badhouseplants/k8s-cluster-config
Archived
4
0
Fork 0
Code Issues 6 Pull Requests 1 Actions Packages Projects Releases Activity

Compare commits

base: badhouseplants:try-arm
Branches Tags
badhouseplants:main badhouseplants:renovate/configure badhouseplants:try-argo-and-flux badhouseplants:fail-kust badhouseplants:add-dependencies badhouseplants:refactor-helmfiles badhouseplants:rook-ceph-arm badhouseplants:invalid.config badhouseplants:try-elementor badhouseplants:prepare-arm-cluster badhouseplants:try-tekton badhouseplants:fix-check-da-helm badhouseplants:try-arm badhouseplants:upgrading-openvpn
..
compare: badhouseplants:try-tekton
Branches Tags
badhouseplants:renovate/configure badhouseplants:try-argo-and-flux badhouseplants:fail-kust badhouseplants:main badhouseplants:add-dependencies badhouseplants:refactor-helmfiles badhouseplants:rook-ceph-arm badhouseplants:invalid.config badhouseplants:try-elementor badhouseplants:prepare-arm-cluster badhouseplants:try-tekton badhouseplants:fix-check-da-helm badhouseplants:try-arm badhouseplants:upgrading-openvpn

29 Commits
try-arm ... try-tekton

Author SHA1 Message Date
Nikolai Rodionov
bc3d8dfde3 Something is going on 2023-09-27 12:05:35 +02:00
Nikolai Rodionov
3274fbdd97 Updated the tekton installation 2023-09-27 06:26:54 +02:00
Nikolai Rodionov
bfe08e1eae Try tekton 2023-09-23 15:29:52 +02:00
Nikolai Rodionov
a941f7df16 Remove drone runner from the etersoft cluster 2023-09-22 10:29:40 +02:00
Nikolai Rodionov
63968337e2 add telegram notifications for outdated charts 2023-09-20 21:52:07 +02:00
Nikolai Rodionov
8cfd4bf88d Use another redis db for funkwhale 2023-09-14 10:28:18 +02:00
Nikolai Rodionov
1d5e6f6d93 chore: Upgrade releases 2023-09-12 10:39:42 +02:00
Nikolai Rodionov
af236d75a1 chore: Update MetalLB 2023-09-09 05:06:14 +02:00
Nikolai Rodionov
b149d953f3 chore: Some updates that are not critical 2023-09-09 00:39:02 +02:00
Nikolai Rodionov
2cae97fccb chore: Update drone 2023-09-09 00:08:38 +02:00
Nikolai Rodionov
a68bf4502a Update minecraft config and Paper 2023-09-07 00:31:47 +02:00
Nikolai Rodionov
39893c3390 chore: Fix gitea version 2023-09-03 11:15:21 +02:00
Nikolai Rodionov
1c50200fa2 chore: Upgrade releases 2023-09-03 11:13:25 +02:00
Nikolai Rodionov
0d4f0c1053 Update backup setup 2023-08-24 21:35:08 +02:00
Nikolai Rodionov
2d8bb5ff39 Downgrade openvpn 2023-08-24 21:34:15 +02:00
Nikolai Rodionov
6aaeb5db0d Add 'faster minecarts' to Minecraft again 2023-08-22 23:51:31 +02:00
Nikolai Rodionov
162b2dd602 Add 'faster minecarts' to Minecraft 2023-08-22 23:46:39 +02:00
Nikolai Rodionov
8183029ebd Update outdated releases 2023-08-19 09:15:58 +02:00
Nikolai Rodionov
bb6617b58c Update OpenVPN 2023-08-19 09:14:35 +02:00
Nikolai Rodionov
39160f7e66 Update db-operator chart to 1.10.0 2023-08-17 11:10:47 +02:00
Nikolai Rodionov
e3760ca400 Migrate to the new openvpn setup 2023-08-16 20:55:56 +02:00
Nikolai Rodionov
15bbc19939 minecraft: Override server properties 2023-08-15 17:41:10 +02:00
Nikolai Rodionov
5ac35a5a60 Fix the name of restic repo 2023-08-15 17:27:55 +02:00
Nikolai Rodionov
12c1a0ca31 Enable default secrets for minecraft 2023-08-15 17:25:31 +02:00
Nikolai Rodionov
b755239823 Enable restic backups for minecraft 2023-08-15 15:40:59 +02:00
Nikolai Rodionov
ced4bcd4c5 Add new bucket to minio and setup rcon 2023-08-15 14:53:20 +02:00
RNRod
e3848a49cc install gravity control plugin for minecraft server 2023-08-14 18:42:56 +02:00
Nikolai Rodionov
3643ea788b chore: Upgrade outdated releases 2023-08-14 11:31:49 +02:00
Nikolai Rodionov
77429c2c36 Setup a new XOR patched VPN 2023-08-09 21:15:25 +02:00
69 changed files with 349 additions and 1897 deletions
Expand all files Collapse all files

26
.drone.yml
View File

@ -17,18 +17,6 @@ trigger:
- push - push
steps: steps:
- name: Apply arm-badhouseplants
image: ghcr.io/helmfile/helmfile:canary
environment:
SOPS_AGE_KEY:
from_secret: SOPS_AGE_KEY
KUBECONFIG_CONTENT:
from_secret: NEW_KUBE_CONFIG
commands:
- mkdir $HOME/.kube
- echo "$KUBECONFIG_CONTENT" > $HOME/.kube/config && chmod 0600 $HOME/.kube/config
- helmfile -e arm-badhouseplants apply --suppress-secrets
- name: Diff badhouseplants - name: Diff badhouseplants
image: ghcr.io/helmfile/helmfile:canary image: ghcr.io/helmfile/helmfile:canary
environment: environment:
@ -117,4 +105,16 @@ steps:
SOPS_AGE_KEY: SOPS_AGE_KEY:
from_secret: SOPS_AGE_KEY from_secret: SOPS_AGE_KEY
commands: commands:
- cdh --kind helmfile -p $DRONE_WORKSPACE/helmfile.yaml --helmfile-environment badhouseplants -o - echo "Hey, bud, some helm releases are outdated:" > message_file.tpl
- cdh --kind helmfile -p $DRONE_WORKSPACE/helmfile.yaml --helmfile-environment badhouseplants -o >> message_file.tpl
- name: Send telegram notification
when:
status:
- failure
image: appleboy/drone-telegram
settings:
token:
from_secret: TELEGRAM_TOKEN
to: 131601077
message_file: message_file.tpl

91
arm-badhouseplants/helmfile.yaml
View File

@ -1,91 +0,0 @@
---
{{ readFile "../releases.yaml" }}
releases:
- <<: *drone
installed: true
namespace: drone-service
createNamespace: true
- <<: *longhorn
installed: true
namespace: longhorn-system
createNamespace: true
- <<: *argocd
installed: true
namespace: argo-system
createNamespace: true
- <<: *nrodionov
installed: true
namespace: nrodionov-application
createNamespace: true
- <<: *minecraft
installed: true
namespace: minecraft-application
createNamespace: true
- <<: *gitea
installed: true
namespace: gitea-service
createNamespace: true
- <<: *funkwhale
installed: true
namespace: funkwhale-application
createNamespace: true
- <<: *prometheus
installed: true
namespace: monitoring-system
createNamespace: true
- <<: *loki
installed: true
namespace: monitoring-system
createNamespace: true
- <<: *promtail
installed: true
namespace: monitoring-system
createNamespace: true
- <<: *bitwarden
installed: true
namespace: bitwarden-application
createNamespace: true
- <<: *redis
installed: true
namespace: database-service
createNamespace: true
- <<: *postgres
installed: true
namespace: database-service
createNamespace: true
- <<: *db-operator
installed: true
namespace: database-service
createNamespace: true
- <<: *db-instances
installed: true
namespace: database-service
createNamespace: true
- <<: *mysql
installed: true
namespace: database-service
createNamespace: true
bases:
- ../environments.yaml
- ../repositories.yaml
#helmfiles:
# - namespaces.yaml

10
arm-badhouseplants/namespaces.yaml
View File

@ -1,10 +0,0 @@
---
releases:
- name: namespaces
chart: bedag/raw
version: 2.0.0
values:
- ./values/values.namespaces.yaml
bases:
- ../environments.yaml
- ../repositories.yaml

