clemo/kubeviz
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
main
kubeviz/deploy/quadlet/kubeviz-traefik.container
Clemens Hering 61e0819853
All checks were successful
Deploy KubeViz / deploy (push) Successful in 11s
Details
Sorted headers
2026-03-01 11:56:26 +01:00

55 lines
2.1 KiB
Plaintext
Raw Permalink Blame History

[Unit]
Description=KubeViz behind Traefik (Podman network)
After=network-online.target
Wants=network-online.target
[Container]
ContainerName=kubeviz
Image=localhost/kubeviz:prod
Pull=never
# Attach to the same user-defined network as Traefik.
Network=edge
Environment=TZ=Europe/Berlin
Environment=ADDR=:8080
Environment=SESSION_TTL=30m
Environment=MAX_UPLOAD_SIZE=5242880
Environment=COOKIE_SECURE=true
Environment=APP_CSP_ENABLED=false
Environment=LOG_LEVEL=info
Environment=GIT_ALLOWED_HOSTS=github.com,gitlab.com,gitea.smb-corp.de
NoNewPrivileges=true
ReadOnly=true
Tmpfs=/tmp:rw,size=128m,mode=1777
User=65532
Group=65532
# Traefik labels (Podman provider)
Label=traefik.enable=true
Label=traefik.docker.network=edge
Label=traefik.http.routers.kubeviz-web.rule=Host(`kubeviz.valtrix.systems`)
Label=traefik.http.routers.kubeviz-web.entrypoints=web
Label=traefik.http.routers.kubeviz-web.middlewares=kubeviz-redirect-https
Label=traefik.http.middlewares.kubeviz-redirect-https.redirectscheme.scheme=https
Label=traefik.http.middlewares.kubeviz-redirect-https.redirectscheme.permanent=true
Label=traefik.http.middlewares.kubeviz-sec-headers.headers.contentSecurityPolicy=default-src 'self'; base-uri 'self'; object-src 'none'; frame-ancestors 'self'; script-src 'self'; script-src-elem 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline'; img-src 'self' data:; font-src 'self' data:; connect-src 'self'; worker-src 'self' blob:;
Label="traefik.http.middlewares.kubeviz-auth.basicauth.users=smb:$apr1$H6uskkkW$IgXLP6ewTrSuBkTrqE8wj/"
Label=traefik.http.routers.kubeviz-websecure.rule=Host(`kubeviz.valtrix.systems`)
Label=traefik.http.routers.kubeviz-websecure.entrypoints=websecure
Label=traefik.http.routers.kubeviz-websecure.tls=true
Label=traefik.http.routers.kubeviz-websecure.tls.certresolver=le
Label=traefik.http.routers.kubeviz-websecure.middlewares=kubeviz-sec-headers,kubeviz-auth
Label=traefik.http.routers.kubeviz-websecure.service=kubeviz
Label=traefik.http.services.kubeviz.loadbalancer.server.port=8080
[Service]
Restart=always
RestartSec=3
TimeoutStartSec=90
TimeoutStopSec=20
[Install]
WantedBy=default.target
Reference in New Issue View Git Blame Copy Permalink