Update file values.yaml

traefik/values.yaml

@@ -1,15 +1,16 @@
-# Default values for Traefik
+traefik:  
-image:
+  # Default values for Traefik
+  image:
     registry: docker.io
     repository: traefik
     # defaults to appVersion
     tag: ""
     pullPolicy: IfNotPresent
 
-#
+  #
-# Configure integration with Traefik Hub
+  # Configure integration with Traefik Hub
-#
+  #
-hub:
+  hub:
     ## Enabling Hub will:
     # * enable Traefik Hub integration on Traefik
     # * add `traefikhub-tunl` endpoint
@@ -17,7 +18,7 @@ hub:
     # * enable allowExternalNameServices on KubernetesIngress provider
     # * enable allowCrossNamespace on KubernetesCRD provider
     # * add an internal (ClusterIP) Service, dedicated for Traefik Hub
-  enabled: false
+    enabled: true
     ## Default port can be changed
     # tunnelPort: 9901
     ## TLS is optional. Insecure is mutually exclusive with any other options
@@ -27,10 +28,10 @@ hub:
     #   cert: "/path/to/cert.pem"
     #   key: "/path/to/key.pem"
 
-#
+  #
-# Configure the deployment
+  # Configure the deployment
-#
+  #
-deployment:
+  deployment:
     enabled: true
     # Can be either Deployment or DaemonSet
     kind: Deployment
@@ -97,21 +98,21 @@ deployment:
       #     host: localhost
       #     scheme: HTTP
 
-# Pod disruption budget
+  # Pod disruption budget
-podDisruptionBudget:
+  podDisruptionBudget:
     enabled: false
     # maxUnavailable: 1
     # maxUnavailable: 33%
     # minAvailable: 0
     # minAvailable: 25%
 
-# Create a default IngressClass for Traefik
+  # Create a default IngressClass for Traefik
-ingressClass:
+  ingressClass:
     enabled: true
     isDefaultClass: true
 
-# Enable experimental features
+  # Enable experimental features
-experimental:
+  experimental:
     v3:
       enabled: false
     plugins:
@@ -131,8 +132,8 @@ experimental:
       # annotations:
       #   cert-manager.io/issuer: letsencrypt
 
-# Create an IngressRoute for the dashboard
+  # Create an IngressRoute for the dashboard
-ingressRoute:
+  ingressRoute:
     dashboard:
       enabled: true
       # Additional ingressRoute annotations (e.g. for kubernetes.io/ingress.class)
@@ -150,32 +151,32 @@ ingressRoute:
       # TLS options (e.g. secret containing certificate)
       tls: {}
 
-# Customize updateStrategy of traefik pods
+  # Customize updateStrategy of traefik pods
-updateStrategy:
+  updateStrategy:
     type: RollingUpdate
     rollingUpdate:
       maxUnavailable: 0
       maxSurge: 1
 
-# Customize liveness and readiness probe values.
+  # Customize liveness and readiness probe values.
-readinessProbe:
+  readinessProbe:
     failureThreshold: 1
     initialDelaySeconds: 2
     periodSeconds: 10
     successThreshold: 1
     timeoutSeconds: 2
 
-livenessProbe:
+  livenessProbe:
     failureThreshold: 3
     initialDelaySeconds: 2
     periodSeconds: 10
     successThreshold: 1
     timeoutSeconds: 2
 
-#
+  #
-# Configure providers
+  # Configure providers
-#
+  #
-providers:
+  providers:
     kubernetesCRD:
       enabled: true
       allowCrossNamespace: false
@@ -201,31 +202,31 @@ providers:
         # By default this Traefik service
         # pathOverride: ""
 
