apiVersion: argoproj.io/v1alpha1 kind: Application metadata: name: seaweedfs finalizers: - resources-finalizer.argocd.argoproj.io spec: project: default source: repoURL: 'https://seaweedfs.github.io/seaweedfs/helm' chart: seaweedfs targetRevision: 4.*.* helm: values: | master: enabled: true replicas: 1 volume: enabled: true replicas: 1 filer: enabled: true replicas: 1 s3: enabled: true replicas: 1 port: 8333 httpsPort: 8433 enableAuth: true existingConfigSecret: "admin-s3-secret" ingress: enabled: true className: "traefik" host: "sws3.innovation-hub-niedersachsen.de" # additional ingress annotations for the s3 endpoint annotations: kubernetes.io/ingress.class: "traefik" traefik.ingress.kubernetes.io/router.entrypoints: "websecure" traefik.ingress.kubernetes.io/router.tls: "true" cert-manager.io/cluster-issuer: "lets-encrypt" # traefik.ingress.kubernetes.io/headers.customRequestHeaders: | # X-Forwarded-Proto = https #traefik.ingress.kubernetes.io/headers.customResponseHeaders: | # Access-Control-Allow-Origin: "*" # Access-Control-Allow-Methods: "GET, OPTIONS, PUT, POST, DELETE" # Access-Control-Allow-Headers: "DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range" # Access-Control-Expose-Headers: "Content-Length,Content-Range" # Referrer-Policy: no-referrer-when-downgrade hosts: - host: "sws3.innovation-hub-niedersachsen.de" paths: - path: / pathType: Prefix tls: - secretName: "sws3.innovation-hub-niedersachsen.de-tls" hosts: - "sws3.innovation-hub-niedersachsen.de" destination: server: 'https://kubernetes.default.svc' namespace: seaweedfs syncPolicy: managedNamespaceMetadata: labels: pod-security.kubernetes.io/enforce: "privileged" automated: selfHeal: true prune: true syncOptions: - CreateNamespace=true