Last active
October 21, 2025 19:58
-
-
Save steffenmueller4/e8ddf4eab6d8910875a47df5d1dbff5d to your computer and use it in GitHub Desktop.
Kubernetes (k3s + Traefik) Syncthing Deployment
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| --- | |
| apiVersion: v1 | |
| kind: Namespace | |
| metadata: | |
| name: syncthing | |
| labels: | |
| name: syncthing | |
| --- | |
| apiVersion: v1 | |
| kind: PersistentVolumeClaim | |
| metadata: | |
| name: syncthing-pv-claim | |
| namespace: syncthing | |
| spec: | |
| storageClassName: rook-ceph-block | |
| accessModes: | |
| - ReadWriteOnce | |
| volumeMode: Filesystem | |
| resources: | |
| requests: | |
| storage: 100G | |
| --- | |
| apiVersion: apps/v1 | |
| kind: StatefulSet | |
| metadata: | |
| name: syncthing | |
| namespace: syncthing | |
| spec: | |
| selector: | |
| matchLabels: | |
| app: syncthing | |
| serviceName: syncthing | |
| replicas: 1 | |
| template: | |
| metadata: | |
| labels: | |
| app: syncthing | |
| spec: | |
| terminationGracePeriodSeconds: 60 | |
| containers: | |
| - name: syncthing | |
| image: syncthing/syncthing:latest | |
| ports: | |
| - name: web-ui | |
| containerPort: 8384 | |
| - name: syncthing-tcp | |
| containerPort: 22000 | |
| protocol: TCP | |
| - name: syncthing-udp | |
| containerPort: 22000 | |
| protocol: UDP | |
| - name: syncthing-disc | |
| containerPort: 21027 | |
| protocol: UDP | |
| volumeMounts: | |
| - name: syncthing | |
| mountPath: /var/syncthing | |
| env: | |
| - name: PUID | |
| value: "1000" | |
| - name: PGID | |
| value: "1000" | |
| volumes: | |
| - name: syncthing | |
| persistentVolumeClaim: | |
| claimName: syncthing-pv-claim | |
| readOnly: false | |
| --- | |
| apiVersion: v1 | |
| kind: Service | |
| metadata: | |
| name: syncthing-dashboard | |
| namespace: syncthing | |
| spec: | |
| type: ClusterIP | |
| ports: | |
| - name: syncthing-dashboard | |
| protocol: TCP | |
| port: 8384 | |
| targetPort: 8384 | |
| selector: | |
| app: syncthing | |
| --- | |
| apiVersion: v1 | |
| kind: Service | |
| metadata: | |
| name: syncthing-protocol | |
| namespace: syncthing | |
| spec: | |
| type: ClusterIP | |
| ports: | |
| - name: syncthing-tcp | |
| port: 22000 | |
| protocol: TCP | |
| targetPort: 22000 | |
| - name: syncthing-udp | |
| port: 22000 | |
| protocol: UDP | |
| targetPort: 22000 | |
| - name: syncthing-disc | |
| port: 21027 | |
| protocol: UDP | |
| targetPort: 21027 | |
| selector: | |
| app: syncthing | |
| --- | |
| # Hint: https://community.traefik.io/t/adding-entrypoints-to-a-helm-deployed-traefik-on-k3s/14813/6 | |
| # Hint: https://stackoverflow.com/questions/73948456/accessing-service-from-custom-port-using-k3d-and-traefik | |
| apiVersion: helm.cattle.io/v1 | |
| kind: HelmChartConfig | |
| metadata: | |
| name: traefik | |
| namespace: kube-system | |
| spec: | |
| valuesContent: |- | |
| image: | |
| name: traefik | |
| ports: | |
| syncthing-tcp: | |
| port: 22000 | |
| protocol: TCP | |
| expose: | |
| default: true | |
| exposedPort: 22000 | |
| syncthing-udp: | |
| port: 22000 | |
| protocol: UDP | |
| expose: | |
| default: true | |
| exposedPort: 22000 | |
| syncthing-disc: | |
| port: 21027 | |
| protocol: UDP | |
| expose: | |
| default: true | |
| exposedPort: 21027 | |
| --- | |
| apiVersion: traefik.io/v1alpha1 | |
| kind: IngressRouteTCP | |
| metadata: | |
| name: syncthing-tcp | |
| namespace: syncthing | |
| annotations: | |
| spec.ingressClassName: "traefik" | |
| spec: | |
| entryPoints: | |
| - syncthing-tcp | |
| routes: | |
| - match: HostSNI(`*`) | |
| services: | |
| - name: syncthing-protocol | |
| port: syncthing-tcp | |
| --- | |
| apiVersion: traefik.io/v1alpha1 | |
| kind: IngressRouteUDP | |
| metadata: | |
| name: syncthing-udp | |
| namespace: syncthing | |
| annotations: | |
| spec.ingressClassName: "traefik" | |
| spec: | |
| entryPoints: | |
| - syncthing-udp | |
| routes: | |
| - services: | |
| - name: syncthing-protocol | |
| port: syncthing-udp | |
| --- | |
| apiVersion: traefik.io/v1alpha1 | |
| kind: IngressRouteUDP | |
| metadata: | |
| name: syncthing-disc | |
| namespace: syncthing | |
| annotations: | |
| spec.ingressClassName: "traefik" | |
| spec: | |
| entryPoints: | |
| - syncthing-disc | |
| routes: | |
| - services: | |
| - name: syncthing-protocol | |
| port: syncthing-disc | |
| --- | |
| apiVersion: traefik.io/v1alpha1 | |
| kind: IngressRoute | |
| metadata: | |
| name: syncthing-dashboard | |
| namespace: syncthing | |
| annotations: | |
| ingress.kubernetes.io/ssl-redirect: "true" | |
| spec.ingressClassName: "traefik" | |
| spec: | |
| entryPoints: | |
| - web | |
| - websecure | |
| routes: | |
| - match: PathPrefix(`/syncthing-dashboard`) | |
| kind: Rule | |
| services: | |
| - name: syncthing-dashboard | |
| port: 8384 | |
| middlewares: | |
| - name: syncthing-replacepathregex | |
| namespace: syncthing | |
| --- | |
| # Replace path with regex | |
| apiVersion: traefik.io/v1alpha1 | |
| kind: Middleware | |
| metadata: | |
| name: syncthing-replacepathregex | |
| namespace: syncthing | |
| spec: | |
| replacePathRegex: | |
| regex: ^/syncthing-dashboard/(.*) | |
| replacement: /$1 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment