From f87c5f2e502f71d85ccf98aea21f09b083ff9fbd Mon Sep 17 00:00:00 2001
From: Jaro Rivera <jaromirrivera@gmail.com>
Date: Wed, 31 Aug 2022 14:36:43 -0400
Subject: [PATCH] Adding traefik components

---
 traefik/default-headers.yaml  | 16 ++++++++++++++++
 traefik/ingress.yaml          | 21 +++++++++++++++++++++
 traefik/middleware.yaml       |  8 ++++++++
 traefik/secret-dashboard.yaml |  9 +++++++++
 4 files changed, 54 insertions(+)
 create mode 100644 traefik/default-headers.yaml
 create mode 100644 traefik/ingress.yaml
 create mode 100644 traefik/middleware.yaml
 create mode 100644 traefik/secret-dashboard.yaml

diff --git a/traefik/default-headers.yaml b/traefik/default-headers.yaml
new file mode 100644
index 0000000..47423c3
--- /dev/null
+++ b/traefik/default-headers.yaml
@@ -0,0 +1,16 @@
+apiVersion: traefik.containo.us/v1alpha1
+kind: Middleware
+metadata:
+  name: default-headers
+  namespace: default
+spec:
+  headers:
+    browserXssFilter: true
+    contentTypeNosniff: true
+    forceSTSHeader: true
+    stsIncludeSubdomains: true
+    stsPreload: true
+    stsSeconds: 15552000
+    customFrameOptionsValue: SAMEORIGIN
+    customRequestHeaders:
+      X-Forwarded-Proto: https
\ No newline at end of file
diff --git a/traefik/ingress.yaml b/traefik/ingress.yaml
new file mode 100644
index 0000000..c63b40c
--- /dev/null
+++ b/traefik/ingress.yaml
@@ -0,0 +1,21 @@
+apiVersion: traefik.containo.us/v1alpha1
+kind: IngressRoute
+metadata:
+  name: traefik-dashboard
+  namespace: traefik
+  annotations: 
+    kubernetes.io/ingress.class: traefik-external
+spec:
+  entryPoints:
+    - websecure
+  routes:
+    - match: Host(`traefik.k3s.securait.local`)
+      kind: Rule
+      middlewares:
+        - name: traefik-dashboard-basicauth
+          namespace: traefik
+      services:
+        - name: api@internal
+          kind: TraefikService
+  tls:
+    secretName: local-example-com-staging-tls
\ No newline at end of file
diff --git a/traefik/middleware.yaml b/traefik/middleware.yaml
new file mode 100644
index 0000000..1a8fb6f
--- /dev/null
+++ b/traefik/middleware.yaml
@@ -0,0 +1,8 @@
+apiVersion: traefik.containo.us/v1alpha1
+kind: Middleware
+metadata:
+  name: traefik-dashboard-basicauth
+  namespace: traefik
+spec:
+  basicAuth:
+    secret: traefik-dashboard-auth
\ No newline at end of file
diff --git a/traefik/secret-dashboard.yaml b/traefik/secret-dashboard.yaml
new file mode 100644
index 0000000..5278cea
--- /dev/null
+++ b/traefik/secret-dashboard.yaml
@@ -0,0 +1,9 @@
+---
+apiVersion: v1
+kind: Secret
+metadata:
+  name: traefik-dashboard-auth
+  namespace: traefik
+type: Opaque
+data:
+  users: dGVjaG5vOiRhcHIxJDVram1zaTRIJC5qMTljT2lOSXA1UE5xbTRKMzVKby8KCg==