27
arm-badhouseplants/values/secrets.argocd.yaml
View File

@ -1,27 +0,0 @@
server:
config:
dex.config: ENC[AES256_GCM,data:SExaFuvPjiyYUiqBivswX4dpPM+x/6OsmyC9FFpiX1TCDIsYNFakzW5ZwFk1XnS8OYzqksyoxAGGU2fmoTVpHXviDqSZ76g0AREH3OwtSlz2R8RwFU/zzgXeqoxw2rC2ij0t0Vg39BeltArIFBcrtTfDy7AjMqf/Qx29EAb9nnoTA/SPj33VzHbn+tJIHb/a2XExj6VAyVJoq+fqsdKmmbI0tb636V+Cq/+wj6WwGjhu/0PDtaMN9AWokMGgICLUbdtfocinvZ1gyv8+QDnczYonD+wFZdlaKDembGN3p0BggBCLOY1I9f3PHG9Yy5xpNtAGFjDYF3NLz1n1QjDwRo1La6EHmmd2pL3INtU++IGRkC64bzCKR7i429/il13MKvccBOBWiJpkf5L65Rluyb1WWNYBcI/SscfQo1CSL6zXuZtrxeWrRcySs9TjSAtwHrpuRm6hfwi1tUcUUEhu6c9uUYMhSoNug8/2vQjQiJcEdh9n+YCoUbPraAC/OSctrnmO/vsXY9CcXCWWR606Wwvr0RIX+wg4/5vCyecj+5nvhfaZvECXoCmKT8xtmVw6h2oYbAU4T7o9J93XNMVyhui4DM1JN4GYlTsfbpU1PBetUII+RO23rJDSRQdEq16Kk9RcNEUaJYcS4uH7AXvbJVeC6Cx2OwN7zSmOSbA9D2kYt7IVcnBQRGJ+cH6fy34KTwJ0def6Ze243LlHdA==,iv:c8cJLybNsyuAw/BFmKtNTBzXIl0vmeSuKW8j/aw8STw=,tag:URax9og6ZQRvWPtKVel4SQ==,type:str]
configs:
credentialTemplates:
ssh-creds:
sshPrivateKey: ENC[AES256_GCM,data:qQZuWVqu3G59OLMTtYW3BDfoo/3+SvLgQYzv0Aa2NQGb/5wVFejPiJR0BAMYZjkDSVgUZl/oVCT55I41QeKcNYfHtGcrWIFvizg5jW+K0U3ZvgtnY56J1GsrKWQIC29U5EHz/7xXTnSJkkiiVEBGOjwQHpfCgsqR5/qhwnFx+idLsdJGasMYjIJZttTtLpPsY1tgUwTzqJGQptJHqG+/EDcmI9ms6383ltgc6xsmezJDyoG3A2cMNp22qctIuqTIM6ltL9iosBmMsPM1MaiZyJ7rG5zNPymTCFDQUXwlUwFoDKJnN3GkY4ApzRv43iAw2aIX8ykifZVGZOuvV/ifzUuDoemsGjD7X3GN+ngVNwdLm1qSkcnb21Q22kVmBxotIQaF9eN/LqDk2ULEMX3Yvml886yo4AnxlIA8zW8XzFfEILrEswv555P5p3Mswl0+KAIDo7cYav495U9cYrttHbU5wvr9br5JekNKVSgTigwFraq2ZUE8Za3Ru7VOuljywRwe0VEvhFv8SJoH9NZJyl8ME0+uH1R6YtIodkHpB6b6wtyCwtPXjkUkR8nzi4VU0L3zq90e/DvmX/a/q4uEHtLPiIEMFbKtUQ8v8mmscYEEvYIsIBO0VcY2CUFbEs7r56uFOiysqB4d4ySGFjdQceRTLhG7/kUjjYtGEByVcFXllhAV+1C0vXHgOXc4G+EowObbcyj+sA4hxFVL8/f0s7znVCQbZhztQsxfFr5+76X+nzkXkkhauUsMChybmVmGTU+hYnZ8XuOK6X+tRixoVNlcitFD+NxTksvDeJDIShaQvH2cjLLbkze9GmUVr3EvifQhXdw29rpgySVE0Tjn+YL23Ft8dToqR6QwTASLi/vcvbjpx5NtchuR5QFxwZYY8ROTljSQS61AMdszr5cR0BwtFY8j59Aj25sEJeasi44xzUlBxAGazHjzBDxDU7XIpGV/IkiMtaEuEXKGRpVqhQrszvuXOf9K4TwxuVvhlrSVvU7M/lQzJUzkSFOSvO9nzfnkVLwqTdTX56ODFs10vRowClKetC6PpuAclw85WlC1OTkkAL8RUCWyoPQUU+EYolUCW5nMp4P8X1XK3qvRpBU6BdjnnuLQAi1bYu8t0f4vTYoLvYTwlMGXizMHEks6me5pPD7mq5HvpR2e7i1ZzJ3oQaKPB9n8AsugFeRStAal7HHrfEA6NVXLlBYdiq9oRgwllZwi5dsw4m6ABhh+angCWkIsjB9+n9NKOdJowvyDDx1JE/Ai4wb+8hbTLtAold6YJgNA5aT7LeSVaxWVB+V8w1ghn3UJzI6SGdayJqUH+VAUDvBg4LeqGH2vrod57SF4FMmqGTQwN7cYxW0fDT9V8xnb2nQu7WaE04Miw5hlsB4uTRUfeMrXXvt3R2N8azqQDF9Himtl48U3by9vv8FPsNhq3XvAPY5/TCzHz93bnWWmdtyZlHTFz2wRAwaTwOfFpN7oMW6YyVo6UUpw10zap0Jfboq8szF////nwEHf8qGw3dxT85WwBR9KBPwFuHZQsoUOuy00PuAB5fVvXXWBiCnzYwWgY3NqTBkLYbV8D/6UnLlfAHhnEok7QXf7P4xqbB/6EmqCmGBw5ZgPqg0bY6mOTnMrfqiKV9+Q0Mhe8eFPNOr2zoR+VYRDnWX+rJu1+OAK8QegH1Jn3RlOg3lXoFDFLelq6GEq1Kdbr83goL59/uRu4VNvAArUJ9tk4Vn2vWEtnbpjRcyjwAHIc1YXphY53cPFdSjYCeoNv5MDEt3oJAKWhSX7Ql6ledftGWB4fhns0OK4+zLN6osqrPNtLyS7iqXhcwmUIx+b6jzblKt/FAssFOw6VVpi+nVrBWHDW4lhHiCu37VYS15Vtjw+JCPbAe30MOquhXn1CnEnoV8mDoDGTeMpvpP4BTTgsLmloXfv8/+TjNYfzSWivvXjY1K0P/KGqoEJfIyYDyuxi7t2qJ/CwdvBTJkF/cTX6yvX6IvijKuUco2aIgpoZfg4JR6VL7Gk3Cvf3YBvnvG8TspBOfO3ZhwTS6vfQeDLs6kf+gBtXduJTqAXuy8X8B4RZxsNGZZD8hsSVH6xP5akN6waGqG+xDQxKTT7FCpmi0igvvANRROF3+KxGigPTrIqa33WDglrD6tUfUKNUW/SuZXXjbrgo0lillsXj6i7esSLfgH9CjUfeVUW/mI7mvW+0xjV/eeZtxRnz3ADGgfObV0XakEFBDhDnXtmdN7RN+Q+UvtN0uYGYWYqnIPNewm5RYwVGtGNWOB42PdaKH0qRUdWvCAbsKflPxW5pJNZlejhoMm+3+j2UlrY59dGqTVPoXkWgIGxFkubrtN06zAhVEV6/PcCZoGJmZsPWIfiY5k/BZljtZLAa1e2cboD/0q8iX0VzyRSmuKzVYMa6/NTU3PQ8l2x5fQRRq5OR33P2N36Wb6cO7GB9mEKAElTnd8oLlJ3T27EBctdNf8gOBIYWtGo+lYtKeh/NJm5o7KGIdjhThi7Lrbyqaxb294yxydmrJBh64dws+f3IhUQBLz+6lk5PM7EtrBCGuN7PqdqQMHqWMcCvDCHxY5X/U4zrWMAClEifJfC0b+3HthLkBHb388nGMo2ymHq683s0PxmmY0lfpncUEGHu+1J5E3w2BEy5Qv83x0RQDoDFab5lxILo6VSmZru+Kj18yeqNiNw/CzHaMvID7Gio1jaq3DsuD4bA9ne5Je5yAK8INrYRDCSzMfQpc2QqE306tonmsu37EKGHTCOaaqfL8/f31nqZcdKAdidM4JBa+osYYVUCp50Nn8h94dczpjvC+M2hEQXbibUSwyPjDv7ptwfZSEPG1mjbrOEpRSbzh3lGbE5q9K7bNyt0aJRi2gOw/shU5rPxmJ5KoL0HUEc74pZRG+Csa3ZKruqYqOEezgZmVwo0E3NQD8u/y/oF/L8hgKj2jcRmJS/pKbr2Tv+Sde1ZYdZjsXW6tFRjPDZGyhjHBriPLikN097kmuPFWS3f4ZFPyHM/Az2uzPPBFGv7VchUbFScIDgBIq+fYnTPtjjST7FgsDxpzTkj8uliU9z7r0dTIawC8qSUYErsFYSvUITySWTam0R04yitaArcH5fLEhEeKKMjGUVkwwxGxfv9Fql6Zs1YSCKka9aynXDUmw6igbRJVIPtmEosrmFUzlX1OEiJrX5xWOVAv3wQ2vrxvwHlmOMtr/cQagvASds2kC4QJ4qSwc8YdpLAwrn4+h7uNP/QChAOVCiGQXpFqd5ab/LBc6Gc/1Zxilil1kecMFBc/XmVssw72XSVoXVJPlIyiSYOAtm1BGQHJXRspP06/M+/5ffaHoEevqB47kf6bE8c3F9SwksgwGtaqXdFBoKSQcret8Tww9C8ZwDji8v/woVu2COXWaF2HLg3r3vrXa+DVVz1ENtOmJEJYTCuLmdqpZsWv4olC2wcCUEA+po9kZbVcEAfKd0xe/0x2fzqQ==,iv:lDEAwKxgoRPH5AtF2kYxPQjHkw3/kbbpoz3jlUsEpTI=,tag:6dbL9WZoTZ2xSrSVE4Dlhg==,type:str]
sops:
kms: []
gcp_kms: []
azure_kv: []
hc_vault: []
age:
- recipient: age1vzkv97n2p7gfkw8dyx8ctz2kumattz89th2jq47zyjyrarmnssysdkw9v8
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBxTWUxY2hYT0dId2hsR0x1
MXFtRjlSelgwdUcyVnBUdlJ6Nng1UkNJaHg4Ckc5NXBORjBCZHQyc0lDTiswazNF
cGhKVFFNdlZnRWlxS05OTklOUDJDQjQKLS0tIDNWNDVVWXcxUW8yUHgrOTNkRkQ1
MGNDV2cvUUF3dWZHSlZNeVFDNXhzalkKubKuiiZuqoZTvRMr2FiUxnFUu+Pvj3Wf
pZTfZg9rnUukmV+kmwqQKcfoPNfeShhoAsszWwPM628cV9pq87I2/A==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2023-03-04T16:16:37Z"
mac: ENC[AES256_GCM,data:4HhqNV9EIcBA/nzxuiS21TWe6BQ+anfEQOnfrYcZ2vVD2dTPzc0ztZ1Ihc2WX6sMCVFDpUJFEcr38Aj2tXnnS80kTsnznBsSFNLj2b857PWXNeoAuwiiY3XBq+Ndo7I5wCYgWyuaH8xWQtd5JVuZPpqdtjTkbWq3lj8aARJUuQw=,iv:Hlu6iaBBQovSaXYAEB7nWBL9OM1UXYxQ444s5ZrMtuo=,tag:N/znbxYVwFoJ1eYAS8PE4A==,type:str]
pgp: []
unencrypted_suffix: _unencrypted
version: 3.7.3

22
arm-badhouseplants/values/secrets.bitwarden.yaml
View File

@ -1,22 +0,0 @@
env:
ADMIN_TOKEN: ENC[AES256_GCM,data:ea2lgOEYMi8Dsvun00YZR3PCE3ycNC4Mpe+xye9YL5CTtnyrDwV9Tw==,iv:28Tcn1/qIquS4jCNBTtspB9c+5U3Ut1zoY6gIez8fcs=,tag:POmhoUY3t4w+iTJKK2eHVQ==,type:str]
sops:
kms: []
gcp_kms: []
azure_kv: []
hc_vault: []
age:
- recipient: age1vzkv97n2p7gfkw8dyx8ctz2kumattz89th2jq47zyjyrarmnssysdkw9v8
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBKL3M4VWJBQzZQdHRDcXVw
VWIwcjd0Zm44V01DTW1aV2FhV1QvT2hpcUVZClJ2dHdvcDYxalEvMXB2a1F1WlRy
K1VOYmg4cWprSHpLSVJVK1lYVXR5cWMKLS0tIGJ3bHNIZE9zR3RuZmpmMlZBQ1Qr
dzNYMlRnUDIxK2padTRCSzR4UUpWQjQKxex3RqZGU7ekdNC3qIiqdFs7d7a0Pxa1
amLsaNnBfJ3OqjuD8atF2iCAXy1Q2BcXunkWi3wbzHb/DgYly3n9OQ==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2023-07-16T18:40:43Z"
mac: ENC[AES256_GCM,data:tbPAgDQGA8MPnG5mIZLfvsOKdSkpOTK1Oy7uIQJ3DsNtBIt9vSO+vYxNjvfjAHyB6vE1cfx8zJkRcUw8kPh485jOxsM9G1ms/sjZKyJwsJbMjiqxs5zs0E4X9sqpJWiIhILBreZ8IopK4hCd2uLvhoV/HPxW8FV/HnHoCQ5p2Do=,iv:FtgTWFdkxCPOsNiJQWWIUmwYgh5rqRcbM/ToShcSODY=,tag:yc54xWHdq4KnSNxT9breOQ==,type:str]
pgp: []
unencrypted_suffix: _unencrypted
version: 3.7.3

29
arm-badhouseplants/values/secrets.db-instances.yaml
View File

@ -1,29 +0,0 @@
dbinstances:
postgres:
secrets:
adminUser: ENC[AES256_GCM,data:pKbAQDiOs6k=,iv:yET0mJtdm2baDJHwq1uYEoxye48g2PrMqiOSO3POTBo=,tag:wuIxhHiRzjSRM+uaEo2KNQ==,type:str]
adminPassword: ENC[AES256_GCM,data:/U3q6RmOYLpxJBAYsJ8f4lV3MB0=,iv:dw7g0E4Gm0YqtgvdcC+bq+YbSRPop3BKLiJfwaz+1io=,tag:NAXnWj4AjgajN94ml/ENsA==,type:str]
mysql:
secrets:
adminUser: ENC[AES256_GCM,data:XFEGew==,iv:7aj2J7Qs9mHC5kRZGrg71hwEBP64vEz0qQ+qoPHSgrc=,tag:/Rx5yx7iMU5Gwcmbf5GVSg==,type:str]
adminPassword: ENC[AES256_GCM,data:vYIiHccMkX7yJ2gsVGcLTUO7Ers=,iv:uDlefG5I/cirIUal/phlHCNwYtcXYFBND54XJ+n7eug=,tag:YK7pdaohOZL9yg4OiPxbRg==,type:str]
sops:
kms: []
gcp_kms: []
azure_kv: []
hc_vault: []
age:
- recipient: age1vzkv97n2p7gfkw8dyx8ctz2kumattz89th2jq47zyjyrarmnssysdkw9v8
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBVbENvMm1YQzlSV3UrSEJ4
VTZ1RWVKTlpsUDFzQlVjMlJEZmIvaldHVXlFCm9SVzN3Z0dwTGo1Y3dnaHhvSmpi
bDIrMlJhbHhKUmRZejdkTmJiSDYvY2MKLS0tIFpRbkwySVh2MDlNWEFNZHVtY2Ns
Wmh3Z29ZSlBhbmFJNkFQZlE3aXpMMk0K14rSXjSF08xkil+fFJpeMV+6XChTJ2/3
OQecJtg+0NQPyvC+kR5qKq8roiSzNNJgTVg2wwKMdukKVVTbEGi0gA==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2023-07-30T15:07:28Z"
mac: ENC[AES256_GCM,data:/q/LG+CgBAm666nwu+QCw9beoC8m11R5OYspnUxdwTfAv4h0yqY0Hk599hy+Yqt0brpUpj8hwqCESkt6gufFAklilSYV8SWvea7FxA4Jdbfpj1kfty9d4qMxHrpggId/jPshVAVsF0Ezh1/XbPWpQnTiaAMu2JTVMR9cFR3xvyc=,iv:37EdIo9QoUemTvpHSKD2kdq1FnJpwNXGr8ym0dPX6w8=,tag:ri2ILtd9FvLJf0O5iKOdyg==,type:str]
pgp: []
unencrypted_suffix: _unencrypted
version: 3.7.3

