Use authelia to secure traefik

2024-11-19 01:18:55 +01:00
parent 6b207c6167
commit e58e269248
6 changed files with 21 additions and 80 deletions
--- a/infrastructure/controllers/traefik.yaml
+++ b/infrastructure/controllers/traefik.yaml
@@ -45,13 +45,18 @@ spec:
        redirectTo:
          port: websecure

+    providers:
+      kubernetesCRD:
+        allowCrossNamespace: true
+
    # This is needed in order to properly forward the real ip to each service
    # There are likely better ways of handling that, but for now this works
-    hostNetwork: true
-    service:
-      spec:
-        externalTrafficPolicy: Local
-    updateStrategy:
-      rollingUpdate:
-        maxUnavailable: 2
-        maxSurge: 0
+    # TODO(Tim): Figure out how to properly forward the IP
+    # hostNetwork: true
+    # service:
+    #   spec:
+    #     externalTrafficPolicy: Local
+    # updateStrategy:
+    #   rollingUpdate:
+    #     maxUnavailable: 2
+    #     maxSurge: 0