I want to preface this by saying: I'm new to kubernetes, so it's entirely possible this is an extremely easy fix I'm just missing, in which case I apologize but thank you in advance for your patience.
I'm running traefik on a small k3s cluster of 6x Raspberry Pi SBCs. Right now, all it does is act as ingress for an external-facing Mastodon instance. I want to see if I can reconfigure it to also act as a reverse proxy for other homelab services I run on my LAN that I don't want externally accessible, but which I would love to be able to access via something like https://jellyfin.my.local.domain
rather than trying to remember the IP address and port number.
These other services--JellyFin, NextCloud, a NAS, and even some live feeds of wildlife cameras--run on separate hardware that isn't tied into the k3s cluster running traefik. But I don't want these accessible from outside the LAN.
I have a Firewalla router so setting up custom DNS entries isn't a problem, I'm just not sure how to set up traefik to reverse proxy these services and provide wildcard SSL certs for them. I've found a lot of tutorials out there for setting up traefik on Docker Compose to do exactly this, but none for traefik running on kubernetes. Any help would be greatly appreciated!
EDIT: Some additional details of my setup: I use metallb on the k3s cluster to do load balancing, and Cloudflare is my DNS solver (traefik uses cert-manager and the DNS-01 challenge to get SSL certs for my external-facing Mastodon instance, so all that's running too).