Remove helmfile dir
This commit is contained in:
parent
8953975205
commit
d5188cccdd
@ -1,6 +0,0 @@
|
||||
creation_rules:
|
||||
- path_regex: .*/values/secrets.*
|
||||
key_groups:
|
||||
- age:
|
||||
- age1vzkv97n2p7gfkw8dyx8ctz2kumattz89th2jq47zyjyrarmnssysdkw9v8
|
||||
|
@ -1,113 +0,0 @@
|
||||
---
|
||||
{{ readFile "../releases.yaml" }}
|
||||
|
||||
releases:
|
||||
- <<: *drone
|
||||
installed: true
|
||||
namespace: drone-service
|
||||
createNamespace: false
|
||||
|
||||
- <<: *drone-runner-docker
|
||||
installed: true
|
||||
namespace: drone-service
|
||||
createNamespace: false
|
||||
|
||||
- <<: *longhorn
|
||||
installed: true
|
||||
namespace: longhorn-system
|
||||
createNamespace: false
|
||||
|
||||
- <<: *argocd
|
||||
installed: true
|
||||
namespace: argo-system
|
||||
createNamespace: false
|
||||
|
||||
- <<: *nrodionov
|
||||
installed: true
|
||||
namespace: nrodionov-application
|
||||
createNamespace: false
|
||||
|
||||
- <<: *minecraft
|
||||
installed: true
|
||||
namespace: minecraft-application
|
||||
createNamespace: false
|
||||
|
||||
- <<: *gitea
|
||||
installed: true
|
||||
namespace: gitea-service
|
||||
createNamespace: false
|
||||
|
||||
- <<: *funkwhale
|
||||
installed: true
|
||||
namespace: funkwhale-application
|
||||
createNamespace: false
|
||||
|
||||
- <<: *prometheus
|
||||
installed: true
|
||||
namespace: monitoring-system
|
||||
createNamespace: true
|
||||
|
||||
- <<: *loki
|
||||
installed: false
|
||||
namespace: monitoring-system
|
||||
createNamespace: false
|
||||
|
||||
- <<: *promtail
|
||||
installed: false
|
||||
namespace: monitoring-system
|
||||
createNamespace: false
|
||||
|
||||
- <<: *bitwarden
|
||||
installed: false
|
||||
namespace: bitwarden-application
|
||||
createNamespace: true
|
||||
|
||||
- <<: *redis
|
||||
installed: true
|
||||
namespace: database-service
|
||||
createNamespace: true
|
||||
|
||||
- <<: *postgres16
|
||||
installed: true
|
||||
namespace: database-service
|
||||
createNamespace: true
|
||||
|
||||
- <<: *db-operator
|
||||
installed: true
|
||||
namespace: database-service
|
||||
createNamespace: true
|
||||
|
||||
- <<: *db-instances
|
||||
installed: true
|
||||
namespace: database-service
|
||||
createNamespace: true
|
||||
|
||||
- <<: *mysql
|
||||
installed: true
|
||||
namespace: database-service
|
||||
createNamespace: true
|
||||
|
||||
- <<: *docker-mailserver
|
||||
installed: true
|
||||
namespace: mail-service
|
||||
createNamespace: true
|
||||
|
||||
- <<: *istio-gateway-resources
|
||||
installed: true
|
||||
namespace: istio-system
|
||||
createNamespace: false
|
||||
|
||||
- <<: *vaultwarden
|
||||
createNamespace: true
|
||||
installed: true
|
||||
namespace: vaultwarden-application
|
||||
|
||||
- <<: *woodpecker-ci
|
||||
installed: true
|
||||
namespace: woodpecker
|
||||
createNamespace: true
|
||||
|
||||
bases:
|
||||
- ../environments.yaml
|
||||
- ../repositories.yaml
|
||||
|
@ -1,10 +0,0 @@
|
||||
---
|
||||
releases:
|
||||
- name: namespaces
|
||||
chart: bedag/raw
|
||||
version: 2.0.0
|
||||
values:
|
||||
- ./values/values.namespaces.yaml
|
||||
bases:
|
||||
- ../environments.yaml
|
||||
- ../repositories.yaml
|
@ -1,27 +0,0 @@
|
||||
server:
|
||||
config:
|
||||
dex.config: ENC[AES256_GCM,data:SExaFuvPjiyYUiqBivswX4dpPM+x/6OsmyC9FFpiX1TCDIsYNFakzW5ZwFk1XnS8OYzqksyoxAGGU2fmoTVpHXviDqSZ76g0AREH3OwtSlz2R8RwFU/zzgXeqoxw2rC2ij0t0Vg39BeltArIFBcrtTfDy7AjMqf/Qx29EAb9nnoTA/SPj33VzHbn+tJIHb/a2XExj6VAyVJoq+fqsdKmmbI0tb636V+Cq/+wj6WwGjhu/0PDtaMN9AWokMGgICLUbdtfocinvZ1gyv8+QDnczYonD+wFZdlaKDembGN3p0BggBCLOY1I9f3PHG9Yy5xpNtAGFjDYF3NLz1n1QjDwRo1La6EHmmd2pL3INtU++IGRkC64bzCKR7i429/il13MKvccBOBWiJpkf5L65Rluyb1WWNYBcI/SscfQo1CSL6zXuZtrxeWrRcySs9TjSAtwHrpuRm6hfwi1tUcUUEhu6c9uUYMhSoNug8/2vQjQiJcEdh9n+YCoUbPraAC/OSctrnmO/vsXY9CcXCWWR606Wwvr0RIX+wg4/5vCyecj+5nvhfaZvECXoCmKT8xtmVw6h2oYbAU4T7o9J93XNMVyhui4DM1JN4GYlTsfbpU1PBetUII+RO23rJDSRQdEq16Kk9RcNEUaJYcS4uH7AXvbJVeC6Cx2OwN7zSmOSbA9D2kYt7IVcnBQRGJ+cH6fy34KTwJ0def6Ze243LlHdA==,iv:c8cJLybNsyuAw/BFmKtNTBzXIl0vmeSuKW8j/aw8STw=,tag:URax9og6ZQRvWPtKVel4SQ==,type:str]
|
||||
configs:
|
||||
credentialTemplates:
|
||||
ssh-creds:
|
||||
sshPrivateKey: ENC[AES256_GCM,data:qQZuWVqu3G59OLMTtYW3BDfoo/3+SvLgQYzv0Aa2NQGb/5wVFejPiJR0BAMYZjkDSVgUZl/oVCT55I41QeKcNYfHtGcrWIFvizg5jW+K0U3ZvgtnY56J1GsrKWQIC29U5EHz/7xXTnSJkkiiVEBGOjwQHpfCgsqR5/qhwnFx+idLsdJGasMYjIJZttTtLpPsY1tgUwTzqJGQptJHqG+/EDcmI9ms6383ltgc6xsmezJDyoG3A2cMNp22qctIuqTIM6ltL9iosBmMsPM1MaiZyJ7rG5zNPymTCFDQUXwlUwFoDKJnN3GkY4ApzRv43iAw2aIX8ykifZVGZOuvV/ifzUuDoemsGjD7X3GN+ngVNwdLm1qSkcnb21Q22kVmBxotIQaF9eN/LqDk2ULEMX3Yvml886yo4AnxlIA8zW8XzFfEILrEswv555P5p3Mswl0+KAIDo7cYav495U9cYrttHbU5wvr9br5JekNKVSgTigwFraq2ZUE8Za3Ru7VOuljywRwe0VEvhFv8SJoH9NZJyl8ME0+uH1R6YtIodkHpB6b6wtyCwtPXjkUkR8nzi4VU0L3zq90e/DvmX/a/q4uEHtLPiIEMFbKtUQ8v8mmscYEEvYIsIBO0VcY2CUFbEs7r56uFOiysqB4d4ySGFjdQceRTLhG7/kUjjYtGEByVcFXllhAV+1C0vXHgOXc4G+EowObbcyj+sA4hxFVL8/f0s7znVCQbZhztQsxfFr5+76X+nzkXkkhauUsMChybmVmGTU+hYnZ8XuOK6X+tRixoVNlcitFD+NxTksvDeJDIShaQvH2cjLLbkze9GmUVr3EvifQhXdw29rpgySVE0Tjn+YL23Ft8dToqR6QwTASLi/vcvbjpx5NtchuR5QFxwZYY8ROTljSQS61AMdszr5cR0BwtFY8j59Aj25sEJeasi44xzUlBxAGazHjzBDxDU7XIpGV/IkiMtaEuEXKGRpVqhQrszvuXOf9K4TwxuVvhlrSVvU7M/lQzJUzkSFOSvO9nzfnkVLwqTdTX56ODFs10vRowClKetC6PpuAclw85WlC1OTkkAL8RUCWyoPQUU+EYolUCW5nMp4P8X1XK3qvRpBU6BdjnnuLQAi1bYu8t0f4vTYoLvYTwlMGXizMHEks6me5pPD7mq5HvpR2e7i1ZzJ3oQaKPB9n8AsugFeRStAal7HHrfEA6NVXLlBYdiq9oRgwllZwi5dsw4m6ABhh+angCWkIsjB9+n9NKOdJowvyDDx1JE/Ai4wb+8hbTLtAold6YJgNA5aT7LeSVaxWVB+V8w1ghn3UJzI6SGdayJqUH+VAUDvBg4LeqGH2vrod57SF4FMmqGTQwN7cYxW0fDT9V8xnb2nQu7WaE04Miw5hlsB4uTRUfeMrXXvt3R2N8azqQDF9Himtl48U3by9vv8FPsNhq3XvAPY5/TCzHz93bnWWmdtyZlHTFz2wRAwaTwOfFpN7oMW6YyVo6UUpw10zap0Jfboq8szF////nwEHf8qGw3dxT85WwBR9KBPwFuHZQsoUOuy00PuAB5fVvXXWBiCnzYwWgY3NqTBkLYbV8D/6UnLlfAHhnEok7QXf7P4xqbB/6EmqCmGBw5ZgPqg0bY6mOTnMrfqiKV9+Q0Mhe8eFPNOr2zoR+VYRDnWX+rJu1+OAK8QegH1Jn3RlOg3lXoFDFLelq6GEq1Kdbr83goL59/uRu4VNvAArUJ9tk4Vn2vWEtnbpjRcyjwAHIc1YXphY53cPFdSjYCeoNv5MDEt3oJAKWhSX7Ql6ledftGWB4fhns0OK4+zLN6osqrPNtLyS7iqXhcwmUIx+b6jzblKt/FAssFOw6VVpi+nVrBWHDW4lhHiCu37VYS15Vtjw+JCPbAe30MOquhXn1CnEnoV8mDoDGTeMpvpP4BTTgsLmloXfv8/+TjNYfzSWivvXjY1K0P/KGqoEJfIyYDyuxi7t2qJ/CwdvBTJkF/cTX6yvX6IvijKuUco2aIgpoZfg4JR6VL7Gk3Cvf3YBvnvG8TspBOfO3ZhwTS6vfQeDLs6kf+gBtXduJTqAXuy8X8B4RZxsNGZZD8hsSVH6xP5akN6waGqG+xDQxKTT7FCpmi0igvvANRROF3+KxGigPTrIqa33WDglrD6tUfUKNUW/SuZXXjbrgo0lillsXj6i7esSLfgH9CjUfeVUW/mI7mvW+0xjV/eeZtxRnz3ADGgfObV0XakEFBDhDnXtmdN7RN+Q+UvtN0uYGYWYqnIPNewm5RYwVGtGNWOB42PdaKH0qRUdWvCAbsKflPxW5pJNZlejhoMm+3+j2UlrY59dGqTVPoXkWgIGxFkubrtN06zAhVEV6/PcCZoGJmZsPWIfiY5k/BZljtZLAa1e2cboD/0q8iX0VzyRSmuKzVYMa6/NTU3PQ8l2x5fQRRq5OR33P2N36Wb6cO7GB9mEKAElTnd8oLlJ3T27EBctdNf8gOBIYWtGo+lYtKeh/NJm5o7KGIdjhThi7Lrbyqaxb294yxydmrJBh64dws+f3IhUQBLz+6lk5PM7EtrBCGuN7PqdqQMHqWMcCvDCHxY5X/U4zrWMAClEifJfC0b+3HthLkBHb388nGMo2ymHq683s0PxmmY0lfpncUEGHu+1J5E3w2BEy5Qv83x0RQDoDFab5lxILo6VSmZru+Kj18yeqNiNw/CzHaMvID7Gio1jaq3DsuD4bA9ne5Je5yAK8INrYRDCSzMfQpc2QqE306tonmsu37EKGHTCOaaqfL8/f31nqZcdKAdidM4JBa+osYYVUCp50Nn8h94dczpjvC+M2hEQXbibUSwyPjDv7ptwfZSEPG1mjbrOEpRSbzh3lGbE5q9K7bNyt0aJRi2gOw/shU5rPxmJ5KoL0HUEc74pZRG+Csa3ZKruqYqOEezgZmVwo0E3NQD8u/y/oF/L8hgKj2jcRmJS/pKbr2Tv+Sde1ZYdZjsXW6tFRjPDZGyhjHBriPLikN097kmuPFWS3f4ZFPyHM/Az2uzPPBFGv7VchUbFScIDgBIq+fYnTPtjjST7FgsDxpzTkj8uliU9z7r0dTIawC8qSUYErsFYSvUITySWTam0R04yitaArcH5fLEhEeKKMjGUVkwwxGxfv9Fql6Zs1YSCKka9aynXDUmw6igbRJVIPtmEosrmFUzlX1OEiJrX5xWOVAv3wQ2vrxvwHlmOMtr/cQagvASds2kC4QJ4qSwc8YdpLAwrn4+h7uNP/QChAOVCiGQXpFqd5ab/LBc6Gc/1Zxilil1kecMFBc/XmVssw72XSVoXVJPlIyiSYOAtm1BGQHJXRspP06/M+/5ffaHoEevqB47kf6bE8c3F9SwksgwGtaqXdFBoKSQcret8Tww9C8ZwDji8v/woVu2COXWaF2HLg3r3vrXa+DVVz1ENtOmJEJYTCuLmdqpZsWv4olC2wcCUEA+po9kZbVcEAfKd0xe/0x2fzqQ==,iv:lDEAwKxgoRPH5AtF2kYxPQjHkw3/kbbpoz3jlUsEpTI=,tag:6dbL9WZoTZ2xSrSVE4Dlhg==,type:str]
|
||||
sops:
|
||||
kms: []
|
||||
gcp_kms: []
|
||||
azure_kv: []
|
||||
hc_vault: []
|
||||
age:
|
||||
- recipient: age1vzkv97n2p7gfkw8dyx8ctz2kumattz89th2jq47zyjyrarmnssysdkw9v8
|
||||
enc: |
|
||||
-----BEGIN AGE ENCRYPTED FILE-----
|
||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBxTWUxY2hYT0dId2hsR0x1
|
||||
MXFtRjlSelgwdUcyVnBUdlJ6Nng1UkNJaHg4Ckc5NXBORjBCZHQyc0lDTiswazNF
|
||||
cGhKVFFNdlZnRWlxS05OTklOUDJDQjQKLS0tIDNWNDVVWXcxUW8yUHgrOTNkRkQ1
|
||||
MGNDV2cvUUF3dWZHSlZNeVFDNXhzalkKubKuiiZuqoZTvRMr2FiUxnFUu+Pvj3Wf
|
||||
pZTfZg9rnUukmV+kmwqQKcfoPNfeShhoAsszWwPM628cV9pq87I2/A==
|
||||
-----END AGE ENCRYPTED FILE-----
|
||||
lastmodified: "2023-03-04T16:16:37Z"
|
||||
mac: ENC[AES256_GCM,data:4HhqNV9EIcBA/nzxuiS21TWe6BQ+anfEQOnfrYcZ2vVD2dTPzc0ztZ1Ihc2WX6sMCVFDpUJFEcr38Aj2tXnnS80kTsnznBsSFNLj2b857PWXNeoAuwiiY3XBq+Ndo7I5wCYgWyuaH8xWQtd5JVuZPpqdtjTkbWq3lj8aARJUuQw=,iv:Hlu6iaBBQovSaXYAEB7nWBL9OM1UXYxQ444s5ZrMtuo=,tag:N/znbxYVwFoJ1eYAS8PE4A==,type:str]
|
||||
pgp: []
|
||||
unencrypted_suffix: _unencrypted
|
||||
version: 3.7.3
|
@ -1,24 +0,0 @@
|
||||
env:
|
||||
ADMIN_TOKEN: ENC[AES256_GCM,data:ea2lgOEYMi8Dsvun00YZR3PCE3ycNC4Mpe+xye9YL5CTtnyrDwV9Tw==,iv:28Tcn1/qIquS4jCNBTtspB9c+5U3Ut1zoY6gIez8fcs=,tag:POmhoUY3t4w+iTJKK2eHVQ==,type:str]
|
||||
smtp:
|
||||
password: ENC[AES256_GCM,data:cs+2Ml3YfZCk8z/KmexGMqzFQRM=,iv:mg8e3oHbLT07pZEdDGwlBchPyT83xOdwKJg9CCaicnc=,tag:NPD+8gKERO8uCuwrFnn3bQ==,type:str]
|
||||
sops:
|
||||
kms: []
|
||||
gcp_kms: []
|
||||
azure_kv: []
|
||||
hc_vault: []
|
||||
age:
|
||||
- recipient: age1vzkv97n2p7gfkw8dyx8ctz2kumattz89th2jq47zyjyrarmnssysdkw9v8
|
||||
enc: |
|
||||
-----BEGIN AGE ENCRYPTED FILE-----
|
||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBKL3M4VWJBQzZQdHRDcXVw
|
||||
VWIwcjd0Zm44V01DTW1aV2FhV1QvT2hpcUVZClJ2dHdvcDYxalEvMXB2a1F1WlRy
|
||||
K1VOYmg4cWprSHpLSVJVK1lYVXR5cWMKLS0tIGJ3bHNIZE9zR3RuZmpmMlZBQ1Qr
|
||||
dzNYMlRnUDIxK2padTRCSzR4UUpWQjQKxex3RqZGU7ekdNC3qIiqdFs7d7a0Pxa1
|
||||
amLsaNnBfJ3OqjuD8atF2iCAXy1Q2BcXunkWi3wbzHb/DgYly3n9OQ==
|
||||
-----END AGE ENCRYPTED FILE-----
|
||||
lastmodified: "2023-10-15T12:20:48Z"
|
||||
mac: ENC[AES256_GCM,data:2yRwdYM32eESPuUz+d7m7pTcluDUeOrLgv7iJmhPEnowcU9WvypAZr73w4y4ewc3yvLmmu5uuFjJJhN1+yjwULGUtU1NPdcvXHsGwtlA7KDyYUqwIc4NrD6BAeR7tRQChNVD++2wB43kiGAWAMmieOMt+xHcaWlM2btuLoiwE34=,iv:ZMxA5eu0IJKTRBtoKhyIJiDe/W3zVjzlz3TbO7gpRnU=,tag:ErYqzleh87+wj0uBRah20g==,type:str]
|
||||
pgp: []
|
||||
unencrypted_suffix: _unencrypted
|
||||
version: 3.8.1
|
@ -1,33 +0,0 @@
|
||||
dbinstances:
|
||||
postgres:
|
||||
secrets:
|
||||
adminUser: ENC[AES256_GCM,data:pKbAQDiOs6k=,iv:yET0mJtdm2baDJHwq1uYEoxye48g2PrMqiOSO3POTBo=,tag:wuIxhHiRzjSRM+uaEo2KNQ==,type:str]
|
||||
adminPassword: ENC[AES256_GCM,data:/U3q6RmOYLpxJBAYsJ8f4lV3MB0=,iv:dw7g0E4Gm0YqtgvdcC+bq+YbSRPop3BKLiJfwaz+1io=,tag:NAXnWj4AjgajN94ml/ENsA==,type:str]
|
||||
postgres16:
|
||||
secrets:
|
||||
adminUser: ENC[AES256_GCM,data:1THZrB3Rg+g=,iv:/euSgQUYlJ4HbiqWr3ezwLkds0nwioFHRhXbqTiYR6M=,tag:GSbSxrNrVJKHp9+3+ECVRA==,type:str]
|
||||
adminPassword: ENC[AES256_GCM,data:F+5az4JRH6LMz88duwFp5EDm4AYG,iv:dbsfSSwigBX1cU6XFYu4ZFd15Te0MdGBoq5O9OtqxgM=,tag:uOLhvHSiBEbbos2GzLJZ3g==,type:str]
|
||||
mysql:
|
||||
secrets:
|
||||
adminUser: ENC[AES256_GCM,data:XFEGew==,iv:7aj2J7Qs9mHC5kRZGrg71hwEBP64vEz0qQ+qoPHSgrc=,tag:/Rx5yx7iMU5Gwcmbf5GVSg==,type:str]
|
||||
adminPassword: ENC[AES256_GCM,data:vYIiHccMkX7yJ2gsVGcLTUO7Ers=,iv:uDlefG5I/cirIUal/phlHCNwYtcXYFBND54XJ+n7eug=,tag:YK7pdaohOZL9yg4OiPxbRg==,type:str]
|
||||
sops:
|
||||
kms: []
|
||||
gcp_kms: []
|
||||
azure_kv: []
|
||||
hc_vault: []
|
||||
age:
|
||||
- recipient: age1vzkv97n2p7gfkw8dyx8ctz2kumattz89th2jq47zyjyrarmnssysdkw9v8
|
||||
enc: |
|
||||
-----BEGIN AGE ENCRYPTED FILE-----
|
||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBVbENvMm1YQzlSV3UrSEJ4
|
||||
VTZ1RWVKTlpsUDFzQlVjMlJEZmIvaldHVXlFCm9SVzN3Z0dwTGo1Y3dnaHhvSmpi
|
||||
bDIrMlJhbHhKUmRZejdkTmJiSDYvY2MKLS0tIFpRbkwySVh2MDlNWEFNZHVtY2Ns
|
||||
Wmh3Z29ZSlBhbmFJNkFQZlE3aXpMMk0K14rSXjSF08xkil+fFJpeMV+6XChTJ2/3
|
||||
OQecJtg+0NQPyvC+kR5qKq8roiSzNNJgTVg2wwKMdukKVVTbEGi0gA==
|
||||
-----END AGE ENCRYPTED FILE-----
|
||||
lastmodified: "2023-10-04T02:28:20Z"
|
||||
mac: ENC[AES256_GCM,data:EBNSr29LlLjadOrrk2ZSwH9Ng4YD0pYCrhfupaQPSK5559zUCRIuPuTC5P0sfh5dn7YARrcprAwH68I3Xc3EUWkZabCYcjR+bfbby1s8tjiIIgVcksQJr523CDIXMiezf860M9uyktxWdUQa1TjuEfo0SAkYs0XHEaIQlOloN6c=,iv:v/Al1appBTv7ypplQEz7C2qAnvCDRK3JPCN8+PATeX4=,tag:Ci8eg6xsFyZz35r5p4ie6g==,type:str]
|
||||
pgp: []
|
||||
unencrypted_suffix: _unencrypted
|
||||
version: 3.8.0
|
@ -1,22 +0,0 @@
|
||||
env:
|
||||
DRONE_RPC_SECRET: ENC[AES256_GCM,data:RAZbnTrv9PxiCLLqjKWBtFWd+Nzqma8Zw+NuKRLO,iv:IiFcTQGUmYa6UCBzx1yTDd0zwB6D1Cv0raXZxLXm1qA=,tag:83bnBW+MhkKehZfso3g+/g==,type:str]
|
||||
sops:
|
||||
kms: []
|
||||
gcp_kms: []
|
||||
azure_kv: []
|
||||
hc_vault: []
|
||||
age:
|
||||
- recipient: age1vzkv97n2p7gfkw8dyx8ctz2kumattz89th2jq47zyjyrarmnssysdkw9v8
|
||||
enc: |
|
||||
-----BEGIN AGE ENCRYPTED FILE-----
|
||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBOVk0yaTlySHpuOWFFT3J5
|
||||
Z210NzJPTmV0akdFQ1REM1JzK0pwTC9XWjJJCm54QmQ3ODJwakZuamMzYTBIeEJi
|
||||
aUxKNmQ3dU52V2N2cjl5VTJpTTAwWGsKLS0tIDFyR2o2VnQ4QWFCWWRzZGNMZnNQ
|
||||
em1VMlhBNGRrVFhXVUVRdU16Q1Q4bUEKvZ6UbZsfdvfCk37FlEN4vg0RTnPO2nwh
|
||||
DY4klzcan+9DBRT2qdIIy6pj94GuSoXKXEYc9X0AvYab/HoLithMWA==
|
||||
-----END AGE ENCRYPTED FILE-----
|
||||
lastmodified: "2023-05-21T09:27:21Z"
|
||||
