add app ingress-nginx

apps/ingress-nginx/base/kustomization.yaml

@@ -0,0 +1,8 @@
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+helmCharts:
+  - name: ingress-nginx
+    repo: https://kubernetes.github.io/ingress-nginx
+    version: 4.10.1
+    releaseName: ingress-nginx
+    valuesFile: values.yaml

apps/ingress-nginx/base/values.yaml

@@ -0,0 +1,5 @@
+rbac:
+  create: true
+
+controller:
+  priorityClassName: system-cluster-critical

apps/ingress-nginx/env/k3s-cluster/configmap.yaml

@@ -0,0 +1,23 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: ingress-nginx-values
+  namespace: ingress-nginx
+data:
+  use_geoip2: "false"
+  disable_ipv6: "true"
+  disable_ipv6_dns: "true"
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: tcp-services
+  namespace: ingress-nginx
+data: {}
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: udp-services
+  namespace: ingress-nginx
+data: {}

apps/ingress-nginx/env/k3s-cluster/kustomization.yaml

@@ -0,0 +1,5 @@
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+resources:
+  - ./configmap.yaml
+  - ../../base

apps/ingress-nginx/env/k3s-cluster/values.yaml

@@ -0,0 +1,75 @@
+rbac:
+  create: true
+
+controller:
+  priorityClassName: system-cluster-critical
+
+  extraArgs:
+    update-status-on-shutdown: "false"
+    tcp-services-configmap: "ingress-nginx/tcp-services"
+    udp-services-configmap: "ingress-nginx/udp-services"
+
+  allowSnippetAnnotations: true
+
+  config:
+    proxy-buffer-size: 16k
+    use-gzip: ${use_gzip:=true}
+    enable-brotli: ${enable_brotli:=true}
+    hsts-max-age: ${hsts_max_age:=31536000}
+    hsts-preload: ${hsts_preload:=true}
+    disable-ipv6: ${disable_ipv6:=false}
+    disable-ipv6-dns: ${disable_ipv6_dns:=false}
+    keep-alive-requests: ${keep_alive_requests:=1000}
+    use-geoip2: ${use_geoip2:=true}
+    custom-http-errors: 401,403,404,500,501,502,503,504
+
+  extraEnvs:
+    - name: TZ
+      value: Australia/Sydney
+
+  addHeaders:
+    Referrer-Policy: same-origin, strict-origin-when-cross-origin
+    X-Content-Type-Options: nosniff
+    X-Frame-Options: SAMEORIGIN
+    X-XSS-Protection: 1; mode=block
+
+  ingressClassResource:
+    default: true
+
+  service:
+    externalTrafficPolicy: Cluster
+    ipFamilyPolicy: SingleStack
+
+  metrics:
+    enabled: ${metrics_enabled:=false}
+  #        serviceMonitor:
+  #          enabled: ${metrics_enabled:=false}
+  #          scrapeInterval: 1m
+
+  spec:
+    template:
+      spec:
+        containers:
+          volumeMounts:
+            - mountPath: /etc/nginx/template
+              name: nginx-template-volume
+              readOnly: true
+        volumes:
+          - name: nginx-template-volume
+            hostPath:
+              path: /mnt/nfs/AppData/ingress-nginx/etc/nginx/template
+              type: Directory
+
+defaultBackend:
+  enabled: true
+  image:
+    repository: ghcr.io/tarampampam/error-pages
+    tag: 2.27.0@sha256:40e2631173b1a407c18fe7d1ba8104d995cf9e4780d123eeadfa1d57c68eaf4f
+    pullPolicy: IfNotPresent
+  extraEnvs:
+    - name: TEMPLATE_NAME
+      value: connection
+    - name: SHOW_DETAILS
+      value: "true"
+    - name: READ_BUFFER_SIZE
+      value: "8192"