From 2db7260d52ad6347141523e285e77a5c11bc52d7 Mon Sep 17 00:00:00 2001 From: DeveloperDurp Date: Fri, 9 Jun 2023 23:26:21 +0000 Subject: [PATCH] Update 11 files - /sealed-secrets/templates/deployment.yaml - /sealed-secrets/Chart.yaml - /sealed-secrets/values.yaml - /authentik/templates/postgre-sealed.yaml - /argocd/templates/sealed-secrets.yaml - /authentik/templates/ingress.yaml - /bitwarden/templates/ingress.yaml - /durpapi/templates/external-dns.yaml - /whoogle/templates/ingress.yaml - /internalproxy/templates/plex-ingress.yaml - /kube-prometheus-stack/templates/ingress.yaml --- argocd/templates/sealed-secrets.yaml | 23 -- authentik/templates/ingress.yaml | 14 +- authentik/templates/postgre-sealed.yaml | 16 -- bitwarden/templates/ingress.yaml | 12 + durpapi/templates/external-dns.yaml | 9 + internalproxy/templates/plex-ingress.yaml | 14 +- kube-prometheus-stack/templates/ingress.yaml | 14 +- sealed-secrets/Chart.yaml | 7 - sealed-secrets/templates/deployment.yaml | 252 ------------------- sealed-secrets/values.yaml | 0 whoogle/templates/ingress.yaml | 14 +- 11 files changed, 73 insertions(+), 302 deletions(-) delete mode 100644 argocd/templates/sealed-secrets.yaml delete mode 100644 authentik/templates/postgre-sealed.yaml create mode 100644 durpapi/templates/external-dns.yaml delete mode 100644 sealed-secrets/Chart.yaml delete mode 100644 sealed-secrets/templates/deployment.yaml delete mode 100644 sealed-secrets/values.yaml diff --git a/argocd/templates/sealed-secrets.yaml b/argocd/templates/sealed-secrets.yaml deleted file mode 100644 index 96633c0..0000000 --- a/argocd/templates/sealed-secrets.yaml +++ /dev/null @@ -1,23 +0,0 @@ -#apiVersion: argoproj.io/v1alpha1 -#kind: Application -#metadata: -# name: sealed-secrets -# namespace: argocd -#spec: -# project: default -# source: -# repoURL: https://gitlab.com/developerdurp/homelab.git -# targetRevision: main -# path: sealed-secrets -# directory: -# recurse: true -# destination: -# server: https://kubernetes.default.svc -# namespace: sealed-secrets -# syncPolicy: -# automated: -# prune: true -# selfHeal: true -# syncOptions: -# - CreateNamespace=true -# \ No newline at end of file diff --git a/authentik/templates/ingress.yaml b/authentik/templates/ingress.yaml index dc90548..f9106e0 100644 --- a/authentik/templates/ingress.yaml +++ b/authentik/templates/ingress.yaml @@ -27,4 +27,16 @@ spec: kind: ClusterIssuer commonName: "authentik.durp.info" dnsNames: - - "authentik.durp.info" \ No newline at end of file + - "authentik.durp.info" + +--- + +kind: Service +apiVersion: v1 +metadata: + name: authentik-external-dns + annotations: + external-dns.alpha.kubernetes.io/hostname: authentik.durp.info +spec: + type: ExternalName + externalName: home.durp.info \ No newline at end of file diff --git a/authentik/templates/postgre-sealed.yaml b/authentik/templates/postgre-sealed.yaml deleted file mode 100644 index 369e97e..0000000 --- a/authentik/templates/postgre-sealed.yaml +++ /dev/null @@ -1,16 +0,0 @@ -apiVersion: bitnami.com/v1alpha1 -kind: SealedSecret -metadata: - creationTimestamp: null - name: authentik-postgresql1 - namespace: authentik -spec: - encryptedData: - postgresql-password: AgAUgobh5m0fNN23eda623K0CDznifc6noCUxcly80ZanRgfye/+xYFhJCkEIxzvboadUUS6kLv8wWKcwufU96pwpSPkBQ0efqjXSIoV0QMGfCM5F5lv9/kh9I9U/cWu0GLdHueyu+TLCR0inz46Coaa827O77aJ6ZiwXZA6sAscyHQMdB2SIxsDFnAj9FzBNO5bG3ZoRmZ0j59Tzvotnx5glwee1xyjqI5xdY1CePtcAJzbtF44QsKEcRpehx8NzPWKhLNOoHiW/oGheF4QY5GgxAO1wSzpMJYxUlmNHBG+DqzQCWw0HguX/OZ4rrlsG9AKyFVfzXHALJudlj0a6iDYyn8L3eEomauknMfo+vXFAEmJSUbZNFTbxiWJ5MJT3t97PYlR81vEf2Baz5M9+8j+UmToOrjfKQsC+rmq96khC1qgN2+2kV8b2t2dN3wFWplb8tH4N0I+WoEbW9KLJOin+D0j2HWO1eQkGooQCejSXRlUb2aFzWyGwftmuQU4XRcaHf3952BtiR6xeJ4sToBd42CNT1HszxDBwgqszvfxZeu77Y73K1eQSeyv6wMFiAR9hserwV6GmDmiYykyLpSv2GrkxPDjvEXJWfBBh9s2HwKzJsXUG5e6rwm2+3trRHwOeyfFej/YeaN+GFSTTJ9FmjTuoWHTkcW/LL/+vlOYoozYCBi8BkHRC7gW9l10HNxQO9/X3bnFjG65UeQ= - postgresql-postgres-password: AgB34p5KiStG11OgzFd1To5jKDE6OERAFgZqp9kNZw6bWEIxSzJbVfFOFRgtBlr27FP6XZCWBDMBSEw/Ibr0EAIqDq5YgYZNOW6q4FwuqfCX1bUkV/5pJyPYWtbRVU+PtGoF2dt1k+XiLlD0g3q7hygvcaCfUI1dfbGZYafpmzRTuTf89oxSidIqAZUh4SKkhTB5DQWct1VuygUwXhnbdXZDLEQtiksFqJd5dIF5aXMUGchoVgggQqZBzeeffAv/N5R4BopPZjDd89hwI3N/zy58vPFSXE26/PbsbuE+R0XxPoBK6yiwtZn124s3cw665roOZKZ9eK5xG4Z/sPCnb9yyUGDiVeVUokMM9akbGVFQ605lbUZ/3eq6MEIBQaM7cjE/MRsvfj6Co4B9inKn7syMMGUdkS7rsiXHeBnkQtuNVPiT7RX0XOYT3JltjrDX/1jeaI1DyG83GGIkTtlCSVIl/Sz7W43k6P0nIARPqcPBizdwLCeICaz75OPnTdcPH+lEukdPdkddpZ6QuxNJIe99De3pKw9HY4rxj3Xs3DM4vCelO6s7WYJz32VqEFEIMEZV8bNSlGW6XDWekRwKh66TWjV48WJMBlLG1pYX/MKSmoC0yaTHy3+Ag/8kA1/5YoBUVPfxn1uueNGEWQWo/Ylk/CmZ69BgWUH22VyAl1F2xbNTFBdksBckVzawQgBsJLCqKGkc2LkROOKK8GM= - template: - metadata: - creationTimestamp: null - name: authentik-postgresql1 - namespace: authentik - diff --git a/bitwarden/templates/ingress.yaml b/bitwarden/templates/ingress.yaml index 1012453..e7ecd13 100644 --- a/bitwarden/templates/ingress.yaml +++ b/bitwarden/templates/ingress.yaml @@ -28,3 +28,15 @@ spec: commonName: "bitwarden.durp.info" dnsNames: - "bitwarden.durp.info" + +--- + +kind: Service +apiVersion: v1 +metadata: + name: bitwarden-external-dns + annotations: + external-dns.alpha.kubernetes.io/hostname: bitwarden.durp.info +spec: + type: ExternalName + externalName: home.durp.info \ No newline at end of file diff --git a/durpapi/templates/external-dns.yaml b/durpapi/templates/external-dns.yaml new file mode 100644 index 0000000..9ce7c55 --- /dev/null +++ b/durpapi/templates/external-dns.yaml @@ -0,0 +1,9 @@ +kind: Service +apiVersion: v1 +metadata: + name: durpapi-external-dns + annotations: + external-dns.alpha.kubernetes.io/hostname: durpapi.durp.info +spec: + type: ExternalName + externalName: home.durp.info \ No newline at end of file diff --git a/internalproxy/templates/plex-ingress.yaml b/internalproxy/templates/plex-ingress.yaml index 35b857f..6e6ef2c 100644 --- a/internalproxy/templates/plex-ingress.yaml +++ b/internalproxy/templates/plex-ingress.yaml @@ -59,4 +59,16 @@ spec: kind: ClusterIssuer commonName: "plex.durp.info" dnsNames: - - "plex.durp.info" \ No newline at end of file + - "plex.durp.info" + +--- + +kind: Service +apiVersion: v1 +metadata: + name: plex-external-dns + annotations: + external-dns.alpha.kubernetes.io/hostname: plex.durp.info +spec: + type: ExternalName + externalName: home.durp.info \ No newline at end of file