apiVersion: v1 kind: ConfigMap metadata: name: traefik-config data: traefik.toml: | [ping] [global] checkNewVersion = true sendAnonymousUsage = false [log] level = "INFO" [accessLog] # format = "json" # filePath = "/var/log/traefik/access.log" [accessLog.fields] defaultMode = "keep" [accessLog.fields.names] "RequestProtocol" = "drop" "level" = "drop" "RequestContentSize" = "drop" "RequestScheme" = "drop" "StartLocal" = "drop" "StartUTC" = "drop" # ClientUsername: drop # DownstreamStatusLine: drop # RequestAddr: drop # RequestCount: drop # RequestHost: drop # RequestLine: drop # UpstreamAddr: drop # UpstreamStatusLine: drop # duration: drop # msg: drop # time: drop # upstream: drop # user_agent: drop [api] dashboard = true insecure = true debug = false [providers] [providers.kubernetesCRD] allowCrossNamespace = true [providers.kubernetesIngress] allowExternalNameServices = true ingressClass = "traefik" [serversTransport] insecureSkipVerify = true [entryPoints] [entryPoints.web] address = ":8000" [entryPoints.web.http] [entryPoints.web.http.redirections] [entryPoints.web.http.redirections.entryPoint] to = ":443" # should be the same as websecure but the loadbalancer maps 443 -> 8443 scheme = "https" [entryPoints.websecure] address = ":8443" [entryPoints.metrics] address = ":9100" [entryPoints.traefik] address = ":9000" [entryPoints.dnsovertls] # route dns over https to other pods but provide own certificate address = ":853" [metrics] [metrics.influxDB2] address = "http://influxdb-influxdb2.monitoring:80" token = "N_jNm1hZTfyhJneTJj2G357mQ7EJdNzdvebjSJX6JkbyaXNup_IAqeYowblMgV8EjLypNvauTl27ewJvI_rbqQ==" org = "influxdata" bucket = "kluster" [certificatesResolvers.default-tls.acme] email = "me@moll.re" storage = "/certs/acme.json" [certificatesResolvers.default-tls.acme.tlsChallenge] [experimental.plugins.traefik-plugin-geoblock] moduleName = "github.com/nscuro/traefik-plugin-geoblock" version = "v0.10.0"