-#
+  #
-# Add volumes to the traefik pod. The volume name will be passed to tpl.
+  # Add volumes to the traefik pod. The volume name will be passed to tpl.
-# This can be used to mount a cert pair or a configmap that holds a config.toml file.
+  # This can be used to mount a cert pair or a configmap that holds a config.toml file.
-# After the volume has been mounted, add the configs into traefik by using the `additionalArguments` list below, eg:
+  # After the volume has been mounted, add the configs into traefik by using the `additionalArguments` list below, eg:
-# additionalArguments:
+  # additionalArguments:
-# - "--providers.file.filename=/config/dynamic.toml"
+  # - "--providers.file.filename=/config/dynamic.toml"
-# - "--ping"
+  # - "--ping"
-# - "--ping.entrypoint=web"
+  # - "--ping.entrypoint=web"
-volumes: []
+  volumes: []
-# - name: public-cert
+  # - name: public-cert
-#   mountPath: "/certs"
+  #   mountPath: "/certs"
-#   type: secret
+  #   type: secret
-# - name: '{{ printf "%s-configs" .Release.Name }}'
+  # - name: '{{ printf "%s-configs" .Release.Name }}'
-#   mountPath: "/config"
+  #   mountPath: "/config"
-#   type: configMap
+  #   type: configMap
 
-# Additional volumeMounts to add to the Traefik container
+  # Additional volumeMounts to add to the Traefik container
-additionalVolumeMounts: []
+  additionalVolumeMounts: []
     # For instance when using a logshipper for access logs
     # - name: traefik-logs
     #   mountPath: /var/log/traefik
 
-## Logs
+  ## Logs
-## https://docs.traefik.io/observability/logs/
+  ## https://docs.traefik.io/observability/logs/
-logs:
+  logs:
     ## Traefik logs concern everything that happens to Traefik itself (startup, configuration, events, shutdown, and so on).
     general:
       # By default, the logs use a text format (common), but you can
@@ -267,7 +268,7 @@ logs:
             # Authorization: drop
             # Content-Type: keep
 
