kriss/homelab
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

fixed nextcloud dav redirects, added TCP proxy protocol support to keep original IP

Browse Source
This commit is contained in:
Kriss 2024-03-05 11:09:48 +01:00
parent 7d1a2ae71b
commit d7fb41166d
2 changed files with 20 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
k8s/manifests/nextcloud/traefik.yaml
View File

@ -15,10 +15,10 @@ spec:
middlewares:
- name: nextcloud-headers
namespace: default
# - name: nextcloud-redirect1
# namespace: default
# - name: nextcloud-redirect2
# namespace: default
- name: nextcloud-redirect1
namespace: default
- name: nextcloud-redirect2
namespace: default
---
apiVersion: traefik.containo.us/v1alpha1
kind: Middleware
@ -39,8 +39,8 @@ metadata:
spec:
redirectRegex:
permanent: true
regex: https?://([^/]*)/.well-known/(card|cal)dav
replacement: https://$${1}/remote.php/dav/
regex: https?:\/\/([^\/]*)\/\.well-known\/(card|cal)dav
replacement: https://${1}/remote.php/dav/
---
apiVersion: traefik.containo.us/v1alpha1
kind: Middleware
@ -50,6 +50,6 @@ metadata:
spec:
redirectRegex:
permanent: true
regex: https?://([^/]*)(/.well-known[^#]*)
replacement: https://$${1}/index.php$${2}
regex: https?:\/\/([^\/]*)(\/\.well-known[^#]*)
replacement: https://${1}/index.php${2}

12
k8s/manifests/traefik/helmchartconfig.yaml
View File

@ -5,6 +5,10 @@ metadata:
namespace: kube-system
spec:
valuesContent: |-
service:
enabled: true
spec:
externalTrafficPolicy: Local
ingressRoute:
dashboard:
matchRule: Host(`admin.home.lan`) && (PathPrefix(`/traefik`) || HeadersRegexp(`Referer`, `.*/traefik/.*`))
@ -51,6 +55,10 @@ spec:
port: 443
expose: true
exposedPort: 443
proxyProtocol:
insecure: true
forwardedHeaders:
insecure: true
tls:
enabled: true
certResolver: letsencrypt
@ -65,6 +73,10 @@ spec:
port: 8443
expose: true
exposedPort: 8443
proxyProtocol:
insecure: true
forwardedHeaders:
insecure: true
tls:
enabled: true
options: kube-system-mutual-auth