22
arm-badhouseplants/values/secrets.drone-runner-docker.yaml
View File

@ -1,22 +0,0 @@
env:
DRONE_RPC_SECRET: ENC[AES256_GCM,data:RAZbnTrv9PxiCLLqjKWBtFWd+Nzqma8Zw+NuKRLO,iv:IiFcTQGUmYa6UCBzx1yTDd0zwB6D1Cv0raXZxLXm1qA=,tag:83bnBW+MhkKehZfso3g+/g==,type:str]
sops:
kms: []
gcp_kms: []
azure_kv: []
hc_vault: []
age:
- recipient: age1vzkv97n2p7gfkw8dyx8ctz2kumattz89th2jq47zyjyrarmnssysdkw9v8
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBOVk0yaTlySHpuOWFFT3J5
Z210NzJPTmV0akdFQ1REM1JzK0pwTC9XWjJJCm54QmQ3ODJwakZuamMzYTBIeEJi
aUxKNmQ3dU52V2N2cjl5VTJpTTAwWGsKLS0tIDFyR2o2VnQ4QWFCWWRzZGNMZnNQ
em1VMlhBNGRrVFhXVUVRdU16Q1Q4bUEKvZ6UbZsfdvfCk37FlEN4vg0RTnPO2nwh
DY4klzcan+9DBRT2qdIIy6pj94GuSoXKXEYc9X0AvYab/HoLithMWA==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2023-05-21T09:27:21Z"
mac: ENC[AES256_GCM,data:U2JETtW0lbb2znJBupGMPsab13y5M1v1N0wkFxEBs+YVNFhnkvIqSZiY5mq9KTYiY4tRzw1kV+jqP0jNsODekCI1++4NBuQsGSZFUoTERHgTRlnz1aAS+nf39lvYnWyQxsQmw9vY/GQ/yluBJkOEV/EoIF3wHjxZe1HCBIViPyk=,iv:WMj7aSgW8LdNQbOgC4FcyOtR/3gjckiHO8vlZGdiTeY=,tag:Xty2QVLJ/D2dlzQY13od5w==,type:str]
pgp: []
unencrypted_suffix: _unencrypted
version: 3.7.3

24
arm-badhouseplants/values/secrets.drone.yaml
View File

@ -1,24 +0,0 @@
env:
DRONE_RPC_SECRET: ENC[AES256_GCM,data:W1OAxQIUbVU8uYHtxujhPyww4jscNH4LwMAGOU5v,iv:ouToTniIMiy757x40MKMtmLFBVzpuGxSYOTMZmmN8ck=,tag:RZ/cb7cRXDQSAQwGqdX+zw==,type:str]
DRONE_GITEA_CLIENT_ID: ENC[AES256_GCM,data:7Ohn3nGR9VeIhAr9EdW1/juRFo3TXpKIwU07hD8mGoyBrbyn,iv:9/y3Ou8H/PL2hMsirJaqviKGQuzVlzL43iGAKQb9NII=,tag:EZoo2F4/HoOcacWOVU9yjA==,type:str]
DRONE_GITEA_CLIENT_SECRET: ENC[AES256_GCM,data:2wAbiSJdDb5lGUOocK14pZtwQI0EFmXGStAigKsPGAZUKyn7M0B6xBO1+B3wZYVnIKEohiNIZF7k,iv:Y9aCzdSH5cAIZfk84Clto/IrQMRaoH+bOkvbP+9CcLM=,tag:FVfLsEA56WGNCl/8ut4F/Q==,type:str]
sops:
kms: []
gcp_kms: []
azure_kv: []
hc_vault: []
age:
- recipient: age1vzkv97n2p7gfkw8dyx8ctz2kumattz89th2jq47zyjyrarmnssysdkw9v8
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBaREllV3RqUVg0anpIU1Rj
RFh3WkdGdEU5bWg0bWk3bWU5OHFkeFF6SGh3CmlOek9zL2w4a0ZHc0p0WTNucE1Q
dVpDeW93QlNHZGY1dWhOc0FneUFjQUUKLS0tIEhuZE1CMmZLZFIxbXJTZmIzcEE4
QStxOG1iMWlxQ2dmOXRabXp4cm9NSU0K/+CRAc7DH4PgbQscXvDb7yLe8VoEpixr
icD3GL37kYE2D4h1cm+p+/b7BF4/yjNlCUvo5cITXRjZAuiWGwUixQ==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2023-05-18T17:11:19Z"
mac: ENC[AES256_GCM,data:d9G44MW63rUa/MQaW/rLQQ4dlgOOje6qaS1V7yWT3HrkRLOXRCfuK5E+XeWC1PuQwMk0ghaNYJDT0FTnBsoJbxlu+7Vb91qlItn+azvldOFDvtGTRpAK7bPjM+p+G4/gZsgarFxaTh7py6Z/HsoqP1RvaK8GWNhRl7VfTiFuUrA=,iv:e4IXbSSiHMTPc3WijuwgF8L5aG5iMMfu6P/IYD2cp5A=,tag:aGqcqjjrO+PfYxfIAgSmeQ==,type:str]
pgp: []
unencrypted_suffix: _unencrypted
version: 3.7.3

27
arm-badhouseplants/values/secrets.funkwhale.yaml
View File

@ -1,27 +0,0 @@
djangoSecret: ENC[AES256_GCM,data:CxsJVhNxku3pohREaVs=,iv:KDupR8tZlPkPeRwGWzyz+eKtp1tfTdFWqXNuQW20oXo=,tag:lCHqv2CC8cXpnqTr8fGzPg==,type:str]
postgresql:
auth:
password: ENC[AES256_GCM,data:UskyESNKl5iPjb7oIq5TfeqjNkO3nC+mfR0=,iv:vDmrY1vTg9g6X5WCk+2p5sVcpMPA6jpiEQARs1+Zk3M=,tag:ORgpVIrp9cI62XWT5F+6Mg==,type:str]
redis:
auth:
password: ENC[AES256_GCM,data:fgxZMA13BpFf5FA8JwLUXjlelUgvR4qtg316OALq,iv:numLe3PrsToG0Fbl7+mdbWOBTb7XrgppF09pIVg+rrU=,tag:ivKuF0xFe/s4P1otjLML8g==,type:str]
sops:
kms: []
gcp_kms: []
azure_kv: []
hc_vault: []
age:
- recipient: age1vzkv97n2p7gfkw8dyx8ctz2kumattz89th2jq47zyjyrarmnssysdkw9v8
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBRL0l4OHh5TTd1UGoxZFcw
TUtNYkdYTzhRS3hpTHkyNlhoT2hTek54RlJnCktpZmpDNk9mYThyUVZOUTAvanBL
VElHYjR6T2QrV3N2c08vZ3JHVWdjSHMKLS0tIE5nREIyVlJ1d29UVzE2aFl2Q21Y
dWdMUFpOOVJYSXdBbzJiSzhQM0VmbWMKUqdIpfa8i7vASIga8HFurrPf1RgA+WVA
GZiG+M0i4yc3SooTIwbDzH0orfaEHueKdNTGOXMgxNiRIt2q9BG76g==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2023-08-11T08:34:32Z"
mac: ENC[AES256_GCM,data:AikzAts99EflYORsPmCmrybJNFCiGGJ0hzucdm63W18yLwMtWBcPByWSvBI4PTKORA48qoU5IqjwdekfsgE85j8n3/q5tCXPukrKZaUqpJVvxqcR85/u3Ij25eLpo8vpcFMqAl+y/5xpTovACO5tNO426GXwZQSAB3868jkRNNk=,iv:29rkrbhKSm8HhXHtADjJkcHc3aKVt0Y/r5cjdMQbBik=,tag:tXqfRwupjW1YJp0iN7vZSw==,type:str]
pgp: []
unencrypted_suffix: _unencrypted
version: 3.7.3

40
arm-badhouseplants/values/secrets.gitea.yaml
View File

@ -1,40 +0,0 @@
gitea:
admin:
username: ENC[AES256_GCM,data:f4o3zs74rjY=,iv:t5Cx0suxiZduwL2bsfNyxOVI8RZH1ytEGUdOF2nONco=,tag:mo/BwFwzw7e8tAX6LyaIQg==,type:str]
password: ENC[AES256_GCM,data:TnIUSnX7Lj+2N6mWWOvVVmc96DQ=,iv:vjow//IrtvdmTg4jYenwTyUnuBhq7witfzugbE0uq9c=,tag:L5UPa9UK4aB1wY1ilZntzg==,type:str]
config:
mailer:
ENABLED: ENC[AES256_GCM,data:C2qWn4E=,iv:APUvrTInDdxf1tJ5eFSgxUej8e085HZalsiHY6/Fryc=,tag:MW3KhfU+25EWDzM/+QOZ5A==,type:bool]
database:
PASSWD: ENC[AES256_GCM,data:bWegcAAPRzXxPv6bt7lK5hshA8QPOjQ+Tw==,iv:f5xXyu9hZD8ZNLhzWs2FACs2Mr4cEjcQMxtBEyOn+Gg=,tag:K/Cx7csHeXVwAC225MM6aw==,type:str]
session:
PROVIDER_CONFIG: ENC[AES256_GCM,data:i/N01zYx1H1D1eFiZKOmf4e1LoDBJE5AoN4eZl3h/QKwOEy5x4LNQoF7CbGguCBMvITtYbzXr12VzQ8pxEf17z6nssQ2nNiz84zuBOY9DQqxZLkxS5AmKKgk7XKF/YYYDaavMdJj54gtXoCrDZ58z5Tw8FM0ScTRp2+4RXGMwg==,iv:dKZhe9cOPDhdtK9sJKzCHmimV1vcuAebY8DfaJMqk2Q=,tag:ZhyEepW4wIM1Dv97xn5xBA==,type:str]
cache:
HOST: ENC[AES256_GCM,data:UI4Dgb4qajStyDcpuJaoJTaTo3vowWQw272Y4C5q3DuV9DarChv4Qvxh9ZJwYsPSgO9G/3eI+mLldipW98HLfATMCHR+DicM7ymI0nGwxeliyj7sOVGFS2dU4zF1kNyhFCqrjMfQzTRQbfOTiB+QyfhluMfrDbOjOAAuLlsdWQ==,iv:WOlGAxAtIS12vCGIUmxMhO3UIsoUuD3xluZbBThugW4=,tag:Y0Amh1HEtYcg+9JvROM1eQ==,type:str]
queue:
CONN_STR: ENC[AES256_GCM,data:kpqTpJVI/8790Ho2/U8YTC2Sc/d7v8mc33PsG7vNO52d9vMCOgsb+GQldWlfMPdf1H09axJxdFc5SIvsWWD8FoaXvtktlz4yk6fL9YxEXnkpn72VSiNe+ajUu6diP4gYWw2cUhyKt3ss/Gx70bKMEyE5g/ecZG3S+NZPFxPSTw==,iv:T69ou0uBg5CrseI0VwB2sSKRDknXrlUVPb/igGI/1H0=,tag:Y42Wa4QVt8k6AmhDC5bOAg==,type:str]
oauth:
- name: ENC[AES256_GCM,data:iR9QX2Si,iv:B+4ixm+dOwAnXFCYq2BnExnfVDGooonBCiHpyxfkLP0=,tag:r7CZbpL9uQ1QjAFNiFfOsw==,type:str]
provider: ENC[AES256_GCM,data:byE4rELH,iv:lcvbNSZMD9EMA4CmJF2mvN33a5fmXWzP4++PnNPK+fg=,tag:2wfHrpp/bJJOImBq5ULzqw==,type:str]
key: ENC[AES256_GCM,data:hiIl59SdN8usULpHhPX8XhMckZI=,iv:8aycsJVxbyK+Rlor8AsYKb6xjjSaS9Y5pRC/hoHzuKs=,tag:tBhMPj+AF86TaLkxF0+6Og==,type:str]
secret: ENC[AES256_GCM,data:JfoXbQW4G3QdDsb4WxbMOIBvsEVYXsdK06s2TLO6ojtgprYUb0ZKHA==,iv:n1SYPP3tnUCNuKET0PS9kIHcRSDMDqWtysjwbSI8O3A=,tag:EJ3gKUsCG9O218yS0sw9EA==,type:str]
sops:
kms: []
gcp_kms: []
azure_kv: []
hc_vault: []
age:
- recipient: age1vzkv97n2p7gfkw8dyx8ctz2kumattz89th2jq47zyjyrarmnssysdkw9v8
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBkMCtwL0h3aGtNQlYzVC94
QVFvQ3VsTnVuckt1eW80RXFkTUw2VzdzMTBjCjMvSDFlZXpyM2RQRTFTTTJrL3Zu
LzNlRy9ZVTY5cWh1WmxmbzdwZVNHQm8KLS0tIDdxNGlxbnk1SDc2R0IrcmFHMmo4
Ym5KMWw5ZDBBZzJBcHBXdFZiaDZpU0UKNl/GkGP25D7z5a8mVBmoSTfOM3EzymPN
WW62zIoBHlwLxF9nwj1xCCtcL1XKgiB8nnn4IrY3ljqFc0VkxD9dnQ==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2023-08-11T08:34:06Z"
mac: ENC[AES256_GCM,data:e9mVJNxq1ZrBN1MI/1tYQXvdEB3z7F5j6FGEYDw4y0Ig6X5ns/degTBWmqL5KKsIpvD2j6t4m+GGZ2v4/OBIN/Er+zA3pSFA9lvT40XitfMkg21vfNRGir5KhWZIVIIZLNvPpKefyESApvMIQPlKwuH3/jcmlbI1SiRUaqXw/Oc=,iv:te16mZan48whDcl4q1N/V0jemzkWlW8T652W9iI44b4=,tag:xw+Se750BqakVBYlqx5knQ==,type:str]
pgp: []
unencrypted_suffix: _unencrypted
version: 3.7.3