mac: ENC[AES256_GCM,data:U2JETtW0lbb2znJBupGMPsab13y5M1v1N0wkFxEBs+YVNFhnkvIqSZiY5mq9KTYiY4tRzw1kV+jqP0jNsODekCI1++4NBuQsGSZFUoTERHgTRlnz1aAS+nf39lvYnWyQxsQmw9vY/GQ/yluBJkOEV/EoIF3wHjxZe1HCBIViPyk=,iv:WMj7aSgW8LdNQbOgC4FcyOtR/3gjckiHO8vlZGdiTeY=,tag:Xty2QVLJ/D2dlzQY13od5w==,type:str]
|
||||
pgp: []
|
||||
unencrypted_suffix: _unencrypted
|
||||
version: 3.7.3
|
@ -1,24 +0,0 @@
|
||||
env:
|
||||
DRONE_RPC_SECRET: ENC[AES256_GCM,data:W1OAxQIUbVU8uYHtxujhPyww4jscNH4LwMAGOU5v,iv:ouToTniIMiy757x40MKMtmLFBVzpuGxSYOTMZmmN8ck=,tag:RZ/cb7cRXDQSAQwGqdX+zw==,type:str]
|
||||
DRONE_GITEA_CLIENT_ID: ENC[AES256_GCM,data:7Ohn3nGR9VeIhAr9EdW1/juRFo3TXpKIwU07hD8mGoyBrbyn,iv:9/y3Ou8H/PL2hMsirJaqviKGQuzVlzL43iGAKQb9NII=,tag:EZoo2F4/HoOcacWOVU9yjA==,type:str]
|
||||
DRONE_GITEA_CLIENT_SECRET: ENC[AES256_GCM,data:2wAbiSJdDb5lGUOocK14pZtwQI0EFmXGStAigKsPGAZUKyn7M0B6xBO1+B3wZYVnIKEohiNIZF7k,iv:Y9aCzdSH5cAIZfk84Clto/IrQMRaoH+bOkvbP+9CcLM=,tag:FVfLsEA56WGNCl/8ut4F/Q==,type:str]
|
||||
sops:
|
||||
kms: []
|
||||
gcp_kms: []
|
||||
azure_kv: []
|
||||
hc_vault: []
|
||||
age:
|
||||
- recipient: age1vzkv97n2p7gfkw8dyx8ctz2kumattz89th2jq47zyjyrarmnssysdkw9v8
|
||||
enc: |
|
||||
-----BEGIN AGE ENCRYPTED FILE-----
|
||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBaREllV3RqUVg0anpIU1Rj
|
||||
RFh3WkdGdEU5bWg0bWk3bWU5OHFkeFF6SGh3CmlOek9zL2w4a0ZHc0p0WTNucE1Q
|
||||
dVpDeW93QlNHZGY1dWhOc0FneUFjQUUKLS0tIEhuZE1CMmZLZFIxbXJTZmIzcEE4
|
||||
QStxOG1iMWlxQ2dmOXRabXp4cm9NSU0K/+CRAc7DH4PgbQscXvDb7yLe8VoEpixr
|
||||
icD3GL37kYE2D4h1cm+p+/b7BF4/yjNlCUvo5cITXRjZAuiWGwUixQ==
|
||||
-----END AGE ENCRYPTED FILE-----
|
||||
lastmodified: "2023-05-18T17:11:19Z"
|
||||
mac: ENC[AES256_GCM,data:d9G44MW63rUa/MQaW/rLQQ4dlgOOje6qaS1V7yWT3HrkRLOXRCfuK5E+XeWC1PuQwMk0ghaNYJDT0FTnBsoJbxlu+7Vb91qlItn+azvldOFDvtGTRpAK7bPjM+p+G4/gZsgarFxaTh7py6Z/HsoqP1RvaK8GWNhRl7VfTiFuUrA=,iv:e4IXbSSiHMTPc3WijuwgF8L5aG5iMMfu6P/IYD2cp5A=,tag:aGqcqjjrO+PfYxfIAgSmeQ==,type:str]
|
||||
pgp: []
|
||||
unencrypted_suffix: _unencrypted
|
||||
version: 3.7.3
|
@ -1,27 +0,0 @@
|
||||
djangoSecret: ENC[AES256_GCM,data:CxsJVhNxku3pohREaVs=,iv:KDupR8tZlPkPeRwGWzyz+eKtp1tfTdFWqXNuQW20oXo=,tag:lCHqv2CC8cXpnqTr8fGzPg==,type:str]
|
||||
postgresql:
|
||||
auth:
|
||||
password: ENC[AES256_GCM,data:RdsyzDU+XesRJkUSllyvfREzbDz68t6RSw==,iv:RpV9BjK9ytpUYJvNGQ5eHXuhNbXSV+Nl9Yib0ac34KM=,tag:Y1K7cfmoyNS6sih0JMjBVQ==,type:str]
|
||||
redis:
|
||||
auth:
|
||||
password: ENC[AES256_GCM,data:fgxZMA13BpFf5FA8JwLUXjlelUgvR4qtg316OALq,iv:numLe3PrsToG0Fbl7+mdbWOBTb7XrgppF09pIVg+rrU=,tag:ivKuF0xFe/s4P1otjLML8g==,type:str]
|
||||
sops:
|
||||
kms: []
|
||||
gcp_kms: []
|
||||
azure_kv: []
|
||||
hc_vault: []
|
||||
age:
|
||||
- recipient: age1vzkv97n2p7gfkw8dyx8ctz2kumattz89th2jq47zyjyrarmnssysdkw9v8
|
||||
enc: |
|
||||
-----BEGIN AGE ENCRYPTED FILE-----
|
||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBRL0l4OHh5TTd1UGoxZFcw
|
||||
TUtNYkdYTzhRS3hpTHkyNlhoT2hTek54RlJnCktpZmpDNk9mYThyUVZOUTAvanBL
|
||||
VElHYjR6T2QrV3N2c08vZ3JHVWdjSHMKLS0tIE5nREIyVlJ1d29UVzE2aFl2Q21Y
|
||||
dWdMUFpOOVJYSXdBbzJiSzhQM0VmbWMKUqdIpfa8i7vASIga8HFurrPf1RgA+WVA
|
||||
GZiG+M0i4yc3SooTIwbDzH0orfaEHueKdNTGOXMgxNiRIt2q9BG76g==
|
||||
-----END AGE ENCRYPTED FILE-----
|
||||
lastmodified: "2023-10-04T18:47:37Z"
|
||||
mac: ENC[AES256_GCM,data:Mh6OGkcKMGnmBHIKadpLYfFO3UNLoww4gFW+U7mnu4v87j06h6QHOx4p99TBp8OqK3/ky73FUVLGtm5XFLvMgzM5wpghqwqPa4G9UvgP2zY6GM5HaEw90l9mEtdSw6czs1hi9ChNF3RbIPwowW6KNJoASK08YaSwkRLK3J8T0sM=,iv:9N3hRle1eH5EHEPQeAnKSXSjkhhs1045rgk/WNOP3I8=,tag:bsqCJQE5puKckYMgKZsr3w==,type:str]
|
||||
pgp: []
|
||||
unencrypted_suffix: _unencrypted
|
||||
version: 3.8.0
|
@ -1,40 +0,0 @@
|
||||
gitea:
|
||||
admin:
|
||||
username: ENC[AES256_GCM,data:f4o3zs74rjY=,iv:t5Cx0suxiZduwL2bsfNyxOVI8RZH1ytEGUdOF2nONco=,tag:mo/BwFwzw7e8tAX6LyaIQg==,type:str]
|
||||
password: ENC[AES256_GCM,data:TnIUSnX7Lj+2N6mWWOvVVmc96DQ=,iv:vjow//IrtvdmTg4jYenwTyUnuBhq7witfzugbE0uq9c=,tag:L5UPa9UK4aB1wY1ilZntzg==,type:str]
|
||||
config:
|
||||
mailer:
|
||||
PASSWD: ENC[AES256_GCM,data:lb1VwH/Bc2XoyB42UrhgCX5ad70=,iv:Eh4R2deZOMGq4LxZadtt6SgrdoSxcArYC2X+czKtns8=,tag:ZCtQguWQt8ARS2rTWCSoSg==,type:str]
|
||||
database:
|
||||
PASSWD: ENC[AES256_GCM,data:mI1RHEThB0bM1bJ/pBioJjvKT3Q=,iv:WSwV4+UzD8HUtA5ipZNu2IVXa4AuQE9k7hTB++AsTgU=,tag:CtU3ValcNw0RSIQVdaHmtw==,type:str]
|
||||
session:
|
||||
PROVIDER_CONFIG: ENC[AES256_GCM,data:i/N01zYx1H1D1eFiZKOmf4e1LoDBJE5AoN4eZl3h/QKwOEy5x4LNQoF7CbGguCBMvITtYbzXr12VzQ8pxEf17z6nssQ2nNiz84zuBOY9DQqxZLkxS5AmKKgk7XKF/YYYDaavMdJj54gtXoCrDZ58z5Tw8FM0ScTRp2+4RXGMwg==,iv:dKZhe9cOPDhdtK9sJKzCHmimV1vcuAebY8DfaJMqk2Q=,tag:ZhyEepW4wIM1Dv97xn5xBA==,type:str]
|
||||
cache:
|
||||
HOST: ENC[AES256_GCM,data:UI4Dgb4qajStyDcpuJaoJTaTo3vowWQw272Y4C5q3DuV9DarChv4Qvxh9ZJwYsPSgO9G/3eI+mLldipW98HLfATMCHR+DicM7ymI0nGwxeliyj7sOVGFS2dU4zF1kNyhFCqrjMfQzTRQbfOTiB+QyfhluMfrDbOjOAAuLlsdWQ==,iv:WOlGAxAtIS12vCGIUmxMhO3UIsoUuD3xluZbBThugW4=,tag:Y0Amh1HEtYcg+9JvROM1eQ==,type:str]
|
||||
queue:
|
||||
CONN_STR: ENC[AES256_GCM,data:kpqTpJVI/8790Ho2/U8YTC2Sc/d7v8mc33PsG7vNO52d9vMCOgsb+GQldWlfMPdf1H09axJxdFc5SIvsWWD8FoaXvtktlz4yk6fL9YxEXnkpn72VSiNe+ajUu6diP4gYWw2cUhyKt3ss/Gx70bKMEyE5g/ecZG3S+NZPFxPSTw==,iv:T69ou0uBg5CrseI0VwB2sSKRDknXrlUVPb/igGI/1H0=,tag:Y42Wa4QVt8k6AmhDC5bOAg==,type:str]
|
||||
oauth:
|
||||
- name: ENC[AES256_GCM,data:iR9QX2Si,iv:B+4ixm+dOwAnXFCYq2BnExnfVDGooonBCiHpyxfkLP0=,tag:r7CZbpL9uQ1QjAFNiFfOsw==,type:str]
|
||||
provider: ENC[AES256_GCM,data:byE4rELH,iv:lcvbNSZMD9EMA4CmJF2mvN33a5fmXWzP4++PnNPK+fg=,tag:2wfHrpp/bJJOImBq5ULzqw==,type:str]
|
||||
key: ENC[AES256_GCM,data:hiIl59SdN8usULpHhPX8XhMckZI=,iv:8aycsJVxbyK+Rlor8AsYKb6xjjSaS9Y5pRC/hoHzuKs=,tag:tBhMPj+AF86TaLkxF0+6Og==,type:str]
|
||||
secret: ENC[AES256_GCM,data:JfoXbQW4G3QdDsb4WxbMOIBvsEVYXsdK06s2TLO6ojtgprYUb0ZKHA==,iv:n1SYPP3tnUCNuKET0PS9kIHcRSDMDqWtysjwbSI8O3A=,tag:EJ3gKUsCG9O218yS0sw9EA==,type:str]
|
||||
sops:
|
||||
kms: []
|
||||
gcp_kms: []
|
||||
azure_kv: []
|
||||
hc_vault: []
|
||||
age:
|
||||
- recipient: age1vzkv97n2p7gfkw8dyx8ctz2kumattz89th2jq47zyjyrarmnssysdkw9v8
|
||||
enc: |
|
||||
-----BEGIN AGE ENCRYPTED FILE-----
|
||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBkMCtwL0h3aGtNQlYzVC94
|
||||
QVFvQ3VsTnVuckt1eW80RXFkTUw2VzdzMTBjCjMvSDFlZXpyM2RQRTFTTTJrL3Zu
|
||||
LzNlRy9ZVTY5cWh1WmxmbzdwZVNHQm8KLS0tIDdxNGlxbnk1SDc2R0IrcmFHMmo4
|
||||
Ym5KMWw5ZDBBZzJBcHBXdFZiaDZpU0UKNl/GkGP25D7z5a8mVBmoSTfOM3EzymPN
|
||||
WW62zIoBHlwLxF9nwj1xCCtcL1XKgiB8nnn4IrY3ljqFc0VkxD9dnQ==
|
||||
-----END AGE ENCRYPTED FILE-----
|
||||
lastmodified: "2023-10-15T09:58:05Z"
|
||||
mac: ENC[AES256_GCM,data:W7Ml9O6oA5dG59O7eWUEBdRrOdmoXWdib2tzK2zCFfMbjWczS5I7AM3DFKG6+P/kRiEQpjj0OarFvuJ7e23blx0/43UXqjpRCuGqcWkNXQaYaxlye6SDlLjregTUeqo4gyzyXYVpIGikLNBYoufewpdlboVQk8ZheSLSOttrbcE=,iv:IqrjduR0EhuzCCWCCJOHCL0DlS4B66P1Wlucg9R0gk4=,tag:vmq6+uh9q7avpK5Q56+iJA==,type:str]
|
||||
pgp: []
|
||||
unencrypted_suffix: _unencrypted
|
||||
version: 3.8.1
|
@ -1,25 +0,0 @@
|
||||
config:
|
||||
env:
|
||||
FIRST_MAIL_DOMAIN_ADMIN_PASSWORD: ENC[AES256_GCM,data:dcrMgiX2egbSllo4esVRcJ340oQBRpVkRA==,iv:NQpe96WmGRAnLmeAK0VT/zdJ8MS/8RfAJIwNsL8alHY=,tag:CjppOC4SEW7a9u4Q2xlm8g==,type:str]
|
||||
MLMMJADMIN_API_TOKEN: ENC[AES256_GCM,data:OxsD/v9ACQuoyHrxZmIdq8TUqmbWCh8GhGaSQTBGfS+vp+v2rdfKIm4WTnI=,iv:68Vli4aaCOiFixooz5cHABuRLuOrw9/HNpBNQzVwAkg=,tag:RXBXFzGCOO6MhoeNhES/+w==,type:str]
|
||||
ROUNDCUBE_DES_KEY: ENC[AES256_GCM,data:RZni9nCThb9xzzNrN6JTQsLetnMB9cSo1L7hwLERnbA=,iv:L3r0I8sQkoicwy6odvuF3HfIEDQVgnOtn/OMpF16Dis=,tag:ZFaoIywA+FJ/GHAZAGjU2g==,type:str]
|
||||
sops:
|
||||
kms: []
|
||||
gcp_kms: []
|
||||
azure_kv: []
|
||||
hc_vault: []
|
||||
age:
|
||||
- recipient: age1vzkv97n2p7gfkw8dyx8ctz2kumattz89th2jq47zyjyrarmnssysdkw9v8
|
||||
enc: |
|
||||
-----BEGIN AGE ENCRYPTED FILE-----
|
||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBrZlAvUXJBdzM3RjJMdHNG
|
||||
SjRpSTBYNUs5NEoxRFdLZDN0a2IyQlp1ODB3CnQycFk3SkM2Ny82U1RZZmE1cWxG
|
||||
TTQxUzhWRWlPQmxYUnN5dVJpb0FWa1EKLS0tIDZSK1NvSmNUQkZucFJCM3FiRHlI
|
||||
L0VKb2JCc29XWjVkODJxTmxPZXZJc3MKyDy9BH0W1OgEONm3PLCskOWtIr2YW2V8
|
||||
3Lc0Au6lLYetVCvSB82/uylZBHc9yQ2rNdLBUrm1zyDZJW/BmNpVLQ==
|
||||
-----END AGE ENCRYPTED FILE-----
|
||||
lastmodified: "2023-07-17T05:06:27Z"
|
||||
mac: ENC[AES256_GCM,data:WP9F1N5ZTYwJk3UfiSwf/QJHp06pawdbu6kUBOMTq1tWOZ/zhCRe0vJzU7alUxhw1RZu8f6tUNeh6qXxt/4mrSuy5dRjOKOJyRioIcRCdg4Z+2jVycDAA2VlPB1oDQj0CIdrW4hvM02KZKxcOy9KP8iRQaYqLlhvWrTAQZ9HAIA=,iv:d/wZUbaU9EkBPRIxqCDDXpp8AMjjHnXxej726q37Ni4=,tag:AC4FvAFBTYOcI02bFD+MHw==,type:str]
|
||||
pgp: []
|
||||
unencrypted_suffix: _unencrypted
|
||||
version: 3.7.3
|
@ -1,38 +0,0 @@
|
||||
secretKey: ENC[AES256_GCM,data:yL0+ORBJ4ZWHrmoNvVowEA==,iv:XJuY89wtdz8b+9SnTMro33Ka/pBOymyhN3MLJOyujAA=,tag:hSXjKC6+6NLgCoiHlbqtxQ==,type:str]
|
||||
initialAccount:
|
||||
enabled: ENC[AES256_GCM,data:MvyEVw==,iv:ICIPR4oJW6pCRUks7Rk70NqdxVTXYqmM2qjQetppmEY=,tag:1FOK5MyPSTaiDayAAaPPuQ==,type:bool]
|
||||
username: ENC[AES256_GCM,data:qSsqS5iQAyNzAQ+ZOLSWsie3k04b7qPUpcfU,iv:sXe2sjo4XesoEmjI9tY8gYd2psUlZCltBtLlIyE+v8w=,tag:uZeXnjU+7aLHI87qW+tiGw==,type:str]
|
||||
domain: ENC[AES256_GCM,data:T5w/nPrq36iwZQdYHMQkisY1,iv:7EskbKJfRXMhkKZBgHy6nP8r1epcf7bNi8gAp4qY5TI=,tag:nZ+0BhvIy9Ap88SHaKhSvw==,type:str]
|
||||
password: ENC[AES256_GCM,data:dki7Cw2n5FxYsINS+aap4u8hkQBl4RUVW2KxSXrQ,iv:XxUHdy5xAWoH00yxItL9P5YuCJtCG4pfRUhZdOr0EWw=,tag:Lo7ahX7CAXS31lFDKEYRww==,type:str]
|
||||
postgresql:
|
||||
auth:
|
||||
password: ENC[AES256_GCM,data:o2KghCpri6cUbGeh3LIjUO6TXBz4nrZSaU8tW7PD,iv:KNp+FM1DqC2h1/F2cudAQfQZA6UAD833SQbEQ/oKkTM=,tag:oHZzKLzZ+IIJDrjFDX/3cA==,type:str]
|
||||
postgresPassword: ENC[AES256_GCM,data:2+RrJdHwGQVU910BkXH5ZogDfh8zoOPDcJazg7Iv,iv:CKH/lhkTYNbJ0sKQCwgZ4CDg+7ITsbJq3wcQiJWogtI=,tag:xZX3HSfpC2Wrz1sCOtQwYQ==,type:str]
|
||||
secretKeys:
|
||||
adminPasswordKey: ENC[AES256_GCM,data:LbBjpvmdVgIDLtlL5ccufC7Pe28ZVO5CYxTzVoZD,iv:dsVuk1ZluIAhtYN1s9xH+2Jk2CyVYGRU2LoxnC5Lgb0=,tag:lWZohYLUyVnrMKhvwIz7uw==,type:str]
|
||||
replicationPasswordKey: ENC[AES256_GCM,data:asv/FCVAPir07vw5kW1uqSPGEKTR/ukwtOXY5q8j,iv:SnEftPnqXdPK3Zw9nd8Qnj412tHrPSK6hR0V3rLfn3A=,tag:xKqOjOuSyMKSo02r8GyVbg==,type:str]
|
||||
userPasswordKey: ENC[AES256_GCM,data:NNUZ8zVSem5Aov/PxFbc7OjANRVa5g5WjyMLRX1V,iv:c3XDq6nyea5ErJZHMKwxEqNfpjBYVGiqbAgqko5nsjI=,tag:HrhLvBxraIKFhNPaulM+uQ==,type:str]
|
||||
global:
|
||||
database:
|
||||
roundcube:
|
||||
password: ENC[AES256_GCM,data:V7Ml++sPS94LzA==,iv:aQ36cTMR5ArSows/3+z10nFIRppCkSvQx6VwtB30hno=,tag:2yVIXNHJ3HbA/sr6vnX7XA==,type:str]
|
||||
sops:
|
||||
kms: []
|
||||
gcp_kms: []
|
||||
azure_kv: []
|
||||
hc_vault: []
|
||||
age:
|
||||
- recipient: age1vzkv97n2p7gfkw8dyx8ctz2kumattz89th2jq47zyjyrarmnssysdkw9v8
|
||||
enc: |
|
||||
-----BEGIN AGE ENCRYPTED FILE-----
|
||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBGa1lRY0tQUk05WmpINVVw
|
||||
YkJkVDA0QlZibHFmbDdPTHpGTTY5N0JodXljCm14aVVSUm43MXo3d0ZlYWRUMXhh
|
||||
b1VqRHZXUTArbDNpRG9VY1U1a281ZW8KLS0tIHV6NWZQdzVzWFdJU0ErQy9WTFMv
|
||||
RjVVYmRKcERYZVhMT0ViZzR5cm8rMTgKizZBRrU/WauUmFYm9fnouiegNkYZkudp
|
||||
QpOha6CggN8rItelbnWMHlzGZBzM+77mFocuGmvNuTY/YGSkXfLjLA==
|
||||
-----END AGE ENCRYPTED FILE-----
|
||||
lastmodified: "2023-04-28T08:37:51Z"
|
||||
mac: ENC[AES256_GCM,data:NtXsrrs9yWlVO6oBQuJKHKPlmFMkqmu5BqOrYjdj9R7KdYycIWRDlNojieP9lghjSllgjkR3N4DpST9n6r6GHOkrpCl0eX12AsY0GUhSwaJzMgvX34Kzo+BjtISvODy0UzEVb9qKzbFuO9R4FMqyxBjTJirJVFT1EIB7Hxbb5Zc=,iv:OFKLvj96oRasDg5sYbJNS5KvZnxOXhh36Nwjl2gA1v0=,tag:aWsKrlbubuh+xTnyxvWeRg==,type:str]
|
||||
pgp: []
|
||||
unencrypted_suffix: _unencrypted
|
||||
version: 3.7.3
|
@ -1,28 +0,0 @@
|
||||
minecraftServer:
|
||||
rcon:
|
||||
password: ENC[AES256_GCM,data:7kQAt4R+uN/28Uvn3KnJnOvOcCOf6FEaow==,iv:G20SygTZZ1O2DyPr+/f3XSC3bB4L5p/9CxZkPS5qibY=,tag:O2Ab+AC+Eho6MRm0vC9hHQ==,type:str]
|
||||
mcbackup:
|
||||
resticEnvs:
|
||||
RESTIC_PASSWORD: ENC[AES256_GCM,data:mjrSV6d6a4ZvesYjobhHCVTngw5EQqesAKecSPVY,iv:WSk5V61opvccp/1bhbcO6S+8GcEYVlxk8l6nl++nxc4=,tag:wENZyx6IxJgswetDi8alZA==,type:str]
|
||||
AWS_SECRET_ACCESS_KEY: ENC[AES256_GCM,data:+4HuGGHaZgPXLX3Sm6U=,iv:qMVfe2BzdJtvHYX7T/6WPt8kCNRdn02Ynew/q9QH1KA=,tag:7JwAloF6HPdBXTGC3kto4w==,type:str]
|
||||
AWS_ACCESS_KEY_ID: ENC[AES256_GCM,data:yfS/LrX0,iv:HzZmzUOmI0vJ+vPkI2xn2F/w43/BKOGil+SLRwhcG0I=,tag:c+d8nyR5w5mU9F/H0zl/1A==,type:str]
|
||||
sops:
|
||||
kms: []
|
||||
gcp_kms: []
|
||||
azure_kv: []
|
||||
hc_vault: []
|
||||
age:
|
||||
- recipient: age1vzkv97n2p7gfkw8dyx8ctz2kumattz89th2jq47zyjyrarmnssysdkw9v8
|
||||
enc: |
|
||||
-----BEGIN AGE ENCRYPTED FILE-----
|
||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBxTWUxY2hYT0dId2hsR0x1
|
||||
MXFtRjlSelgwdUcyVnBUdlJ6Nng1UkNJaHg4Ckc5NXBORjBCZHQyc0lDTiswazNF
|
||||
cGhKVFFNdlZnRWlxS05OTklOUDJDQjQKLS0tIDNWNDVVWXcxUW8yUHgrOTNkRkQ1
|
||||
MGNDV2cvUUF3dWZHSlZNeVFDNXhzalkKubKuiiZuqoZTvRMr2FiUxnFUu+Pvj3Wf
|
||||
pZTfZg9rnUukmV+kmwqQKcfoPNfeShhoAsszWwPM628cV9pq87I2/A==
|
||||
-----END AGE ENCRYPTED FILE-----
|
||||
lastmodified: "2023-08-15T15:32:19Z"
|
||||
mac: ENC[AES256_GCM,data:ghfbBqsdFzQaRehefvpnnFLxp6tYE1K36gXLyN7gdxlvZ20JRn+FMfeUm8IjNKl3fCH2aVdM18v+T4xBs4QSXAWH5R79+HPn6hl7kYXzGJKTdmddj6EFZFXajisIJa2eZpEKPk7uOT6YczcNxNKByKxgHxTXe7SYlIkE6CgLT9w=,iv:inXW7OxvQXPGO4mkJkd/SMVsTBWA+utso26VXb5yNdM=,tag:f/GBzkgI0zgInSdDbHICag==,type:str]
|
||||
pgp: []
|
||||
unencrypted_suffix: _unencrypted
|
||||
version: 3.7.3
|
@ -1,35 +0,0 @@
|
||||
rootPassword: ENC[AES256_GCM,data:7baD0HwMztU27TymEWp+Ad1s8Zc=,iv:CXiTBEGU1tr99ibNxcFO6RtiC7gjtqSqYrtfmbwocIQ=,tag:ravi1nGLEVSqELVskv71CA==,type:str]