-metrics:
+  metrics:
     ## Prometheus is enabled by default.
     ## It can be disabled by setting "prometheus: null"
     prometheus:
@@ -284,119 +285,119 @@ metrics:
       ## When manualRouting is true, it disables the default internal router in
       ## order to allow creating a custom router for prometheus@internal service.
       # manualRouting: true
-#  datadog:
+  #  datadog:
-#    ## Address instructs exporter to send metrics to datadog-agent at this address.
+  #    ## Address instructs exporter to send metrics to datadog-agent at this address.
-#    address: "127.0.0.1:8125"
+  #    address: "127.0.0.1:8125"
-#    ## The interval used by the exporter to push metrics to datadog-agent. Default=10s
+  #    ## The interval used by the exporter to push metrics to datadog-agent. Default=10s
-#    # pushInterval: 30s
+  #    # pushInterval: 30s
-#    ## The prefix to use for metrics collection. Default="traefik"
+  #    ## The prefix to use for metrics collection. Default="traefik"
-#    # prefix: traefik
+  #    # prefix: traefik
-#    ## Enable metrics on entry points. Default=true
+  #    ## Enable metrics on entry points. Default=true
-#    # addEntryPointsLabels: false
+  #    # addEntryPointsLabels: false
-#    ## Enable metrics on routers. Default=false
+  #    ## Enable metrics on routers. Default=false
-#    # addRoutersLabels: true
+  #    # addRoutersLabels: true
-#    ## Enable metrics on services. Default=true
+  #    ## Enable metrics on services. Default=true
-#    # addServicesLabels: false
+  #    # addServicesLabels: false
-#  influxdb:
+  #  influxdb:
-#    ## Address instructs exporter to send metrics to influxdb at this address.
+  #    ## Address instructs exporter to send metrics to influxdb at this address.
-#    address: localhost:8089
+  #    address: localhost:8089
-#    ## InfluxDB's address protocol (udp or http). Default="udp"
+  #    ## InfluxDB's address protocol (udp or http). Default="udp"
-#    protocol: udp
+  #    protocol: udp
-#    ## InfluxDB database used when protocol is http. Default=""
+  #    ## InfluxDB database used when protocol is http. Default=""
-#    # database: ""
+  #    # database: ""
-#    ## InfluxDB retention policy used when protocol is http. Default=""
+  #    ## InfluxDB retention policy used when protocol is http. Default=""
-#    # retentionPolicy: ""
+  #    # retentionPolicy: ""
-#    ## InfluxDB username (only with http). Default=""
+  #    ## InfluxDB username (only with http). Default=""
-#    # username: ""
+  #    # username: ""
-#    ## InfluxDB password (only with http). Default=""
+  #    ## InfluxDB password (only with http). Default=""
-#    # password: ""
+  #    # password: ""
-#    ## The interval used by the exporter to push metrics to influxdb. Default=10s
+  #    ## The interval used by the exporter to push metrics to influxdb. Default=10s
-#    # pushInterval: 30s
+  #    # pushInterval: 30s
-#    ## Additional labels (influxdb tags) on all metrics.
+  #    ## Additional labels (influxdb tags) on all metrics.
-#    # additionalLabels:
+  #    # additionalLabels:
-#    #   env: production
+  #    #   env: production
-#    #   foo: bar
+  #    #   foo: bar
-#    ## Enable metrics on entry points. Default=true
+  #    ## Enable metrics on entry points. Default=true
-#    # addEntryPointsLabels: false
+  #    # addEntryPointsLabels: false
-#    ## Enable metrics on routers. Default=false
+  #    ## Enable metrics on routers. Default=false
-#    # addRoutersLabels: true
+  #    # addRoutersLabels: true
-#    ## Enable metrics on services. Default=true
+  #    ## Enable metrics on services. Default=true
-#    # addServicesLabels: false
+  #    # addServicesLabels: false
-#  influxdb2:
+  #  influxdb2:
-#    ## Address instructs exporter to send metrics to influxdb v2 at this address.
+  #    ## Address instructs exporter to send metrics to influxdb v2 at this address.
-#    address: localhost:8086
+  #    address: localhost:8086
-#    ## Token with which to connect to InfluxDB v2.
+  #    ## Token with which to connect to InfluxDB v2.
-#    token: xxx
+  #    token: xxx
-#    ## Organisation where metrics will be stored.
+  #    ## Organisation where metrics will be stored.
-#    org: ""
+  #    org: ""
-#    ## Bucket where metrics will be stored.
+  #    ## Bucket where metrics will be stored.
-#    bucket: ""
+  #    bucket: ""
-#    ## The interval used by the exporter to push metrics to influxdb. Default=10s
+  #    ## The interval used by the exporter to push metrics to influxdb. Default=10s
-#    # pushInterval: 30s
+  #    # pushInterval: 30s
-#    ## Additional labels (influxdb tags) on all metrics.
+  #    ## Additional labels (influxdb tags) on all metrics.
-#    # additionalLabels:
+  #    # additionalLabels:
-#    #   env: production
+  #    #   env: production
-#    #   foo: bar
+  #    #   foo: bar
-#    ## Enable metrics on entry points. Default=true
+  #    ## Enable metrics on entry points. Default=true
-#    # addEntryPointsLabels: false
+  #    # addEntryPointsLabels: false
-#    ## Enable metrics on routers. Default=false
+  #    ## Enable metrics on routers. Default=false
-#    # addRoutersLabels: true
+  #    # addRoutersLabels: true
-#    ## Enable metrics on services. Default=true
+  #    ## Enable metrics on services. Default=true
-#    # addServicesLabels: false
+  #    # addServicesLabels: false
-#  statsd:
+  #  statsd:
-#    ## Address instructs exporter to send metrics to statsd at this address.
+  #    ## Address instructs exporter to send metrics to statsd at this address.
-#    address: localhost:8125
+  #    address: localhost:8125
-#    ## The interval used by the exporter to push metrics to influxdb. Default=10s
+  #    ## The interval used by the exporter to push metrics to influxdb. Default=10s
-#    # pushInterval: 30s
+  #    # pushInterval: 30s
-#    ## The prefix to use for metrics collection. Default="traefik"
+  #    ## The prefix to use for metrics collection. Default="traefik"
-#    # prefix: traefik
+  #    # prefix: traefik
-#    ## Enable metrics on entry points. Default=true
+  #    ## Enable metrics on entry points. Default=true
-#    # addEntryPointsLabels: false
+  #    # addEntryPointsLabels: false
-#    ## Enable metrics on routers. Default=false
+  #    ## Enable metrics on routers. Default=false
-#    # addRoutersLabels: true
+  #    # addRoutersLabels: true
-#    ## Enable metrics on services. Default=true
+  #    ## Enable metrics on services. Default=true
-#    # addServicesLabels: false
+  #    # addServicesLabels: false
-#  openTelemetry:
+  #  openTelemetry:
-#    ## Address of the OpenTelemetry Collector to send metrics to.
+  #    ## Address of the OpenTelemetry Collector to send metrics to.
-#    address: "localhost:4318"
+  #    address: "localhost:4318"
-#    ## Enable metrics on entry points.
+  #    ## Enable metrics on entry points.
-#    addEntryPointsLabels: true
+  #    addEntryPointsLabels: true
-#    ## Enable metrics on routers.
+  #    ## Enable metrics on routers.
-#    addRoutersLabels: true
+  #    addRoutersLabels: true
-#    ## Enable metrics on services.
+  #    ## Enable metrics on services.
-#    addServicesLabels: true
+  #    addServicesLabels: true
-#    ## Explicit boundaries for Histogram data points.
+  #    ## Explicit boundaries for Histogram data points.
-#    explicitBoundaries:
+  #    explicitBoundaries:
-#      - "0.1"
+  #      - "0.1"
-#      - "0.3"
+  #      - "0.3"
-#      - "1.2"
+  #      - "1.2"
-#      - "5.0"
+  #      - "5.0"
-#    ## Additional headers sent with metrics by the reporter to the OpenTelemetry Collector.
+  #    ## Additional headers sent with metrics by the reporter to the OpenTelemetry Collector.
-#    headers:
+  #    headers:
-#      foo: bar
+  #      foo: bar
-#      test: test
+  #      test: test
-#    ## Allows reporter to send metrics to the OpenTelemetry Collector without using a secured protocol.
+  #    ## Allows reporter to send metrics to the OpenTelemetry Collector without using a secured protocol.
-#    insecure: true
+  #    insecure: true
-#    ## Interval at which metrics are sent to the OpenTelemetry Collector.
+  #    ## Interval at which metrics are sent to the OpenTelemetry Collector.
-#    pushInterval: 10s
+  #    pushInterval: 10s
-#    ## Allows to override the default URL path used for sending metrics. This option has no effect when using gRPC transport.
+  #    ## Allows to override the default URL path used for sending metrics. This option has no effect when using gRPC transport.
-#    path: /foo/v1/traces
+  #    path: /foo/v1/traces
-#    ## Defines the TLS configuration used by the reporter to send metrics to the OpenTelemetry Collector.
+  #    ## Defines the TLS configuration used by the reporter to send metrics to the OpenTelemetry Collector.
-#    tls:
+  #    tls:
-#      ## The path to the certificate authority, it defaults to the system bundle.
+  #      ## The path to the certificate authority, it defaults to the system bundle.
-#      ca: path/to/ca.crt
+  #      ca: path/to/ca.crt
-#      ## The path to the public certificate. When using this option, setting the key option is required.
+  #      ## The path to the public certificate. When using this option, setting the key option is required.
-#      cert: path/to/foo.cert
+  #      cert: path/to/foo.cert
-#      ## The path to the private key. When using this option, setting the cert option is required.
+  #      ## The path to the private key. When using this option, setting the cert option is required.
-#      key: path/to/key.key
+  #      key: path/to/key.key
-#      ## If set to true, the TLS connection accepts any certificate presented by the server regardless of the hostnames it covers.
+  #      ## If set to true, the TLS connection accepts any certificate presented by the server regardless of the hostnames it covers.
-#      insecureSkipVerify: true
+  #      insecureSkipVerify: true
-#    ## This instructs the reporter to send metrics to the OpenTelemetry Collector using gRPC.
+  #    ## This instructs the reporter to send metrics to the OpenTelemetry Collector using gRPC.
-#    grpc: true
+  #    grpc: true
 
