-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathbaremetal.yaml
More file actions
32 lines (26 loc) · 1.32 KB
/
baremetal.yaml
File metadata and controls
32 lines (26 loc) · 1.32 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
# ── Bare-metal k3s — DaemonSet + hostPorts ────────────────────────────────────
# Traffic arrives directly on each node's port 80/443. No load balancer needed.
# Real client IP is preserved natively.
#
# TLS is configured per Ingress via spec.tls — see cert-manager.yaml for how to
# provision certificates, or certmagic.yaml for CertMagic-based issuance.
#
# Usage:
# helm install caddy ingress-caddy/caddy -n caddy --create-namespace -f baremetal.yaml
k8sIngress:
ingressClass: caddy
workloadType: DaemonSet
hostPorts:
enabled: true
http: 80
https: 443
# ── Config hot-reload ─────────────────────────────────────────────────────────
# Built-in — no Stakater Reloader needed. Watches the Caddyfile ConfigMap and
# calls POST /load on Caddy's admin API when it changes. Zero pod restarts.
configReloader:
enabled: true
# ── Real IP ───────────────────────────────────────────────────────────────────
realIP:
trustedProxies:
- 10.42.0.0/16 # k3s default pod CIDR
- 127.0.0.1/32