|
||||
users:
|
||||
- accessKey: ENC[AES256_GCM,data:9ZhHOes+vQM=,iv:ltKbQ0KW8/Jmn7kmTaGaDcerlkquTXhGr0wbMMwxNgA=,tag:X6n+44dvPAm4v2rcxYkPEQ==,type:str]
|
||||
secretKey: ENC[AES256_GCM,data:mzWBQcPitrpwIMqBrbtBs3RBDg==,iv:cLA6Wvmf5il54DFkNbwQ27wPxAm/eqSrxAc3MVELero=,tag:nUc83Ctqw4PTwirkUr803A==,type:str]
|
||||
policy: ENC[AES256_GCM,data:szr/D/u/ng0=,iv:jzm7Q4zdKQpNV0FgJ4jA9CuN7r912ySBJHmxKeQGS2I=,tag:cKarFmhIbBEtslSxOc4mcA==,type:str]
|
||||
oidc:
|
||||
enabled: ENC[AES256_GCM,data:lK45+A==,iv:NcoTJPt4XZGRlVRwpsmuI5nu66cGVksQBRAwRval5JY=,tag:kjtPLITQLBOqjF3IaJAL8w==,type:bool]
|
||||
configUrl: ENC[AES256_GCM,data:ZNVvWPlFPA1xgfysavsEusfxE2ySIM9FYatYqfWPnUrHKMtCxYlrn1ip3nTYL2JHvjM3yltLBNbqWMCGlgtw,iv:p1F2DqCFaKvjYKhMieFytnMuggrec8DmBzDATLTVe+8=,tag:3EtpPSyRlGThov5OcZfV+g==,type:str]
|
||||
clientId: ENC[AES256_GCM,data:kO7PkjN+5GqZCxChvtbTQb/5zo7nVxfh7MZqbDoJLIKMEfth,iv:ti3Xlc3sRVOVGtxGw/pT5iBy5rBqV2v+MhiNF3Krb9U=,tag:3LUDIkq08zGmvjJtSnE/jA==,type:str]
|
||||
clientSecret: ENC[AES256_GCM,data:PVe+8SlNrznBiFVNpuQXIcuPkUXyUJ7DObZpRvlgA8JjUHXTy3VY7soyJVBZEMfYbNjSLLcKcWM=,iv:fbh2RcQdPf3jUt2AOI3xp09SSEaWzI4rLGZmlZY46uM=,tag:wvEBkkPsXoQXAP7fN1iDMA==,type:str]
|
||||
claimName: ENC[AES256_GCM,data:+XEw9sQ5,iv:DgGZf/GwkJsk4lfI8TBBaGfwN8YESMu9BSOBLJkbz78=,tag:A4hvQYEaZxPNf9CZp9+YUQ==,type:str]
|
||||
redirectUri: ENC[AES256_GCM,data:+Q8cNCvslAcO4m7VJwNe/CpEntyHfuHOrHqqtlrDILkfc0IRAA8aSbZwbA2v+So=,iv:GwzNILyqLuAYUQFKbt5WE+VCdOzSTBmGCAHcCAnzxXk=,tag:p9/86/r2DfT1mkQu+aQJfQ==,type:str]
|
||||
comment: ENC[AES256_GCM,data:TO3kA0i503ZA+EFhKa2AZw==,iv:Cl3NvvgXz71AaCgMl062urNtcBtgk832vtxTs9MJwik=,tag:JwerK2q1L7xMv/NIoWkESw==,type:str]
|
||||
claimPrefix: ""
|
||||
scopes: ENC[AES256_GCM,data:TuXqq8d+Xo/1ZNi036wx1GhbNPSF2sv8uYUy,iv:u9VfqbAGR94vLPD7nnsKuz5b2sbpUhs1TT7Ah8quX7c=,tag:jZplD/t4rA+p7TtisrC9mg==,type:str]
|
||||
sops:
|
||||
kms: []
|
||||
gcp_kms: []
|
||||
azure_kv: []
|
||||
hc_vault: []
|
||||
age:
|
||||
- recipient: age1vzkv97n2p7gfkw8dyx8ctz2kumattz89th2jq47zyjyrarmnssysdkw9v8
|
||||
enc: |
|
||||
-----BEGIN AGE ENCRYPTED FILE-----
|
||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB4VjY3eWQ4V29rQ2VUejA5
|
||||
cG1JTTBCVWY5WGpaVFpDNU8yRTJaUEcwYTI4CnhHVjZrSFVnTGg1Yyt2ekM2YkRr
|
||||
RzljT003RFVURFVRaThaNnYyOTZka1UKLS0tIFYyd1JIQzQ2VEZ2b2xabXM4TFVp
|
||||
NFd0WDBXRERZc2ZDbWhDTFhnZExjVmcKDKHKoouDK66AYXenznGjTMnahqIwbp1y
|
||||
zA+MZx0FPO7xm9UCGaxIFzdLXK6O2ctw9fDceR6oMj+YehLOKwEmoA==
|
||||
-----END AGE ENCRYPTED FILE-----
|
||||
lastmodified: "2023-03-13T07:52:39Z"
|
||||
mac: ENC[AES256_GCM,data:ognemBsF32MrBDoUTcmwW1W5VI//FADb/p0Do8aQttsikYMVLcFZqWx7Dyhu8CfOWsXL/atVLh2Gj3dkxjsmDFI8uUd4gwq0oMYtk7gR09WrrigDtV1UPgDgyLO3nW4/YmTYGx0fLcsFyGJMm1Pp08Sk+oGcP2Xt+zBAch6/xyE=,iv:Q6dAGFlaTQL7zbR1Z868zo3HbWW4/xpoaWdyw/k/c0U=,tag:I6X2USyt1AhgzjlY469jOA==,type:str]
|
||||
pgp: []
|
||||
unencrypted_suffix: _unencrypted
|
||||
version: 3.7.3
|
@ -1,23 +0,0 @@
|
||||
auth:
|
||||
rootPassword: ENC[AES256_GCM,data:X7htluDDokepRf8GVV4eu+pGM2o=,iv:DJ893dKr/4SFBEl8HnYv2PMb3Nb2AfL1RVgN2QmDRmA=,tag:W6QX7k92P7bgi3Ji/64xHg==,type:str]
|
||||
password: ENC[AES256_GCM,data:hlXWCWbFnmbuUg==,iv:d9ZmklpwJa13wyNjrqNfFMEbJDSQ+NeyB4gj+59g09Q=,tag:Ps4oq5XWDIx7HnvCCnB/FQ==,type:str]
|
||||
sops:
|
||||
kms: []
|
||||
gcp_kms: []
|
||||
azure_kv: []
|
||||
hc_vault: []
|
||||
age:
|
||||
- recipient: age1vzkv97n2p7gfkw8dyx8ctz2kumattz89th2jq47zyjyrarmnssysdkw9v8
|
||||
enc: |
|
||||
-----BEGIN AGE ENCRYPTED FILE-----
|
||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBVbENvMm1YQzlSV3UrSEJ4
|
||||
VTZ1RWVKTlpsUDFzQlVjMlJEZmIvaldHVXlFCm9SVzN3Z0dwTGo1Y3dnaHhvSmpi
|
||||
bDIrMlJhbHhKUmRZejdkTmJiSDYvY2MKLS0tIFpRbkwySVh2MDlNWEFNZHVtY2Ns
|
||||
Wmh3Z29ZSlBhbmFJNkFQZlE3aXpMMk0K14rSXjSF08xkil+fFJpeMV+6XChTJ2/3
|
||||
OQecJtg+0NQPyvC+kR5qKq8roiSzNNJgTVg2wwKMdukKVVTbEGi0gA==
|
||||
-----END AGE ENCRYPTED FILE-----
|
||||
lastmodified: "2023-07-30T15:06:09Z"
|
||||
mac: ENC[AES256_GCM,data:oiigjlyNoSm5hcdB58MWUxhqcYzE5XtA5LEDUCUX4r0inNd8UuLP029jz6bvQ7E/wFpiGNVTFAlFB1HA/YVwai/siovy5H2DL6g4LS3k+fxLKc3lwo3BvkaBi9X2aYu7vGBJpNe3KxBdWFyjkEQVoux1RD8JJBYNquMu9tW3K/g=,iv:1H7pF0Tr6GcgDt9ItXiTBOTFa55wb9pOdTF3jNJlPiY=,tag:dQ9nrAKr+qo4JpqD2wJXjg==,type:str]
|
||||
pgp: []
|
||||
unencrypted_suffix: _unencrypted
|
||||
version: 3.7.3
|
@ -1,28 +0,0 @@
|
||||
wordpressPassword: ENC[AES256_GCM,data:yYE91wuc9uOzIQ==,iv:jLqs0BZcEIG73roA/wxtK74xX+osePoIaKhg6XvuAXE=,tag:9a3n1tbRAy4TaU0OE8uZcQ==,type:str]
|
||||
wordpressEmail: ENC[AES256_GCM,data:Fy6mIfhu0DuO+MSp1TPN7On6cFZk,iv:bxYiJBYgbuQsWPRWKfubmNZ/jShMBLeiPDyw7XtOAkY=,tag:RyBuqoNGoTzKR68RNSgumA==,type:str]
|
||||
mariadb:
|
||||
auth:
|
||||
rootPassword: ENC[AES256_GCM,data:oex+HDJ5SnaYrw==,iv:5HfGr27bpbXTROVMIWodMUe0WN6T3tXEESYSXwUUxw0=,tag:K83scpenVclwsEnGolsQiQ==,type:str]
|
||||
database: ENC[AES256_GCM,data:xqBbXrRmtrUPaCZBC4NTelk=,iv:HOQHpilfi5TpD1jqI8XaEzO6W4CfdLBsTn+ACFWNhdE=,tag:EnsdqkExZi7PE7X4LlwBxA==,type:str]
|
||||
username: ENC[AES256_GCM,data:oxVjkciMzifFIuhF,iv:kQsEGv9HIB+RTs54KfU8s/fpp1ooyzLK5lBQJZGSvy0=,tag:Y0uzVdsGb6McWRGPk2dNBQ==,type:str]
|
||||
password: ENC[AES256_GCM,data:HV2d0nHUrOdE2Suju6/EUQ==,iv:HLOoCUdtOhm7ss8WSBkEAT4ulR+fwSNF4Oqv1XwDfrU=,tag:BBlW+z5LLmvtIwG69+De0Q==,type:str]
|
||||
sops:
|
||||
kms: []
|
||||
gcp_kms: []
|
||||
azure_kv: []
|
||||
hc_vault: []
|
||||
age:
|
||||
- recipient: age1vzkv97n2p7gfkw8dyx8ctz2kumattz89th2jq47zyjyrarmnssysdkw9v8
|
||||
enc: |
|
||||
-----BEGIN AGE ENCRYPTED FILE-----
|
||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA1V2tQdkFWenZWZU1pT1JY
|
||||
cXpVV3UxNnN6and1R0lBd1NrcXdWNTdibkFnCkJxeERBYyt4ZUtabWl5dlIxNmJZ
|
||||
blhSUHZWTk1PVS9RUThlNFRBREh0T1UKLS0tIENKK200NnRDNUJCeGNTeFB5Z1BI
|
||||
a2l5SG4yTjhmUlorWlJNbmFDekN5LzgKCS8nqMu72GDYjuSrfgbp/KZbHfhOdpyu
|
||||
WpT0T6pk/oOc9ohQKGD/jvcjrMW7OZ5uYpZc/4gPdLKcOnNB+BEo/g==
|
||||
-----END AGE ENCRYPTED FILE-----
|
||||
lastmodified: "2023-02-19T20:44:54Z"
|
||||
mac: ENC[AES256_GCM,data:ZCsQBgVwgAEfVh3Qhyiq7WDbthwliLqDzy4cyfpRN54oQ1SfuTofLKJmdPgmdraDJaCjxgb9zM0RfXS9x2wcFXWc2Q8I06TmWIEbZ1jehSqlQk1WmWWP7P6LqIvA0AY/c32tUhO9kmuftiOcT8sDmiFB/MqHBahAmdTT+0vo4LI=,iv:gcSDUwTMmuNtNTf4wtmSlXSvbje25wd288gnLEQx294=,tag:lcwpAyfDRgGfZ+H07ZkcZw==,type:str]
|
||||
pgp: []
|
||||
unencrypted_suffix: _unencrypted
|
||||
version: 3.7.3
|
@ -1,24 +0,0 @@
|
||||
global:
|
||||
postgresql:
|
||||
auth:
|
||||
postgresPassword: ENC[AES256_GCM,data:NopZyPWiTKPPVzLcvVLN3JgMQjQ=,iv:rWVhR2wChvQSIa7eBPrvnWO2ydLZ2D8oF87INiy8NX4=,tag:Xb0qbED6QXu5QBgHY6hrOA==,type:str]
|
||||
sops:
|
||||
kms: []
|
||||
gcp_kms: []
|
||||
azure_kv: []
|
||||
hc_vault: []
|
||||
age:
|
||||
- recipient: age1vzkv97n2p7gfkw8dyx8ctz2kumattz89th2jq47zyjyrarmnssysdkw9v8
|
||||
enc: |
|
||||
-----BEGIN AGE ENCRYPTED FILE-----
|
||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBVbENvMm1YQzlSV3UrSEJ4
|
||||
VTZ1RWVKTlpsUDFzQlVjMlJEZmIvaldHVXlFCm9SVzN3Z0dwTGo1Y3dnaHhvSmpi
|
||||
bDIrMlJhbHhKUmRZejdkTmJiSDYvY2MKLS0tIFpRbkwySVh2MDlNWEFNZHVtY2Ns
|
||||
Wmh3Z29ZSlBhbmFJNkFQZlE3aXpMMk0K14rSXjSF08xkil+fFJpeMV+6XChTJ2/3
|
||||
OQecJtg+0NQPyvC+kR5qKq8roiSzNNJgTVg2wwKMdukKVVTbEGi0gA==
|
||||
-----END AGE ENCRYPTED FILE-----
|
||||
lastmodified: "2023-07-21T12:58:01Z"
|
||||
mac: ENC[AES256_GCM,data:ShHWH9RIL4rJ5X0IvThOtyM28AC+1bJLr4PJJdYSLtV9T7Wcs2LbmWxtM2tpRyzMeZjYKJrsstGYgxBevr1BpfGBIeR4+JCwrbdK4AOq2VbLMpH7nMOU/huuUpxOopweRBTwZOEMRBkSkEk4qPvebLHEqUi6aNGdtxOINmHv/fA=,iv:C/iJOSshanbhSQ9Be712aSN2B8aXndPpP4655SQONeQ=,tag:BAJIzrYfh8a59OzkxDOrbw==,type:str]
|
||||
pgp: []
|
||||
unencrypted_suffix: _unencrypted
|
||||
version: 3.7.3
|
@ -1,24 +0,0 @@
|
||||
global:
|
||||
postgresql:
|
||||
auth:
|
||||
postgresPassword: ENC[AES256_GCM,data:O5Fvmjipcx7CZ4DKQjRW0isfzoUt,iv:sVl6TFRCKAL5ci+lC4DfX/vZkWwRVg559kq4GU67udY=,tag:dEsoEe1UfvD5rUrI+EYOsg==,type:str]
|
||||
sops:
|
||||
kms: []
|
||||
gcp_kms: []
|
||||
azure_kv: []
|
||||
hc_vault: []
|
||||
age:
|
||||
- recipient: age1vzkv97n2p7gfkw8dyx8ctz2kumattz89th2jq47zyjyrarmnssysdkw9v8
|
||||
enc: |
|
||||
-----BEGIN AGE ENCRYPTED FILE-----
|
||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBVbENvMm1YQzlSV3UrSEJ4
|
||||
VTZ1RWVKTlpsUDFzQlVjMlJEZmIvaldHVXlFCm9SVzN3Z0dwTGo1Y3dnaHhvSmpi
|
||||
bDIrMlJhbHhKUmRZejdkTmJiSDYvY2MKLS0tIFpRbkwySVh2MDlNWEFNZHVtY2Ns
|
||||
Wmh3Z29ZSlBhbmFJNkFQZlE3aXpMMk0K14rSXjSF08xkil+fFJpeMV+6XChTJ2/3
|
||||
OQecJtg+0NQPyvC+kR5qKq8roiSzNNJgTVg2wwKMdukKVVTbEGi0gA==
|
||||
-----END AGE ENCRYPTED FILE-----
|
||||
lastmodified: "2023-10-04T02:27:48Z"
|
||||
mac: ENC[AES256_GCM,data:yyvzDlqm3ZOGAMAWCbA4JBC2xs14dKJ4oGifHCvD6K3cBcLgQLS8MOoQJBVfAfL/lVqYDtQ8qwQl/NbCEAKdqw5mtGRwSGaCExSTfO8PIUZCT69q5lwhAxfSGkhjjup+88MhwdZbe2iqqr0nF/GBYT7exqu6Pj85ZKbeDVBTMUE=,iv:KVuyYWYvtVjFinkY82nPwKI/XX18t4purLInfjSxYlg=,tag:kD0G+keg4veTy+CN7KOo6Q==,type:str]
|
||||
pgp: []
|
||||
unencrypted_suffix: _unencrypted
|
||||
version: 3.8.0
|
@ -1,26 +0,0 @@
|
||||
grafana:
|
||||
adminPassword: ENC[AES256_GCM,data:AuPGLXN861DvndWdecukXKzt91sGGIMBToj7tO3J,iv:gKmj0gurV77e/jbxdyxhaxkmmsp738vB6ZAfzRFf45M=,tag:rKOkedx87g4MlRk6npgXiA==,type:str]
|
||||
adminUser: ENC[AES256_GCM,data:Esh/6bXMez8=,iv:cRdvkpnO8gNOaKy+4kPcq69ksdXxuZClnjSvBp4yto8=,tag:ZgycOsDXJIT1mrN6nJHw3g==,type:str]
|
||||
grafana.ini:
|
||||
auth.generic_oauth:
|
||||
client_secret: ENC[AES256_GCM,data:+4Qfo4aR9TMZprWL9U6lFx4B86d3ywH2O5K6rM5hmv2gROeFinp7k5p9C2pgNubIK9W3TlWSZAw=,iv:uFX2Lz3s2/aR5rcwsDvfuUGbKHNxh43ZiuCNaT5b1dw=,tag:8YdsVMaHbP6wqjubb9Ab2w==,type:str]
|
||||
sops:
|
||||
kms: []
|
||||
gcp_kms: []
|
||||
azure_kv: []
|
||||
hc_vault: []
|
||||
age:
|
||||
- recipient: age1vzkv97n2p7gfkw8dyx8ctz2kumattz89th2jq47zyjyrarmnssysdkw9v8
|
||||
enc: |
|
||||
-----BEGIN AGE ENCRYPTED FILE-----
|
||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBXeTlhQ2xpK0dvMU00ejh4
|
||||
bjZxZVMvMEFobGFqYU55a3dxcTlnRitkS2wwCmJVNHhQNHJHTVBxbk4xQ1RWbkFv
|
||||
TUNGY3YvQUIyTUJYNEZmOWRYd3JaUHcKLS0tIHJ5STVXV0hxRUdYQmNXSFR2U0Vv
|
||||
NXQ5SjNQUW9JOStDclZuYUlqV3FaWWsKvu2T2LmDjuJgnB0djjhJczsvDjFsH/D/
|
||||
QDPkkl2G1luDoIjBj21uoy0daqfyskd4Yw2ZsPsZU6zuEGdFj52Qbw==
|
||||
-----END AGE ENCRYPTED FILE-----
|
||||
lastmodified: "2023-05-29T11:41:00Z"
|
||||
mac: ENC[AES256_GCM,data:7Xs7W6smDPr8fp4AapKcUvHUsYRKkTQ3wb4CuDmL0ziQs2d73ueezEembp7RRaBQ/Q5jACY1dHQg42+4YymcTt8NqJ6SE4G7f9iqJu3rr5g5lh8mYP8ft8J1/l2jrQtCSfxyzuG2CPZRycQIo+0Tq++w6iK0iy6ExPt8cDNR2Ao=,iv:v8m4CEW6FG5rWV8fKsqACh37X9yzsB/Bl1wh+4348rI=,tag:Up71zDf12JMDjK8uIxnsLA==,type:str]
|
||||
pgp: []
|
||||
unencrypted_suffix: _unencrypted
|
||||
version: 3.7.3
|
@ -1,26 +0,0 @@
|
||||
global:
|
||||
redis:
|
||||
#ENC[AES256_GCM,data:QRLnzdJ/lmaItppUMOZO33kySISWDfMdjr2nrEjBuhucnoglEVNF9Wy5IVbt5CNERajCADTVWNy/N40uCv+9n3PQVKl+Ki6YV+Q24Bzy,iv:8PvJ2yU7AW+/XkP+/9OQcrdCVAomnRexkNNw+2rjoho=,tag:U4gbrqqBwvXC63qn7jFmPQ==,type:comment]
|
||||
#ENC[AES256_GCM,data:69gagNeejZaafGWo/Rll,iv:kW13FOrc/j//BxVj4JgEC0G/DQIOPHil0uNXpOM2/W0=,tag:sqviMlgQHiN397ukswoNsg==,type:comment]
|
||||
#ENC[AES256_GCM,data:C8ta7Vtb3LpOotE=,iv:Kdat2trhQIQHxIpD7xhUoLRYo+a4PgzpB+S0w32somA=,tag:jgH656M8a14QhA//sN6MGg==,type:comment]
|
||||
password: ENC[AES256_GCM,data:qdV5FH2K4w9gj4SFznfflY8Uw3ohSCO4lOE4Hea4,iv:/XYT2xiHlfRB1NLkw+Qm/QaWehvs9v8PUp2ZfMxeyRA=,tag:06XSi3K7y+9a50nZK1LAfQ==,type:str]
|
||||
sops:
|
||||
kms: []
|
||||
gcp_kms: []
|
||||
azure_kv: []
|
||||
hc_vault: []
|
||||
age:
|
||||
- recipient: age1vzkv97n2p7gfkw8dyx8ctz2kumattz89th2jq47zyjyrarmnssysdkw9v8
|
||||
enc: |
|
||||
-----BEGIN AGE ENCRYPTED FILE-----
|
||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBxTWUxY2hYT0dId2hsR0x1
|
||||
MXFtRjlSelgwdUcyVnBUdlJ6Nng1UkNJaHg4Ckc5NXBORjBCZHQyc0lDTiswazNF
|
||||
cGhKVFFNdlZnRWlxS05OTklOUDJDQjQKLS0tIDNWNDVVWXcxUW8yUHgrOTNkRkQ1
|
||||
MGNDV2cvUUF3dWZHSlZNeVFDNXhzalkKubKuiiZuqoZTvRMr2FiUxnFUu+Pvj3Wf
|
||||
pZTfZg9rnUukmV+kmwqQKcfoPNfeShhoAsszWwPM628cV9pq87I2/A==
|
||||
-----END AGE ENCRYPTED FILE-----
|
||||
lastmodified: "2023-07-29T20:22:15Z"
|
||||
mac: ENC[AES256_GCM,data:DIdcvQXu7rivXdPFPjfzs1AeJ5bRvUBD+Hq9mH7Hp/+iqrG03fWSF2NF1ra8KfEIg6TDsyMnQLWvipxBlA654BLBNrABFoGwLsdVsATBORz0kNNY862qfyhSOaaTBHTWhPVpbjGnYav+bi5pfvbLC9yJm3SjIRtUbnaNVWvqMq0=,iv:d7SaPZLb/px7fy+bGJnH3bfNBmqbhwMijyNB0jfYgLE=,tag:LT5hJoDcSiP5FVgj0M2sCA==,type:str]
|
||||
pgp: []
|
||||
unencrypted_suffix: _unencrypted
|
||||
version: 3.7.3
|
@ -1,27 +0,0 @@
|
||||
vaultwarden:
|
||||
smtp:
|
||||
username: ENC[AES256_GCM,data:6kAu3et5PmRgZ7B/qQQKA/hwsubozpBEcuzA,iv:cqNO3VWKFRWqBRAFTf2AyMQskuZvcDghseT2PWEsCjA=,tag:nkzugvJTJ/KhLuldXxdBrg==,type:str]
|
||||
password:
|
||||
value: ENC[AES256_GCM,data:9PJzeGeXiNN50GrWMxU1ho9+jHs=,iv:wOrU8g/xBBKFRYvDB1G/I+VG3lpvFdMirgJmP01PbhQ=,tag:dlDq9S+SQmlb4SZIGYhrlQ==,type:str]
|
||||
adminToken:
|
||||
value: ENC[AES256_GCM,data:PT62LcyiNqW1NVeuZ5+HTj8fzwSwuD1av/Z8S2GnR6j62+F8/aibhW/ATFG92chw++w=,iv:LnaRBem4dsggV4u4IlNjlWY301ajAHot2D259Y383m0=,tag:f24QDtGrtNJFA95Qo6Umqg==,type:str]
|
||||
sops:
|
||||
kms: []
|
||||
gcp_kms: []
|
||||
azure_kv: []
|
||||
hc_vault: []
|
||||
age:
|
||||
- recipient: age1vzkv97n2p7gfkw8dyx8ctz2kumattz89th2jq47zyjyrarmnssysdkw9v8
|
||||
enc: |
|
||||
-----BEGIN AGE ENCRYPTED FILE-----
|
||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBDL0RuQitFb0dPajRpSHRo
|
||||
WnhUa3BOazVHSTE5STRNMGQ2eWUxaXhvNEJVCmtpMjE2Q3hyQzhDSTBObUgwQXV3
|
||||
dmhvYmUvL05QUGd6Umx5QjRhMVFmcHMKLS0tIEtkTDc1ZVcxOWRqRzlzdTM1WG5a
