e9e0ffa3c2
- addons/ext-proxy/ → addons/ingress-proxypass/ (git mv, история сохранена) - Все переменные Ansible: ext_proxy_* → ingress_proxypass_* - Все имена ресурсов K8s: ext-proxy → ingress-proxypass (namespace, chart, release) - Helm-хелперы: "ext-proxy.*" → "ingress-proxypass.*" - Makefile: addon-ext-proxy → addon-ingress-proxypass - group_vars/all/addons.yml: addon_ext_proxy → addon_ingress_proxypass - playbooks/addons.yml: обновлена ссылка на роль - docs/addons.md, README.md: обновлены все упоминания
74 lines
2.8 KiB
YAML
74 lines
2.8 KiB
YAML
---
|
|
# ─── Helm release ─────────────────────────────────────────────────────────────
|
|
ingress_proxypass_namespace: "ingress-proxypass"
|
|
ingress_proxypass_release_name: "ingress-proxypass"
|
|
|
|
# ─── Global defaults (mirror of chart values.defaults) ────────────────────────
|
|
ingress_proxypass_defaults:
|
|
ingressClass: nginx
|
|
tls:
|
|
enabled: false
|
|
secretName: ""
|
|
certManager:
|
|
enabled: false
|
|
issuer: ""
|
|
issuerKind: ClusterIssuer
|
|
auth:
|
|
enabled: false
|
|
username: "" # логин — пароль хэшируется автоматически через openssl passwd -apr1
|
|
password: "" # пароль в открытом виде (задай в vault.yml!)
|
|
credentials: "" # готовая htpasswd-строка (если задана — username/password игнорируются)
|
|
secretName: "" # использовать существующий Secret вместо генерации нового
|
|
websocket: true
|
|
path: /
|
|
pathType: Prefix
|
|
proxyConnectTimeout: 60
|
|
proxyReadTimeout: 3600
|
|
proxySendTimeout: 3600
|
|
proxyBodySize: "1g"
|
|
annotations: {}
|
|
|
|
# ─── Proxy definitions ────────────────────────────────────────────────────────
|
|
# Each entry creates: Service + Endpoints + Ingress (+ optional auth Secret)
|
|
# All fields support per-entry overrides of ingress_proxypass_defaults.
|
|
#
|
|
# Minimal example:
|
|
# ingress_proxypass_proxies:
|
|
# - name: plex
|
|
# hosts: [plex.home.ru]
|
|
# ips: [192.168.1.50]
|
|
# port: 32400
|
|
#
|
|
# Full example:
|
|
# ingress_proxypass_proxies:
|
|
# - name: myapp
|
|
# hosts:
|
|
# - myapp.home.ru
|
|
# - myapp.lan
|
|
# ips:
|
|
# - 192.168.1.100
|
|
# - 192.168.1.101 # failover / round-robin
|
|
# port: 8080
|
|
# path: /myapp
|
|
# pathType: Prefix
|
|
# websocket: true
|
|
# tls:
|
|
# enabled: true
|
|
# secretName: wildcard-cert
|
|
# certManager:
|
|
# enabled: true
|
|
# issuer: letsencrypt-prod
|
|
# issuerKind: ClusterIssuer
|
|
# auth:
|
|
# enabled: true
|
|
# username: admin # простой логин и пароль — хэш генерируется автоматически
|
|
# password: "{{ vault_myapp_password }}"
|
|
# # ИЛИ готовая htpasswd-строка:
|
|
# # credentials: "admin:$apr1$..."
|
|
# annotations:
|
|
# nginx.ingress.kubernetes.io/proxy-body-size: "0"
|
|
ingress_proxypass_proxies: []
|
|
|
|
# kube-vip VIP — shown in post-install summary (informational only)
|
|
ingress_proxypass_vip: ""
|