo/traefik/data/custom/s3-minio.domain.ru.yml.example

@@ -0,0 +1,20 @@
+http:
+  routers:
+    s3-minio:
+      entryPoints:
+      - https
+      rule: Host(`s3.domain.ru`)
+      service: s3-minio-service
+      tls:
+        certResolver: letsEncrypt
+  services:
+    s3-minio-service:
+      loadBalancer:
+        healthCheck:
+          path: /health/live
+          scheme: http
+        servers:
+          - url: http://192.168.1.3:9000
+          - url: http://192.168.1.4:9000
+          - url: http://192.168.1.5:9000
+          - url: http://192.168.1.6:9000

traefik-repo/traefik/data/traefik.yml

@@ -0,0 +1,54 @@
+global:
+  checkNewVersion: true
+
+# pilot:
+#   token: ""
+
+serversTransport:
+  insecureSkipVerify: true
+
+api:
+  dashboard: true
+
+entryPoints:
+  http:
+    address: ":80"
+  https:
+    address: ":443"
+#   k8s-api:
+#     address: ":6443"
+#   metrics:
+#     address: ":8082"
+
+# metrics:
+#   prometheus:
+#     entryPoint: metrics
+
+providers:
+  docker:
+    endpoint: "unix:///var/run/docker.sock"
+    exposedByDefault: false
+  # file:
+  #   directory: /custom
+  #   watch: true
+  # kubernetesIngress:
+  #   endpoint: "https://rke.domain.ru/k8s/clusters/c-xxxxx"
+  #   token: "" # Token from Rancher
+  #   ingressClass: "traefik-lb"
+  #   ingressEndpoint:
+  #     ip: "" # you external IP
+
+certificatesResolvers:
+  letsEncrypt:
+    acme:
+      email: vasyakrg@gmail.com
+      storage: acme.json
+      httpChallenge:
+        entryPoint: http
+  hetzner:
+    acme:
+      email: vasyakrg@gmail.com
+      storage: acme-hetzner.json
+      dnsChallenge:
+        provider: hetzner
+        delayBeforeCheck: 30