|
||||
U25tMkxQS1gzcyt6R2NkZnVLRVVoOWMKZSaIZxzTlYim2kmiHrQcgRu9XmWelRkT
|
||||
HZZmSa0L9yEdksUCK3+iqjCZhQBYc/6qJHRYvuAaJ+/hs5RxuLUr8g==
|
||||
-----END AGE ENCRYPTED FILE-----
|
||||
lastmodified: "2023-10-20T07:01:25Z"
|
||||
mac: ENC[AES256_GCM,data:Oa6UiHJR5U8Tquo/FmKM2LNR1l7Tdc95T55sl8IbC80ywC5hmJcpOdYXSeVzAdEtr2EauEH74FAwyFtjeFHpneRjkl8Hx0Vann3qBMJ1laxYEQhKESqeyJTcMv15Hu61aUQ+OhW9hP9xkcRCNmkXHa0KeoCXy1aloTWc3u7Ls8E=,iv:SsywMpg5KQvfsFbIRiZkEadtQ7Ce2AqjM9+zeaG/ZaM=,tag:X426dGhxmeMqDJnRs4Qhww==,type:str]
|
||||
pgp: []
|
||||
unencrypted_suffix: _unencrypted
|
||||
version: 3.8.1
|
@ -1,23 +0,0 @@
|
||||
env:
|
||||
WOODPECKER_AGENT_SECRET: ENC[AES256_GCM,data:cJoxJw6c6FYZ337i5P6dGUzLmgUn9Z+/Ed9aUK76WYnB8m0D9h5IlAlOfCQ=,iv:1BgxKsaI3dhhPNkZbpHKBn6GXadn1RD+3Q4RwKLfmcU=,tag:y8qLWwpVAwKrOWN1cC2ulw==,type:str]
|
||||
WOODPECKER_GITEA_SECRET: ENC[AES256_GCM,data:VdWASwxPurzmfSjb2h8wBw3XbZSfG9UG0jmXSbTBPreZ+l7UQblI/wqr8Tw=,iv:APNuiqimA/ofCWsvywj+SJedQBMgRoCd65Gd3Ps2/fw=,tag:ATLGT4ACZ2GR46qD9ABUng==,type:str]
|
||||
sops:
|
||||
kms: []
|
||||
gcp_kms: []
|
||||
azure_kv: []
|
||||
hc_vault: []
|
||||
age:
|
||||
- recipient: age1vzkv97n2p7gfkw8dyx8ctz2kumattz89th2jq47zyjyrarmnssysdkw9v8
|
||||
enc: |
|
||||
-----BEGIN AGE ENCRYPTED FILE-----
|
||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBTRFNvdnBsSHFBcjlGcGl1
|
||||
RnU1NEpZekpucTNCZHBGcXdBakhkU1drb2dZClVYZ2xMVUJiOXV2enlBbm1TS2Mz
|
||||
ZnZ0UHpsVHVUU2ZkSGtwUXNMM0R6VjQKLS0tIFR4NEdTTGRIY3QycTFhRzJNSEY0
|
||||
SEs0Z3VjaTN2Y3Z0QmtEUEdQdmtwYnMKxQ3z1p2GulSOklUEolWeH20JeFwNpZqY
|
||||
870x5UtCJNVTMrIDgwMQK3hn+yywxPdgSRhkW3bqH4PJDxi78UUpXw==
|
||||
-----END AGE ENCRYPTED FILE-----
|
||||
lastmodified: "2023-10-05T08:06:51Z"
|
||||
mac: ENC[AES256_GCM,data:pc4n/3MEP0GhmZ+wdbOiK2gj7ah/9IJ2hoXRtM1sAGy3UPNBrF5VE7hxnAi393YpWBank7crDTvg2aJjhVt7XqB8zcjiHtNMlcpxL6fJ+uWxeH4uVj/NBfSvoO410oYbtPuKMjZpPU7KACmTJ9tzVIZdZOScXx7fLQxNUq01Hu8=,iv:18MqueG9MHrTcXmu14Q8LPnMFT9lolDkCbXjjA2P1qg=,tag:6ETPd8vZ0CCGEUP5u8ZxNA==,type:str]
|
||||
pgp: []
|
||||
unencrypted_suffix: _unencrypted
|
||||
version: 3.8.0
|
@ -1,26 +0,0 @@
|
||||
server:
|
||||
env:
|
||||
WOODPECKER_GITEA_SECRET: ENC[AES256_GCM,data:mGYEvlIeQC3mg+kxy3ZX6gAVf88DXLVdeSdgpQa8wixsb2rDoj4+l2ET2saquK+lVhjvv8ZKdvg=,iv:VlPgDYPj1xpxnpWnEHj+slBi0H2nWKeScclPItUaG9A=,tag:ox/Ur5vsOARXRT3g0hCgsg==,type:str]
|
||||
agent:
|
||||
env:
|
||||
WOODPECKER_AGENT_SECRET: ENC[AES256_GCM,data:rnxJ1aKdMnJDXbiQFIUP2a1zaB/hfdXZ0YLwegT+aMSM4tBRV+YgQ/0OvoUuoTC2j1Jtp1SnY94=,iv:XHDR0WSiG1zwOkqTUnVtw0hLceWyI4W5sYNrsnXAAik=,tag:6mddyqwUd/mOQeEGIJlQhQ==,type:str]
|
||||
sops:
|
||||
kms: []
|
||||
gcp_kms: []
|
||||
azure_kv: []
|
||||
hc_vault: []
|
||||
age:
|
||||
- recipient: age1vzkv97n2p7gfkw8dyx8ctz2kumattz89th2jq47zyjyrarmnssysdkw9v8
|
||||
enc: |
|
||||
-----BEGIN AGE ENCRYPTED FILE-----
|
||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBlQjZqNE9iMDl6MlhnSUp5
|
||||
QTBSOG83WFBqZFZIU2dEMzlpengrUFg4alZFCld4MkI4WW8xMUZnMm1SU2hmMCtn
|
||||
bTZSVTIxTk5aZmo3OEJJdlJwL2xhV3MKLS0tIGJraERVZTNyMWFCVE1TbEhRR3J4
|
||||
WXh3NGd4UG9OODhHNEp0cDVoQkM5dWMKcz4h0O4J2WlB+L9+/U8Rl+zzd87hsJo8
|
||||
ThPZgnUNDGpdRrU2IYiXo03fZOhBoqBJe1ZG+Ol8z9bvTeyeMZxRIg==
|
||||
-----END AGE ENCRYPTED FILE-----
|
||||
lastmodified: "2023-10-14T16:17:58Z"
|
||||
mac: ENC[AES256_GCM,data:guD5+TBhN9n0WKRN4Ffzo0khhL+3CroELwxTfvUPmxQndFBzOnw/kvj8ZP/NBHMwAiQ1sirUdoJE0QKruHpkHlPs0slyNK0adGExPlSmn9fS5egltbtthzZYbftTJKFlImo3/3Z6tapBWN8neJNc3fhtZbItuwgfYJecXPPqW7Q=,iv:bqqhU1KDfzIN4LOY4dMpSw8XT/2j+NiD74M56jSpjWE=,tag:VGXSlEreapoSFCUnfHXIXA==,type:str]
|
||||
pgp: []
|
||||
unencrypted_suffix: _unencrypted
|
||||
version: 3.8.1
|
@ -1,108 +0,0 @@
|
||||
---
|
||||
# ------------------------------------------
|
||||
# -- Istio extenstion. Just because I'm
|
||||
# -- not using ingress nginx
|
||||
# ------------------------------------------
|
||||
istio:
|
||||
enabled: true
|
||||
istio:
|
||||
- name: argocd-http
|
||||
gateway: istio-system/badhouseplants-net
|
||||
kind: http
|
||||
hostname: argo.badhouseplants.net
|
||||
service: argocd-server
|
||||
port: 80
|
||||
|
||||
controller:
|
||||
resources:
|
||||
limits:
|
||||
memory: 512Mi
|
||||
cpu: 200m
|
||||
requests:
|
||||
cpu: 100m
|
||||
memory: 512Mi
|
||||
metrics:
|
||||
enabled: true
|
||||
applicationLabels:
|
||||
enabled: false
|
||||
labels: []
|
||||
service:
|
||||
annotations: {}
|
||||
labels: {}
|
||||
servicePort: 8082
|
||||
portName: http-metrics
|
||||
serviceMonitor:
|
||||
enabled: false
|
||||
interval: 30s
|
||||
relabelings: []
|
||||
metricRelabelings: []
|
||||
selector: {}
|
||||
scheme: ""
|
||||
tlsConfig: {}
|
||||
additionalLabels: {}
|
||||
rules:
|
||||
enabled: false
|
||||
spec: []
|
||||
dex:
|
||||
metrics:
|
||||
enabled: false
|
||||
serviceMonitor:
|
||||
enabled: false
|
||||
redis:
|
||||
metrics:
|
||||
enabled: false
|
||||
serviceMonitor:
|
||||
enabled: false
|
||||
server:
|
||||
metrics:
|
||||
enabled: true
|
||||
serviceMonitor:
|
||||
enabled: false
|
||||
rbacConfig:
|
||||
policy.default: role:readonly
|
||||
scopes: "[email, group]"
|
||||
policy.csv: |
|
||||
g, allanger@zohomail.com, role:admin
|
||||
g, rodion.n.rodionov@gmail.com, role:admin
|
||||
p, drone, applications, *, badhouseplants/*,allow
|
||||
config:
|
||||
exec.enabled: "true"
|
||||
url: https://argo.badhouseplants.net
|
||||
kustomize.buildOptions: "--enable-alpha-plugins"
|
||||
accounts.drone: apiKey, login
|
||||
accounts.drone.enabled: "true"
|
||||
|
||||
extraArgs:
|
||||
- --insecure
|
||||
|
||||
repoServer:
|
||||
metrics:
|
||||
enabled: false
|
||||
serviceMonitor:
|
||||
enabled: false
|
||||
|
||||
imagePullSecrets:
|
||||
- name: regcred
|
||||
|
||||
configs:
|
||||
credentialTemplates:
|
||||
ssh-creds:
|
||||
url: git@github.com
|
||||
|
||||
applicationSet:
|
||||
metrics:
|
||||
enabled: false
|
||||
serviceMonitor:
|
||||
enabled: false
|
||||
|
||||
repositories:
|
||||
argo-deployment:
|
||||
url: git@github.com:allanger/argo-deployment.git
|
||||
name: argo-deployment
|
||||
insecure: "true"
|
||||
type: git
|
||||
cluster-config:
|
||||
url: git@github.com:allanger/cluster-config.git
|
||||
name: cluster-config
|
||||
insecure: "true"
|
||||
type: git
|
@ -1,40 +0,0 @@
|
||||
---
|
||||
image:
|
||||
repository: vaultwarden/server
|
||||
tag: 1.28.1
|
||||
|
||||
istio:
|
||||
enabled: true
|
||||
istio:
|
||||
- name: bitwarden-http
|
||||
gateway: istio-system/badhouseplants-net
|
||||
kind: http
|
||||
hostname: bitwarden.badhouseplants.net
|
||||
service: bitwarden-vaultwarden
|
||||
port: 80
|
||||
|
||||
# pathType is only for k8s >= 1.1=
|
||||
pathType: Prefix
|
||||
|
||||
env:
|
||||
SIGNUPS_ALLOWED: false
|
||||
DOMAIN: "https://bitwarden.badhouseplants.net"
|
||||
WEB_VAULT_ENABLED: true
|
||||
|
||||
persistence:
|
||||
enabled: true
|
||||
accessMode: ReadWriteOnce
|
||||
size: 800Mi
|
||||
storageClass: longhorn
|
||||
|
||||
smtp:
|
||||
host: badhouseplants.net
|
||||
security: "starttls"
|
||||
port: 587
|
||||
from: bitwarden@badhouseplants.net
|
||||
fromName: bitwarden
|
||||
username:
|
||||
value: overlord@badhouseplants.net
|
||||
authMechanism: "Plain"
|
||||
acceptInvalidHostnames: "false"
|
||||
acceptInvalidCerts: "false"
|
@ -1,32 +0,0 @@
|
||||
---
|
||||
dbinstances:
|
||||
postgres:
|
||||
monitoring:
|
||||
enabled: false
|
||||
adminSecretRef:
|
||||
Name: postgres-secret
|
||||
Namespace: database-service
|
||||
engine: postgres
|
||||
generic:
|
||||
host: postgres-postgresql
|
||||
port: 5432
|
||||
postgres16:
|
||||
monitoring:
|
||||
enabled: false
|
||||
adminSecretRef:
|
||||
Name: postgres16-secret
|
||||
Namespace: database-service
|
||||
engine: postgres
|
||||
generic:
|
||||
host: postgres16-postgresql.database-service.svc.cluster.local
|
||||
port: 5432
|
||||
mysql:
|
||||
monitoring:
|
||||
enabled: false
|
||||
adminSecretRef:
|
||||
Name: mysql-secret
|
||||
Namespace: database-service
|
||||
engine: mysql
|
||||
generic:
|
||||
host: mysql
|
||||
port: 3306
|
@ -1,129 +0,0 @@
|
||||
istio-gateway:
|
||||
enabled: true
|
||||
gateways:
|
||||
- name: badhouseplants-email
|
||||
servers:
|
||||
- hosts:
|
||||
- "*"
|
||||
port:
|
||||
name: smtp
|
||||
number: 25
|
||||
protocol: TCP
|
||||
- hosts:
|
||||
- "*"
|
||||
port:
|
||||
name: pop3
|
||||
number: 110
|
||||
protocol: TCP
|
||||
- hosts:
|
||||
- "*"
|
||||
port:
|
||||
name: imap
|
||||
number: 143
|
||||
protocol: TCP
|
||||
- hosts:
|
||||
- "*"
|
||||
port:
|
||||
name: smtps
|
||||
number: 465
|
||||
protocol: TCP
|
||||
- hosts:
|
||||
- "*"
|
||||
port:
|
||||
name: submission
|
||||
number: 587
|
||||
protocol: TCP
|
||||
- hosts:
|
||||
- "*"
|
||||
port:
|
||||
name: imaps
|
||||
number: 993
|
||||
protocol: TCP
|
||||
- hosts:
|
||||
- "*"
|
||||
port:
|
||||
name: pop3s
|
||||
number: 995
|
||||
protocol: TCP
|
||||
istio:
|
||||
enabled: true
|
||||
istio:
|
||||
- name: docker-mailserver-smpt
|
||||
kind: tcp
|
||||
gateway: badhouseplants-email
|
||||
service: docker-mailserver
|
||||
hostname: badhouseplants.net
|
||||
port_match: 25
|
||||
port: 25
|
||||
- name: docker-mailserver-smpts
|
||||
kind: tcp
|
||||
gateway: badhouseplants-email
|
||||
port_match: 465
|
||||
hostname: badhouseplants.net
|
||||
service: docker-mailserver
|
||||
port: 465
|
||||
- name: docker-mailserver-smpt-startls
|
||||
kind: tcp
|
||||
gateway: badhouseplants-email
|
||||
hostname: badhouseplants.net
|
||||
port_match: 587
|
||||
service: docker-mailserver
|
||||
port: 587
|
||||
- name: docker-mailserver-imap
|
||||
kind: tcp
|
||||
hostname: badhouseplants.net
|
||||
gateway: badhouseplants-email
|
||||
port_match: 143
|
||||
service: docker-mailserver
|
||||
port: 143
|
||||
- name: docker-mailserver-imaps
|
||||
kind: tcp
|
||||
gateway: badhouseplants-email
|
||||
hostname: badhouseplants.net
|
||||
port_match: 993
|
||||
service: docker-mailserver
|
||||
port: 993
|
||||
- name: docker-mailserver-pop3
|
||||
kind: tcp
|
||||
gateway: badhouseplants-email
|
||||
port_match: 110
|
||||
hostname: badhouseplants.net
|
||||
service: docker-mailserver
|
||||
port: 110
|
||||
- name: docker-mailserver-pop3s
|
||||
kind: tcp
|
||||
gateway: badhouseplants-email
|
||||
port_match: 993
|
||||
hostname: badhouseplants.net
|
||||
service: docker-mailserver
|
||||
port: 993
|
||||
- name: docker-mailserver-rainloop
|
||||
kind: http
|
||||
gateway: istio-system/badhouseplants-net
|
||||
hostname: mail.badhouseplants.net
|
||||
service: docker-mailserver-rainloop
|
||||
port: 80
|
||||
|
||||
rainloop:
|
||||
enabled: true
|
||||
ingress:
|
||||
enabled: false
|
||||
demoMode:
|
||||
enabled: false
|
||||
domains:
|
||||
- badhouseplants.net
|
||||
- mail.badhouseplants.net
|
||||
ssl:
|
||||
issuer:
|
||||
name: badhouseplants-issuer
|
||||
kind: ClusterIssuer
|
||||
dnsname: badhouseplants.net
|
||||
dns01provider: cloudflare
|
||||
useExisting: false
|
||||
pod:
|
||||
dockermailserver:
|
||||
enable_fail2ban: "0"
|
||||
ssl_type: manual
|
||||
service:
|
||||
type: ClusterIP
|
||||
spfTestsDisabled: true
|
@ -1,16 +0,0 @@
|
||||
---
|
||||
env:
|
||||
DRONE_RPC_HOST: drone.badhouseplants.net
|
||||
DRONE_RPC_PROTO: https
|
||||
DRONE_NAMESPACE_DEFAULT: drone-service
|
||||
rbac:
|
||||
buildNamespaces:
|
||||
- drone-service
|
||||
dind:
|
||||
resources:
|
||||
limits:
|
||||
cpu: 2000m
|
||||
memory: 2024Mi
|
||||
requests:
|
||||
cpu: 100m
|
||||
memory: 512Mi
|
@ -1,18 +0,0 @@
|
||||
# ------------------------------------------
|
||||
# -- Istio extenstion. Just because I'm
|
||||
# -- not using ingress nginx
|
||||
# ------------------------------------------
|
||||
istio:
|
||||
enabled: true
|
||||
istio:
|
||||
- name: drone-http
|
||||
gateway: istio-system/badhouseplants-net
|
||||
kind: http
|
||||
hostname: drone.badhouseplants.net
|
||||
service: drone
|
||||
port: 8080
|
||||
env:
|
||||
DRONE_SERVER_HOST: drone.badhouseplants.net
|
||||
DRONE_SERVER_PROTO: https
|
||||
DRONE_GITEA_SERVER: https://git.badhouseplants.net
|
||||
DRONE_USER_CREATE: username:allanger,admin:true
|
@ -1,56 +0,0 @@
|
||||
---
|
||||
# ------------------------------------------
|
||||
# -- Istio extenstion. Just because I'm
|
||||
# -- not using ingress nginx
|
||||
# ------------------------------------------
|
||||
istio:
|
||||
enabled: true
|
||||
istio:
|
||||
- name: funkwhale-http
|
||||
gateway: istio-system/badhouseplants-net
|
||||
kind: http
|
||||
hostname: funkwhale.badhouseplants.net
|
||||
service: funkwhale
|
||||
port: 80
|
||||
|
||||
ext-database:
|
||||
enabled: true
|
||||
name: funkwhale-postgres16
|
||||
instance: postgres16
|
||||
|
||||
replicaCount: 1
|
||||
celery:
|
||||
worker:
|
||||
replicaCount: 1
|
||||
beat:
|
||||
resources:
|
||||
limits:
|
||||
cpu: 100m
|
||||
memory: 512Mi
|
||||
requests:
|
||||
cpu: 10m
|
||||
memory: 75Mi
|
||||
extraEnv:
|
||||
FUNKWHALE_HOSTNAME: funkwhale.badhouseplants.net
|
||||
FUNKWHALE_PROTOCOL: https
|
||||
persistence:
|
||||
enabled: true
|
||||
accessMode: ReadWriteMany
|
||||
size: 10Gi
|
||||
s3:
|
||||
enabled: false
|
||||
ingress:
|
||||
enabled: false
|
||||
postgresql:
|
||||
enabled: false
|
||||
host: postgres16-postgresql.database-service.svc.cluster.local
|
||||
auth:
|
||||
username: funkwhale-application-funkwhale-postgres16
|
