update

2025-03-22 15:35:58 -05:00
parent f1580bfc60
commit 7b2558d492
1 changed files with 29 additions and 23 deletions
--- a/infra/argocd/templates/argocd.yaml
+++ b/infra/argocd/templates/argocd.yaml
@@ -21,23 +21,23 @@ spec:

 ---

-#apiVersion: external-secrets.io/v1beta1
-#kind: ExternalSecret
-#metadata:
-#  name: vault-argocd
-#  labels:
-#    app.kubernetes.io/part-of: argocd
-#spec:
-#  secretStoreRef:
-#    name: vault
-#    kind: ClusterSecretStore
-#  target:
-#    name: client-secret
-#  data:
-#  - secretKey: clientSecret
-#    remoteRef:
-#      key: secrets/argocd/authentik
-#      property: clientsecret
+apiVersion: external-secrets.io/v1beta1
+kind: ExternalSecret
+metadata:
+  name: vault-argocd
+  labels:
+    app.kubernetes.io/part-of: argocd
+spec:
+  secretStoreRef:
+    name: vault
+    kind: ClusterSecretStore
+  target:
+    name: client-secret
+  data:
+  - secretKey: clientSecret
+    remoteRef:
+      key: kv/authentik/argocd
+      property: clientsecret

 ---

@@ -45,16 +45,14 @@ apiVersion: traefik.io/v1alpha1
 kind: IngressRoute
 metadata:
  name: argocd-ingress
-  annotations:
-    cert-manager.io/cluster-issuer: letsencrypt-production
 spec:
  entryPoints:
    - websecure
  routes:
    - match: Host(`argocd.infra.durp.info`)
-      #middlewares:
-      #  - name: whitelist
-      #    namespace: traefik
+      middlewares:
+        - name: whitelist
+          namespace: traefik
      kind: Rule
      services:
        - name: argocd-server
@@ -76,4 +74,12 @@ spec:
    kind: ClusterIssuer
  commonName: "argocd.infra.durp.info"
  dnsNames:
-    - "argocd.infra.durp.info"
+    - "argocd.infra.durp.info"
+
+---
+
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: vault
+