Update 11 files

- /sealed-secrets/templates/deployment.yaml
- /sealed-secrets/Chart.yaml
- /sealed-secrets/values.yaml
- /authentik/templates/postgre-sealed.yaml
- /argocd/templates/sealed-secrets.yaml
- /authentik/templates/ingress.yaml
- /bitwarden/templates/ingress.yaml
- /durpapi/templates/external-dns.yaml
- /whoogle/templates/ingress.yaml
- /internalproxy/templates/plex-ingress.yaml
- /kube-prometheus-stack/templates/ingress.yaml

argocd/templates/sealed-secrets.yaml

@@ -1,23 +0,0 @@
-#apiVersion: argoproj.io/v1alpha1
-#kind: Application
-#metadata:
-#  name: sealed-secrets
-#  namespace: argocd
-#spec:
-#  project: default
-#  source:
-#    repoURL: https://gitlab.com/developerdurp/homelab.git
-#    targetRevision: main
-#    path: sealed-secrets
-#    directory:
-#      recurse: true
-#  destination:
-#    server: https://kubernetes.default.svc
-#    namespace: sealed-secrets
-#  syncPolicy:
-#    automated:
-#      prune: true
-#      selfHeal: true
-#    syncOptions:
-#      - CreateNamespace=true                         
-#

authentik/templates/ingress.yaml

@@ -27,4 +27,16 @@ spec:
     kind: ClusterIssuer
   commonName: "authentik.durp.info"
   dnsNames:
-  - "authentik.durp.info"  
+  - "authentik.durp.info" 
+
+---
+
+kind: Service
+apiVersion: v1
+metadata:
+  name: authentik-external-dns
+  annotations:
+    external-dns.alpha.kubernetes.io/hostname: authentik.durp.info
+spec:
+  type: ExternalName
+  externalName: home.durp.info

authentik/templates/postgre-sealed.yaml

@@ -1,16 +0,0 @@
-apiVersion: bitnami.com/v1alpha1
-kind: SealedSecret
-metadata:
-  creationTimestamp: null
-  name: authentik-postgresql1
-  namespace: authentik
-spec:
-  encryptedData:
-    postgresql-password: AgAUgobh5m0fNN23eda623K0CDznifc6noCUxcly80ZanRgfye/+xYFhJCkEIxzvboadUUS6kLv8wWKcwufU96pwpSPkBQ0efqjXSIoV0QMGfCM5F5lv9/kh9I9U/cWu0GLdHueyu+TLCR0inz46Coaa827O77aJ6ZiwXZA6sAscyHQMdB2SIxsDFnAj9FzBNO5bG3ZoRmZ0j59Tzvotnx5glwee1xyjqI5xdY1CePtcAJzbtF44QsKEcRpehx8NzPWKhLNOoHiW/oGheF4QY5GgxAO1wSzpMJYxUlmNHBG+DqzQCWw0HguX/OZ4rrlsG9AKyFVfzXHALJudlj0a6iDYyn8L3eEomauknMfo+vXFAEmJSUbZNFTbxiWJ5MJT3t97PYlR81vEf2Baz5M9+8j+UmToOrjfKQsC+rmq96khC1qgN2+2kV8b2t2dN3wFWplb8tH4N0I+WoEbW9KLJOin+D0j2HWO1eQkGooQCejSXRlUb2aFzWyGwftmuQU4XRcaHf3952BtiR6xeJ4sToBd42CNT1HszxDBwgqszvfxZeu77Y73K1eQSeyv6wMFiAR9hserwV6GmDmiYykyLpSv2GrkxPDjvEXJWfBBh9s2HwKzJsXUG5e6rwm2+3trRHwOeyfFej/YeaN+GFSTTJ9FmjTuoWHTkcW/LL/+vlOYoozYCBi8BkHRC7gW9l10HNxQO9/X3bnFjG65UeQ=
-    postgresql-postgres-password: AgB34p5KiStG11OgzFd1To5jKDE6OERAFgZqp9kNZw6bWEIxSzJbVfFOFRgtBlr27FP6XZCWBDMBSEw/Ibr0EAIqDq5YgYZNOW6q4FwuqfCX1bUkV/5pJyPYWtbRVU+PtGoF2dt1k+XiLlD0g3q7hygvcaCfUI1dfbGZYafpmzRTuTf89oxSidIqAZUh4SKkhTB5DQWct1VuygUwXhnbdXZDLEQtiksFqJd5dIF5aXMUGchoVgggQqZBzeeffAv/N5R4BopPZjDd89hwI3N/zy58vPFSXE26/PbsbuE+R0XxPoBK6yiwtZn124s3cw665roOZKZ9eK5xG4Z/sPCnb9yyUGDiVeVUokMM9akbGVFQ605lbUZ/3eq6MEIBQaM7cjE/MRsvfj6Co4B9inKn7syMMGUdkS7rsiXHeBnkQtuNVPiT7RX0XOYT3JltjrDX/1jeaI1DyG83GGIkTtlCSVIl/Sz7W43k6P0nIARPqcPBizdwLCeICaz75OPnTdcPH+lEukdPdkddpZ6QuxNJIe99De3pKw9HY4rxj3Xs3DM4vCelO6s7WYJz32VqEFEIMEZV8bNSlGW6XDWekRwKh66TWjV48WJMBlLG1pYX/MKSmoC0yaTHy3+Ag/8kA1/5YoBUVPfxn1uueNGEWQWo/Ylk/CmZ69BgWUH22VyAl1F2xbNTFBdksBckVzawQgBsJLCqKGkc2LkROOKK8GM=
-  template:
-    metadata:
-      creationTimestamp: null
-      name: authentik-postgresql1
-      namespace: authentik
-