||||
database: funkwhale-application-funkwhale-postgres16
|
||||
|
||||
redis:
|
||||
enabled: false
|
||||
host: redis-master.database-service.svc.cluster.local
|
||||
auth:
|
||||
enabled: true
|
||||
database: 3
|
@ -1,122 +0,0 @@
|
||||
---
|
||||
# ------------------------------------------
|
||||
# -- Istio extenstion. Just because I'm
|
||||
# -- not using ingress nginx
|
||||
# ------------------------------------------
|
||||
istio:
|
||||
enabled: true
|
||||
istio:
|
||||
- name: gitea-http
|
||||
kind: http
|
||||
gateway: istio-system/badhouseplants-net
|
||||
hostname: git.badhouseplants.net
|
||||
service: gitea-http
|
||||
port: 3000
|
||||
- name: gitea-ssh
|
||||
kind: tcp
|
||||
gateway: istio-system/badhouseplants-ssh
|
||||
hostname: "*"
|
||||
port_match: 22
|
||||
service: gitea-ssh
|
||||
port: 22
|
||||
# ------------------------------------------
|
||||
# -- Database extension is used to manage
|
||||
# -- database with db-operator
|
||||
# ------------------------------------------
|
||||
ext-database:
|
||||
enabled: true
|
||||
name: gitea-postgres16
|
||||
instance: postgres16
|
||||
# ------------------------------------------
|
||||
# -- Kubernetes related values
|
||||
# ------------------------------------------
|
||||
replicaCount: 1
|
||||
clusterDomain: cluster.local
|
||||
|
||||
resources:
|
||||
limits:
|
||||
cpu: 300m
|
||||
memory: 512Mi
|
||||
requests:
|
||||
cpu: 50m
|
||||
memory: 128Mi
|
||||
|
||||
persistence:
|
||||
enabled: true
|
||||
size: 10Gi
|
||||
accessModes:
|
||||
- ReadWriteOnce
|
||||
|
||||
ingress:
|
||||
enabled: false
|
||||
# ------------------------------------------
|
||||
# -- Main Gitea settings
|
||||
# ------------------------------------------
|
||||
gitea:
|
||||
metrics:
|
||||
enabled: true
|
||||
serviceMonitor:
|
||||
# -- TODO(@allanger): Enable it once prometheus is configured
|
||||
enabled: false
|
||||
config:
|
||||
database:
|
||||
DB_TYPE: postgres
|
||||
HOST: postgres16-postgresql.database-service.svc.cluster.local
|
||||
NAME: gitea-service-gitea-postgres16
|
||||
USER: gitea-service-gitea-postgres16
|
||||
APP_NAME: Bad Houseplants Gitea
|
||||
ui:
|
||||
meta:
|
||||
AUTHOR: Bad Houseplants
|
||||
DESCRIPTION: ...by allanger
|
||||
repository:
|
||||
DEFAULT_BRANCH: main
|
||||
MAX_CREATION_LIMIT: 0
|
||||
DISABLED_REPO_UNITS: repo.wiki
|
||||
service:
|
||||
DISABLE_REGISTRATION: false
|
||||
server:
|
||||
DOMAIN: git.badhouseplants.net
|
||||
ROOT_URL: https://git.badhouseplants.net
|
||||
LFS_START_SERVER: true
|
||||
LANDING_PAGE: explore
|
||||
START_SSH_SERVER: true
|
||||
admin:
|
||||
DISABLE_REGULAR_ORG_CREATION: true
|
||||
packages:
|
||||
ENABLED: true
|
||||
cron:
|
||||
enabled: true
|
||||
attachment:
|
||||
MAX_SIZE: 100
|
||||
actions:
|
||||
ENABLED: true
|
||||
oauth2_client:
|
||||
REGISTER_EMAIL_CONFIRM: false
|
||||
ENABLE_AUTO_REGISTRATION: true
|
||||
session:
|
||||
PROVIDER: redis
|
||||
cache:
|
||||
ENABLED: true
|
||||
ADAPTER: redis
|
||||
queue:
|
||||
TYPE: redis
|
||||
mailer:
|
||||
ENABLED: true
|
||||
FROM: gitea@badhouseplants.net
|
||||
PROTOCOL: smtp+startls
|
||||
SMTP_ADDR: badhouseplants.net
|
||||
SMTP_PORT: 587
|
||||
USER: overlord@badhouseplants.net
|
||||
service:
|
||||
ssh:
|
||||
type: ClusterIP
|
||||
port: 22
|
||||
clusterIP:
|
||||
# ------------------------------------------
|
||||
# -- Disabled dependencies
|
||||
# ------------------------------------------
|
||||
postgresql-ha:
|
||||
enabled: false
|
||||
redis-cluster:
|
||||
enabled: false
|
@ -1,4 +0,0 @@
|
||||
config:
|
||||
env:
|
||||
HOSTNAME: mail.badhouseplants.net
|
||||
FIRST_MAIL_DOMAIN: badhouseplants.net
|
@ -1,69 +0,0 @@
|
||||
istio-gateway:
|
||||
enabled: true
|
||||
gateways:
|
||||
- name: badhouseplants-net
|
||||
servers:
|
||||
- hosts:
|
||||
- badhouseplants.net
|
||||
- '*.badhouseplants.net'
|
||||
port:
|
||||
name: http
|
||||
number: 80
|
||||
protocol: HTTP2
|
||||
tls:
|
||||
httpsRedirect: true
|
||||
- hosts:
|
||||
- badhouseplants.net
|
||||
- '*.badhouseplants.net'
|
||||
port:
|
||||
name: https
|
||||
number: 443
|
||||
protocol: HTTPS
|
||||
tls:
|
||||
credentialName: badhouseplants-wildcard-tls
|
||||
mode: SIMPLE
|
||||
- name: nrodionov-info
|
||||
servers:
|
||||
- hosts:
|
||||
- nrodionov.info
|
||||
- dev.nrodionov.info
|
||||
port:
|
||||
name: http
|
||||
number: 80
|
||||
protocol: HTTP2
|
||||
tls:
|
||||
httpsRedirect: false
|
||||
- hosts:
|
||||
- nrodionov.info
|
||||
- dev.nrodionov.info
|
||||
port:
|
||||
name: https
|
||||
number: 443
|
||||
protocol: HTTPS
|
||||
tls:
|
||||
credentialName: nrodionov-wildcard-tls
|
||||
mode: SIMPLE
|
||||
- name: badhouseplants-vpn
|
||||
servers:
|
||||
- hosts:
|
||||
- '*'
|
||||
port:
|
||||
name: tcp
|
||||
number: 1194
|
||||
protocol: TCP
|
||||
- name: badhouseplants-ssh
|
||||
servers:
|
||||
- hosts:
|
||||
- '*'
|
||||
port:
|
||||
name: ssh
|
||||
number: 22
|
||||
protocol: TCP
|
||||
- name: badhouseplants-minecraft
|
||||
servers:
|
||||
- hosts:
|
||||
- '*'
|
||||
port:
|
||||
name: minecraft
|
||||
number: 25565
|
||||
protocol: TCP
|
@ -1,67 +0,0 @@
|
||||
service:
|
||||
type: LoadBalancer
|
||||
ports:
|
||||
- name: minecraft
|
||||
port: 25565
|
||||
protocol: TCP
|
||||
targetPort: 25565
|
||||
- name: ssh-gitea
|
||||
port: 22
|
||||
protocol: TCP
|
||||
targetPort: 22
|
||||
- name: http2
|
||||
port: 80
|
||||
protocol: TCP
|
||||
targetPort: 80
|
||||
- name: https
|
||||
port: 443
|
||||
protocol: TCP
|
||||
targetPort: 443
|
||||
- name: tcp
|
||||
port: 1194
|
||||
protocol: TCP
|
||||
targetPort: 1194
|
||||
- name: tcp
|
||||
port: 25
|
||||
protocol: TCP
|
||||
targetPort: 25
|
||||
# -----------
|
||||
# -- Email
|
||||
# -----------
|
||||
- name: smtp
|
||||
port: 25
|
||||
protocol: TCP
|
||||
targetPort: 25
|
||||
- name: smtps
|
||||
port: 465
|
||||
protocol: TCP
|
||||
targetPort: 465
|
||||
- name: smtp-startls
|
||||
port: 587
|
||||
protocol: TCP
|
||||
targetPort: 587
|
||||
- name: imap
|
||||
port: 143
|
||||
protocol: TCP
|
||||
targetPort: 143
|
||||
- name: imaps
|
||||
port: 993
|
||||
protocol: TCP
|
||||
targetPort: 993
|
||||
- name: pop3
|
||||
port: 110
|
||||
protocol: TCP
|
||||
targetPort: 110
|
||||
- name: pop3s
|
||||
port: 995
|
||||
protocol: TCP
|
||||
targetPort: 995
|
||||
podAnnotations:
|
||||
proxy.istio.io/config: '{"gatewayTopology" : { "numTrustedProxies": 0, "forwardClientCertDetails": SANITIZE } }'
|
||||
resources:
|
||||
requests:
|
||||
cpu: 100m
|
||||
memory: 128Mi
|
||||
limits:
|
||||
cpu: 200m
|
||||
memory: 1024Mi
|
@ -1,14 +0,0 @@
|
||||
---
|
||||
pilot:
|
||||
resources:
|
||||
requests:
|
||||
cpu: 50m
|
||||
memory: 2048Mi
|
||||
global:
|
||||
proxy:
|
||||
resources:
|
||||
requests:
|
||||
cpu: 100m
|
||||
memory: 128Mi
|
||||
limits:
|
||||
memory: 128Mi
|
@ -1,11 +0,0 @@
|
||||
---
|
||||
singleBinary:
|
||||
replicas: 1
|
||||
loki:
|
||||
auth_enabled: false
|
||||
commonConfig:
|
||||
replication_factor: 1
|
||||
compactor:
|
||||
retention_enabled: true
|
||||
limits_config:
|
||||
retention_period: 2d
|
@ -1,13 +0,0 @@
|
||||
defaultSettings:
|
||||
backupTarget: s3://longhorn@us-east1/backupstore
|
||||
backupTargetCredentialSecret: aws-secret
|
||||
guaranteedEngineManagerCPU: 6
|
||||
guaranteedReplicaManagerCPU: 6
|
||||
storageOverProvisioningPercentage: 300
|
||||
storageMinimalAvailablePercentage: 5
|
||||
defaultDataPath: /media-longhorn
|
||||
csi:
|
||||
kubeletRootDir: /var/snap/microk8s/common/var/lib/kubelet
|
||||
persistence:
|
||||
defaultClassReplicaCount: 1
|
||||
enablePSP: false
|
@ -1,181 +0,0 @@
|
||||
---
|
||||
certificate:
|
||||
enabled: true
|
||||
certificate:
|
||||
- name: mailu
|
||||
secretName: mailu-certificate
|
||||
issuer:
|
||||
kind: ClusterIssuer
|
||||
name: badhouseplants-issuer
|
||||
dnsNames:
|
||||
- badhouseplants.net
|
||||
- "email.badhouseplants.net"
|
||||
# ------------------------------------------
|
||||
# -- Istio extenstion. Just because I'm
|
||||
# -- not using ingress nginx
|
||||
# ------------------------------------------
|
||||
istio:
|
||||
enabled: true
|
||||
istio:
|
||||
- name: mailu-web
|
||||
kind: http
|
||||
gateway: badhouseplants-net
|
||||
hostname: email.badhouseplants.net
|
||||
service: mailu-fr ont
|
||||
port: 80
|
||||
# - name: mailu-smpt
|
||||
# kind: tcp
|
||||
# gateway: badhouseplants-mail
|
||||
# service: mailu-front
|
||||
# hostname: email.badhousplants.net
|
||||
# port_match: 25
|
||||
# port: 25
|
||||
# - name: mailu-smpts
|
||||
# kind: tcp
|
||||
# gateway: badhouseplants-mail
|
||||
# port_match: 465
|
||||
# hostname: email.badhousplants.net
|
||||
# service: mailu-front
|
||||
# port: 465
|
||||
# - name: mailu-smpt-startls
|
||||
# kind: tcp
|
||||
# gateway: badhouseplants-mail
|
||||
# hostname: email.badhousplants.net
|
||||
# port_match: 587
|
||||
# service: mailu-front
|
||||
# port: 587
|
||||
# - name: mailu-imap
|
||||
# kind: tcp
|
||||
# hostname: email.badhousplants.net
|
||||
# gateway: badhouseplants-mail
|
||||
# port_match: 143
|
||||
# service: mailu-front
|
||||
# port: 143
|
||||
# - name: mailu-imaps
|
||||
# kind: tcp
|
||||
# gateway: badhouseplants-mail
|
||||
# hostname: email.badhousplants.net
|
||||
# port_match: 993
|
||||
# service: mailu-front
|
||||
# port: 993
|
||||
# - name: mailu-pop3
|
||||
# kind: tcp
|
||||
# gateway: badhouseplants-mail
|
||||
# port_match: 110
|
||||
# hostname: email.badhousplants.net
|
||||
# service: mailu-front
|
||||
# port: 110
|
||||
# - name: mailu-pop3s
|
||||
# kind: tcp
|
||||
# gateway: badhouseplants-mail
|
||||
# port_match: 993
|
||||
# hostname: email.badhousplants.net
|
||||
# service: mailu-front
|
||||
# port: 993
|
||||
subnet: 10.1.0.0/16
|
||||
sessionCookieSecure: true
|
||||
hostnames:
|
||||
- post.badhouseplants.net
|
||||
domain: badhouseplants.net
|
||||
persistence:
|
||||
single_pvc: false
|
||||
limits:
|
||||
messageRatelimit:
|
||||
value: "10/day"
|
||||
tls:
|
||||
outboundLevel: secure
|
||||
ingress:
|
||||
enabled: false
|
||||
tls: false
|
||||
tlsFlavorOverride: mail
|
||||
selfSigned: false
|
||||
existingSecret: mailu-certificate
|
||||
admin:
|
||||
resources:
|
||||
requests:
|
||||
memory: 100Mi
|
||||
cpu: 70m
|
||||
limits:
|
||||
memory: 700Mi
|
||||
cpu: 400m
|
||||
persistence:
|
||||
size: 1Gi
|
||||
redis:
|
||||
resources:
|
||||
requests:
|
||||
memory: 100Mi
|
||||
cpu: 70m
|
||||
limits:
|
||||
memory: 200Mi
|
||||
cpu: 200m
|
||||
persistence:
|
||||
size: 1Gi
|
||||
postfix:
|
||||
resources:
|
||||
requests:
|
||||
memory: 1024Mi
|
||||
cpu: 200m
|
||||
limits:
|
||||
memory: 1024Mi
|
||||
cpu: 200m
|
||||
persistence:
|
||||
size: 1Gi
|
||||
dovecot:
|
||||
logLevel: DEBUG
|
||||
resources:
|
||||
requests:
|
||||
memory: 100Mi
|
||||
cpu: 70m
|
||||
limits:
|
||||
memory: 400Mi
|
||||
cpu: 300m
|
||||
persistence:
|
||||
size: 1Gi
|
||||
roundcube:
|
||||
resources:
|
||||
requests:
|
||||
memory: 100Mi
|
||||
cpu: 70m
|
||||
limits:
|
||||
memory: 200Mi
|
||||
cpu: 200m
|
||||
persistence:
|
||||
size: 1Gi
|
||||
mysql:
|
||||
enabled: false
|
||||
postgresql:
|
||||
enabled: true
|
||||
auth:
|
||||
enablePostgresUser: true
|
||||
username: mailu
|
||||
database: mailu
|
||||
persistence:
|
||||
enabled: false
|
||||
storageClass: ""
|
||||
accessMode: ReadWriteOnce
|
||||
size: 2Gi
|
||||
front:
|
||||
logLevel: DEBUG
|
||||
hostPort:
|
||||
enabled: true
|
||||
rspamd:
|
||||
resources:
|
||||
requests:
|
||||
memory: 100Mi
|
||||
cpu: 100m
|
||||
limits:
|
||||
memory: 500Mi
|
||||
cpu: 400m
|
||||
startupProbe:
|
||||
periodSeconds: 30
|
||||
failureThreshold: 900
|
||||
timeoutSeconds: 20
|
||||
livenessProbe: {}
|
||||
readinessProbe: {}
|
||||
webmail:
|
||||
persistence:
|
||||
size: 2Gi
|
||||
storageClass: ""
|
||||
accessModes: [ReadWriteOnce]
|
||||
claimNameOverride: ""
|
||||
annotations: {}
|
@ -1,180 +0,0 @@
|
||||
---
|
||||
# --------------------------------------------------
|
||||
# -- Extensions values
|
||||
# --------------------------------------------------
|
||||
service-account:
|
||||
enabled: true
|
||||
resources:
|
||||
- name: minecraft-exporter
|
||||
label:
|
||||
app: minecraft-minecraft-metrics
|
||||
endpoints:
|
||||
port: metrics
|
||||
# ------------------------------------------
|
||||
# -- Istio extenstion. Just because I'm
|
||||
# -- not using ingress nginx
|
||||
# ------------------------------------------
|
||||
istio:
|
||||
enabled: true
|
||||
istio:
|
||||
- name: minecraft-tcp
|
||||
gateway: istio-system/badhouseplants-minecraft
|
||||
kind: tcp
|
||||
port_match: 25565
|
||||
hostname: "*"
|
||||
service: minecraft-minecraft
|
||||
port: 25565
|
||||
# --------------------------------------------------
|
||||
# -- Main values
|
||||
# --------------------------------------------------
|
||||
image:
|
||||
tag: java17-graalvm-ce
|
||||
pullPolicy: Always
|
||||
|
||||
resources:
|
||||
requests:
|
||||
memory: 3Gi
|
||||
cpu: 256m
|
||||
limits:
|
||||
memory: 3Gi
|
||||
|
||||
lifecycle:
|
||||
postStart:
|
||||
- bash
|
||||
- -c
|
||||
- for i in {1..100}; do mc-health && break || sleep 20; done && mc-send-to-console setpassword 11223345
|
||||
|
||||
readinessProbe:
|
||||
command:
|
||||
