Update argocd/external-dns/index.yaml, argocd/external-dns/Chart.yaml, argocd/external-dns/templates/deployment.yaml

argocd/external-dns/Chart.yaml

@@ -5,10 +5,10 @@ type: application
 version: 0.0.1
 appVersion: 0.0.1
 
-dependencies:
+#dependencies:
-- name: external-dns
+#- name: external-dns
-  repository: https://charts.bitnami.com/bitnami
+#  repository: https://charts.bitnami.com/bitnami
-  version: 6.10.0
+#  version: 6.10.0
 
 
 

argocd/external-dns/index.yaml

@@ -1,144 +1,143 @@
-external-dns:
+#external-dns:
-  
+#  image:
-  image:
+#    repository: k8s.gcr.io/external-dns/external-dns
-    repository: k8s.gcr.io/external-dns/external-dns
+#    # Overrides the image tag whose default is v{{ .Chart.AppVersion }}
-    # Overrides the image tag whose default is v{{ .Chart.AppVersion }}
+#    tag: ""
-    tag: ""
+#    pullPolicy: Always
-    pullPolicy: Always
+#  
-  
+#  imagePullSecrets: []
-  imagePullSecrets: []
+#  
-  
+#  nameOverride: ""
-  nameOverride: ""
+#  fullnameOverride: ""
-  fullnameOverride: ""
+#  
-  
+#  commonLabels: {}
-  commonLabels: {}
+#  
-  
+#  serviceAccount:
-  serviceAccount:
+#    # Specifies whether a service account should be created
-    # Specifies whether a service account should be created
+#    create: true
-    create: true
+#    # Annotations to add to the service account
-    # Annotations to add to the service account
+#    annotations: {}
-    annotations: {}
+#    # The name of the service account to use.
-    # The name of the service account to use.
+#    # If not set and create is true, a name is generated using the fullname template
-    # If not set and create is true, a name is generated using the fullname template
+#    name: ""
-    name: ""
+#  
-  
+#  rbac:
-  rbac:
+#    # Specifies whether RBAC resources should be created
-    # Specifies whether RBAC resources should be created
+#    create: true
-    create: true
+#    additionalPermissions: []
-    additionalPermissions: []
+#  
-  
+#  # Annotations to add to the Deployment
-  # Annotations to add to the Deployment
+#  deploymentAnnotations: {}
-  deploymentAnnotations: {}
+#  
-  
+#  podLabels: {}
-  podLabels: {}
+#  
-  
+#  # Annotations to add to the Pod
-  # Annotations to add to the Pod
+#  podAnnotations: {}
-  podAnnotations: {}
+#  
-  
+#  shareProcessNamespace: false
-  shareProcessNamespace: false
+#  
-  
+#  podSecurityContext:
-  podSecurityContext:
+#    fsGroup: 65534
-    fsGroup: 65534
+#  
-  
+#  securityContext:
-  securityContext:
+#    runAsNonRoot: true
-    runAsNonRoot: true
+#    runAsUser: 65534
-    runAsUser: 65534
+#    readOnlyRootFilesystem: true
-    readOnlyRootFilesystem: true
+#    capabilities:
-    capabilities:
+#      drop: ["ALL"]
-      drop: ["ALL"]
+#  
-  
+#  # Defaults to `ClusterFirst`.
-  # Defaults to `ClusterFirst`.
+#  # Valid values are: `ClusterFirstWithHostNet`, `ClusterFirst`, `Default` or `None`.
-  # Valid values are: `ClusterFirstWithHostNet`, `ClusterFirst`, `Default` or `None`.
+#  dnsPolicy:
-  dnsPolicy:
+#  
-  
+#  priorityClassName: ""
-  priorityClassName: ""
+#  
-  
+#  terminationGracePeriodSeconds:
-  terminationGracePeriodSeconds:
+#  
-  
+#  serviceMonitor:
-  serviceMonitor:
+#    enabled: false
-    enabled: false
+#    additionalLabels: {}
-    additionalLabels: {}
+#    interval: 1m
-    interval: 1m
+#    scrapeTimeout: 10s
-    scrapeTimeout: 10s
+#  
-  
+#  env: 
-  env: 
+#    - name: CF_API_KEY
-    - name: CF_API_KEY
+#      valueFrom:
-      valueFrom:
+#        secretKeyRef:
-        secretKeyRef:
+#          name: cloudflare
-          name: cloudflare
+#          key: CF_API_KEY
-          key: CF_API_KEY
+#    - name: CF_API_EMAIL
-    - name: CF_API_EMAIL
+#      valueFrom:
-      valueFrom:
+#        secretKeyRef:
-        secretKeyRef:
+#          name: cloudflare
-          name: cloudflare
+#          key: CF_API_EMAIL
-          key: CF_API_EMAIL
+#  
-  
+#  livenessProbe:
-  livenessProbe:
+#    httpGet:
-    httpGet:
+#      path: /healthz
-      path: /healthz
+#      port: http
-      port: http
+#    initialDelaySeconds: 10
-    initialDelaySeconds: 10
+#    periodSeconds: 10
-    periodSeconds: 10
+#    timeoutSeconds: 5
-    timeoutSeconds: 5
+#    failureThreshold: 2
-    failureThreshold: 2
+#    successThreshold: 1
-    successThreshold: 1
+#  
-  
+#  readinessProbe:
-  readinessProbe:
+#    httpGet:
-    httpGet:
+#      path: /healthz
-      path: /healthz
+#      port: http
-      port: http
+#    initialDelaySeconds: 5
-    initialDelaySeconds: 5
+#    periodSeconds: 10
-    periodSeconds: 10
+#    timeoutSeconds: 5
-    timeoutSeconds: 5
+#    failureThreshold: 6
-    failureThreshold: 6
+#    successThreshold: 1
-    successThreshold: 1
+#  
-  
+#  service:
-  service:
+#    port: 7979
-    port: 7979
+#    annotations: {}
-    annotations: {}
+#  
-  
+#  extraVolumes: []
-  extraVolumes: []
+#  
-  
+#  extraVolumeMounts: []
-  extraVolumeMounts: []
+#  
-  
+#  resources: {}
-  resources: {}
+#  
-  
+#  nodeSelector: {}
-  nodeSelector: {}
+#  
-  
+#  tolerations: []
-  tolerations: []
+#  
-  
+#  affinity: {}
-  affinity: {}
+#  
-  
+#  topologySpreadConstraints: []
-  topologySpreadConstraints: []
+#  
-  
+#  logLevel: info
-  logLevel: info
+#  logFormat: text
-  logFormat: text
+#  
-  
+#  interval: 1m
-  interval: 1m
+#  triggerLoopOnEvent: false
-  triggerLoopOnEvent: false
+#  
-  
+#  sources:
-  sources:
+#    - service
-    - service
+#    - ingress
-    - ingress
+#  
-  
+#  policy: upsert-only
-  policy: upsert-only
+#  
-  
+#  registry: txt
-  registry: txt
+#  txtOwnerId: ""
-  txtOwnerId: ""
+#  txtPrefix: ""
-  txtPrefix: ""
+#  txtSuffix: ""
-  txtSuffix: ""
+#  
-  
+#  domainFilters: []
-  domainFilters: []
+#  
-  
+#  provider: Cloudflare
-  provider: Cloudflare
+#  
-  
+#  extraArgs: 
-  extraArgs: 
+#    - --source=ingress
-    - --source=ingress
+#    - --domain-filter=durp.info 
-    - --domain-filter=durp.info 
+#    - --provider=cloudflare
-    - --provider=cloudflare
+#    - --cloudflare-proxied
-    - --cloudflare-proxied
+#  
-  
+#  deploymentStrategy:
-  deploymentStrategy:
+#    type: Recreate
-    type: Recreate
+#    
-    
+#  
-  

