2021-03-03 15:32:04 +01:00
---
apiVersion : apiextensions.k8s.io/v1
kind : CustomResourceDefinition
metadata :
annotations :
2021-09-02 14:40:08 +02:00
controller-gen.kubebuilder.io/version : v0.6.2
2021-03-03 15:32:04 +01:00
creationTimestamp : null
name : tlsoptions.traefik.containo.us
spec :
group : traefik.containo.us
names :
kind : TLSOption
listKind : TLSOptionList
plural : tlsoptions
singular : tlsoption
scope : Namespaced
versions :
- name : v1alpha1
schema :
openAPIV3Schema :
2022-06-24 12:40:08 +02:00
description : 'TLSOption is the CRD implementation of a Traefik TLS Option,
allowing to configure some parameters of the TLS connection. More info :
2022-09-14 16:52:03 +02:00
https://doc.traefik.io/traefik/v2.9/https/tls/#tls-options'
2021-03-03 15:32:04 +01:00
properties :
apiVersion :
2021-05-05 17:50:04 +02:00
description : 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info : https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
2021-03-03 15:32:04 +01:00
type : string
kind :
2021-05-05 17:50:04 +02:00
description : 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info : https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
2021-03-03 15:32:04 +01:00
type : string
metadata :
type : object
spec :
2022-06-24 12:40:08 +02:00
description : TLSOptionSpec defines the desired state of a TLSOption.
2021-03-03 15:32:04 +01:00
properties :
2021-08-20 18:20:06 +02:00
alpnProtocols :
2022-06-24 12:40:08 +02:00
description : 'ALPNProtocols defines the list of supported application
level protocols for the TLS handshake, in order of preference. More
2022-09-14 16:52:03 +02:00
info : https://doc.traefik.io/traefik/v2.9/https/tls/#alpn-protocols'
2021-08-20 18:20:06 +02:00
items :
type : string
type : array
2021-03-03 15:32:04 +01:00
cipherSuites :
2022-06-24 12:40:08 +02:00
description : 'CipherSuites defines the list of supported cipher suites
2022-09-14 16:52:03 +02:00
for TLS versions up to TLS 1.2. More info : https://doc.traefik.io/traefik/v2.9/https/tls/#cipher-suites'
2021-03-03 15:32:04 +01:00
items :
type : string
type : array
clientAuth :
2022-06-24 12:40:08 +02:00
description : ClientAuth defines the server's policy for TLS Client
Authentication.
2021-03-03 15:32:04 +01:00
properties :
clientAuthType :
2021-05-05 17:50:04 +02:00
description : ClientAuthType defines the client authentication
type to apply.
2021-03-03 15:32:04 +01:00
enum :
- NoClientCert
- RequestClientCert
2021-09-24 11:32:07 +02:00
- RequireAnyClientCert
2021-03-03 15:32:04 +01:00
- VerifyClientCertIfGiven
- RequireAndVerifyClientCert
type : string
secretNames :
2022-06-24 12:40:08 +02:00
description : SecretNames defines the names of the referenced Kubernetes
Secret storing certificate details.
2021-03-03 15:32:04 +01:00
items :
type : string
type : array
type : object
curvePreferences :
2022-06-24 12:40:08 +02:00
description : 'CurvePreferences defines the preferred elliptic curves
2022-09-14 16:52:03 +02:00
in a specific order. More info : https://doc.traefik.io/traefik/v2.9/https/tls/#curve-preferences'
2021-03-03 15:32:04 +01:00
items :
type : string
type : array
maxVersion :
2022-06-24 12:40:08 +02:00
description : 'MaxVersion defines the maximum TLS version that Traefik
will accept. Possible values : VersionTLS10, VersionTLS11, VersionTLS12,
VersionTLS13. Default : None.'
2021-03-03 15:32:04 +01:00
type : string
minVersion :
2022-06-24 12:40:08 +02:00
description : 'MinVersion defines the minimum TLS version that Traefik
will accept. Possible values : VersionTLS10, VersionTLS11, VersionTLS12,
VersionTLS13. Default : VersionTLS10.'
2021-03-03 15:32:04 +01:00
type : string
preferServerCipherSuites :
2022-08-09 17:36:08 +02:00
description : 'PreferServerCipherSuites defines whether the server
chooses a cipher suite among his own instead of among the client''s.
It is enabled automatically when minVersion or maxVersion is set.
Deprecated : https://github.com/golang/go/issues/45430'
2021-03-03 15:32:04 +01:00
type : boolean
sniStrict :
2022-06-24 12:40:08 +02:00
description : SniStrict defines whether Traefik allows connections
from clients connections that do not specify a server_name extension.
2021-03-03 15:32:04 +01:00
type : boolean
type : object
required :
- metadata
- spec
type : object
served : true
storage : true
status :
acceptedNames :
kind : ""
plural : ""
conditions : [ ]
storedVersions : [ ]