diff --git a/argocd/argocd/apps/external-dns.yaml b/argocd/argocd/apps/external-dns.yaml new file mode 100644 index 0000000..a9d3fe6 --- /dev/null +++ b/argocd/argocd/apps/external-dns.yaml @@ -0,0 +1,20 @@ +apiVersion: argoproj.io/v1alpha1 +kind: Application +metadata: + name: external-dns + namespace: argocd +spec: + project: default + source: + repoURL: https://gitlab.com/developerdurp/linode.git + targetRevision: main + path: argocd/external-dns + destination: + namespace: external-dns + name: in-cluster + syncPolicy: + automated: + prune: true + selfHeal: true + syncOptions: + - CreateNamespace=true diff --git a/argocd/external-dns/index.yaml b/argocd/external-dns/index.yaml index 0b53d71..bdda768 100644 --- a/argocd/external-dns/index.yaml +++ b/argocd/external-dns/index.yaml @@ -1,130 +1,143 @@ -# Default values for external-dns. -# This is a YAML-formatted file. -# Declare variables to be passed into your templates. - -image: - repository: k8s.gcr.io/external-dns/external-dns - # Overrides the image tag whose default is v{{ .Chart.AppVersion }} - tag: "" - pullPolicy: Always - -imagePullSecrets: [] - -nameOverride: "" -fullnameOverride: "" - -commonLabels: {} - -serviceAccount: - # Specifies whether a service account should be created - create: true - # Annotations to add to the service account - annotations: {} - # The name of the service account to use. - # If not set and create is true, a name is generated using the fullname template - name: "" - -rbac: - # Specifies whether RBAC resources should be created - create: true - additionalPermissions: [] - -# Annotations to add to the Deployment -deploymentAnnotations: {} - -podLabels: {} - -# Annotations to add to the Pod -podAnnotations: {} - -shareProcessNamespace: false - -podSecurityContext: - fsGroup: 65534 - -securityContext: - runAsNonRoot: true - runAsUser: 65534 - readOnlyRootFilesystem: true - capabilities: - drop: ["ALL"] - -# Defaults to `ClusterFirst`. -# Valid values are: `ClusterFirstWithHostNet`, `ClusterFirst`, `Default` or `None`. -dnsPolicy: - -priorityClassName: "" - -terminationGracePeriodSeconds: - -serviceMonitor: - enabled: false - additionalLabels: {} +external-dns: + + image: + repository: k8s.gcr.io/external-dns/external-dns + # Overrides the image tag whose default is v{{ .Chart.AppVersion }} + tag: "" + pullPolicy: Always + + imagePullSecrets: [] + + nameOverride: "" + fullnameOverride: "" + + commonLabels: {} + + serviceAccount: + # Specifies whether a service account should be created + create: true + # Annotations to add to the service account + annotations: {} + # The name of the service account to use. + # If not set and create is true, a name is generated using the fullname template + name: "" + + rbac: + # Specifies whether RBAC resources should be created + create: true + additionalPermissions: [] + + # Annotations to add to the Deployment + deploymentAnnotations: {} + + podLabels: {} + + # Annotations to add to the Pod + podAnnotations: {} + + shareProcessNamespace: false + + podSecurityContext: + fsGroup: 65534 + + securityContext: + runAsNonRoot: true + runAsUser: 65534 + readOnlyRootFilesystem: true + capabilities: + drop: ["ALL"] + + # Defaults to `ClusterFirst`. + # Valid values are: `ClusterFirstWithHostNet`, `ClusterFirst`, `Default` or `None`. + dnsPolicy: + + priorityClassName: "" + + terminationGracePeriodSeconds: + + serviceMonitor: + enabled: false + additionalLabels: {} + interval: 1m + scrapeTimeout: 10s + + env: + - name: CF_API_KEY + valueFrom: + secretKeyRef: + name: cloudflare + key: CF_API_KEY + - name: CF_API_EMAIL + valueFrom: + secretKeyRef: + name: cloudflare + key: CF_API_EMAIL + + livenessProbe: + httpGet: + path: /healthz + port: http + initialDelaySeconds: 10 + periodSeconds: 10 + timeoutSeconds: 5 + failureThreshold: 2 + successThreshold: 1 + + readinessProbe: + httpGet: + path: /healthz + port: http + initialDelaySeconds: 5 + periodSeconds: 10 + timeoutSeconds: 5 + failureThreshold: 6 + successThreshold: 1 + + service: + port: 7979 + annotations: {} + + extraVolumes: [] + + extraVolumeMounts: [] + + resources: {} + + nodeSelector: {} + + tolerations: [] + + affinity: {} + + topologySpreadConstraints: [] + + logLevel: info + logFormat: text + interval: 1m - scrapeTimeout: 10s - -env: [] - -livenessProbe: - httpGet: - path: /healthz - port: http - initialDelaySeconds: 10 - periodSeconds: 10 - timeoutSeconds: 5 - failureThreshold: 2 - successThreshold: 1 - -readinessProbe: - httpGet: - path: /healthz - port: http - initialDelaySeconds: 5 - periodSeconds: 10 - timeoutSeconds: 5 - failureThreshold: 6 - successThreshold: 1 - -service: - port: 7979 - annotations: {} - -extraVolumes: [] - -extraVolumeMounts: [] - -resources: {} - -nodeSelector: {} - -tolerations: [] - -affinity: {} - -topologySpreadConstraints: [] - -logLevel: info -logFormat: text - -interval: 1m -triggerLoopOnEvent: false - -sources: - - service - - ingress - -policy: upsert-only - -registry: txt -txtOwnerId: "" -txtPrefix: "" -txtSuffix: "" - -domainFilters: [] - -provider: Cloudflare - -extraArgs: [] - -deploymentStrategy: - type: Recreate + triggerLoopOnEvent: false + + sources: + - service + - ingress + + policy: upsert-only + + registry: txt + txtOwnerId: "" + txtPrefix: "" + txtSuffix: "" + + domainFilters: [] + + provider: Cloudflare + + extraArgs: + - --source=ingress + - --domain-filter=durp.info + - --provider=cloudflare + - --cloudflare-proxied + + deploymentStrategy: + type: Recreate + diff --git a/argocd/external-dns/templates/cloudflare.yaml b/argocd/external-dns/templates/cloudflare.yaml new file mode 100644 index 0000000..eff2064 --- /dev/null +++ b/argocd/external-dns/templates/cloudflare.yaml @@ -0,0 +1,16 @@ +apiVersion: bitnami.com/v1alpha1 +kind: SealedSecret +metadata: + creationTimestamp: null + name: cloudflare + namespace: external-dns +spec: + encryptedData: + CF_API_EMAIL: AgCgyl6I4YZ4Bo1IRot87nZxRJ3jtNsRgAntyFEOADxgtd6hw7GwtksoZzhfiL+NvyqUR2JaqK/WH0xGxfXYpuKS2jcPaSS87kqqWTkEOGfXC0zeTfqMErBwK7EYuQAcn/K71U2GmOutzivOrzSC+9FH1u8aSs2w8azP9PIRjPi2h+BmqnBMP8gtE85l+E7Bo9GZpZ62u1cJLc23gZQEeQWhHOqGvcVuvKSA/1Ecfs9L5dkgS5pP0ZwIHZ3qeOz49hXYzLMP/MVh9oz4uk40PTVGHhUFmLlbRpL9jj6x3Nx0BKbEUaNN61kVXDFpK37hrrckDoMBX5OBlefKO4PYHeDRQxrcPaxQqQczpVylY6eWzE+ZwqmKpBivXRZNk4MBJ2zGfjb3wFOGapuHnvJmCwer/R8/NCxkdgjhMPZHMd0kmp96L0kAbaIJqTxkuq/UgMTVmfZC1xTizkr+2PSAJqgDWfgg4jLdQKON8JveluU0dNG8S2mnjE90PPaihMzdc0K8XkWoviP1SW/xPRhTWoO12C6lUt8pv5aX6tQElz8Z8dLaRtGsYZyEBOYaNWNKhmyMeuIhhmNSd0sw4zzjPvW4xOiNYoftGqLzB05ByC+vQ1JTe51rd80FvV1FcfJWE0SixULzIKnuqb8DP4iY/Jy0xNBKDOrnWQywQhkO+aFm/C5TyQFZvID7/JZ/zz7o2LefJcxezep7rVCa2koLEpzUFg== + CF_API_KEY: AgAs1oH5mhWw7CoKq5WsJQpsvH7iPXNOBw7EmJaMyN9JignHv7Ll6v0ZsJnen/XxVeZBWS3qZzrrqT5e97tPjOsxYhxz6kPKiUXr9DUndiT4kf0tb7fkwAuwrobFyz6W7gdzFKeTS3TDN4Rj1r52PlsBJN1do6UoE8iHnk6xU9OwjJyvI1QTa4mr353sH/UQO3dZ8NzwMCZ9Lybatsw6I9YX7vWXX6Kz9ZR2ESP//0erx41KHKWp+nxfV8FEm5w1KvICgP5zDJxS0TpYti+v/px+giB85XAs/R9DBZptAM0IIx6AnGmvbiY/KNCBbrr2Qs7/V5b5nU5hDjEItlAMQUzxhWX3uzuNAS8lcI3jrdWLnIAnr8bWCp8ovRsqxhXZUPbGFcTWTWN4di580gfzYNEHdgxUzFmwCE1SXVynSFMUEUlG0B8wZm7h3UgtbQM5n9tsi/gKbIfosG4TljroXsCwj22zYr89iGfM0d2DZmEIq4K2ZT9hrSgGSNBGa+hQ5cCclcbCyX+kXlt2iswPdJL1tTdAEwSfxFmWOWv3DWxmtF2UCiicRTyZXFYX8KmT5ci/Y++qp0mx+ITca6pjgGfzrC0Plf44JTw0IyV9SOM3/jv4FG+kxjWoIpQnsfgJIkZyZy+D8/e+B90L+ql0RZ3UZv2FqdTG9WNSqUOpES067NbdyqKyB37we/f3Ke9R4fz5OVfXHCXQcU5nUnpaxQB3mN8wEIKpTiMLlrQ0vxunSVpGw40x1oDq + template: + data: null + metadata: + creationTimestamp: null + name: cloudflare + namespace: external-dns