Add tls option for Elliptic Curve Preferences

pkg/provider/kubernetes/crd/kubernetes.go

@@ -481,9 +481,10 @@ func buildTLSOptions(ctx context.Context, client Client) map[string]tls.Options
 		}
 
 		tlsOptions[makeID(tlsOption.Namespace, tlsOption.Name)] = tls.Options{
-			MinVersion:   tlsOption.Spec.MinVersion,
-			MaxVersion:   tlsOption.Spec.MaxVersion,
-			CipherSuites: tlsOption.Spec.CipherSuites,
+			MinVersion:       tlsOption.Spec.MinVersion,
+			MaxVersion:       tlsOption.Spec.MaxVersion,
+			CipherSuites:     tlsOption.Spec.CipherSuites,
+			CurvePreferences: tlsOption.Spec.CurvePreferences,
 			ClientAuth: tls.ClientAuth{
 				CAFiles:        clientCAs,
 				ClientAuthType: tlsOption.Spec.ClientAuth.ClientAuthType,

pkg/provider/kubernetes/crd/traefik/v1alpha1/tlsoption.go

@@ -19,11 +19,12 @@ type TLSOption struct {
 
 // TLSOptionSpec configures TLS for an entry point
 type TLSOptionSpec struct {
-	MinVersion   string     `json:"minVersion,omitempty"`
-	MaxVersion   string     `json:"maxVersion,omitempty"`
-	CipherSuites []string   `json:"cipherSuites,omitempty"`
-	ClientAuth   ClientAuth `json:"clientAuth,omitempty"`
-	SniStrict    bool       `json:"sniStrict,omitempty"`
+	MinVersion       string     `json:"minVersion,omitempty"`
+	MaxVersion       string     `json:"maxVersion,omitempty"`
+	CipherSuites     []string   `json:"cipherSuites,omitempty"`
+	CurvePreferences []string   `json:"curvePreferences,omitempty"`
+	ClientAuth       ClientAuth `json:"clientAuth,omitempty"`
+	SniStrict        bool       `json:"sniStrict,omitempty"`
 }
 
 // +k8s:deepcopy-gen=true

pkg/provider/kubernetes/crd/traefik/v1alpha1/zz_generated.deepcopy.go

@@ -803,6 +803,11 @@ func (in *TLSOptionSpec) DeepCopyInto(out *TLSOptionSpec) {
 		*out = make([]string, len(*in))
 		copy(*out, *in)
 	}
+	if in.CurvePreferences != nil {
+		in, out := &in.CurvePreferences, &out.CurvePreferences
+		*out = make([]string, len(*in))
+		copy(*out, *in)
+	}
 	in.ClientAuth.DeepCopyInto(&out.ClientAuth)
 	return
 }