- mc-health
|
||||
periodSeconds: 20
|
||||
failureThreshold: 50
|
||||
timeoutSeconds: 10
|
||||
livenessProbe:
|
||||
timeoutSeconds: 10
|
||||
|
||||
minecraftServer:
|
||||
overrideServerProperties: true
|
||||
eula: "TRUE"
|
||||
onlineMode: false
|
||||
difficulty: hard
|
||||
hardcore: true
|
||||
version: 1.20.1
|
||||
maxWorldSize: 90000
|
||||
type: "PAPER"
|
||||
paperDownloadUrl: https://api.papermc.io/v2/projects/paper/versions/1.20.1/builds/170/downloads/paper-1.20.1-170.jar
|
||||
gameMode: survival
|
||||
pvp: true
|
||||
rcon:
|
||||
enabled: true
|
||||
withGeneratedPassword: false
|
||||
port: 25575
|
||||
serviceType: ClusterIP
|
||||
extraPorts:
|
||||
- name: metrics
|
||||
containerPort: 9225
|
||||
protocol: TCP
|
||||
service:
|
||||
enabled: true
|
||||
embedded: false
|
||||
labels:
|
||||
exporter: minecraft
|
||||
type: ClusterIP
|
||||
port: 9925
|
||||
ingress:
|
||||
enabled: false
|
||||
persistence:
|
||||
dataDir:
|
||||
enabled: true
|
||||
Size: 15Gi
|
||||
mcbackup:
|
||||
enabled: false
|
||||
backupInterval: 2h
|
||||
pauseIfNoPlayers: "false"
|
||||
pruneBackupsDays: 2
|
||||
rconRetries: 5
|
||||
rconRetryInterval: 10s
|
||||
excludes: "*.jar,cache,logs"
|
||||
backupMethod: restic
|
||||
resticRepository: s3:https://s3.e.badhouseplants.net:443/restic/minecraft
|
||||
resticAdditionalTags: "mc_backups"
|
||||
pruneResticRetention: "--keep-last 12 --keep-daily 1 --keep-weekly 2 --keep-monthly 2 --keep-yearly 2"
|
||||
resources:
|
||||
requests:
|
||||
memory: 512Mi
|
||||
cpu: 100m
|
||||
persistence:
|
||||
backupDir:
|
||||
enabled: false
|
||||
# ---------------------------------------------
|
||||
# -- Install Plugins
|
||||
# ---------------------------------------------
|
||||
initContainers:
|
||||
- name: 0-install-prometheus-exporter
|
||||
image: alpine/curl
|
||||
command:
|
||||
- curl
|
||||
- -L
|
||||
- "https://github.com/sladkoff/minecraft-prometheus-exporter/releases/download/v2.5.0/minecraft-prometheus-exporter-2.5.0.jar"
|
||||
- -o
|
||||
- /data/plugins/prometheus-exporter.jar
|
||||
volumeMounts:
|
||||
- name: plugins
|
||||
mountPath: /data/plugins
|
||||
readOnly: false
|
||||
- name: 0-install-password-plugin
|
||||
image: alpine/curl
|
||||
command:
|
||||
- curl
|
||||
- -L
|
||||
- "https://github.com/timbru31/PasswordProtect/releases/download/PasswordProtect-3.1.0/PasswordProtect.jar"
|
||||
- -o
|
||||
- /data/plugins/PasswordProtect.jar
|
||||
volumeMounts:
|
||||
- name: plugins
|
||||
mountPath: /data/plugins
|
||||
readOnly: false
|
||||
- name: 0-install-gravity-control-plugin
|
||||
image: alpine/curl
|
||||
command:
|
||||
- curl
|
||||
- -L
|
||||
- https://github.com/e-im/GravityControl/releases/download/v1.3.0/GravityControl-1.3.0.jar
|
||||
- -o
|
||||
- /data/plugins/GravityControl-1.3.0.jar
|
||||
volumeMounts:
|
||||
- name: plugins
|
||||
mountPath: /data/plugins
|
||||
readOnly: false
|
||||
- name: 0-install-fast-minecart-plugin
|
||||
image: alpine/curl
|
||||
command:
|
||||
- curl
|
||||
- -L
|
||||
- https://github.com/certainly1182/FastMinecarts/releases/download/v1.0.1/FastMinecarts.jar
|
||||
- -o
|
||||
- /data/plugins/FastMinecarts.jar
|
||||
volumeMounts:
|
||||
- name: plugins
|
||||
mountPath: /data/plugins
|
||||
- name: 1-add-plugins-to-minecraft
|
||||
image: alpine/curl
|
||||
command:
|
||||
- sh
|
||||
- -c
|
||||
- cp -r /in /out/plugins
|
||||
volumeMounts:
|
||||
- name: plugins
|
||||
mountPath: /in
|
||||
readOnly: false
|
||||
- name: datadir
|
||||
mountPath: /out
|
||||
extraVolumes:
|
||||
- volumeMounts:
|
||||
- name: plugins
|
||||
mountPath: /data/plugins
|
||||
readOnly: false
|
||||
volumes:
|
||||
- name: plugins
|
||||
emptyDir:
|
||||
sizeLimit: 500Mi
|
@ -1,121 +0,0 @@
|
||||
---
|
||||
# ------------------------------------------
|
||||
# -- Istio extenstion. Just because I'm
|
||||
# -- not using ingress nginx
|
||||
# ------------------------------------------
|
||||
istio:
|
||||
enabled: true
|
||||
istio:
|
||||
- name: minio-http
|
||||
gateway: istio-system/badhouseplants-net
|
||||
kind: http
|
||||
hostname: minio.badhouseplants.net
|
||||
service: minio-console
|
||||
port: 9001
|
||||
- name: s3-http
|
||||
gateway: istio-system/badhouseplants-net
|
||||
kind: http
|
||||
hostname: s3.badhouseplants.net
|
||||
service: minio
|
||||
port: 9000
|
||||
|
||||
rootUser: 'overlord'
|
||||
replicas: 1
|
||||
mode: standalone
|
||||
environment:
|
||||
MINIO_SERVER_URL: "https://s3.badhouseplants.net:443"
|
||||
tls:
|
||||
enabled: false
|
||||
certSecret: ''
|
||||
publicCrt: public.crt
|
||||
privateKey: private.key
|
||||
persistence:
|
||||
enabled: true
|
||||
accessMode: ReadWriteOnce
|
||||
size: 10Gi
|
||||
service:
|
||||
type: ClusterIP
|
||||
clusterIP: ~
|
||||
port: '9000'
|
||||
consoleService:
|
||||
type: ClusterIP
|
||||
clusterIP: ~
|
||||
port: '9001'
|
||||
resources:
|
||||
requests:
|
||||
memory: 2Gi
|
||||
buckets:
|
||||
- name: badhouseplants-net
|
||||
policy: download
|
||||
purge: false
|
||||
versioning: false
|
||||
- name: badhouseplants-js
|
||||
policy: download
|
||||
purge: false
|
||||
versioning: false
|
||||
- name: badhouseplants-net-main
|
||||
policy: download
|
||||
purge: false
|
||||
versioning: false
|
||||
- name: sharing
|
||||
policy: download
|
||||
purge: false
|
||||
versioning: false
|
||||
- name: allanger-music
|
||||
policy: download
|
||||
purge: false
|
||||
versioning: false
|
||||
- name: badhouseplants-brew
|
||||
policy: download
|
||||
purge: false
|
||||
versioning: false
|
||||
metrics:
|
||||
serviceMonitor:
|
||||
enabled: false
|
||||
public: true
|
||||
additionalLabels: {}
|
||||
policies:
|
||||
- name: allanger
|
||||
statements:
|
||||
- resources:
|
||||
- 'arn:aws:s3:::*'
|
||||
actions:
|
||||
- "s3:*"
|
||||
- resources: []
|
||||
actions:
|
||||
- "admin:*"
|
||||
- resources: []
|
||||
actions:
|
||||
- "kms:*"
|
||||
- name: badhouseplants:owners
|
||||
statements:
|
||||
- resources:
|
||||
- 'arn:aws:s3:::*'
|
||||
actions:
|
||||
- "s3:*"
|
||||
- resources: []
|
||||
actions:
|
||||
- "admin:*"
|
||||
- resources: []
|
||||
actions:
|
||||
- "kms:*"
|
||||
- name: badhouseplants
|
||||
statements:
|
||||
- resources:
|
||||
- 'arn:aws:s3:::badhouseplants-net'
|
||||
actions:
|
||||
- "s3:*"
|
||||
- resources:
|
||||
- 'arn:aws:s3:::badhouseplants-net/*'
|
||||
actions:
|
||||
- "s3:*"
|
||||
- name: sharing
|
||||
statements:
|
||||
- resources:
|
||||
- 'arn:aws:s3:::sharing'
|
||||
actions:
|
||||
- "s3:*"
|
||||
- resources:
|
||||
- 'arn:aws:s3:::sharing/*'
|
||||
actions:
|
||||
- "s3:*"
|
@ -1,6 +0,0 @@
|
||||
primary:
|
||||
persistence:
|
||||
size: 500Mi
|
||||
|
||||
auth:
|
||||
createDatabase: false
|
@ -1,11 +0,0 @@
|
||||
---
|
||||
ns:
|
||||
- name: monitoring-system
|
||||
templates:
|
||||
- |
|
||||
{{ range .Values.ns }}
|
||||
apiVersion: v1
|
||||
kind: Namespace
|
||||
metadata:
|
||||
name: {{ .name }}
|
||||
{{ end }}
|
@ -1,58 +0,0 @@
|
||||
---
|
||||
# ------------------------------------------
|
||||
# -- Istio extenstion. Just because I'm
|
||||
# -- not using ingress nginx
|
||||
# ------------------------------------------
|
||||
istio:
|
||||
enabled: true
|
||||
istio:
|
||||
- name: nrodionov-http
|
||||
gateway: istio-system/nrodionov-info
|
||||
kind: http
|
||||
hostname: dev.nrodionov.info
|
||||
service: nrodionov-wordpress
|
||||
port: 8080
|
||||
|
||||
ext-database:
|
||||
enabled: true
|
||||
name: nrodionov-mysql
|
||||
instance: mysql
|
||||
|
||||
wordpressBlogName: Николай Николаевич Родионов
|
||||
wordpressUsername: admin
|
||||
wordpressFirstName: Nikolai
|
||||
wordpressLastName: Rodionov
|
||||
wordpressTablePrefix: wp_
|
||||
wordpressScheme: http
|
||||
existingWordPressConfigurationSecret: ""
|
||||
resources:
|
||||
requests:
|
||||
memory: 300Mi
|
||||
cpu: 10m
|
||||
service:
|
||||
type: ClusterIP
|
||||
ports:
|
||||
http: 8080
|
||||
https: 8443
|
||||
|
||||
persistence:
|
||||
enabled: true
|
||||
storageClass: ""
|
||||
accessModes:
|
||||
- ReadWriteOnce
|
||||
accessMode: ReadWriteOnce
|
||||
size: 2Gi
|
||||
dataSource: {}
|
||||
existingClaim: ""
|
||||
selector: {}
|
||||
|
||||
mariadb:
|
||||
enabled: true
|
||||
primary:
|
||||
persistence:
|
||||
enabled: true
|
||||
storageClass: ""
|
||||
accessModes:
|
||||
- ReadWriteOnce
|
||||
size: 3Gi
|
||||
|
@ -1,38 +0,0 @@
|
||||
---
|
||||
# ------------------------------------------
|
||||
# -- Istio extenstion. Just because I'm
|
||||
# -- not using ingress nginx
|
||||
# ------------------------------------------
|
||||
istio:
|
||||
enabled: true
|
||||
istio:
|
||||
- name: openvpn-tcp
|
||||
gateway: istio-system/badhouseplants-vpn
|
||||
kind: tcp
|
||||
port_match: 1194
|
||||
hostname: "*"
|
||||
service: openvpn
|
||||
port: 1194
|
||||
# ------------------------------------------
|
||||
image:
|
||||
tag: v2.6.5-xor-4.0.0beta08
|
||||
storage:
|
||||
class: longhorn
|
||||
size: 512Mi
|
||||
|
||||
openvpn:
|
||||
proto: tcp
|
||||
host: 195.201.250.50
|
||||
easyrsa:
|
||||
cn: Bad Houseplants
|
||||
country: Germany
|
||||
province: NRW
|
||||
city: Duesseldorf
|
||||
org: Bad Houseplants
|
||||
email: allanger@zohomail.com
|
||||
|
||||
service:
|
||||
type: ClusterIP
|
||||
port: 1194
|
||||
targetPort: 1194
|
||||
protocol: TCP
|
@ -1,10 +0,0 @@
|
||||
architecture: standalone
|
||||
|
||||
auth:
|
||||
database: postgres
|
||||
|
||||
persistence:
|
||||
size: 1Gi
|
||||
|
||||
metrics:
|
||||
enabled: false
|
@ -1,10 +0,0 @@
|
||||
architecture: standalone
|
||||
|
||||
auth:
|
||||
database: postgres
|
||||
|
||||
persistence:
|
||||
size: 1Gi
|
||||
|
||||
metrics:
|
||||
enabled: false
|
@ -1,146 +0,0 @@
|
||||
---
|
||||
# ------------------------------------------
|
||||
# -- Istio extenstion. Just because I'm
|
||||
# -- not using ingress nginx
|
||||
# ------------------------------------------
|
||||
istio:
|
||||
enabled: true
|
||||
istio:
|
||||
- name: grafana-https
|
||||
gateway: istio-system/badhouseplants-net
|
||||
kind: http
|
||||
hostname: "grafana.badhouseplants.net"
|
||||
service: prometheus-grafana
|
||||
port: 80
|
||||
|
||||
coreDns:
|
||||
enabled: false
|
||||
kubeEtcd:
|
||||
enabled: false
|
||||
kubelet:
|
||||
enabled: false
|
||||
kubeApiServer:
|
||||
enabled: false
|
||||
|
||||
prometheus-node-exporter:
|
||||
prometheus:
|
||||
monitor:
|
||||
enabled: true
|
||||
jobLabel: jobLabel
|
||||
interval: 60s
|
||||
|
||||
defaultRules:
|
||||
create: true
|
||||
rules:
|
||||
alertmanager: true
|
||||
etcd: false
|
||||
configReloaders: false
|
||||
general: true
|
||||
k8s: true
|
||||
kubeApiserverAvailability: false
|
||||
kubeApiserverBurnrate: false
|
||||
kubeApiserverHistogram: false
|
||||
kubeApiserverSlos: false
|
||||
kubeControllerManager: false
|
||||
kubelet: false
|
||||
kubeProxy: false
|
||||
kubePrometheusGeneral: false
|
||||
kubePrometheusNodeRecording: false
|
||||
kubernetesApps: true
|
||||
kubernetesResources: true
|
||||
kubernetesStorage: true
|
||||
kubernetesSystem: true
|
||||
kubeSchedulerAlerting: false
|
||||
kubeSchedulerRecording: true
|
||||
kubeStateMetrics: true
|
||||
network: false
|
||||
node: true
|
||||
nodeExporterAlerting: true
|
||||
nodeExporterRecording: true
|
||||
prometheus: true
|
||||
prometheusOperator: true
|
||||
windows: false
|
||||
|
||||
prometheus:
|
||||
prometheusSpec:
|
||||
enableAdminAPI: true
|
||||
retentionSize: 10GB
|
||||
podMonitorNamespaceSelector:
|
||||
any: true
|
||||
podMonitorSelector: {}
|
||||
podMonitorSelectorNilUsesHelmValues: false
|
||||
ruleNamespaceSelector:
|
||||
any: true
|
||||
ruleSelector: {}
|
||||
ruleSelectorNilUsesHelmValues: false
|
||||
serviceMonitorNamespaceSelector:
|
||||
any: true
|
||||
serviceMonitorSelector: {}
|
||||
serviceMonitorSelectorNilUsesHelmValues: false
|
||||
storageSpec:
|
||||
volumeClaimTemplate:
|
||||
spec:
|
||||
accessModes: ["ReadWriteOnce"]
|
||||
resources:
|
||||
requests:
|
||||
storage: 10Gi
|
||||
|
||||
grafana:
|
||||
persistence:
|
||||
enabled: true
|
||||
size: 2Gi
|
||||
grafana.ini:
|
||||
server:
|
||||
root_url: https://grafana.badhouseplants.net
|
||||
auth.generic_oauth:
|
||||
name: Gitea
|
||||
icon: signin
|
||||
enabled: true
|
||||
allow_sign_up: true
|
||||
auto_login: false
|
||||
client_id: 0ce70a7d-f267-44cc-9686-71048277e51d
|
||||
scopes: openid profile email groups
|
||||
empty_scopes: false
|
||||
auth_url: https://git.badhouseplants.net/login/oauth/authorize
|
||||
token_url: https://git.badhouseplants.net/login/oauth/access_token
|
||||
api_url: https://git.badhouseplants.net/login/oauth/userinfo
|
||||
tls_skip_verify_insecure: false
|
||||
use_pkce: true
|
||||
role_attribute_path: contains(groups, 'badhouseplants:owners') && 'Admin' || 'Viewer'
|
||||
|
||||
dashboardProviders:
|
||||
dashboardproviders.yaml:
|
||||
apiVersion: 1
|
||||
providers:
|
||||
- name: 'default'
|
||||
orgId: 1
|
||||
folder: ''
|
||||
type: file
|
||||
disableDeletion: true
|
||||
editable: false
|
||||
options:
|
||||
path: /var/lib/grafana/dashboards/default
|
||||
|
||||
dashboards:
|
||||
default:
|
||||
gitea-dashboard:
|
||||
gnetId: 13192
|
||||
revision: 1
|
||||
datasource: Prometheus
|
||||
argo-dashboard:
|
||||
gnetId: 14584