25
arm-badhouseplants/values/secrets.iredmail.yaml
View File

@ -1,25 +0,0 @@
config:
env:
FIRST_MAIL_DOMAIN_ADMIN_PASSWORD: ENC[AES256_GCM,data:dcrMgiX2egbSllo4esVRcJ340oQBRpVkRA==,iv:NQpe96WmGRAnLmeAK0VT/zdJ8MS/8RfAJIwNsL8alHY=,tag:CjppOC4SEW7a9u4Q2xlm8g==,type:str]
MLMMJADMIN_API_TOKEN: ENC[AES256_GCM,data:OxsD/v9ACQuoyHrxZmIdq8TUqmbWCh8GhGaSQTBGfS+vp+v2rdfKIm4WTnI=,iv:68Vli4aaCOiFixooz5cHABuRLuOrw9/HNpBNQzVwAkg=,tag:RXBXFzGCOO6MhoeNhES/+w==,type:str]
ROUNDCUBE_DES_KEY: ENC[AES256_GCM,data:RZni9nCThb9xzzNrN6JTQsLetnMB9cSo1L7hwLERnbA=,iv:L3r0I8sQkoicwy6odvuF3HfIEDQVgnOtn/OMpF16Dis=,tag:ZFaoIywA+FJ/GHAZAGjU2g==,type:str]
sops:
kms: []
gcp_kms: []
azure_kv: []
hc_vault: []
age:
- recipient: age1vzkv97n2p7gfkw8dyx8ctz2kumattz89th2jq47zyjyrarmnssysdkw9v8
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBrZlAvUXJBdzM3RjJMdHNG
SjRpSTBYNUs5NEoxRFdLZDN0a2IyQlp1ODB3CnQycFk3SkM2Ny82U1RZZmE1cWxG
TTQxUzhWRWlPQmxYUnN5dVJpb0FWa1EKLS0tIDZSK1NvSmNUQkZucFJCM3FiRHlI
L0VKb2JCc29XWjVkODJxTmxPZXZJc3MKyDy9BH0W1OgEONm3PLCskOWtIr2YW2V8
3Lc0Au6lLYetVCvSB82/uylZBHc9yQ2rNdLBUrm1zyDZJW/BmNpVLQ==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2023-07-17T05:06:27Z"
mac: ENC[AES256_GCM,data:WP9F1N5ZTYwJk3UfiSwf/QJHp06pawdbu6kUBOMTq1tWOZ/zhCRe0vJzU7alUxhw1RZu8f6tUNeh6qXxt/4mrSuy5dRjOKOJyRioIcRCdg4Z+2jVycDAA2VlPB1oDQj0CIdrW4hvM02KZKxcOy9KP8iRQaYqLlhvWrTAQZ9HAIA=,iv:d/wZUbaU9EkBPRIxqCDDXpp8AMjjHnXxej726q37Ni4=,tag:AC4FvAFBTYOcI02bFD+MHw==,type:str]
pgp: []
unencrypted_suffix: _unencrypted
version: 3.7.3

38
arm-badhouseplants/values/secrets.mailu.yaml
View File

@ -1,38 +0,0 @@
secretKey: ENC[AES256_GCM,data:yL0+ORBJ4ZWHrmoNvVowEA==,iv:XJuY89wtdz8b+9SnTMro33Ka/pBOymyhN3MLJOyujAA=,tag:hSXjKC6+6NLgCoiHlbqtxQ==,type:str]
initialAccount:
enabled: ENC[AES256_GCM,data:MvyEVw==,iv:ICIPR4oJW6pCRUks7Rk70NqdxVTXYqmM2qjQetppmEY=,tag:1FOK5MyPSTaiDayAAaPPuQ==,type:bool]
username: ENC[AES256_GCM,data:qSsqS5iQAyNzAQ+ZOLSWsie3k04b7qPUpcfU,iv:sXe2sjo4XesoEmjI9tY8gYd2psUlZCltBtLlIyE+v8w=,tag:uZeXnjU+7aLHI87qW+tiGw==,type:str]
domain: ENC[AES256_GCM,data:T5w/nPrq36iwZQdYHMQkisY1,iv:7EskbKJfRXMhkKZBgHy6nP8r1epcf7bNi8gAp4qY5TI=,tag:nZ+0BhvIy9Ap88SHaKhSvw==,type:str]
password: ENC[AES256_GCM,data:dki7Cw2n5FxYsINS+aap4u8hkQBl4RUVW2KxSXrQ,iv:XxUHdy5xAWoH00yxItL9P5YuCJtCG4pfRUhZdOr0EWw=,tag:Lo7ahX7CAXS31lFDKEYRww==,type:str]
postgresql:
auth:
password: ENC[AES256_GCM,data:o2KghCpri6cUbGeh3LIjUO6TXBz4nrZSaU8tW7PD,iv:KNp+FM1DqC2h1/F2cudAQfQZA6UAD833SQbEQ/oKkTM=,tag:oHZzKLzZ+IIJDrjFDX/3cA==,type:str]
postgresPassword: ENC[AES256_GCM,data:2+RrJdHwGQVU910BkXH5ZogDfh8zoOPDcJazg7Iv,iv:CKH/lhkTYNbJ0sKQCwgZ4CDg+7ITsbJq3wcQiJWogtI=,tag:xZX3HSfpC2Wrz1sCOtQwYQ==,type:str]
secretKeys:
adminPasswordKey: ENC[AES256_GCM,data:LbBjpvmdVgIDLtlL5ccufC7Pe28ZVO5CYxTzVoZD,iv:dsVuk1ZluIAhtYN1s9xH+2Jk2CyVYGRU2LoxnC5Lgb0=,tag:lWZohYLUyVnrMKhvwIz7uw==,type:str]
replicationPasswordKey: ENC[AES256_GCM,data:asv/FCVAPir07vw5kW1uqSPGEKTR/ukwtOXY5q8j,iv:SnEftPnqXdPK3Zw9nd8Qnj412tHrPSK6hR0V3rLfn3A=,tag:xKqOjOuSyMKSo02r8GyVbg==,type:str]
userPasswordKey: ENC[AES256_GCM,data:NNUZ8zVSem5Aov/PxFbc7OjANRVa5g5WjyMLRX1V,iv:c3XDq6nyea5ErJZHMKwxEqNfpjBYVGiqbAgqko5nsjI=,tag:HrhLvBxraIKFhNPaulM+uQ==,type:str]
global:
database:
roundcube:
password: ENC[AES256_GCM,data:V7Ml++sPS94LzA==,iv:aQ36cTMR5ArSows/3+z10nFIRppCkSvQx6VwtB30hno=,tag:2yVIXNHJ3HbA/sr6vnX7XA==,type:str]
sops:
kms: []
gcp_kms: []
azure_kv: []
hc_vault: []
age:
- recipient: age1vzkv97n2p7gfkw8dyx8ctz2kumattz89th2jq47zyjyrarmnssysdkw9v8
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBGa1lRY0tQUk05WmpINVVw
YkJkVDA0QlZibHFmbDdPTHpGTTY5N0JodXljCm14aVVSUm43MXo3d0ZlYWRUMXhh
b1VqRHZXUTArbDNpRG9VY1U1a281ZW8KLS0tIHV6NWZQdzVzWFdJU0ErQy9WTFMv
RjVVYmRKcERYZVhMT0ViZzR5cm8rMTgKizZBRrU/WauUmFYm9fnouiegNkYZkudp
QpOha6CggN8rItelbnWMHlzGZBzM+77mFocuGmvNuTY/YGSkXfLjLA==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2023-04-28T08:37:51Z"
mac: ENC[AES256_GCM,data:NtXsrrs9yWlVO6oBQuJKHKPlmFMkqmu5BqOrYjdj9R7KdYycIWRDlNojieP9lghjSllgjkR3N4DpST9n6r6GHOkrpCl0eX12AsY0GUhSwaJzMgvX34Kzo+BjtISvODy0UzEVb9qKzbFuO9R4FMqyxBjTJirJVFT1EIB7Hxbb5Zc=,iv:OFKLvj96oRasDg5sYbJNS5KvZnxOXhh36Nwjl2gA1v0=,tag:aWsKrlbubuh+xTnyxvWeRg==,type:str]
pgp: []
unencrypted_suffix: _unencrypted
version: 3.7.3