-##
+  ##
-##  enable optional CRDs for Prometheus Operator
+  ##  enable optional CRDs for Prometheus Operator
-##
+  ##
     ## Create a dedicated metrics service for use with ServiceMonitor
     ## When hub.enabled is set to true, it's not needed: it will use hub service.
     #  service:
@@ -445,7 +446,7 @@ metrics:
     #          summary: "Traefik Down"
     #          description: "{{ $labels.pod }} on {{ $labels.nodename }} is down"
 
-tracing: {}
+  tracing: {}
     # instana:
     #   localAgentHost: 127.0.0.1
     #   localAgentPort: 42699
@@ -487,42 +488,42 @@ tracing: {}
     #   secretToken: ""
     #   serviceEnvironment: ""
 
-globalArguments:
+  globalArguments:
     - "--global.checknewversion"
     - "--global.sendanonymoususage"
 
-#
+  #
-# Configure Traefik static configuration
+  # Configure Traefik static configuration
-# Additional arguments to be passed at Traefik's binary
+  # Additional arguments to be passed at Traefik's binary
-# All available options available on https://docs.traefik.io/reference/static-configuration/cli/
+  # All available options available on https://docs.traefik.io/reference/static-configuration/cli/
-## Use curly braces to pass values: `helm install --set="additionalArguments={--providers.kubernetesingress.ingressclass=traefik-internal,--log.level=DEBUG}"`
+  ## Use curly braces to pass values: `helm install --set="additionalArguments={--providers.kubernetesingress.ingressclass=traefik-internal,--log.level=DEBUG}"`
-additionalArguments: []
+  additionalArguments: []
-#  - "--providers.kubernetesingress.ingressclass=traefik-internal"
+  #  - "--providers.kubernetesingress.ingressclass=traefik-internal"
-#  - "--log.level=DEBUG"
+  #  - "--log.level=DEBUG"
 
-# Environment variables to be passed to Traefik's binary
+  # Environment variables to be passed to Traefik's binary
-env: []
+  env: []
-# - name: SOME_VAR
+  # - name: SOME_VAR
-#   value: some-var-value
+  #   value: some-var-value
-# - name: SOME_VAR_FROM_CONFIG_MAP
+  # - name: SOME_VAR_FROM_CONFIG_MAP
-#   valueFrom:
+  #   valueFrom:
-#     configMapRef:
+  #     configMapRef:
-#       name: configmap-name
+  #       name: configmap-name
-#       key: config-key
+  #       key: config-key
-# - name: SOME_SECRET
+  # - name: SOME_SECRET
-#   valueFrom:
+  #   valueFrom:
-#     secretKeyRef:
+  #     secretKeyRef:
-#       name: secret-name
+  #       name: secret-name
-#       key: secret-key
+  #       key: secret-key
 
-envFrom: []
+  envFrom: []
-# - configMapRef:
+  # - configMapRef:
-#     name: config-map-name
+  #     name: config-map-name
-# - secretRef:
+  # - secretRef:
-#     name: secret-name
+  #     name: secret-name
 
-# Configure ports
+  # Configure ports
-ports:
+  ports:
     # The name of this one can't be changed as it is used for the readiness and
     # liveness probes, but you can adjust its config to your liking
     traefik:
@@ -652,34 +653,34 @@ ports:
       # The port protocol (TCP/UDP)
       protocol: TCP
 
-# TLS Options are created as TLSOption CRDs
+  # TLS Options are created as TLSOption CRDs
-# https://doc.traefik.io/traefik/https/tls/#tls-options
+  # https://doc.traefik.io/traefik/https/tls/#tls-options
-# When using `labelSelector`, you'll need to set labels on tlsOption accordingly.
+  # When using `labelSelector`, you'll need to set labels on tlsOption accordingly.
-# Example:
+  # Example:
-# tlsOptions:
+  # tlsOptions:
-#   default:
+  #   default:
-#     labels: {}
+  #     labels: {}
-#     sniStrict: true
+  #     sniStrict: true
-#     preferServerCipherSuites: true
+  #     preferServerCipherSuites: true
-#   customOptions:
+  #   customOptions:
-#     labels: {}
+  #     labels: {}
-#     curvePreferences:
+  #     curvePreferences:
-#       - CurveP521
+  #       - CurveP521
-#       - CurveP384
+  #       - CurveP384
-tlsOptions: {}
+  tlsOptions: {}
 