|
||||
revision: 1
|
||||
datasource: Prometheus
|
||||
|
||||
datasources:
|
||||
loki.yaml:
|
||||
apiVersion: 1
|
||||
datasources:
|
||||
- name: Loki
|
||||
type: loki
|
||||
access: proxy
|
||||
uid: loki
|
||||
editable: false
|
||||
url: http://loki.monitoring-system:3100/
|
||||
jsonData:
|
||||
maxLines: 1000
|
@ -1,5 +0,0 @@
|
||||
---
|
||||
config:
|
||||
clients:
|
||||
# - url: http://loki.monitoring-system:3100
|
||||
- url: http://loki-gateway/loki/api/v1/push
|
@ -1,7 +0,0 @@
|
||||
metrics:
|
||||
enabled: false
|
||||
|
||||
architecture: standalone
|
||||
master:
|
||||
persistence:
|
||||
enabled: false
|
@ -1,63 +0,0 @@
|
||||
---
|
||||
# ------------------------------------------
|
||||
# -- Istio extenstion. Just because I'm
|
||||
# -- not using ingress nginx
|
||||
# ------------------------------------------
|
||||
istio:
|
||||
enabled: true
|
||||
istio:
|
||||
- name: vaultwarden-http
|
||||
kind: http
|
||||
gateway: istio-system/badhouseplants-net
|
||||
hostname: vault.badhouseplants.net
|
||||
service: vaultwarden
|
||||
port: 8080
|
||||
# ------------------------------------------
|
||||
# -- Database extension is used to manage
|
||||
# -- database with db-operator
|
||||
# ------------------------------------------
|
||||
ext-database:
|
||||
enabled: true
|
||||
name: vaultwarden-postgres16
|
||||
instance: postgres16
|
||||
service:
|
||||
port: 8080
|
||||
vaultwarden:
|
||||
smtp:
|
||||
host: badhouseplants.net
|
||||
security: "starttls"
|
||||
port: 587
|
||||
from: vaultwarden@badhouseplants.net
|
||||
fromName: Vault Warden
|
||||
authMechanism: "Plain"
|
||||
acceptInvalidHostnames: "false"
|
||||
acceptInvalidCerts: "false"
|
||||
debug: false
|
||||
domain: https://vault.badhouseplants.net
|
||||
websocket:
|
||||
enabled: true
|
||||
address: "0.0.0.0"
|
||||
port: 3012
|
||||
rocket:
|
||||
port: "8080"
|
||||
workers: "10"
|
||||
webVaultEnabled: "true"
|
||||
signupsAllowed: false
|
||||
invitationsAllowed: true
|
||||
signupDomains: "https://vault.badhouseplants.com"
|
||||
signupsVerify: "true"
|
||||
showPassHint: "false"
|
||||
database:
|
||||
existingSecret: vaultwarden-postgres16-creds
|
||||
existingSecretKey: CONNECTION_STRING
|
||||
connectionRetries: 15
|
||||
maxConnections: 10
|
||||
storage:
|
||||
enabled: false
|
||||
size: 1Gi
|
||||
class: default
|
||||
dataDir: /data
|
||||
logging:
|
||||
enabled: false
|
||||
logfile: "/data/vaultwarden.log"
|
||||
loglevel: "warn"
|
@ -1,38 +0,0 @@
|
||||
# ------------------------------------------
|
||||
# -- Istio extenstion. Just because I'm
|
||||
# -- not using ingress nginx
|
||||
# ------------------------------------------
|
||||
istio:
|
||||
enabled: true
|
||||
istio:
|
||||
- name: woodpecker-server-http
|
||||
gateway: istio-system/badhouseplants-net
|
||||
kind: http
|
||||
hostname: ci.badhouseplants.net
|
||||
service: woodpecker-ci-server
|
||||
port: 80
|
||||
server:
|
||||
image:
|
||||
tag: v1.0.2
|
||||
enabled: true
|
||||
env:
|
||||
WOODPECKER_GITEA: true
|
||||
WOODPECKER_GITEA_URL: https://git.badhouseplants.net
|
||||
WOODPECKER_GITEA_CLIENT: ab5e4687-a476-4668-9fbc-288d54095634
|
||||
WOODPECKER_OPEN: true
|
||||
WOODPECKER_ADMIN: "woodpecker,allanger"
|
||||
WOODPECKER_HOST: "https://ci.badhouseplants.net"
|
||||
extraSecretNamesForEnvFrom: []
|
||||
agent:
|
||||
image:
|
||||
tag: v1.0.2
|
||||
enabled: true
|
||||
extraSecretNamesForEnvFrom: []
|
||||
env:
|
||||
WOODPECKER_SERVER: woodpecker-ci-server:9000
|
||||
WOODPECKER_BACKEND_K8S_VOLUME_SIZE: 1Gi
|
||||
WOODPECKER_BACKEND_K8S_STORAGE_CLASS:
|
||||
serviceAccount:
|
||||
create: true
|
||||
rbac:
|
||||
create: true
|
@ -1,20 +0,0 @@
|
||||
---
|
||||
certificate:
|
||||
templates:
|
||||
- |
|
||||
{{ range .Values.certificate }}
|
||||
---
|
||||
apiVersion: cert-manager.io/v1
|
||||
kind: Certificate
|
||||
metadata:
|
||||
name: {{ .name }}
|
||||
spec:
|
||||
dnsNames:
|
||||
{{- range .dnsNames }}
|
||||
- {{ . | quote }}
|
||||
{{- end }}
|
||||
issuerRef:
|
||||
kind: {{ .issuer.kind }}
|
||||
name: {{ .issuer.name }}
|
||||
secretName: {{ .secretName }}
|
||||
{{ end }}
|
@ -1,16 +0,0 @@
|
||||
---
|
||||
ext-database:
|
||||
templates:
|
||||
- |
|
||||
---
|
||||
apiVersion: kinda.rocks/v1beta1
|
||||
kind: Database
|
||||
metadata:
|
||||
name: "{{ .Values.name }}"
|
||||
spec:
|
||||
secretName: "{{ .Values.name }}-creds"
|
||||
instance: "{{ .Values.instance }}"
|
||||
deletionProtected: false
|
||||
backup:
|
||||
enable: false
|
||||
cron: 0 0 * * *
|
@ -1,16 +0,0 @@
|
||||
---
|
||||
istio-gateway:
|
||||
templates:
|
||||
- |
|
||||
{{ range .Values.gateways }}
|
||||
---
|
||||
apiVersion: networking.istio.io/v1beta1
|
||||
kind: Gateway
|
||||
metadata:
|
||||
name: {{ .name }}
|
||||
spec:
|
||||
selector:
|
||||
istio: ingressgateway
|
||||
servers:
|
||||
{{ toYaml .servers | indent 4 }}
|
||||
{{ end }}
|
@ -1,36 +0,0 @@
|
||||
---
|
||||
istio:
|
||||
templates:
|
||||
- |
|
||||
{{ range .Values.istio }}
|
||||
---
|
||||
apiVersion: networking.istio.io/v1beta1
|
||||
kind: VirtualService
|
||||
metadata:
|
||||
name: {{ .name }}
|
||||
spec:
|
||||
gateways:
|
||||
- "{{ .gateway }}"
|
||||
hosts:
|
||||
- {{ .hostname | quote }}
|
||||
{{- if eq .kind "http" }}
|
||||
http:
|
||||
- match:
|
||||
- uri:
|
||||
prefix: /
|
||||
route:
|
||||
- destination:
|
||||
host: {{ .service }}
|
||||
port:
|
||||
number: {{ .port }}
|
||||
{{- else if eq .kind "tcp" }}
|
||||
tcp:
|
||||
- match:
|
||||
- port: {{ .port_match }}
|
||||
route:
|
||||
- destination:
|
||||
host: {{ .service }}
|
||||
port:
|
||||
number: {{ .port }}
|
||||
{{ end }}
|
||||
{{ end }}
|
@ -1,4 +0,0 @@
|
||||
apiService:
|
||||
insecureSkipTLSVerify: true
|
||||
args:
|
||||
- --kubelet-insecure-tls
|
@ -1,8 +0,0 @@
|
||||
ns:
|
||||
templates:
|
||||
- |
|
||||
apiVersion: v1
|
||||
kind: Namespace
|
||||
metadata:
|
||||
name: {{ .Values.name }}
|
||||
|
@ -1,16 +0,0 @@
|
||||
---
|
||||
service-monitor:
|
||||
templates:
|
||||
- |
|
||||
{{ range .Values.service-monitor.resources }}
|
||||
apiVersion: monitoring.coreos.com/v1
|
||||
kind: ServiceMonitor
|
||||
metadata:
|
||||
name: {{ .name }}
|
||||
spec:
|
||||
selector:
|
||||
matchLabels:
|
||||
app: {{ .label.app }}
|
||||
endpoints:
|
||||
- port: {{ .endpoints.port }}
|
||||
{{ end }}
|
@ -1,5 +0,0 @@
|
||||
environments:
|
||||
badhouseplants:
|
||||
kubeContext: badhouseplants
|
||||
etersoft:
|
||||
kubeContext: etersoft
|
@ -1,5 +0,0 @@
|
||||
---
|
||||
|
||||
bases:
|
||||
- ../environments.yaml
|
||||
- ../repositories.yaml
|
@ -1,38 +0,0 @@
|
||||
rootPassword: ENC[AES256_GCM,data:s38LHPKR4UsJE2MvlvIuKllZsYGZxcwssbqMWoPqo11j,iv:iredmR6yFSMxmS7NFwz5kLUxPWdSIImYRLRkICr7sJQ=,tag:Gb+rMEBrVX4dDS+N/quHyA==,type:str]
|
||||
users:
|
||||
- accessKey: ENC[AES256_GCM,data:J3pNKKmaius=,iv:Mjbx//mHSfVM4NEsOCdPMw7nZ5N2J1rg/IE8JZxzZ30=,tag:sX3OuZ3RodAn8znacBTu4A==,type:str]
|
||||
secretKey: ENC[AES256_GCM,data:f4PO+T8IRvw5yhFz9Twf3h6vxw==,iv:13ekjlbaTZYDyhMQeM0oJ7/U53ZfhVX/AP20FUnVQ/A=,tag:ZR1YkIl9/6iyWm6leLvQcA==,type:str]
|
||||
policy: ENC[AES256_GCM,data:mjGhLyvFBU5n6ePk,iv:v/ECOoGcnHGjuLgqMZ8yVTLPqdvn1HBVVAaUiD5fBT0=,tag:3tS26PT1Gg8kHUTfSSUH+g==,type:str]
|
||||
- accessKey: ENC[AES256_GCM,data:mavKbC9T,iv:gfiilFHH9P3/UUTfjo/kl4r/tcMFN3/J1KyMF+3gY24=,tag:JEhrPdUjeBasQyrsduif9w==,type:str]
|
||||
secretKey: ENC[AES256_GCM,data:kUs0AzmT/DCLqQEuF9Y=,iv:HoilTHkjITFUREb74y4JAl4YDWHz64XxTvVvKCGE6AE=,tag:bzw9XRz6C4BgB/4mYAf5jg==,type:str]
|
||||
policy: ENC[AES256_GCM,data:DbIQFNub,iv:NB+PF0acEGFls9BNeQFm+00V1kX+5N7UGJFnhb8DUAU=,tag:tQSO5L0G5Vy51nVD/EKHmw==,type:str]
|
||||
oidc:
|
||||
enabled: ENC[AES256_GCM,data:AJwlxQ==,iv:e8Y4xI9VW7R64o5y2TYrMRnL92+RCzFaoF9v4wHDTlc=,tag:T0iZj9cCBxaF444+xuvKuA==,type:bool]
|
||||
configUrl: ENC[AES256_GCM,data:UHLEsZwSGwNEV9r6wpiw4lLsMOLxJ6QfHKrrP2oduJE+YG7hImEljrO+/kPSUOgWMGgtXIjT/VLYw7xhW+TL,iv:v6bXPeKMho108y+kErL71RvqlfL0YEUtAaexITN6arY=,tag:r/oglMJVU2J2s3mEgjP+dA==,type:str]
|
||||
clientId: ENC[AES256_GCM,data:39mFCS47/yw1lGxvDs7nLkk941qPaHUMgGBgtcqmJukGMfJK,iv:rfE/1ukQAO8geJVIJQOQaXmn37DfhDMR/t7Ghwd093A=,tag:SDz4TVKiMY+bXAtfrm17/Q==,type:str]
|
||||
clientSecret: ENC[AES256_GCM,data:KcamhnHBTErbSS6dR7W+suwV5q13yXqZAUBYhKJ5Kj3t14dp6VDHoYc1Dwyt+hebFz0BYYbRA9g=,iv:hOhGu/lRjsEsEz4f6Wnkds6HNq3DnvM+GsJOAz1fOds=,tag:aQ4+xPDgg/2op+NQl7jhSg==,type:str]
|
||||
claimName: ENC[AES256_GCM,data:UUrHhIFP,iv:dKg4zBykxhEKeG40a1eSWRYTyzpb5kBmzhEaULFgSII=,tag:3vfbgsoKkNF2Tmwx3Wi56w==,type:str]
|
||||
redirectUri: ENC[AES256_GCM,data:evZK5yq5syKOsTqeqICTWLTq96AXTKftwDdbPYP9Na67N7I12P+jK8k1zKswHQY=,iv:L5AmYGkO2lyU4ytjyMOmuWDg4GtbeoTzcEdZF7WP+es=,tag:BF8AZUJ39+xICfrdNsY9iQ==,type:str]
|
||||
comment: ENC[AES256_GCM,data:4h455QlIXewffU2bSKihkg==,iv:p5WRTZfAUgqbF/XpIlaLuUIhQhMWxgs0MW6cqNOiOtg=,tag:yk6CHXx7E8XBY3dath9ezQ==,type:str]
|
||||
claimPrefix: ""
|
||||
scopes: ENC[AES256_GCM,data:6DDclrvw1aAnE7KqMYcevELx/VUrQxUq/+my,iv:BUT/J2uFueDxUCdlylJgJ6cBn52fVAV6r+dGYUg+gx8=,tag:sAXpt6zqNi4kwdfYm5J75A==,type:str]
|
||||
sops:
|
||||
kms: []
|
||||
gcp_kms: []
|
||||
azure_kv: []
|
||||
hc_vault: []
|
||||
age:
|
||||
- recipient: age1vzkv97n2p7gfkw8dyx8ctz2kumattz89th2jq47zyjyrarmnssysdkw9v8
|
||||
enc: |
|
||||
-----BEGIN AGE ENCRYPTED FILE-----
|
||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBaeWFCZlp0VTdkNjV5VDkz
|
||||
QVErMnVJM1hHbXZERnM5b1hvQWdRQ1N3SmpRCmpCaUkyc3pzRm0yTGZtQ3I5b21I
|
||||
R3g5T2hKZzNxZmVKVHNoZU1RaTZlamMKLS0tIDlIUVBLSFVZOElZaktjK0xRYjJa
|
||||
UmdLL0NqWVpuNXBYRENEeTltdFVLREUKrwPN2daokcqABFVXjYCbNyCA0zdMCYh6
|
||||
vzTTtNV718OAPQKgl3Ho2c5nhhQcWy5YlWPfGMUklZhocXsAvMXS/g==
|
||||
-----END AGE ENCRYPTED FILE-----
|
||||
lastmodified: "2023-03-26T11:56:18Z"
|
||||
mac: ENC[AES256_GCM,data:oiaqwWDTTSvdGZxcLqAJrLkF+jNL2PfOOrTFtO2Arry1LehiGeXqNiqlHTd5IvnB/LrU9vGv5SjDrq+FRycfceai8O5hW8aGBXqCSZANIx7cpCJqtm1ErNAm8yw+K5rq/WeRKEySszNx7QtSZiM9ufo/GIAZMZgcd/bqFdm6oXE=,iv:s+uHg40NPT3kjwHnRIu3udkbm3gE36JMzPFhM6NdT/4=,tag:Q97lA8fRcPr5kGZEUbmhxQ==,type:str]
|
||||
pgp: []
|
||||
unencrypted_suffix: _unencrypted
|
||||
version: 3.7.3
|
@ -1,21 +0,0 @@
|
||||
---
|
||||
service:
|
||||
type: LoadBalancer
|
||||
ports:
|
||||
- name: status-port
|
||||
port: 15021
|
||||
protocol: TCP
|
||||
targetPort: 15021
|
||||
- name: http2
|
||||
port: 80
|
||||
protocol: TCP
|
||||
targetPort: 80
|
||||
- name: https
|
||||
port: 443
|
||||
protocol: TCP
|
||||
targetPort: 443
|
||||
- name: openvpn
|
||||
port: 1194
|
||||
protocol: TCP
|
||||
targetPort: 1194
|
||||
|
@ -1,7 +0,0 @@
|
||||
---
|
||||
pilot:
|
||||
resources:
|
||||
requests:
|
||||
cpu: 50m
|
||||
memory: 256Mi
|
||||
|
@ -1,94 +0,0 @@
|
||||
---
|
||||
# ------------------------------------------
|
||||
# -- Istio extenstion. Just because I'm
|
||||
# -- not using ingress nginx
|
||||
# ------------------------------------------
|
||||
istio:
|
||||
enabled: true
|
||||
istio:
|
||||
- name: minio-http
|
||||
gateway: badhouseplants-net
|
||||
kind: http
|
||||
hostname: min.e.badhouseplants.net
|
||||
service: minio-console
|
||||
port: 9001
|
||||
- name: s3-http
|
||||
gateway: badhouseplants-net
|
||||
kind: http
|
||||
hostname: s3.e.badhouseplants.net
|
||||
service: minio
|
||||
port: 9000
|
||||
rootUser: 'overlord'
|
||||
replicas: 1
|
||||
mode: standalone
|
||||
environment:
|
||||
MINIO_SERVER_URL: "https://s3.e.badhouseplants.net:443"
|
||||
tls:
|
||||
enabled: false
|
||||
certSecret: ''
|
||||
publicCrt: public.crt
|
||||
privateKey: private.key
|
||||
persistence:
|
||||
enabled: true
|
||||
accessMode: ReadWriteOnce
|
||||
size: 30Gi
|
||||
service:
|
||||
type: ClusterIP
|
||||
clusterIP: ~
|
||||
port: '9000'
|
||||
consoleService:
|
||||
type: ClusterIP
|
||||
clusterIP: ~
|
||||
port: '9001'
|
||||
resources:
|
||||
requests:
|
||||
memory: 0.7Gi
|
||||
policies:
|
||||
- name: badhouseplants:owners
|
||||
statements:
|
||||
- resources:
|
||||
- 'arn:aws:s3:::*'
|
||||
actions:
|
||||
- "s3:*"
|
||||
- resources: []
|
||||
actions:
|
||||
- "admin:*"
|
||||
- resources: []
|
||||
actions:
|
||||
- "kms:*"
|
||||
- name: badhouseplants
|
||||
statements:
|
||||
- resources:
|
||||
- 'arn:aws:s3:::badhouseplants-net'
|
||||
actions:
|
||||
- "s3:*"
|
||||
- resources:
|
||||
- 'arn:aws:s3:::badhouseplants-net/*'
|
||||
actions:
|
||||
- "s3:*"
|
||||
- name: backup
|
||||
statements:
|
||||
- resources:
|
||||
- 'arn:aws:s3:::longhorn/*'
|
||||
- 'arn:aws:s3:::longhorn'
|
||||
- 'arn:aws:s3:::restic/*'
|
||||
- 'arn:aws:s3:::restic'
|
||||
actions:
|
||||
- "s3:DeleteObject"
|
||||
- "s3:GetObject"
|
||||
- "s3:ListBucket"
|
||||
- "s3:PutObject"
|
||||
buckets:
|
||||
- name: longhorn
|
||||
policy: none
|
||||
purge: false
|
||||
versioning: false
|
||||
- name: restic
|
||||
policy: none
|
||||
purge: false
|
||||
versioning: false
|
||||
metrics:
|
||||
serviceMonitor:
|
||||
enabled: false
|
||||
public: true
|
||||
additionalLabels: {}
|
@ -1,43 +0,0 @@
|
||||
---
|
||||
# ------------------------------------------
|
||||
# -- Istio extenstion. Just because I'm
|
||||
# -- not using ingress nginx
|
||||
# ------------------------------------------
|
||||
istio:
|
||||
enabled: true
|
||||
istio:
|
||||
- name: openvpn-tcp
|
||||
gateway: etersoft-vpn
|
||||
kind: tcp
|
||||
port_match: 1194
|