argocd/external-dns/templates/deployment.yaml

@@ -0,0 +1,68 @@
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: external-dns
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: external-dns
+rules:
+- apiGroups: [""]
+  resources: ["services","endpoints","pods"]
+  verbs: ["get","watch","list"]
+- apiGroups: ["extensions","networking.k8s.io"]
+  resources: ["ingresses"] 
+  verbs: ["get","watch","list"]
+- apiGroups: [""]
+  resources: ["nodes"]
+  verbs: ["list", "watch"]
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: external-dns-viewer
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: external-dns
+subjects:
+- kind: ServiceAccount
+  name: external-dns
+  namespace: default
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: external-dns
+spec:
+  strategy:
+    type: Recreate
+  selector:
+    matchLabels:
+      app: external-dns
+  template:
+    metadata:
+      labels:
+        app: external-dns
+    spec:
+      serviceAccountName: external-dns
+      containers:
+      - name: external-dns
+        image: k8s.gcr.io/external-dns/external-dns:0.12.2-debian-11-r14
+        args:
+          - --source=ingress
+          - --domain-filter=durp.info 
+          - --provider=cloudflare
+          - --cloudflare-proxied
+        env:
+          - name: CF_API_KEY
+            valueFrom:
+              secretKeyRef:
+                name: cloudflare
+                key: CF_API_KEY
+          - name: CF_API_EMAIL
+            valueFrom:
+              secretKeyRef:
+                name: cloudflare
+                key: CF_API_EMAIL