added traefik option for 'insecureSkipVerify'
This commit is contained in:
parent
6f6de884ec
commit
1da0724ab4
1
init.tf
1
init.tf
@ -101,6 +101,7 @@ resource "null_resource" "kustomization" {
|
||||
location = var.location
|
||||
traefik_acme_tls = var.traefik_acme_tls
|
||||
traefik_acme_email = var.traefik_acme_email
|
||||
insecureSkipVerify = var.insecureSkipVerify
|
||||
})
|
||||
destination = "/tmp/post_install/traefik.yaml"
|
||||
}
|
||||
|
@ -24,6 +24,9 @@ spec:
|
||||
- "--entryPoints.websecure.proxyProtocol.trustedIPs=127.0.0.1/32,10.0.0.0/8"
|
||||
- "--entryPoints.web.forwardedHeaders.trustedIPs=127.0.0.1/32,10.0.0.0/8"
|
||||
- "--entryPoints.websecure.forwardedHeaders.trustedIPs=127.0.0.1/32,10.0.0.0/8"
|
||||
%{ if insecureSkipVerify ~}
|
||||
- "--serversTransport.insecureSkipVerify=true"
|
||||
%{ endif ~}
|
||||
%{ if traefik_acme_tls ~}
|
||||
- "--certificatesresolvers.le.acme.tlschallenge=true"
|
||||
- "--certificatesresolvers.le.acme.email=${traefik_acme_email}"
|
||||
|
@ -78,3 +78,7 @@ load_balancer_type = "lb11"
|
||||
# ]
|
||||
# },
|
||||
# ]
|
||||
|
||||
# If you want to configure traefik with "insecureSkipVerify". This might be required if your ingress is connecting to TLS services; see https://doc.traefik.io/traefik/routing/overview/#insecureskipverify
|
||||
# You probably should not use this in production
|
||||
# insecureSkipVerify = true
|
||||
|
@ -119,3 +119,9 @@ variable "extra_firewall_rules" {
|
||||
default = []
|
||||
description = "Additional firewall rules to apply to the cluster"
|
||||
}
|
||||
|
||||
variable "insecureSkipVerify" {
|
||||
type = bool
|
||||
default = false
|
||||
description = "Whether to set the insecureSkipVerify=true configuration with the Traefik configuration"
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user