-# TLS Store are created as TLSStore CRDs. This is useful if you want to set a default certificate
+  # TLS Store are created as TLSStore CRDs. This is useful if you want to set a default certificate
-# https://doc.traefik.io/traefik/https/tls/#default-certificate
+  # https://doc.traefik.io/traefik/https/tls/#default-certificate
-# Example:
+  # Example:
-# tlsStore:
+  # tlsStore:
-#   default:
+  #   default:
-#     defaultCertificate:
+  #     defaultCertificate:
-#       secretName: tls-cert
+  #       secretName: tls-cert
-tlsStore: {}
+  tlsStore: {}
 
-# Options for the main traefik service, where the entrypoints traffic comes
+  # Options for the main traefik service, where the entrypoints traffic comes
-# from.
+  # from.
-service:
+  service:
     enabled: true
     ## Single service is using `MixedProtocolLBService` feature gate.
     ## When set to false, it will create two Service, one for TCP and one for UDP.
@@ -723,40 +724,40 @@ service:
     #   # externalIPs: []
     #   # ipFamilies: [ "IPv4","IPv6" ]
 
-## Create HorizontalPodAutoscaler object.
+  ## Create HorizontalPodAutoscaler object.
-##
+  ##
-autoscaling:
+  autoscaling:
     enabled: false
-#   minReplicas: 1
+  #   minReplicas: 1
-#   maxReplicas: 10
+  #   maxReplicas: 10
-#   metrics:
+  #   metrics:
-#   - type: Resource
+  #   - type: Resource
-#     resource:
+  #     resource:
-#       name: cpu
+  #       name: cpu
-#       target:
+  #       target:
-#         type: Utilization
+  #         type: Utilization
-#         averageUtilization: 60
+  #         averageUtilization: 60
-#   - type: Resource
+  #   - type: Resource
-#     resource:
+  #     resource:
-#       name: memory
+  #       name: memory
-#       target:
+  #       target:
-#         type: Utilization
+  #         type: Utilization
-#         averageUtilization: 60
+  #         averageUtilization: 60
-#   behavior:
+  #   behavior:
-#     scaleDown:
+  #     scaleDown:
-#       stabilizationWindowSeconds: 300
+  #       stabilizationWindowSeconds: 300
-#       policies:
+  #       policies:
-#       - type: Pods
+  #       - type: Pods
-#         value: 1
+  #         value: 1
-#         periodSeconds: 60
+  #         periodSeconds: 60
 
-# Enable persistence using Persistent Volume Claims
+  # Enable persistence using Persistent Volume Claims
-# ref: http://kubernetes.io/docs/user-guide/persistent-volumes/
+  # ref: http://kubernetes.io/docs/user-guide/persistent-volumes/
-# It can be used to store TLS certificates, see `storage` in certResolvers
+  # It can be used to store TLS certificates, see `storage` in certResolvers
-persistence:
+  persistence:
     enabled: false
     name: data
-#  existingClaim: ""
+  #  existingClaim: ""
     accessMode: ReadWriteOnce
     size: 128Mi
     # storageClass: ""
@@ -765,35 +766,35 @@ persistence:
     annotations: {}
     # subPath: "" # only mount a subpath of the Volume into the pod
 