35
arm-badhouseplants/values/secrets.minio.yaml
View File

@ -1,35 +0,0 @@
rootPassword: ENC[AES256_GCM,data:7baD0HwMztU27TymEWp+Ad1s8Zc=,iv:CXiTBEGU1tr99ibNxcFO6RtiC7gjtqSqYrtfmbwocIQ=,tag:ravi1nGLEVSqELVskv71CA==,type:str]
users:
- accessKey: ENC[AES256_GCM,data:9ZhHOes+vQM=,iv:ltKbQ0KW8/Jmn7kmTaGaDcerlkquTXhGr0wbMMwxNgA=,tag:X6n+44dvPAm4v2rcxYkPEQ==,type:str]
secretKey: ENC[AES256_GCM,data:mzWBQcPitrpwIMqBrbtBs3RBDg==,iv:cLA6Wvmf5il54DFkNbwQ27wPxAm/eqSrxAc3MVELero=,tag:nUc83Ctqw4PTwirkUr803A==,type:str]
policy: ENC[AES256_GCM,data:szr/D/u/ng0=,iv:jzm7Q4zdKQpNV0FgJ4jA9CuN7r912ySBJHmxKeQGS2I=,tag:cKarFmhIbBEtslSxOc4mcA==,type:str]
oidc:
enabled: ENC[AES256_GCM,data:lK45+A==,iv:NcoTJPt4XZGRlVRwpsmuI5nu66cGVksQBRAwRval5JY=,tag:kjtPLITQLBOqjF3IaJAL8w==,type:bool]
configUrl: ENC[AES256_GCM,data:ZNVvWPlFPA1xgfysavsEusfxE2ySIM9FYatYqfWPnUrHKMtCxYlrn1ip3nTYL2JHvjM3yltLBNbqWMCGlgtw,iv:p1F2DqCFaKvjYKhMieFytnMuggrec8DmBzDATLTVe+8=,tag:3EtpPSyRlGThov5OcZfV+g==,type:str]
clientId: ENC[AES256_GCM,data:kO7PkjN+5GqZCxChvtbTQb/5zo7nVxfh7MZqbDoJLIKMEfth,iv:ti3Xlc3sRVOVGtxGw/pT5iBy5rBqV2v+MhiNF3Krb9U=,tag:3LUDIkq08zGmvjJtSnE/jA==,type:str]
clientSecret: ENC[AES256_GCM,data:PVe+8SlNrznBiFVNpuQXIcuPkUXyUJ7DObZpRvlgA8JjUHXTy3VY7soyJVBZEMfYbNjSLLcKcWM=,iv:fbh2RcQdPf3jUt2AOI3xp09SSEaWzI4rLGZmlZY46uM=,tag:wvEBkkPsXoQXAP7fN1iDMA==,type:str]
claimName: ENC[AES256_GCM,data:+XEw9sQ5,iv:DgGZf/GwkJsk4lfI8TBBaGfwN8YESMu9BSOBLJkbz78=,tag:A4hvQYEaZxPNf9CZp9+YUQ==,type:str]
redirectUri: ENC[AES256_GCM,data:+Q8cNCvslAcO4m7VJwNe/CpEntyHfuHOrHqqtlrDILkfc0IRAA8aSbZwbA2v+So=,iv:GwzNILyqLuAYUQFKbt5WE+VCdOzSTBmGCAHcCAnzxXk=,tag:p9/86/r2DfT1mkQu+aQJfQ==,type:str]
comment: ENC[AES256_GCM,data:TO3kA0i503ZA+EFhKa2AZw==,iv:Cl3NvvgXz71AaCgMl062urNtcBtgk832vtxTs9MJwik=,tag:JwerK2q1L7xMv/NIoWkESw==,type:str]
claimPrefix: ""
scopes: ENC[AES256_GCM,data:TuXqq8d+Xo/1ZNi036wx1GhbNPSF2sv8uYUy,iv:u9VfqbAGR94vLPD7nnsKuz5b2sbpUhs1TT7Ah8quX7c=,tag:jZplD/t4rA+p7TtisrC9mg==,type:str]
sops:
kms: []
gcp_kms: []
azure_kv: []
hc_vault: []
age:
- recipient: age1vzkv97n2p7gfkw8dyx8ctz2kumattz89th2jq47zyjyrarmnssysdkw9v8
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB4VjY3eWQ4V29rQ2VUejA5
cG1JTTBCVWY5WGpaVFpDNU8yRTJaUEcwYTI4CnhHVjZrSFVnTGg1Yyt2ekM2YkRr
RzljT003RFVURFVRaThaNnYyOTZka1UKLS0tIFYyd1JIQzQ2VEZ2b2xabXM4TFVp
NFd0WDBXRERZc2ZDbWhDTFhnZExjVmcKDKHKoouDK66AYXenznGjTMnahqIwbp1y
zA+MZx0FPO7xm9UCGaxIFzdLXK6O2ctw9fDceR6oMj+YehLOKwEmoA==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2023-03-13T07:52:39Z"
mac: ENC[AES256_GCM,data:ognemBsF32MrBDoUTcmwW1W5VI//FADb/p0Do8aQttsikYMVLcFZqWx7Dyhu8CfOWsXL/atVLh2Gj3dkxjsmDFI8uUd4gwq0oMYtk7gR09WrrigDtV1UPgDgyLO3nW4/YmTYGx0fLcsFyGJMm1Pp08Sk+oGcP2Xt+zBAch6/xyE=,iv:Q6dAGFlaTQL7zbR1Z868zo3HbWW4/xpoaWdyw/k/c0U=,tag:I6X2USyt1AhgzjlY469jOA==,type:str]
pgp: []
unencrypted_suffix: _unencrypted
version: 3.7.3

23
arm-badhouseplants/values/secrets.mysql.yaml
View File

@ -1,23 +0,0 @@
auth:
rootPassword: ENC[AES256_GCM,data:X7htluDDokepRf8GVV4eu+pGM2o=,iv:DJ893dKr/4SFBEl8HnYv2PMb3Nb2AfL1RVgN2QmDRmA=,tag:W6QX7k92P7bgi3Ji/64xHg==,type:str]
password: ENC[AES256_GCM,data:hlXWCWbFnmbuUg==,iv:d9ZmklpwJa13wyNjrqNfFMEbJDSQ+NeyB4gj+59g09Q=,tag:Ps4oq5XWDIx7HnvCCnB/FQ==,type:str]
sops:
kms: []
gcp_kms: []
azure_kv: []
hc_vault: []
age:
- recipient: age1vzkv97n2p7gfkw8dyx8ctz2kumattz89th2jq47zyjyrarmnssysdkw9v8
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBVbENvMm1YQzlSV3UrSEJ4
VTZ1RWVKTlpsUDFzQlVjMlJEZmIvaldHVXlFCm9SVzN3Z0dwTGo1Y3dnaHhvSmpi
bDIrMlJhbHhKUmRZejdkTmJiSDYvY2MKLS0tIFpRbkwySVh2MDlNWEFNZHVtY2Ns
Wmh3Z29ZSlBhbmFJNkFQZlE3aXpMMk0K14rSXjSF08xkil+fFJpeMV+6XChTJ2/3
OQecJtg+0NQPyvC+kR5qKq8roiSzNNJgTVg2wwKMdukKVVTbEGi0gA==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2023-07-30T15:06:09Z"
mac: ENC[AES256_GCM,data:oiigjlyNoSm5hcdB58MWUxhqcYzE5XtA5LEDUCUX4r0inNd8UuLP029jz6bvQ7E/wFpiGNVTFAlFB1HA/YVwai/siovy5H2DL6g4LS3k+fxLKc3lwo3BvkaBi9X2aYu7vGBJpNe3KxBdWFyjkEQVoux1RD8JJBYNquMu9tW3K/g=,iv:1H7pF0Tr6GcgDt9ItXiTBOTFa55wb9pOdTF3jNJlPiY=,tag:dQ9nrAKr+qo4JpqD2wJXjg==,type:str]
pgp: []
unencrypted_suffix: _unencrypted
version: 3.7.3

28
arm-badhouseplants/values/secrets.nrodionov.yaml
View File

@ -1,28 +0,0 @@
wordpressPassword: ENC[AES256_GCM,data:yYE91wuc9uOzIQ==,iv:jLqs0BZcEIG73roA/wxtK74xX+osePoIaKhg6XvuAXE=,tag:9a3n1tbRAy4TaU0OE8uZcQ==,type:str]
wordpressEmail: ENC[AES256_GCM,data:Fy6mIfhu0DuO+MSp1TPN7On6cFZk,iv:bxYiJBYgbuQsWPRWKfubmNZ/jShMBLeiPDyw7XtOAkY=,tag:RyBuqoNGoTzKR68RNSgumA==,type:str]
mariadb:
auth:
rootPassword: ENC[AES256_GCM,data:oex+HDJ5SnaYrw==,iv:5HfGr27bpbXTROVMIWodMUe0WN6T3tXEESYSXwUUxw0=,tag:K83scpenVclwsEnGolsQiQ==,type:str]
database: ENC[AES256_GCM,data:xqBbXrRmtrUPaCZBC4NTelk=,iv:HOQHpilfi5TpD1jqI8XaEzO6W4CfdLBsTn+ACFWNhdE=,tag:EnsdqkExZi7PE7X4LlwBxA==,type:str]
username: ENC[AES256_GCM,data:oxVjkciMzifFIuhF,iv:kQsEGv9HIB+RTs54KfU8s/fpp1ooyzLK5lBQJZGSvy0=,tag:Y0uzVdsGb6McWRGPk2dNBQ==,type:str]
password: ENC[AES256_GCM,data:HV2d0nHUrOdE2Suju6/EUQ==,iv:HLOoCUdtOhm7ss8WSBkEAT4ulR+fwSNF4Oqv1XwDfrU=,tag:BBlW+z5LLmvtIwG69+De0Q==,type:str]
sops:
kms: []
gcp_kms: []
azure_kv: []
hc_vault: []
age:
- recipient: age1vzkv97n2p7gfkw8dyx8ctz2kumattz89th2jq47zyjyrarmnssysdkw9v8
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA1V2tQdkFWenZWZU1pT1JY
cXpVV3UxNnN6and1R0lBd1NrcXdWNTdibkFnCkJxeERBYyt4ZUtabWl5dlIxNmJZ
blhSUHZWTk1PVS9RUThlNFRBREh0T1UKLS0tIENKK200NnRDNUJCeGNTeFB5Z1BI
a2l5SG4yTjhmUlorWlJNbmFDekN5LzgKCS8nqMu72GDYjuSrfgbp/KZbHfhOdpyu
WpT0T6pk/oOc9ohQKGD/jvcjrMW7OZ5uYpZc/4gPdLKcOnNB+BEo/g==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2023-02-19T20:44:54Z"
mac: ENC[AES256_GCM,data:ZCsQBgVwgAEfVh3Qhyiq7WDbthwliLqDzy4cyfpRN54oQ1SfuTofLKJmdPgmdraDJaCjxgb9zM0RfXS9x2wcFXWc2Q8I06TmWIEbZ1jehSqlQk1WmWWP7P6LqIvA0AY/c32tUhO9kmuftiOcT8sDmiFB/MqHBahAmdTT+0vo4LI=,iv:gcSDUwTMmuNtNTf4wtmSlXSvbje25wd288gnLEQx294=,tag:lcwpAyfDRgGfZ+H07ZkcZw==,type:str]
pgp: []
unencrypted_suffix: _unencrypted
version: 3.7.3

24
arm-badhouseplants/values/secrets.postgres.yaml
View File

@ -1,24 +0,0 @@
global:
postgresql:
auth:
postgresPassword: ENC[AES256_GCM,data:NopZyPWiTKPPVzLcvVLN3JgMQjQ=,iv:rWVhR2wChvQSIa7eBPrvnWO2ydLZ2D8oF87INiy8NX4=,tag:Xb0qbED6QXu5QBgHY6hrOA==,type:str]
sops:
kms: []
gcp_kms: []
azure_kv: []
hc_vault: []
age:
- recipient: age1vzkv97n2p7gfkw8dyx8ctz2kumattz89th2jq47zyjyrarmnssysdkw9v8
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBVbENvMm1YQzlSV3UrSEJ4
VTZ1RWVKTlpsUDFzQlVjMlJEZmIvaldHVXlFCm9SVzN3Z0dwTGo1Y3dnaHhvSmpi
bDIrMlJhbHhKUmRZejdkTmJiSDYvY2MKLS0tIFpRbkwySVh2MDlNWEFNZHVtY2Ns
Wmh3Z29ZSlBhbmFJNkFQZlE3aXpMMk0K14rSXjSF08xkil+fFJpeMV+6XChTJ2/3
OQecJtg+0NQPyvC+kR5qKq8roiSzNNJgTVg2wwKMdukKVVTbEGi0gA==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2023-07-21T12:58:01Z"
mac: ENC[AES256_GCM,data:ShHWH9RIL4rJ5X0IvThOtyM28AC+1bJLr4PJJdYSLtV9T7Wcs2LbmWxtM2tpRyzMeZjYKJrsstGYgxBevr1BpfGBIeR4+JCwrbdK4AOq2VbLMpH7nMOU/huuUpxOopweRBTwZOEMRBkSkEk4qPvebLHEqUi6aNGdtxOINmHv/fA=,iv:C/iJOSshanbhSQ9Be712aSN2B8aXndPpP4655SQONeQ=,tag:BAJIzrYfh8a59OzkxDOrbw==,type:str]
pgp: []
unencrypted_suffix: _unencrypted
version: 3.7.3

