apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
  name: argocd
  namespace: argocd
spec:
  project: default
  source:
    repoURL: https://gitlab.com/developerdurp/homelab.git
    targetRevision: main
    path: infra/argocd
  destination:
    namespace: argocd
    name: in-cluster
  syncPolicy:
    automated:
      prune: true
      selfHeal: true  
    syncOptions:
      - CreateNamespace=true 

---

#apiVersion: external-secrets.io/v1beta1
#kind: ExternalSecret
#metadata:
#  name: vault-argocd
#  labels:
#    app.kubernetes.io/part-of: argocd
#spec:
#  secretStoreRef:
#    name: vault
#    kind: ClusterSecretStore
#  target:
#    name: client-secret
#  data:
#  - secretKey: clientSecret
#    remoteRef:
#      key: secrets/argocd/authentik
#      property: clientsecret

--- 

apiVersion: traefik.io/v1alpha1
kind: IngressRoute
metadata:
  name: argocd-ingress
  annotations:
    cert-manager.io/cluster-issuer: letsencrypt-production
spec:
  entryPoints:
    - websecure
  routes:
    - match: Host(`argocd.infra.durp.info`)
      #middlewares:
      #  - name: whitelist
      #    namespace: traefik
      kind: Rule
      services:
        - name: argocd-server
          port: 443
          scheme: https
  tls:
    secretName: argocd-tls