-certResolvers: {}
+  certResolvers: {}
-#   letsencrypt:
+  #   letsencrypt:
-#     # for challenge options cf. https://doc.traefik.io/traefik/https/acme/
+  #     # for challenge options cf. https://doc.traefik.io/traefik/https/acme/
-#     email: email@example.com
+  #     email: email@example.com
-#     dnsChallenge:
+  #     dnsChallenge:
-#       # also add the provider's required configuration under env
+  #       # also add the provider's required configuration under env
-#       # or expand then from secrets/configmaps with envfrom
+  #       # or expand then from secrets/configmaps with envfrom
-#       # cf. https://doc.traefik.io/traefik/https/acme/#providers
+  #       # cf. https://doc.traefik.io/traefik/https/acme/#providers
-#       provider: digitalocean
+  #       provider: digitalocean
-#       # add futher options for the dns challenge as needed
+  #       # add futher options for the dns challenge as needed
-#       # cf. https://doc.traefik.io/traefik/https/acme/#dnschallenge
+  #       # cf. https://doc.traefik.io/traefik/https/acme/#dnschallenge
-#       delayBeforeCheck: 30
+  #       delayBeforeCheck: 30
-#       resolvers:
+  #       resolvers:
-#         - 1.1.1.1
+  #         - 1.1.1.1
-#         - 8.8.8.8
+  #         - 8.8.8.8
-#     tlsChallenge: true
+  #     tlsChallenge: true
-#     httpChallenge:
+  #     httpChallenge:
-#       entryPoint: "web"
+  #       entryPoint: "web"
-#     # It has to match the path with a persistent volume
+  #     # It has to match the path with a persistent volume
-#     storage: /data/acme.json
+  #     storage: /data/acme.json
 
-# If hostNetwork is true, runs traefik in the host network namespace
+  # If hostNetwork is true, runs traefik in the host network namespace
-# To prevent unschedulabel pods due to port collisions, if hostNetwork=true
+  # To prevent unschedulabel pods due to port collisions, if hostNetwork=true
-# and replicas>1, a pod anti-affinity is recommended and will be set if the
+  # and replicas>1, a pod anti-affinity is recommended and will be set if the
-# affinity is left as default.
+  # affinity is left as default.
-hostNetwork: false
+  hostNetwork: false
 
-# Whether Role Based Access Control objects like roles and rolebindings should be created
+  # Whether Role Based Access Control objects like roles and rolebindings should be created
-rbac:
+  rbac:
     enabled: true
     # If set to false, installs ClusterRole and ClusterRoleBinding so Traefik can be used across namespaces.
     # If set to true, installs Role and RoleBinding. Providers will only watch target namespace.
@@ -802,20 +803,20 @@ rbac:
     # https://kubernetes.io/docs/reference/access-authn-authz/rbac/#user-facing-roles
     # aggregateTo: [ "admin" ]
 
-# Enable to create a PodSecurityPolicy and assign it to the Service Account via RoleBinding or ClusterRoleBinding
+  # Enable to create a PodSecurityPolicy and assign it to the Service Account via RoleBinding or ClusterRoleBinding
-podSecurityPolicy:
+  podSecurityPolicy:
     enabled: false
 
-# The service account the pods will use to interact with the Kubernetes API
+  # The service account the pods will use to interact with the Kubernetes API
-serviceAccount:
+  serviceAccount:
     # If set, an existing service account is used
     # If not set, a service account is created automatically using the fullname template
     name: ""
 
-# Additional serviceAccount annotations (e.g. for oidc authentication)
+  # Additional serviceAccount annotations (e.g. for oidc authentication)
-serviceAccountAnnotations: {}
+  serviceAccountAnnotations: {}
 
-resources: {}
+  resources: {}
     # requests:
     #   cpu: "100m"
     #   memory: "50Mi"
@@ -823,61 +824,61 @@ resources: {}
     #   cpu: "300m"
     #   memory: "150Mi"
 