26
arm-badhouseplants/values/secrets.prometheus.yaml
View File

@ -1,26 +0,0 @@
grafana:
adminPassword: ENC[AES256_GCM,data:AuPGLXN861DvndWdecukXKzt91sGGIMBToj7tO3J,iv:gKmj0gurV77e/jbxdyxhaxkmmsp738vB6ZAfzRFf45M=,tag:rKOkedx87g4MlRk6npgXiA==,type:str]
adminUser: ENC[AES256_GCM,data:Esh/6bXMez8=,iv:cRdvkpnO8gNOaKy+4kPcq69ksdXxuZClnjSvBp4yto8=,tag:ZgycOsDXJIT1mrN6nJHw3g==,type:str]
grafana.ini:
auth.generic_oauth:
client_secret: ENC[AES256_GCM,data:+4Qfo4aR9TMZprWL9U6lFx4B86d3ywH2O5K6rM5hmv2gROeFinp7k5p9C2pgNubIK9W3TlWSZAw=,iv:uFX2Lz3s2/aR5rcwsDvfuUGbKHNxh43ZiuCNaT5b1dw=,tag:8YdsVMaHbP6wqjubb9Ab2w==,type:str]
sops:
kms: []
gcp_kms: []
azure_kv: []
hc_vault: []
age:
- recipient: age1vzkv97n2p7gfkw8dyx8ctz2kumattz89th2jq47zyjyrarmnssysdkw9v8
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBXeTlhQ2xpK0dvMU00ejh4
bjZxZVMvMEFobGFqYU55a3dxcTlnRitkS2wwCmJVNHhQNHJHTVBxbk4xQ1RWbkFv
TUNGY3YvQUIyTUJYNEZmOWRYd3JaUHcKLS0tIHJ5STVXV0hxRUdYQmNXSFR2U0Vv
NXQ5SjNQUW9JOStDclZuYUlqV3FaWWsKvu2T2LmDjuJgnB0djjhJczsvDjFsH/D/
QDPkkl2G1luDoIjBj21uoy0daqfyskd4Yw2ZsPsZU6zuEGdFj52Qbw==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2023-05-29T11:41:00Z"
mac: ENC[AES256_GCM,data:7Xs7W6smDPr8fp4AapKcUvHUsYRKkTQ3wb4CuDmL0ziQs2d73ueezEembp7RRaBQ/Q5jACY1dHQg42+4YymcTt8NqJ6SE4G7f9iqJu3rr5g5lh8mYP8ft8J1/l2jrQtCSfxyzuG2CPZRycQIo+0Tq++w6iK0iy6ExPt8cDNR2Ao=,iv:v8m4CEW6FG5rWV8fKsqACh37X9yzsB/Bl1wh+4348rI=,tag:Up71zDf12JMDjK8uIxnsLA==,type:str]
pgp: []
unencrypted_suffix: _unencrypted
version: 3.7.3

26
arm-badhouseplants/values/secrets.redis.yaml
View File

@ -1,26 +0,0 @@
global:
redis:
#ENC[AES256_GCM,data:QRLnzdJ/lmaItppUMOZO33kySISWDfMdjr2nrEjBuhucnoglEVNF9Wy5IVbt5CNERajCADTVWNy/N40uCv+9n3PQVKl+Ki6YV+Q24Bzy,iv:8PvJ2yU7AW+/XkP+/9OQcrdCVAomnRexkNNw+2rjoho=,tag:U4gbrqqBwvXC63qn7jFmPQ==,type:comment]
#ENC[AES256_GCM,data:69gagNeejZaafGWo/Rll,iv:kW13FOrc/j//BxVj4JgEC0G/DQIOPHil0uNXpOM2/W0=,tag:sqviMlgQHiN397ukswoNsg==,type:comment]
#ENC[AES256_GCM,data:C8ta7Vtb3LpOotE=,iv:Kdat2trhQIQHxIpD7xhUoLRYo+a4PgzpB+S0w32somA=,tag:jgH656M8a14QhA//sN6MGg==,type:comment]
password: ENC[AES256_GCM,data:qdV5FH2K4w9gj4SFznfflY8Uw3ohSCO4lOE4Hea4,iv:/XYT2xiHlfRB1NLkw+Qm/QaWehvs9v8PUp2ZfMxeyRA=,tag:06XSi3K7y+9a50nZK1LAfQ==,type:str]
sops:
kms: []
gcp_kms: []
azure_kv: []
hc_vault: []
age:
- recipient: age1vzkv97n2p7gfkw8dyx8ctz2kumattz89th2jq47zyjyrarmnssysdkw9v8
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBxTWUxY2hYT0dId2hsR0x1
MXFtRjlSelgwdUcyVnBUdlJ6Nng1UkNJaHg4Ckc5NXBORjBCZHQyc0lDTiswazNF
cGhKVFFNdlZnRWlxS05OTklOUDJDQjQKLS0tIDNWNDVVWXcxUW8yUHgrOTNkRkQ1
MGNDV2cvUUF3dWZHSlZNeVFDNXhzalkKubKuiiZuqoZTvRMr2FiUxnFUu+Pvj3Wf
pZTfZg9rnUukmV+kmwqQKcfoPNfeShhoAsszWwPM628cV9pq87I2/A==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2023-07-29T20:22:15Z"
mac: ENC[AES256_GCM,data:DIdcvQXu7rivXdPFPjfzs1AeJ5bRvUBD+Hq9mH7Hp/+iqrG03fWSF2NF1ra8KfEIg6TDsyMnQLWvipxBlA654BLBNrABFoGwLsdVsATBORz0kNNY862qfyhSOaaTBHTWhPVpbjGnYav+bi5pfvbLC9yJm3SjIRtUbnaNVWvqMq0=,iv:d7SaPZLb/px7fy+bGJnH3bfNBmqbhwMijyNB0jfYgLE=,tag:LT5hJoDcSiP5FVgj0M2sCA==,type:str]
pgp: []
unencrypted_suffix: _unencrypted
version: 3.7.3

108
arm-badhouseplants/values/values.argocd.yaml
View File

@ -1,108 +0,0 @@
---
# ------------------------------------------
# -- Istio extenstion. Just because I'm
# -- not using ingress nginx
# ------------------------------------------
istio:
enabled: true
istio:
- name: argocd-http
gateway: badhouseplants-net
kind: http
hostname: argo.badhouseplants.net
service: argocd-server
port: 80
controller:
resources:
limits:
memory: 512Mi
cpu: 200m
requests:
cpu: 100m
memory: 512Mi
metrics:
enabled: true
applicationLabels:
enabled: false
labels: []
service:
annotations: {}
labels: {}
servicePort: 8082
portName: http-metrics
serviceMonitor:
enabled: false
interval: 30s
relabelings: []
metricRelabelings: []
selector: {}
scheme: ""
tlsConfig: {}
additionalLabels: {}
rules:
enabled: false
spec: []
dex:
metrics:
enabled: false
serviceMonitor:
enabled: false
redis:
metrics:
enabled: false
serviceMonitor:
enabled: false
server:
metrics:
enabled: true
serviceMonitor:
enabled: false
rbacConfig:
policy.default: role:readonly
scopes: "[email, group]"
policy.csv: |
g, allanger@zohomail.com, role:admin
g, rodion.n.rodionov@gmail.com, role:admin
p, drone, applications, *, badhouseplants/*,allow
config:
exec.enabled: "true"
url: https://argo.badhouseplants.net
kustomize.buildOptions: "--enable-alpha-plugins"
accounts.drone: apiKey, login
accounts.drone.enabled: "true"
extraArgs:
- --insecure
repoServer:
metrics:
enabled: false
serviceMonitor:
enabled: false
imagePullSecrets:
- name: regcred
configs:
credentialTemplates:
ssh-creds:
url: git@github.com
applicationSet:
metrics:
enabled: false
serviceMonitor:
enabled: false
repositories:
argo-deployment:
url: git@github.com:allanger/argo-deployment.git
name: argo-deployment
insecure: "true"
type: git
cluster-config:
url: git@github.com:allanger/cluster-config.git
name: cluster-config
insecure: "true"
type: git

37
arm-badhouseplants/values/values.bitwarden.yaml
View File

@ -1,37 +0,0 @@
---
image:
repository: vaultwarden/server
tag: 1.28.1
istio:
enabled: true
istio:
- name: bitwarden-http
gateway: badhouseplants-net
kind: http
hostname: bitwarden.badhouseplants.net
service: bitwarden-vaultwarden
port: 80
# pathType is only for k8s >= 1.1=
pathType: Prefix
env:
SIGNUPS_ALLOWED: false
DOMAIN: "https://bitwarden.badhouseplants.net"
# YUBICO_CLIENT_ID
# YUBICO_SECRET_KEY
# DATA_FOLDER
# DATABASE_URL
# ATTACHMENTS_FOLDER
# ICON_CACHE_FOLDER
# ROCKET_LIMITS
# ROCKET_WORKERS
WEB_VAULT_ENABLED: true
persistence:
enabled: true
accessMode: ReadWriteOnce
size: 800Mi
storageClass: longhorn

22
arm-badhouseplants/values/values.db-instances.yaml
View File

@ -1,22 +0,0 @@
---
dbinstances:
postgres:
monitoring:
enabled: false
adminSecretRef:
Name: postgres-secret
Namespace: database-service
engine: postgres
generic:
host: postgres-postgresql
port: 5432
mysql:
monitoring:
enabled: false
adminSecretRef:
Name: mysql-secret
Namespace: database-service
engine: mysql
generic:
host: mysql
port: 3306

16
arm-badhouseplants/values/values.drone-runner-docker.yaml
View File

@ -1,16 +0,0 @@
---
env:
DRONE_RPC_HOST: drone.badhouseplants.net
DRONE_RPC_PROTO: https
DRONE_NAMESPACE_DEFAULT: drone-service
rbac:
buildNamespaces:
- drone-service
dind:
resources:
limits:
cpu: 2000m
memory: 2024Mi
requests:
cpu: 100m
memory: 512Mi

18
arm-badhouseplants/values/values.drone.yaml
View File

@ -1,18 +0,0 @@
# ------------------------------------------
# -- Istio extenstion. Just because I'm
# -- not using ingress nginx
# ------------------------------------------
istio:
enabled: true
istio:
- name: drone-http
gateway: badhouseplants-net
kind: http
hostname: drone.badhouseplants.net
service: drone
port: 8080
env:
DRONE_SERVER_HOST: drone.badhouseplants.net
DRONE_SERVER_PROTO: https
DRONE_GITEA_SERVER: https://git.badhouseplants.net
DRONE_USER_CREATE: username:allanger,admin:true

55
arm-badhouseplants/values/values.funkwhale.yaml
View File

@ -1,55 +0,0 @@
---
# ------------------------------------------
# -- Istio extenstion. Just because I'm
# -- not using ingress nginx
# ------------------------------------------
istio:
enabled: true
istio:
- name: funkwhale-http
gateway: badhouseplants-net
kind: http
hostname: funkwhale.badhouseplants.net
service: funkwhale
port: 80
ext-database:
enabled: true
name: funkwhale-postgres
instance: postgres
replicaCount: 1
celery:
worker:
replicaCount: 1
beat:
resources:
limits:
cpu: 100m
memory: 512Mi
requests:
cpu: 10m
memory: 75Mi
extraEnv:
FUNKWHALE_HOSTNAME: funkwhale.badhouseplants.net
FUNKWHALE_PROTOCOL: https
persistence:
enabled: true
accessMode: ReadWriteMany
size: 10Gi
s3:
enabled: false
ingress:
enabled: false
postgresql:
enabled: false
host: postgres-postgresql.database-service.svc.cluster.local
auth:
username: funkwhale-application-funkwhale-postgres
database: funkwhale-application-funkwhale-postgres
redis:
enabled: false
host: redis-master.database-service.svc.cluster.local
auth:
enabled: true

