79 lines
1.5 KiB
YAML
79 lines
1.5 KiB
YAML
apiVersion: argoproj.io/v1alpha1
|
|
kind: Application
|
|
metadata:
|
|
name: argocd
|
|
namespace: argocd
|
|
spec:
|
|
project: default
|
|
source:
|
|
repoURL: https://gitlab.com/developerdurp/homelab.git
|
|
targetRevision: main
|
|
path: infra/argocd
|
|
destination:
|
|
namespace: argocd
|
|
name: in-cluster
|
|
syncPolicy:
|
|
automated:
|
|
prune: true
|
|
selfHeal: true
|
|
syncOptions:
|
|
- CreateNamespace=true
|
|
|
|
---
|
|
|
|
#apiVersion: external-secrets.io/v1beta1
|
|
#kind: ExternalSecret
|
|
#metadata:
|
|
# name: vault-argocd
|
|
# labels:
|
|
# app.kubernetes.io/part-of: argocd
|
|
#spec:
|
|
# secretStoreRef:
|
|
# name: vault
|
|
# kind: ClusterSecretStore
|
|
# target:
|
|
# name: client-secret
|
|
# data:
|
|
# - secretKey: clientSecret
|
|
# remoteRef:
|
|
# key: secrets/argocd/authentik
|
|
# property: clientsecret
|
|
|
|
---
|
|
|
|
apiVersion: traefik.io/v1alpha1
|
|
kind: IngressRoute
|
|
metadata:
|
|
name: argocd-ingress
|
|
annotations:
|
|
cert-manager.io/cluster-issuer: letsencrypt-production
|
|
spec:
|
|
entryPoints:
|
|
- websecure
|
|
routes:
|
|
- match: Host(`argocd.infra.durp.info`)
|
|
#middlewares:
|
|
# - name: whitelist
|
|
# namespace: traefik
|
|
kind: Rule
|
|
services:
|
|
- name: argocd-server
|
|
port: 443
|
|
scheme: https
|
|
tls:
|
|
secretName: argocd-tls
|
|
|
|
---
|
|
|
|
apiVersion: cert-manager.io/v1
|
|
kind: Certificate
|
|
metadata:
|
|
name: argocd-tls
|
|
spec:
|
|
secretName: argocd-tls
|
|
issuerRef:
|
|
name: vault-issuer
|
|
kind: ClusterIssuer
|
|
commonName: "argocd.infra.durp.info"
|
|
dnsNames:
|
|
- "argocd.infra.durp.info" |