-# This example pod anti-affinity forces the scheduler to put traefik pods
+  # This example pod anti-affinity forces the scheduler to put traefik pods
-# on nodes where no other traefik pods are scheduled.
+  # on nodes where no other traefik pods are scheduled.
-# It should be used when hostNetwork: true to prevent port conflicts
+  # It should be used when hostNetwork: true to prevent port conflicts
-affinity: {}
+  affinity: {}
-#  podAntiAffinity:
+  #  podAntiAffinity:
-#    requiredDuringSchedulingIgnoredDuringExecution:
+  #    requiredDuringSchedulingIgnoredDuringExecution:
-#      - labelSelector:
+  #      - labelSelector:
-#          matchLabels:
+  #          matchLabels:
-#            app.kubernetes.io/name: '{{ template "traefik.name" . }}'
+  #            app.kubernetes.io/name: '{{ template "traefik.name" . }}'
-#            app.kubernetes.io/instance: '{{ .Release.Name }}-{{ .Release.Namespace }}'
+  #            app.kubernetes.io/instance: '{{ .Release.Name }}-{{ .Release.Namespace }}'
-#        topologyKey: kubernetes.io/hostname
+  #        topologyKey: kubernetes.io/hostname
 
-nodeSelector: {}
+  nodeSelector: {}
-tolerations: []
+  tolerations: []
-topologySpreadConstraints: []
+  topologySpreadConstraints: []
-# # This example topologySpreadConstraints forces the scheduler to put traefik pods
+  # # This example topologySpreadConstraints forces the scheduler to put traefik pods
-# # on nodes where no other traefik pods are scheduled.
+  # # on nodes where no other traefik pods are scheduled.
-#  - labelSelector:
+  #  - labelSelector:
-#      matchLabels:
+  #      matchLabels:
-#        app: '{{ template "traefik.name" . }}'
+  #        app: '{{ template "traefik.name" . }}'
-#    maxSkew: 1
+  #    maxSkew: 1
-#    topologyKey: kubernetes.io/hostname
+  #    topologyKey: kubernetes.io/hostname
-#    whenUnsatisfiable: DoNotSchedule
+  #    whenUnsatisfiable: DoNotSchedule
 
-# Pods can have priority.
+  # Pods can have priority.
-# Priority indicates the importance of a Pod relative to other Pods.
+  # Priority indicates the importance of a Pod relative to other Pods.
-priorityClassName: ""
+  priorityClassName: ""
 
-# Set the container security context
+  # Set the container security context
-# To run the container with ports below 1024 this will need to be adjust to run as root
+  # To run the container with ports below 1024 this will need to be adjust to run as root
-securityContext:
+  securityContext:
     capabilities:
       drop: [ALL]
     readOnlyRootFilesystem: true
 
-podSecurityContext:
+  podSecurityContext:
-#  # /!\ When setting fsGroup, Kubernetes will recursively changes ownership and
+  #  # /!\ When setting fsGroup, Kubernetes will recursively changes ownership and
-#  # permissions for the contents of each volume to match the fsGroup. This can
+  #  # permissions for the contents of each volume to match the fsGroup. This can
-#  # be an issue when storing sensitive content like TLS Certificates /!\
+  #  # be an issue when storing sensitive content like TLS Certificates /!\
-#  fsGroup: 65532
+  #  fsGroup: 65532
     fsGroupChangePolicy: "OnRootMismatch"
     runAsGroup: 65532
     runAsNonRoot: true
     runAsUser: 65532
 
-#
+  #
-# Extra objects to deploy (value evaluated as a template)
+  # Extra objects to deploy (value evaluated as a template)
-#
+  #
-# In some cases, it can avoid the need for additional, extended or adhoc deployments.
+  # In some cases, it can avoid the need for additional, extended or adhoc deployments.
-# See #595 for more details and traefik/tests/values/extra.yaml for example.
+  # See #595 for more details and traefik/tests/values/extra.yaml for example.
-extraObjects: []
+  extraObjects: []
 
-# This will override the default Release Namespace for Helm.
+  # This will override the default Release Namespace for Helm.
-# It will not affect optional CRDs such as `ServiceMonitor` and `PrometheusRules`
+  # It will not affect optional CRDs such as `ServiceMonitor` and `PrometheusRules`
-# namespaceOverride: traefik
+  # namespaceOverride: traefik
-#
+  #
-## This will override the default app.kubernetes.io/instance label for all Objects.
+  ## This will override the default app.kubernetes.io/instance label for all Objects.
-# instanceLabelOverride: traefik
+  # instanceLabelOverride: traefik