115
arm-badhouseplants/values/values.gitea.yaml
View File

@ -1,115 +0,0 @@
---
# ------------------------------------------
# -- Istio extenstion. Just because I'm
# -- not using ingress nginx
# ------------------------------------------
istio:
enabled: true
istio:
- name: gitea-http
kind: http
gateway: badhouseplants-net
hostname: git.badhouseplants.net
service: gitea-http
port: 3000
- name: gitea-ssh
kind: tcp
gateway: badhouseplants-ssh
hostname: "*"
port_match: 22
service: gitea-ssh
port: 22
# ------------------------------------------
# -- Database extension is used to manage
# -- database with db-operator
# ------------------------------------------
ext-database:
enabled: true
name: gitea-postgres
instance: postgres
# ------------------------------------------
# -- Kubernetes related values
# ------------------------------------------
replicaCount: 1
clusterDomain: cluster.local
resources:
limits:
cpu: 300m
memory: 512Mi
requests:
cpu: 50m
memory: 128Mi
persistence:
enabled: true
size: 6Gi
accessModes:
- ReadWriteOnce
ingress:
enabled: false
# ------------------------------------------
# -- Main Gitea settings
# ------------------------------------------
gitea:
metrics:
enabled: true
serviceMonitor:
# -- TODO(@allanger): Enable it once prometheus is configured
enabled: false
config:
database:
DB_TYPE: postgres
HOST: postgres-postgresql.database-service.svc.cluster.local
NAME: gitea-service-gitea-postgres
USER: gitea-service-gitea-postgres
APP_NAME: Bad Houseplants Gitea
ui:
meta:
AUTHOR: Bad Houseplants
DESCRIPTION: ...by allanger
repository:
DEFAULT_BRANCH: main
MAX_CREATION_LIMIT: 0
DISABLED_REPO_UNITS: repo.wiki
service:
DISABLE_REGISTRATION: false
server:
DOMAIN: git.badhouseplants.net
ROOT_URL: https://git.badhouseplants.net
LFS_START_SERVER: true
LANDING_PAGE: explore
START_SSH_SERVER: true
admin:
DISABLE_REGULAR_ORG_CREATION: true
packages:
ENABLED: true
cron:
enabled: true
attachment:
MAX_SIZE: 100
actions:
ENABLED: true
oauth2_client:
REGISTER_EMAIL_CONFIRM: false
ENABLE_AUTO_REGISTRATION: true
session:
PROVIDER: redis
cache:
ENABLED: true
ADAPTER: redis
queue:
TYPE: redis
service:
ssh:
type: ClusterIP
port: 22
clusterIP:
# ------------------------------------------
# -- Disabled dependencies
# ------------------------------------------
postgresql-ha:
enabled: false
redis-cluster:
enabled: false

4
arm-badhouseplants/values/values.iredmail.yaml
View File

@ -1,4 +0,0 @@
config:
env:
HOSTNAME: mail.badhouseplants.net
FIRST_MAIL_DOMAIN: badhouseplants.net

64
arm-badhouseplants/values/values.istio-ingressgateway.yaml
View File

@ -1,64 +0,0 @@
---
service:
type: LoadBalancer
ports:
- name: minecraft
port: 25565
protocol: TCP
targetPort: 25565
- name: ssh-gitea
port: 22
protocol: TCP
targetPort: 22
- name: http2
port: 80
protocol: TCP
targetPort: 80
- name: https
port: 443
protocol: TCP
targetPort: 443
- name: tcp
port: 1194
protocol: TCP
targetPort: 1194
# -----------
# -- Email
# -----------
- name: smtp
port: 25
protocol: TCP
targetPort: 25
- name: smtps
port: 465
protocol: TCP
targetPort: 465
- name: smtp-startls
port: 587
protocol: TCP
targetPort: 587
- name: imap
port: 143
protocol: TCP
targetPort: 143
- name: imaps
port: 993
protocol: TCP
targetPort: 993
- name: pop3
port: 110
protocol: TCP
targetPort: 110
- name: pop3s
port: 995
protocol: TCP
targetPort: 995
podAnnotations:
proxy.istio.io/config: '{"gatewayTopology" : { "numTrustedProxies": 0, "forwardClientCertDetails": SANITIZE } }'
resources:
requests:
cpu: 100m
memory: 128Mi
limits:
cpu: 200m
memory: 1024Mi

14
arm-badhouseplants/values/values.istiod.yaml
View File

@ -1,14 +0,0 @@
---
pilot:
resources:
requests:
cpu: 50m
memory: 2048Mi
global:
proxy:
resources:
requests:
cpu: 100m
memory: 128Mi
limits:
memory: 128Mi

11
arm-badhouseplants/values/values.loki.yaml
View File

@ -1,11 +0,0 @@
---
singleBinary:
replicas: 1
loki:
auth_enabled: false
commonConfig:
replication_factor: 1
compactor:
retention_enabled: true
limits_config:
retention_period: 2d

10
arm-badhouseplants/values/values.longhorn.yaml
View File

@ -1,10 +0,0 @@
defaultSettings:
guaranteedEngineManagerCPU: 6
guaranteedReplicaManagerCPU: 6
storageOverProvisioningPercentage: 300
storageMinimalAvailablePercentage: 5
csi:
kubeletRootDir: /var/snap/microk8s/common/var/lib/kubelet
persistence:
defaultClassReplicaCount: 1
enablePSP: false

181
arm-badhouseplants/values/values.mailu.yaml
View File

@ -1,181 +0,0 @@
---
certificate:
enabled: true
certificate:
- name: mailu
secretName: mailu-certificate
issuer:
kind: ClusterIssuer
name: badhouseplants-issuer
dnsNames:
- badhouseplants.net
- "email.badhouseplants.net"
# ------------------------------------------
# -- Istio extenstion. Just because I'm
# -- not using ingress nginx
# ------------------------------------------
istio:
enabled: true
istio:
- name: mailu-web
kind: http
gateway: badhouseplants-net
hostname: email.badhouseplants.net
service: mailu-front
port: 80
# - name: mailu-smpt
# kind: tcp
# gateway: badhouseplants-mail
# service: mailu-front
# hostname: email.badhousplants.net
# port_match: 25
# port: 25
# - name: mailu-smpts
# kind: tcp
# gateway: badhouseplants-mail
# port_match: 465
# hostname: email.badhousplants.net
# service: mailu-front
# port: 465
# - name: mailu-smpt-startls
# kind: tcp
# gateway: badhouseplants-mail
# hostname: email.badhousplants.net
# port_match: 587
# service: mailu-front
# port: 587
# - name: mailu-imap
# kind: tcp
# hostname: email.badhousplants.net
# gateway: badhouseplants-mail
# port_match: 143
# service: mailu-front
# port: 143
# - name: mailu-imaps
# kind: tcp
# gateway: badhouseplants-mail
# hostname: email.badhousplants.net
# port_match: 993
# service: mailu-front
# port: 993
# - name: mailu-pop3
# kind: tcp
# gateway: badhouseplants-mail
# port_match: 110
# hostname: email.badhousplants.net
# service: mailu-front
# port: 110
# - name: mailu-pop3s
# kind: tcp
# gateway: badhouseplants-mail
# port_match: 993
# hostname: email.badhousplants.net
# service: mailu-front
# port: 993
subnet: 10.1.0.0/16
sessionCookieSecure: true
hostnames:
- post.badhouseplants.net
domain: badhouseplants.net
persistence:
single_pvc: false
limits:
messageRatelimit:
value: "10/day"
tls:
outboundLevel: secure
ingress:
enabled: false
tls: false
tlsFlavorOverride: mail
selfSigned: false
existingSecret: mailu-certificate
admin:
resources:
requests:
memory: 100Mi
cpu: 70m
limits:
memory: 700Mi
cpu: 400m
persistence:
size: 1Gi
redis:
resources:
requests:
memory: 100Mi
cpu: 70m
limits:
memory: 200Mi
cpu: 200m
persistence:
size: 1Gi
postfix:
resources:
requests:
memory: 1024Mi
cpu: 200m
limits:
memory: 1024Mi
cpu: 200m
persistence:
size: 1Gi
dovecot:
logLevel: DEBUG
resources:
requests:
memory: 100Mi
cpu: 70m
limits:
memory: 400Mi
cpu: 300m
persistence:
size: 1Gi
roundcube:
resources:
requests:
memory: 100Mi
cpu: 70m
limits:
memory: 200Mi
cpu: 200m
persistence:
size: 1Gi
mysql:
enabled: false
postgresql:
enabled: true
auth:
enablePostgresUser: true
username: mailu
database: mailu
persistence:
enabled: false
storageClass: ""
accessMode: ReadWriteOnce
size: 2Gi
front:
logLevel: DEBUG
hostPort:
enabled: true
rspamd:
resources:
requests:
memory: 100Mi
cpu: 100m
limits:
memory: 500Mi
cpu: 400m
startupProbe:
periodSeconds: 30
failureThreshold: 900
timeoutSeconds: 20
livenessProbe: {}
readinessProbe: {}
webmail:
persistence:
size: 2Gi
storageClass: ""
accessModes: [ReadWriteOnce]
claimNameOverride: ""
annotations: {}

115
arm-badhouseplants/values/values.minecraft.yaml
View File

@ -1,115 +0,0 @@
---
# --------------------------------------------------
# -- Extensions values
# --------------------------------------------------
service-account:
enabled: true
resources:
- name: minecraft-exporter
label:
app: minecraft-minecraft-metrics
endpoints:
port: metrics
# ------------------------------------------
# -- Istio extenstion. Just because I'm
# -- not using ingress nginx
# ------------------------------------------
istio:
enabled: true
istio:
- name: minecraft-tcp
gateway: badhouseplants-minecraft
kind: tcp
port_match: 25565
hostname: "*"
service: minecraft-minecraft
port: 25565
# --------------------------------------------------
# -- Main values
# --------------------------------------------------
image:
tag: java17-graalvm-ce
pullPolicy: Always
resources:
requests:
memory: 512Mi
cpu: 50m
limits:
memory: 3Gi
lifecycle:
postStart:
- bash
- -c
- for i in {1..100}; do mc-health && break || sleep 20; done && mc-send-to-console setpassword 11223345
readinessProbe:
command:
- mc-health
periodSeconds: 20
failureThreshold: 50
timeoutSeconds: 10
livenessProbe:
timeoutSeconds: 10
minecraftServer:
eula: "TRUE"
onlineMode: false
difficulty: hard
hardcore: true
version: 1.20.1
maxWorldSize: 90000
type: "PAPER"
paperDownloadUrl: https://api.papermc.io/v2/projects/paper/versions/1.20.1/builds/100/downloads/paper-1.20.1-100.jar
gameMode: survival
pvp: true
memory: 2512M
extraPorts:
- name: metrics
containerPort: 9225
protocol: TCP
service:
enabled: true
embedded: false
labels:
exporter: minecraft
type: ClusterIP
port: 9925
ingress:
enabled: false
persistence:
dataDir:
enabled: true
Size: 15Gi
initContainers:
- name: install-prometheus-exporter
image: alpine/curl
command:
- curl
- -L
- "https://github.com/sladkoff/minecraft-prometheus-exporter/releases/download/v2.5.0/minecraft-prometheus-exporter-2.5.0.jar"
- -o
- /data/plugins/prometheus-exporter.jar
volumeMounts:
- name: plugins
mountPath: /data/plugins
readOnly: false
- name: install-password-plugin
image: alpine/curl
command:
- curl
- -L
- "https://github.com/timbru31/PasswordProtect/releases/download/PasswordProtect-3.1.0/PasswordProtect.jar"
- -o
- /data/plugins/PasswordProtect.jar
volumeMounts:
- name: plugins
mountPath: /data/plugins
readOnly: false
extraVolumes:
- volumeMounts:
- name: plugins
mountPath: /data/plugins
readOnly: false
volumes:
- name: plugins
emptyDir:
sizeLimit: 500Mi

