added traefik option for 'insecureSkipVerify'

init.tf

@@ -101,6 +101,7 @@ resource "null_resource" "kustomization" {
         location                   = var.location
         traefik_acme_tls           = var.traefik_acme_tls
         traefik_acme_email         = var.traefik_acme_email
+        insecureSkipVerify         = var.insecureSkipVerify
     })
     destination = "/tmp/post_install/traefik.yaml"
   }

templates/traefik_config.yaml.tpl

@@ -24,6 +24,9 @@ spec:
       - "--entryPoints.websecure.proxyProtocol.trustedIPs=127.0.0.1/32,10.0.0.0/8"
       - "--entryPoints.web.forwardedHeaders.trustedIPs=127.0.0.1/32,10.0.0.0/8"
       - "--entryPoints.websecure.forwardedHeaders.trustedIPs=127.0.0.1/32,10.0.0.0/8"
+%{ if insecureSkipVerify ~}
+      - "--serversTransport.insecureSkipVerify=true"
+%{ endif ~}
 %{ if traefik_acme_tls ~}
       - "--certificatesresolvers.le.acme.tlschallenge=true"
       - "--certificatesresolvers.le.acme.email=${traefik_acme_email}"

terraform.tfvars.example

@@ -78,3 +78,7 @@ load_balancer_type        = "lb11"
 #     ]
 #   },
 # ]
+
+# If you want to configure traefik with "insecureSkipVerify". This might be required if your ingress is connecting to TLS services; see https://doc.traefik.io/traefik/routing/overview/#insecureskipverify
+# You probably should not use this in production
+# insecureSkipVerify = true

variables.tf

@@ -119,3 +119,9 @@ variable "extra_firewall_rules" {
   default     = []
   description = "Additional firewall rules to apply to the cluster"
 }
+
+variable "insecureSkipVerify" {
+  type        = bool
+  default     = false
+  description = "Whether to set the insecureSkipVerify=true configuration with the Traefik configuration"
+}