badhouseplants/k8s-cluster-config
Archived
4
0
Fork 0
Code Issues 6 Pull Requests 1 Actions Packages Projects Releases Activity

Start using sops

Browse Source
This commit is contained in:
Nikolai Rodionov 2023-02-19 11:43:15 +01:00
parent 18109afec3
commit 932a0183f5
5 changed files with 57 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
.sops.yaml Normal file
View File

@ -0,0 +1,6 @@
creation_rules:
- path_regex: .*/values/.*
key_groups:
- age:
- age1vzkv97n2p7gfkw8dyx8ctz2kumattz89th2jq47zyjyrarmnssysdkw9v8

23
badhouseplants/values/secrets.drone.yaml Normal file
View File

@ -0,0 +1,23 @@
env:
DRONE_GITEA_CLIENT_ID: ENC[AES256_GCM,data:BbhUhVbrqFhD3Bw3w0ZfXRFNDkR7LV2gtabUOR990UQ6xDFw,iv:PfsuCU8A0C7MxVd9q6h6hexpeqxDJIshG16+Yoj9uTA=,tag:5mqw0hVJSlIta4p9VxGomw==,type:str]
DRONE_GITEA_CLIENT_SECRET: ENC[AES256_GCM,data:W3NzKBlKhzB1lPmLbMfVkHxtnod25tGi1lHJW2RWc46je6NeWHX1XZlRefbVqKO6gO4AUTlJOq4=,iv:08EQ/9iVZ93P0I+mYBv3SuKfLs/T3ZS6yZkdAuzU4KI=,tag:c2OiB4R/aBLjVY5EfPSJgA==,type:str]
sops:
kms: []
gcp_kms: []
azure_kv: []
hc_vault: []
age:
- recipient: age1vzkv97n2p7gfkw8dyx8ctz2kumattz89th2jq47zyjyrarmnssysdkw9v8
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBaREllV3RqUVg0anpIU1Rj
RFh3WkdGdEU5bWg0bWk3bWU5OHFkeFF6SGh3CmlOek9zL2w4a0ZHc0p0WTNucE1Q
dVpDeW93QlNHZGY1dWhOc0FneUFjQUUKLS0tIEhuZE1CMmZLZFIxbXJTZmIzcEE4
QStxOG1iMWlxQ2dmOXRabXp4cm9NSU0K/+CRAc7DH4PgbQscXvDb7yLe8VoEpixr
icD3GL37kYE2D4h1cm+p+/b7BF4/yjNlCUvo5cITXRjZAuiWGwUixQ==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2023-02-19T10:39:39Z"
mac: ENC[AES256_GCM,data:UXfogL8cIidQpdrTNVCofPRkoC00OczHIQcISQ1AlL+BTl8NjdQfzVdknczDagtooAXdV8Cf+Qf9xMzDd7svFv2Uyc6Tzz80171My9d8bHLtv1Q5TbJ4OSAVr38tOd35APnPgsvgX2SXEDf/vvUuTN7mljPTFuF0raCqLlN+LGg=,iv:s2AH5PUohmLTo2LN3Vq9RW1OOO4I9YkyuK1/ODGwegc=,tag:YmzJBbt2TGJsy5ym8ZkP2Q==,type:str]
pgp: []
unencrypted_suffix: _unencrypted
version: 3.7.3

6
badhouseplants/values/values.drone.yaml Normal file
View File

@ -0,0 +1,6 @@
env:
DRONE_SERVER_HOST: drone.badhouseplants.net
DRONE_SERVER_PROTO: https
DRONE_RPC_SECRET: drone-rpc-sec
DRONE_GITEA_SERVER: https://git.badhouseplants.net
DRONE_USER_CREATE: username:allanger,admin:true

5
helmfile.yaml
View File

@ -31,5 +31,10 @@ releases:
namespace: cert-manager namespace: cert-manager
createNamespace: false createNamespace: false
- <<: *drone
installed: true
namespace: drone-service
createNamespace: false
helmfiles: helmfiles:
- path: {{.Environment.Name }}/helmfile.yaml - path: {{.Environment.Name }}/helmfile.yaml

18
releases.yaml
View File

@ -23,6 +23,8 @@ templates:
# ---------------------------- # ----------------------------
# -- Releases # -- Releases
# ---------------------------- # ----------------------------
# -- System
# ----------------------------
metrics-server: &metrics-server metrics-server: &metrics-server
name: metrics-server name: metrics-server
chart: metrics-server/metrics-server chart: metrics-server/metrics-server
@ -64,10 +66,24 @@ templates:
- "{{ .Environment.Name }}/values/values.{{ .Release.Name }}.yaml" - "{{ .Environment.Name }}/values/values.{{ .Release.Name }}.yaml"
inherit: inherit:
- template: istio-version - template: istio-version
# ----------------------------
# -- Applications
# ----------------------------
openvpn: &openvpn openvpn: &openvpn
name: openvpn name: openvpn
chart: allanger-charts/openvpn chart: allanger-charts/openvpn
version: 1.0.1 version: 1.0.1
values: values:
- "{{ .Environment.Name }}/values/values.{{ .Release.Name }}.yaml" - "{{ .Environment.Name }}/values/values.{{ .Release.Name }}.yaml"
drone: &drone
name: drone
chart: drone/drone
version: 0.6.4
values:
- "{{ .Environment.Name }}/values/values.{{ .Release.Name }}.yaml"
secrets:
- "{{ .Environment.Name }}/values/secrets.{{ .Release.Name }}.yaml"