diff --git a/kube-prometheus-stack/templates/ingress.yaml b/kube-prometheus-stack/templates/ingress.yaml index e529355..292280e 100644 --- a/kube-prometheus-stack/templates/ingress.yaml +++ b/kube-prometheus-stack/templates/ingress.yaml @@ -65,4 +65,16 @@ spec: kind: ClusterIssuer commonName: "alertmanager.durp.info" dnsNames: - - "alertmanager.durp.info" \ No newline at end of file + - "alertmanager.durp.info" + +--- + +kind: Service +apiVersion: v1 +metadata: + name: grafana-external-dns + annotations: + external-dns.alpha.kubernetes.io/hostname: grafana.durp.info +spec: + type: ExternalName + externalName: home.durp.info \ No newline at end of file diff --git a/sealed-secrets/Chart.yaml b/sealed-secrets/Chart.yaml deleted file mode 100644 index 7b21da6..0000000 --- a/sealed-secrets/Chart.yaml +++ /dev/null @@ -1,7 +0,0 @@ -apiVersion: v2 -name: sealed-secrets -description: A Helm chart for Kubernetes -type: application - -version: 0.1.0 -appVersion: "1.16.0" diff --git a/sealed-secrets/templates/deployment.yaml b/sealed-secrets/templates/deployment.yaml deleted file mode 100644 index 159a944..0000000 --- a/sealed-secrets/templates/deployment.yaml +++ /dev/null @@ -1,252 +0,0 @@ ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - annotations: {} - labels: - name: sealed-secrets-service-proxier - name: sealed-secrets-service-proxier - namespace: kube-system -rules: -- apiGroups: - - "" - resourceNames: - - sealed-secrets-controller - resources: - - services - verbs: - - get -- apiGroups: - - "" - resourceNames: - - 'http:sealed-secrets-controller:' - - sealed-secrets-controller - resources: - - services/proxy - verbs: - - create - - get ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - annotations: {} - labels: - name: sealed-secrets-key-admin - name: sealed-secrets-key-admin - namespace: kube-system -rules: -- apiGroups: - - "" - resources: - - secrets - verbs: - - create - - list ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - annotations: {} - labels: - name: sealed-secrets-controller - name: sealed-secrets-controller -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: secrets-unsealer -subjects: -- kind: ServiceAccount - name: sealed-secrets-controller - namespace: kube-system ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - annotations: {} - labels: - name: secrets-unsealer - name: secrets-unsealer -rules: -- apiGroups: - - bitnami.com - resources: - - sealedsecrets - verbs: - - get - - list - - watch -- apiGroups: - - bitnami.com - resources: - - sealedsecrets/status - verbs: - - update -- apiGroups: - - "" - resources: - - secrets - verbs: - - get - - list - - create - - update - - delete -- apiGroups: - - "" - resources: - - events - verbs: - - create - - patch ---- -apiVersion: v1 -kind: ServiceAccount -metadata: - annotations: {} - labels: - name: sealed-secrets-controller - name: sealed-secrets-controller - namespace: kube-system ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - annotations: {} - labels: - name: sealed-secrets-controller - name: sealed-secrets-controller - namespace: kube-system -spec: - minReadySeconds: 30 - replicas: 1 - revisionHistoryLimit: 10 - selector: - matchLabels: - name: sealed-secrets-controller - strategy: - rollingUpdate: - maxSurge: 25% - maxUnavailable: 25% - type: RollingUpdate - template: - metadata: - annotations: {} - labels: - name: sealed-secrets-controller - spec: - containers: - - args: [] - command: - - controller - env: [] - image: registry.durp.info/bitnami/sealed-secrets-controller:v0.17.5 - imagePullPolicy: Always - livenessProbe: - httpGet: - path: /healthz - port: http - name: sealed-secrets-controller - ports: - - containerPort: 8080 - name: http - readinessProbe: - httpGet: - path: /healthz - port: http - securityContext: - readOnlyRootFilesystem: true - runAsNonRoot: true - runAsUser: 1001 - stdin: false - tty: false - volumeMounts: - - mountPath: /tmp - name: tmp - imagePullSecrets: [] - initContainers: [] - securityContext: - fsGroup: 65534 - serviceAccountName: sealed-secrets-controller - terminationGracePeriodSeconds: 30 - volumes: - - emptyDir: {} - name: tmp ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: sealedsecrets.bitnami.com -spec: - group: bitnami.com - names: - kind: SealedSecret - listKind: SealedSecretList - plural: sealedsecrets - singular: sealedsecret - scope: Namespaced - versions: - - name: v1alpha1 - schema: - openAPIV3Schema: - properties: - spec: - type: object - x-kubernetes-preserve-unknown-fields: true - status: - x-kubernetes-preserve-unknown-fields: true - type: object - served: true - storage: true - subresources: - status: {} ---- -apiVersion: v1 -kind: Service -metadata: - annotations: {} - labels: - name: sealed-secrets-controller - name: sealed-secrets-controller - namespace: kube-system -spec: - ports: - - port: 8080 - targetPort: 8080 - selector: - name: sealed-secrets-controller - type: ClusterIP ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - annotations: {} - labels: - name: sealed-secrets-service-proxier - name: sealed-secrets-service-proxier - namespace: kube-system -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: Role - name: sealed-secrets-service-proxier -subjects: -- apiGroup: rbac.authorization.k8s.io - kind: Group - name: system:authenticated ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - annotations: {} - labels: - name: sealed-secrets-controller - name: sealed-secrets-controller - namespace: kube-system -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: Role - name: sealed-secrets-key-admin -subjects: -- kind: ServiceAccount - name: sealed-secrets-controller - namespace: kube-system diff --git a/sealed-secrets/values.yaml b/sealed-secrets/values.yaml deleted file mode 100644 index e69de29..0000000 diff --git a/whoogle/templates/ingress.yaml b/whoogle/templates/ingress.yaml index 40cfd8a..dff78f5 100644 --- a/whoogle/templates/ingress.yaml +++ b/whoogle/templates/ingress.yaml @@ -27,4 +27,16 @@ spec: kind: ClusterIssuer commonName: "whoogle.durp.info" dnsNames: - - "whoogle.durp.info" \ No newline at end of file + - "whoogle.durp.info" + +--- + +kind: Service +apiVersion: v1 +metadata: + name: whoogle-external-dns + annotations: + external-dns.alpha.kubernetes.io/hostname: whoogle.durp.info +spec: + type: ExternalName + externalName: home.durp.info \ No newline at end of file