--- k8s_ingress_helm__release_namespace: "ingress" k8s_ingress_helm__release_values: controller: affinity: podAntiAffinity: requiredDuringSchedulingIgnoredDuringExecution: - labelSelector: matchExpressions: - key: app.kubernetes.io/name operator: In values: - ingress-nginx topologyKey: app.kubernetes.io/name replicaCount: 3 config: # see https://kubernetes.github.io/ingress-nginx/user-guide/nginx-configuration/configmap compute-full-forwarded-for: "true" ssl-ciphers: "EECDH+AESGCM:EDH+AESGCM" ssl-protocols: "TLSv1.3" ssl-redirect: false use-forwarded-headers: "true" use-proxy-protocol: "true" large-client-header-buffers: "4 16k" whitelist-source-range: "{{ ( ip_whitelist ) | join(',') }}" service: externalTrafficPolicy: Local healthCheckNodePort: &healthchecknodeport 31066 nodePorts: http: &httpnodeport 30473 https: 30474 annotations: # see https://kubernetes.github.io/ingress-nginx/user-guide/nginx-configuration/annotations load-balancer.hetzner.cloud/type: "lb11" load-balancer.hetzner.cloud/location: nbg1 load-balancer.hetzner.cloud/name: "{{ stage_kube }}-ingress" load-balancer.hetzner.cloud/hostname: "{{ stage_kube }}-ingress" load-balancer.hetzner.cloud/disable-public-network: false load-balancer.hetzner.cloud/disable-private-ingress: true load-balancer.hetzner.cloud/use-private-ip: true load-balancer.hetzner.cloud/uses-proxyprotocol: true load-balancer.hetzner.cloud/health-check-interval: "3s" load-balancer.hetzner.cloud/health-check-timeout: "1s" load-balancer.hetzner.cloud/health-check-retries: 3 load-balancer.hetzner.cloud/health-check-protocol: "tcp" load-balancer.hetzner.cloud/health-check-port: *httpnodeport defaultBackend: enabled: true # TODO automate installation of nginx ingress grafana dashboard 9614