bitwarden/templates/ingress.yaml

@@ -28,3 +28,15 @@ spec:
   commonName: "bitwarden.durp.info"
   dnsNames:
   - "bitwarden.durp.info"  
+
+---
+
+kind: Service
+apiVersion: v1
+metadata:
+  name: bitwarden-external-dns
+  annotations:
+    external-dns.alpha.kubernetes.io/hostname: bitwarden.durp.info
+spec:
+  type: ExternalName
+  externalName: home.durp.info

durpapi/templates/external-dns.yaml

@@ -0,0 +1,9 @@
+kind: Service
+apiVersion: v1
+metadata:
+  name: durpapi-external-dns
+  annotations:
+    external-dns.alpha.kubernetes.io/hostname: durpapi.durp.info
+spec:
+  type: ExternalName
+  externalName: home.durp.info

internalproxy/templates/plex-ingress.yaml

@@ -59,4 +59,16 @@ spec:
     kind: ClusterIssuer
   commonName: "plex.durp.info"
   dnsNames:
-  - "plex.durp.info"  
+  - "plex.durp.info"  
+
+---
+
+kind: Service
+apiVersion: v1
+metadata:
+  name: plex-external-dns
+  annotations:
+    external-dns.alpha.kubernetes.io/hostname: plex.durp.info
+spec:
+  type: ExternalName
+  externalName: home.durp.info  

kube-prometheus-stack/templates/ingress.yaml

@@ -65,4 +65,16 @@ spec:
     kind: ClusterIssuer
   commonName: "alertmanager.durp.info"
   dnsNames:
-  - "alertmanager.durp.info"  
+  - "alertmanager.durp.info"  
+
+---
+
+kind: Service
+apiVersion: v1
+metadata:
+  name: grafana-external-dns
+  annotations:
+    external-dns.alpha.kubernetes.io/hostname: grafana.durp.info
+spec:
+  type: ExternalName
+  externalName: home.durp.info  

sealed-secrets/Chart.yaml

@@ -1,7 +0,0 @@
-apiVersion: v2
-name: sealed-secrets
-description: A Helm chart for Kubernetes
-type: application
-
-version: 0.1.0
-appVersion: "1.16.0"