||||
hostname: "*"
|
||||
service: openvpn
|
||||
port: 1194
|
||||
|
||||
storage:
|
||||
class: microk8s-hostpath
|
||||
size: 5Gi
|
||||
openvpn:
|
||||
server: "tcp://91.232.225.63:1194"
|
||||
service:
|
||||
type: ClusterIP
|
||||
port: 1194
|
||||
targetPort: 1194
|
||||
protocol: TCP
|
||||
istio-resources:
|
||||
enabled: true
|
||||
gateways:
|
||||
- metadata:
|
||||
name: etersoft-vpn
|
||||
namespace: istio-system
|
||||
spec:
|
||||
selector:
|
||||
istio: ingressgateway
|
||||
servers:
|
||||
- hosts:
|
||||
- '*'
|
||||
port:
|
||||
name: openvpn
|
||||
number: 1194
|
||||
protocol: TCP
|
||||
|
@ -1,42 +0,0 @@
|
||||
templates:
|
||||
# ----------------------------
|
||||
# -- Extensions
|
||||
# ----------------------------
|
||||
ext-istio-gateway:
|
||||
dependencies:
|
||||
- chart: bedag/raw
|
||||
version: 2.0.0
|
||||
alias: istio-gateway
|
||||
values:
|
||||
- '{{ requiredEnv "PWD" }}/common/values.istio-gateway.yaml'
|
||||
|
||||
ext-istio-resource:
|
||||
dependencies:
|
||||
- chart: bedag/raw
|
||||
version: 2.0.0
|
||||
alias: istio
|
||||
values:
|
||||
- '{{ requiredEnv "PWD" }}/common/values.istio.yaml'
|
||||
ext-certificate:
|
||||
dependencies:
|
||||
- chart: bedag/raw
|
||||
version: 2.0.0
|
||||
alias: certificate
|
||||
values:
|
||||
- '{{ requiredEnv "PWD" }}/common/values.certificate.yaml'
|
||||
|
||||
service-monitor:
|
||||
dependencies:
|
||||
- chart: bedag/raw
|
||||
version: 2.0.0
|
||||
alias: service-monitor
|
||||
values:
|
||||
- '{{ requiredEnv "PWD" }}/common/values.service-monitor.yaml'
|
||||
|
||||
ext-database:
|
||||
dependencies:
|
||||
- chart: bedag/raw
|
||||
version: 2.0.0
|
||||
alias: ext-database
|
||||
values:
|
||||
- '{{ requiredEnv "PWD" }}/common/values.database.yaml'
|
@ -1,50 +0,0 @@
|
||||
---
|
||||
{{ readFile "releases.yaml" }}
|
||||
|
||||
bases:
|
||||
- environments.yaml
|
||||
- repositories.yaml
|
||||
|
||||
releases:
|
||||
- <<: *metrics-server
|
||||
installed: true
|
||||
namespace: kube-system
|
||||
createNamespace: false
|
||||
|
||||
- <<: *istio-base
|
||||
installed: true
|
||||
namespace: istio-system
|
||||
createNamespace: false
|
||||
|
||||
- <<: *istio-gateway
|
||||
installed: true
|
||||
namespace: istio-system
|
||||
createNamespace: false
|
||||
|
||||
- <<: *istiod
|
||||
installed: true
|
||||
namespace: istio-system
|
||||
createNamespace: false
|
||||
|
||||
- <<: *cert-manager
|
||||
installed: true
|
||||
namespace: cert-manager
|
||||
createNamespace: false
|
||||
|
||||
- <<: *minio
|
||||
installed: true
|
||||
namespace: minio-service
|
||||
createNamespace: false
|
||||
|
||||
- <<: *openvpn
|
||||
installed: true
|
||||
namespace: openvpn-service
|
||||
createNamespace: false
|
||||
|
||||
- <<: *metallb
|
||||
installed: true
|
||||
namespace: metallb-system
|
||||
createNamespace: true
|
||||
|
||||
helmfiles:
|
||||
- path: {{.Environment.Name }}/helmfile.yaml
|
@ -1,313 +0,0 @@
|
||||
---
|
||||
templates:
|
||||
# ---------------------------
|
||||
# -- Hooks
|
||||
# ---------------------------
|
||||
crd-management-hook:
|
||||
hooks:
|
||||
- events: ["preapply"]
|
||||
showlogs: true
|
||||
command: "sh"
|
||||
args:
|
||||
- -c
|
||||
- |
|
||||
helm show crds {{ .Release.Chart }} --version {{ .Release.Version }} | kubectl replace -f - \
|
||||
|| helm show crds {{ .Release.Chart }} --version {{ .Release.Version }} | kubectl create -f - \
|
||||
|| true
|
||||
- events: ["prepare"]
|
||||
showlogs: true
|
||||
command: "sh"
|
||||
args:
|
||||
- -c
|
||||
- "helm show crds {{ .Release.Chart }} --version {{ .Release.Version }} | kubectl diff -f - || true"
|
||||
- events: ["postuninstall"]
|
||||
showlogs: true
|
||||
command: "sh"
|
||||
args:
|
||||
- -c
|
||||
- "helm show crds {{ .Release.Chart }} --version {{ .Release.Version }} | kubectl delete -f - || true"
|
||||
# ----------------------------
|
||||
# -- Configs
|
||||
# ----------------------------
|
||||
default-common-values:
|
||||
values:
|
||||
- '{{ requiredEnv "PWD" }}/common/values.{{ .Release.Name }}.yaml'
|
||||
default-env-values:
|
||||
values:
|
||||
- '{{ requiredEnv "PWD" }}/{{ .Environment.Name }}/values/values.{{ .Release.Name }}.yaml'
|
||||
default-env-secrets:
|
||||
secrets:
|
||||
- '{{ requiredEnv "PWD" }}/{{ .Environment.Name }}/values/secrets.{{ .Release.Name }}.yaml'
|
||||
# ----------------------------
|
||||
# -- Releases
|
||||
# ----------------------------
|
||||
# -- System
|
||||
# ----------------------------
|
||||
metrics-server: &metrics-server
|
||||
name: metrics-server
|
||||
chart: metrics-server/metrics-server
|
||||
version: 3.11.0
|
||||
values:
|
||||
- common/values.{{ .Release.Name }}.yaml
|
||||
|
||||
metallb: &metallb
|
||||
name: metallb
|
||||
chart: metallb/metallb
|
||||
version: 0.13.12
|
||||
|
||||
cert-manager: &cert-manager
|
||||
name: cert-manager
|
||||
chart: jetstack/cert-manager
|
||||
version: 1.13.1
|
||||
set:
|
||||
- name: installCRDs
|
||||
value: true
|
||||
longhorn: &longhorn
|
||||
name: longhorn
|
||||
chart: longhorn/longhorn
|
||||
version: 1.5.1
|
||||
inherit:
|
||||
- template: default-env-values
|
||||
|
||||
argocd: &argocd
|
||||
name: argocd
|
||||
chart: argo/argo-cd
|
||||
version: 5.46.8
|
||||
inherit:
|
||||
- template: default-env-values
|
||||
- template: default-env-secrets
|
||||
- template: ext-istio-resource
|
||||
|
||||
monitoring-common:
|
||||
labels:
|
||||
bundle: monitoring
|
||||
|
||||
prometheus: &prometheus
|
||||
name: prometheus
|
||||
chart: prometheus-community/kube-prometheus-stack
|
||||
version: 51.10.0
|
||||
inherit:
|
||||
- template: monitoring-common
|
||||
- template: default-env-values
|
||||
- template: default-env-secrets
|
||||
- template: crd-management-hook
|
||||
- template: ext-istio-resource
|
||||
|
||||
loki: &loki
|
||||
name: loki
|
||||
chart: grafana/loki
|
||||
version: 5.35.0
|
||||
inherit:
|
||||
- template: monitoring-common
|
||||
- template: default-env-values
|
||||
|
||||
promtail: &promtail
|
||||
name: promtail
|
||||
chart: grafana/promtail
|
||||
version: 6.15.3
|
||||
inherit:
|
||||
- template: monitoring-common
|
||||
- template: default-env-values
|
||||
# ----------------------------
|
||||
# -- Istio
|
||||
# ----------------------------
|
||||
istio-common:
|
||||
labels:
|
||||
bundle: istio
|
||||
version: 1.19.3
|
||||
|
||||
istio-base: &istio-base
|
||||
name: istio-base
|
||||
chart: istio/base
|
||||
inherit:
|
||||
- template: crd-management-hook
|
||||
- template: istio-common
|
||||
|
||||
istio-gateway: &istio-gateway
|
||||
name: istio-ingressgateway
|
||||
chart: istio/gateway
|
||||
inherit:
|
||||
- template: istio-common
|
||||
- template: default-env-values
|
||||
|
||||
istio-gateway-resources: &istio-gateway-resources
|
||||
name: istio-gateway-resources
|
||||
chart: bedag/raw
|
||||
version: 2.0.0
|
||||
inherit:
|
||||
- template: ext-istio-gateway
|
||||
- template: default-env-values
|
||||
|
||||
istiod: &istiod
|
||||
name: istiod
|
||||
chart: istio/istiod
|
||||
inherit:
|
||||
- template: istio-common
|
||||
- template: default-env-values
|
||||
|
||||
# ----------------------------
|
||||
# -- Applications
|
||||
# ----------------------------
|
||||
openvpn: &openvpn
|
||||
name: openvpn
|
||||
chart: allanger-gitea/openvpn
|
||||
version: 1.0.7
|
||||
inherit:
|
||||
- template: default-env-values
|
||||
- template: ext-istio-resource
|
||||
# ----------------------------
|
||||
# -- Drone
|
||||
# ----------------------------
|
||||
drone-common:
|
||||
labels:
|
||||
bundle: drone
|
||||
drone: &drone
|
||||
name: drone
|
||||
chart: drone/drone
|
||||
version: 0.6.5
|
||||
inherit:
|
||||
- template: default-env-values
|
||||
- template: default-env-secrets
|
||||
- template: ext-istio-resource
|
||||
- template: drone-common
|
||||
|
||||
drone-runner-docker: &drone-runner-docker
|
||||
name: drone-runner-docker
|
||||
chart: drone/drone-runner-docker
|
||||
version: 0.6.1
|
||||
inherit:
|
||||
- template: default-env-values
|
||||
- template: default-env-secrets
|
||||
- template: drone-common
|
||||
|
||||
woodpecker-ci: &woodpecker-ci
|
||||
name: woodpecker-ci
|
||||
chart: woodpecker/woodpecker
|
||||
version: 0.4.2
|
||||
inherit:
|
||||
- template: default-env-values
|
||||
- template: default-env-secrets
|
||||
- template: ext-istio-resource
|
||||
|
||||
nrodionov: &nrodionov
|
||||
name: nrodionov
|
||||
chart: bitnami/wordpress
|
||||
version: 18.0.7
|
||||
inherit:
|
||||
- template: default-env-values
|
||||
- template: default-env-secrets
|
||||
- template: ext-istio-resource
|
||||
- template: ext-database
|
||||
|
||||
minio: &minio
|
||||
name: minio
|
||||
chart: minio/minio
|
||||
version: 5.0.14
|
||||
inherit:
|
||||
- template: default-env-values
|
||||
- template: default-env-secrets
|
||||
- template: ext-istio-resource
|
||||
|
||||
minecraft: &minecraft
|
||||
name: minecraft
|
||||
chart: minecraft-server-charts/minecraft
|
||||
version: 4.11.0
|
||||
inherit:
|
||||
- template: default-env-values
|
||||
- template: default-env-secrets
|
||||
- template: ext-istio-resource
|
||||
|
||||
gitea: &gitea
|
||||
name: gitea
|
||||
chart: gitea/gitea
|
||||
version: 9.5.1
|
||||
inherit:
|
||||
- template: default-env-values
|
||||
- template: default-env-secrets
|
||||
- template: ext-istio-resource
|
||||
- template: ext-database
|
||||
|
||||
funkwhale: &funkwhale
|
||||
name: funkwhale
|
||||
chart: ananace-charts/funkwhale
|
||||
version: 2.0.3
|
||||
inherit:
|
||||
- template: default-env-values
|
||||
- template: default-env-secrets
|
||||
- template: ext-istio-resource
|
||||
- template: ext-database
|
||||
|
||||
mailu: &mailu
|
||||
name: mailu
|
||||
chart: mailu/mailu
|
||||
version: 1.2.0
|
||||
inherit:
|
||||
- template: default-env-values
|
||||
- template: default-env-secrets
|
||||
- template: ext-istio-resource
|
||||
- template: ext-certificate
|
||||
|
||||
bitwarden: &bitwarden
|
||||
name: bitwarden
|
||||
chart: bitwarden/vaultwarden
|
||||
version: 0.1.7
|
||||
inherit:
|
||||
- template: default-env-values
|
||||
- template: default-env-secrets
|
||||
- template: ext-istio-resource
|
||||
|
||||
redis: &redis
|
||||
name: redis
|
||||
chart: bitnami/redis
|
||||
version: 18.1.6
|
||||
inherit:
|
||||
- template: default-env-values
|
||||
- template: default-env-secrets
|
||||
|
||||
postgres16: &postgres16
|
||||
name: postgres16
|
||||
chart: bitnami/postgresql
|
||||
version: 13.1.5
|
||||
inherit:
|
||||
- template: default-env-values
|
||||
- template: default-env-secrets
|
||||
|
||||
db-operator: &db-operator
|
||||
name: db-operator
|
||||
chart: db-operator/db-operator
|
||||
version: 1.11.2
|
||||
|
||||
db-instances: &db-instances
|
||||
name: db-instances
|
||||
chart: db-operator/db-instances
|
||||
version: 1.4.2
|
||||
inherit:
|
||||
- template: default-env-values
|
||||
- template: default-env-secrets
|
||||
|
||||
mysql: &mysql
|
||||
name: mysql
|
||||
chart: bitnami/mysql
|
||||
version: 9.12.5
|
||||
inherit:
|
||||
- template: default-env-values
|
||||
- template: default-env-secrets
|
||||
|
||||
docker-mailserver: &docker-mailserver
|
||||
name: docker-mailserver
|
||||
chart: allanger-gitea/docker-mailserver
|
||||
version: 2.1.3
|
||||
inherit:
|
||||
- template: default-env-values
|
||||
- template: ext-istio-gateway
|
||||
- template: ext-istio-resource
|
||||
|
||||
vaultwarden: &vaultwarden
|
||||
name: vaultwarden
|
||||
chart: badhouseplants/vaultwarden
|
||||
version: 1.0.0
|
||||
inherit:
|
||||
- template: default-env-values
|
||||
- template: default-env-secrets
|
||||
- template: ext-istio-resource
|
||||
- template: ext-database
|
@ -1,42 +0,0 @@
|
||||
---
|
||||
repositories:
|
||||
- name: metrics-server
|
||||
url: https://kubernetes-sigs.github.io/metrics-server/
|
||||
- name: jetstack
|
||||
url: https://charts.jetstack.io
|
||||
- name: istio
|
||||
url: https://istio-release.storage.googleapis.com/charts
|
||||
- name: drone
|
||||
url: https://charts.drone.io
|
||||
- name: bitnami
|
||||
url: https://charts.bitnami.com/bitnami
|
||||
- name: minio
|
||||
url: https://charts.min.io/
|
||||
- name: minecraft-server-charts
|
||||
url: https://itzg.github.io/minecraft-server-charts/
|
||||
- name: longhorn
|
||||
url: https://charts.longhorn.io
|
||||
- name: gitea
|
||||
url: https://dl.gitea.io/charts/
|
||||
- name: ananace-charts
|
||||
url: https://ananace.gitlab.io/charts
|
||||
- name: argo
|
||||
url: https://argoproj.github.io/argo-helm
|
||||
- name: bedag
|
||||
url: https://bedag.github.io/helm-charts/
|
||||
- name: metallb
|
||||
url: https://metallb.github.io/metallb
|
||||
- name: prometheus-community
|
||||
url: https://prometheus-community.github.io/helm-charts
|
||||
- name: grafana
|
||||
url: https://grafana.github.io/helm-charts
|
||||
- name: bitwarden
|
||||
url: https://constin.github.io/vaultwarden-helm/
|
||||
- name: db-operator
|
||||
url: https://db-operator.github.io/charts
|
||||
- name: allanger-gitea
|
||||
url: https://git.badhouseplants.net/api/packages/allanger/helm
|
||||
- name: badhouseplants
|
||||
url: https://badhouseplants.github.io/helm-charts/
|
||||
- name: woodpecker
|
||||
url: https://woodpecker-ci.org
|
Reference in New Issue
Block a user