---
persistence:
  enabled: true
  size: 1G

ports:
  web:
    exposedPort: 80
    nodePort: 30080
  websecure:
    exposedPort: 443
    nodePort: 30443
    tls:
      enabled: true
  ssh:
    port: 2222
    expose:
      default: true
    exposedPort: 2222
    nodePort: 30022
    protocol: TCP

service:
  type: NodePort

ingressRoute:
  dashboard:
    enabled: true
    matchRule: Host(`traefik.kube-main.lab`)
    entryPoints:
      - web

providers:
  kubernetesCRD:
    allowExternalNameServices: true
  kubernetesGateway:
    enabled: true

gateway:
  listeners:
    web:
      namespacePolicy:
        from: All

certificatesResolvers:
  letsencrypt_dns_stag:
    acme:
      email: "{{ email }}"
      caServer: https://acme-staging-v02.api.letsencrypt.org/directory
      storage: "/data/acme_dns_stag.json"
      dnsChallenge:
        provider: ovh
        delayBeforeCheck: 0
  letsencrypt_dns:
    acme:
      email: "{{ email }}"
      storage: "/data/acme_dns.json"
      dnsChallenge:
        provider: ovh
        delayBeforeCheck: 0

env:
  - name: OVH_ENDPOINT
    valueFrom:
      secretKeyRef:
        name: ovh-api-credentials
        key: OVH_ENDPOINT
  - name: OVH_APPLICATION_KEY
    valueFrom:
      secretKeyRef:
        name: ovh-api-credentials
        key: OVH_APPLICATION_KEY
  - name: OVH_APPLICATION_SECRET
    valueFrom:
      secretKeyRef:
        name: ovh-api-credentials
        key: OVH_APPLICATION_SECRET
  - name: OVH_CONSUMER_KEY
    valueFrom:
      secretKeyRef:
        name: ovh-api-credentials
        key: OVH_CONSUMER_KEY

logs:
  general:
    level: INFO