sealed-secrets/templates/deployment.yaml

@@ -1,252 +0,0 @@
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: Role
-metadata:
-  annotations: {}
-  labels:
-    name: sealed-secrets-service-proxier
-  name: sealed-secrets-service-proxier
-  namespace: kube-system
-rules:
-- apiGroups:
-  - ""
-  resourceNames:
-  - sealed-secrets-controller
-  resources:
-  - services
-  verbs:
-  - get
-- apiGroups:
-  - ""
-  resourceNames:
-  - 'http:sealed-secrets-controller:'
-  - sealed-secrets-controller
-  resources:
-  - services/proxy
-  verbs:
-  - create
-  - get
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: Role
-metadata:
-  annotations: {}
-  labels:
-    name: sealed-secrets-key-admin
-  name: sealed-secrets-key-admin
-  namespace: kube-system
-rules:
-- apiGroups:
-  - ""
-  resources:
-  - secrets
-  verbs:
-  - create
-  - list
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRoleBinding
-metadata:
-  annotations: {}
-  labels:
-    name: sealed-secrets-controller
-  name: sealed-secrets-controller
-roleRef:
-  apiGroup: rbac.authorization.k8s.io
-  kind: ClusterRole
-  name: secrets-unsealer
-subjects:
-- kind: ServiceAccount
-  name: sealed-secrets-controller
-  namespace: kube-system
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRole
-metadata:
-  annotations: {}
-  labels:
-    name: secrets-unsealer
-  name: secrets-unsealer
-rules:
-- apiGroups:
-  - bitnami.com
-  resources:
-  - sealedsecrets
-  verbs:
-  - get
-  - list
-  - watch
-- apiGroups:
-  - bitnami.com
-  resources:
-  - sealedsecrets/status
-  verbs:
-  - update
-- apiGroups:
-  - ""
-  resources:
-  - secrets
-  verbs:
-  - get
-  - list
-  - create
-  - update
-  - delete
-- apiGroups:
-  - ""
-  resources:
-  - events
-  verbs:
-  - create
-  - patch
----
-apiVersion: v1
-kind: ServiceAccount
-metadata:
-  annotations: {}
-  labels:
-    name: sealed-secrets-controller
-  name: sealed-secrets-controller
-  namespace: kube-system
----
-apiVersion: apps/v1
-kind: Deployment
-metadata:
-  annotations: {}
-  labels:
-    name: sealed-secrets-controller
-  name: sealed-secrets-controller
-  namespace: kube-system
-spec:
-  minReadySeconds: 30
-  replicas: 1
-  revisionHistoryLimit: 10
-  selector:
-    matchLabels:
-      name: sealed-secrets-controller
-  strategy:
-    rollingUpdate:
-      maxSurge: 25%
-      maxUnavailable: 25%
-    type: RollingUpdate
-  template:
-    metadata:
-      annotations: {}
-      labels:
-        name: sealed-secrets-controller
-    spec:
-      containers:
-      - args: []
-        command:
-        - controller
-        env: []
-        image: registry.durp.info/bitnami/sealed-secrets-controller:v0.17.5
-        imagePullPolicy: Always
-        livenessProbe:
-          httpGet:
-            path: /healthz
-            port: http
-        name: sealed-secrets-controller
-        ports:
-        - containerPort: 8080
-          name: http
-        readinessProbe:
-          httpGet:
-            path: /healthz
-            port: http
-        securityContext:
-          readOnlyRootFilesystem: true
-          runAsNonRoot: true
-          runAsUser: 1001
-        stdin: false
-        tty: false
-        volumeMounts:
-        - mountPath: /tmp
-          name: tmp
-      imagePullSecrets: []
-      initContainers: []
-      securityContext:
-        fsGroup: 65534
-      serviceAccountName: sealed-secrets-controller
-      terminationGracePeriodSeconds: 30
-      volumes:
-      - emptyDir: {}
-        name: tmp
----
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
-  name: sealedsecrets.bitnami.com
-spec:
-  group: bitnami.com
-  names:
-    kind: SealedSecret
-    listKind: SealedSecretList
-    plural: sealedsecrets
-    singular: sealedsecret
-  scope: Namespaced
-  versions:
-  - name: v1alpha1
-    schema:
-      openAPIV3Schema:
-        properties:
-          spec:
-            type: object
-            x-kubernetes-preserve-unknown-fields: true
-          status:
-            x-kubernetes-preserve-unknown-fields: true
-        type: object
-    served: true
-    storage: true
-    subresources:
-      status: {}
----
-apiVersion: v1
-kind: Service
-metadata:
-  annotations: {}
-  labels:
-    name: sealed-secrets-controller
-  name: sealed-secrets-controller
-  namespace: kube-system
-spec:
-  ports:
-  - port: 8080
-    targetPort: 8080
-  selector:
-    name: sealed-secrets-controller
-  type: ClusterIP
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: RoleBinding
-metadata:
-  annotations: {}
-  labels:
-    name: sealed-secrets-service-proxier
-  name: sealed-secrets-service-proxier
-  namespace: kube-system
-roleRef:
-  apiGroup: rbac.authorization.k8s.io
-  kind: Role
-  name: sealed-secrets-service-proxier
-subjects:
-- apiGroup: rbac.authorization.k8s.io
-  kind: Group
-  name: system:authenticated
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: RoleBinding
-metadata:
-  annotations: {}
-  labels:
-    name: sealed-secrets-controller
-  name: sealed-secrets-controller
-  namespace: kube-system
-roleRef:
-  apiGroup: rbac.authorization.k8s.io
-  kind: Role
-  name: sealed-secrets-key-admin
-subjects:
-- kind: ServiceAccount
-  name: sealed-secrets-controller
-  namespace: kube-system

whoogle/templates/ingress.yaml

@@ -27,4 +27,16 @@ spec:
     kind: ClusterIssuer
   commonName: "whoogle.durp.info"
   dnsNames:
-  - "whoogle.durp.info"  
+  - "whoogle.durp.info"  
+
+---
+
+kind: Service
+apiVersion: v1
+metadata:
+  name: whoogle-external-dns
+  annotations:
+    external-dns.alpha.kubernetes.io/hostname: whoogle.durp.info
+spec:
+  type: ExternalName
+  externalName: home.durp.info