121
arm-badhouseplants/values/values.minio.yaml
View File

@ -1,121 +0,0 @@
---
# ------------------------------------------
# -- Istio extenstion. Just because I'm
# -- not using ingress nginx
# ------------------------------------------
istio:
enabled: true
istio:
- name: minio-http
gateway: badhouseplants-net
kind: http
hostname: minio.badhouseplants.net
service: minio-console
port: 9001
- name: s3-http
gateway: badhouseplants-net
kind: http
hostname: s3.badhouseplants.net
service: minio
port: 9000
rootUser: 'overlord'
replicas: 1
mode: standalone
environment:
MINIO_SERVER_URL: "https://s3.badhouseplants.net:443"
tls:
enabled: false
certSecret: ''
publicCrt: public.crt
privateKey: private.key
persistence:
enabled: true
accessMode: ReadWriteOnce
size: 10Gi
service:
type: ClusterIP
clusterIP: ~
port: '9000'
consoleService:
type: ClusterIP
clusterIP: ~
port: '9001'
resources:
requests:
memory: 2Gi
buckets:
- name: badhouseplants-net
policy: download
purge: false
versioning: false
- name: badhouseplants-js
policy: download
purge: false
versioning: false
- name: badhouseplants-net-main
policy: download
purge: false
versioning: false
- name: sharing
policy: download
purge: false
versioning: false
- name: allanger-music
policy: download
purge: false
versioning: false
- name: badhouseplants-brew
policy: download
purge: false
versioning: false
metrics:
serviceMonitor:
enabled: false
public: true
additionalLabels: {}
policies:
- name: allanger
statements:
- resources:
- 'arn:aws:s3:::*'
actions:
- "s3:*"
- resources: []
actions:
- "admin:*"
- resources: []
actions:
- "kms:*"
- name: badhouseplants:owners
statements:
- resources:
- 'arn:aws:s3:::*'
actions:
- "s3:*"
- resources: []
actions:
- "admin:*"
- resources: []
actions:
- "kms:*"
- name: badhouseplants
statements:
- resources:
- 'arn:aws:s3:::badhouseplants-net'
actions:
- "s3:*"
- resources:
- 'arn:aws:s3:::badhouseplants-net/*'
actions:
- "s3:*"
- name: sharing
statements:
- resources:
- 'arn:aws:s3:::sharing'
actions:
- "s3:*"
- resources:
- 'arn:aws:s3:::sharing/*'
actions:
- "s3:*"

7
arm-badhouseplants/values/values.mysql.yaml
View File

@ -1,7 +0,0 @@
primary:
persistence:
size: 500Mi
auth:
createDatabase: false

11
arm-badhouseplants/values/values.namespaces.yaml
View File

@ -1,11 +0,0 @@
---
ns:
- name: monitoring-system
templates:
- |
{{ range .Values.ns }}
apiVersion: v1
kind: Namespace
metadata:
name: {{ .name }}
{{ end }}

58
arm-badhouseplants/values/values.nrodionov.yaml
View File

@ -1,58 +0,0 @@
---
# ------------------------------------------
# -- Istio extenstion. Just because I'm
# -- not using ingress nginx
# ------------------------------------------
istio:
enabled: true
istio:
- name: nrodionov-http
gateway: nrodionov-info
kind: http
hostname: dev.nrodionov.info
service: nrodionov-wordpress
port: 8080
ext-database:
enabled: true
name: nrodionov-mysql
instance: mysql
wordpressBlogName: Николай Николаевич Родионов
wordpressUsername: admin
wordpressFirstName: Nikolai
wordpressLastName: Rodionov
wordpressTablePrefix: wp_
wordpressScheme: http
existingWordPressConfigurationSecret: ""
resources:
requests:
memory: 300Mi
cpu: 10m
service:
type: ClusterIP
ports:
http: 8080
https: 8443
persistence:
enabled: true
storageClass: ""
accessModes:
- ReadWriteOnce
accessMode: ReadWriteOnce
size: 2Gi
dataSource: {}
existingClaim: ""
selector: {}
mariadb:
enabled: true
primary:
persistence:
enabled: true
storageClass: ""
accessModes:
- ReadWriteOnce
size: 3Gi

24
arm-badhouseplants/values/values.openvpn.yaml
View File

@ -1,24 +0,0 @@
---
# ------------------------------------------
# -- Istio extenstion. Just because I'm
# -- not using ingress nginx
# ------------------------------------------
istio:
enabled: true
istio:
- name: openvpn-tcp
gateway: badhouseplants-vpn
kind: tcp
port_match: 1194
hostname: "*"
service: openvpn
port: 1194
storageClassName: longhorn
openvpn:
server: "tcp://195.201.250.50:1194"
service:
type: ClusterIP
port: 1194
targetPort: 1194
protocol: TCP

10
arm-badhouseplants/values/values.postgres.yaml
View File

@ -1,10 +0,0 @@
architecture: standalone
auth:
database: postgres
persistence:
size: 1Gi
metrics:
enabled: false

146
arm-badhouseplants/values/values.prometheus.yaml
View File

@ -1,146 +0,0 @@
---
# ------------------------------------------
# -- Istio extenstion. Just because I'm
# -- not using ingress nginx
# ------------------------------------------
istio:
enabled: true
istio:
- name: grafana-https
gateway: badhouseplants-net
kind: http
hostname: "grafana.badhouseplants.net"
service: prometheus-grafana
port: 80
coreDns:
enabled: false
kubeEtcd:
enabled: false
kubelet:
enabled: false
kubeApiServer:
enabled: false
prometheus-node-exporter:
prometheus:
monitor:
enabled: true
jobLabel: jobLabel
interval: 60s
defaultRules:
create: true
rules:
alertmanager: true
etcd: false
configReloaders: false
general: true
k8s: true
kubeApiserverAvailability: false
kubeApiserverBurnrate: false
kubeApiserverHistogram: false
kubeApiserverSlos: false
kubeControllerManager: false
kubelet: false
kubeProxy: false
kubePrometheusGeneral: false
kubePrometheusNodeRecording: false
kubernetesApps: true
kubernetesResources: true
kubernetesStorage: true
kubernetesSystem: true
kubeSchedulerAlerting: false
kubeSchedulerRecording: true
kubeStateMetrics: true
network: false
node: true
nodeExporterAlerting: true
nodeExporterRecording: true
prometheus: true
prometheusOperator: true
windows: false
prometheus:
prometheusSpec:
enableAdminAPI: true
retentionSize: 10GB
podMonitorNamespaceSelector:
any: true
podMonitorSelector: {}
podMonitorSelectorNilUsesHelmValues: false
ruleNamespaceSelector:
any: true
ruleSelector: {}
ruleSelectorNilUsesHelmValues: false
serviceMonitorNamespaceSelector:
any: true
serviceMonitorSelector: {}
serviceMonitorSelectorNilUsesHelmValues: false
storageSpec:
volumeClaimTemplate:
spec:
accessModes: ["ReadWriteOnce"]
resources:
requests:
storage: 10Gi
grafana:
persistence:
enabled: true
size: 2Gi
grafana.ini:
server:
root_url: https://grafana.badhouseplants.net
auth.generic_oauth:
name: Gitea
icon: signin
enabled: true
allow_sign_up: true
auto_login: false
client_id: 0ce70a7d-f267-44cc-9686-71048277e51d
scopes: openid profile email groups
empty_scopes: false
auth_url: https://git.badhouseplants.net/login/oauth/authorize
token_url: https://git.badhouseplants.net/login/oauth/access_token
api_url: https://git.badhouseplants.net/login/oauth/userinfo
tls_skip_verify_insecure: false
use_pkce: true
role_attribute_path: contains(groups, 'badhouseplants:owners') && 'Admin' || 'Viewer'
dashboardProviders:
dashboardproviders.yaml:
apiVersion: 1
providers:
- name: 'default'
orgId: 1
folder: ''
type: file
disableDeletion: true
editable: false
options:
path: /var/lib/grafana/dashboards/default
dashboards:
default:
gitea-dashboard:
gnetId: 13192
revision: 1
datasource: Prometheus
argo-dashboard:
gnetId: 14584
revision: 1
datasource: Prometheus
datasources:
loki.yaml:
apiVersion: 1
datasources:
- name: Loki
type: loki
access: proxy
uid: loki
editable: false
url: http://loki.monitoring-system:3100/
jsonData:
maxLines: 1000

5
arm-badhouseplants/values/values.promtail.yaml
View File

@ -1,5 +0,0 @@
---
config:
clients:
# - url: http://loki.monitoring-system:3100
- url: http://loki-gateway/loki/api/v1/push

7
arm-badhouseplants/values/values.redis.yaml
View File

@ -1,7 +0,0 @@
metrics:
enabled: false
architecture: standalone
master:
persistence:
enabled: false

12
badhouseplants/helmfile.yaml
View File

@ -7,6 +7,16 @@ releases:
namespace: drone-service namespace: drone-service
createNamespace: false createNamespace: false
- <<: *drone-runner-docker
installed: true
namespace: drone-service
createNamespace: false
- <<: *tekton-pipeline
installed: true
namespace: tekton-service
createNamespace: true
- <<: *longhorn - <<: *longhorn
installed: true installed: true
namespace: longhorn-system namespace: longhorn-system
@ -87,5 +97,3 @@ bases:
- ../environments.yaml - ../environments.yaml
- ../repositories.yaml - ../repositories.yaml
#helmfiles:
# - namespaces.yaml

28
badhouseplants/values/secrets.minecraft.yaml Normal file
View File

@ -0,0 +1,28 @@
minecraftServer:
rcon:
password: ENC[AES256_GCM,data:7kQAt4R+uN/28Uvn3KnJnOvOcCOf6FEaow==,iv:G20SygTZZ1O2DyPr+/f3XSC3bB4L5p/9CxZkPS5qibY=,tag:O2Ab+AC+Eho6MRm0vC9hHQ==,type:str]
mcbackup:
resticEnvs:
RESTIC_PASSWORD: ENC[AES256_GCM,data:mjrSV6d6a4ZvesYjobhHCVTngw5EQqesAKecSPVY,iv:WSk5V61opvccp/1bhbcO6S+8GcEYVlxk8l6nl++nxc4=,tag:wENZyx6IxJgswetDi8alZA==,type:str]
AWS_SECRET_ACCESS_KEY: ENC[AES256_GCM,data:+4HuGGHaZgPXLX3Sm6U=,iv:qMVfe2BzdJtvHYX7T/6WPt8kCNRdn02Ynew/q9QH1KA=,tag:7JwAloF6HPdBXTGC3kto4w==,type:str]
AWS_ACCESS_KEY_ID: ENC[AES256_GCM,data:yfS/LrX0,iv:HzZmzUOmI0vJ+vPkI2xn2F/w43/BKOGil+SLRwhcG0I=,tag:c+d8nyR5w5mU9F/H0zl/1A==,type:str]
sops:
kms: []
gcp_kms: []
azure_kv: []
hc_vault: []
age:
- recipient: age1vzkv97n2p7gfkw8dyx8ctz2kumattz89th2jq47zyjyrarmnssysdkw9v8
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBxTWUxY2hYT0dId2hsR0x1
MXFtRjlSelgwdUcyVnBUdlJ6Nng1UkNJaHg4Ckc5NXBORjBCZHQyc0lDTiswazNF
cGhKVFFNdlZnRWlxS05OTklOUDJDQjQKLS0tIDNWNDVVWXcxUW8yUHgrOTNkRkQ1
MGNDV2cvUUF3dWZHSlZNeVFDNXhzalkKubKuiiZuqoZTvRMr2FiUxnFUu+Pvj3Wf
pZTfZg9rnUukmV+kmwqQKcfoPNfeShhoAsszWwPM628cV9pq87I2/A==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2023-08-15T15:32:19Z"
mac: ENC[AES256_GCM,data:ghfbBqsdFzQaRehefvpnnFLxp6tYE1K36gXLyN7gdxlvZ20JRn+FMfeUm8IjNKl3fCH2aVdM18v+T4xBs4QSXAWH5R79+HPn6hl7kYXzGJKTdmddj6EFZFXajisIJa2eZpEKPk7uOT6YczcNxNKByKxgHxTXe7SYlIkE6CgLT9w=,iv:inXW7OxvQXPGO4mkJkd/SMVsTBWA+utso26VXb5yNdM=,tag:f/GBzkgI0zgInSdDbHICag==,type:str]
pgp: []
unencrypted_suffix: _unencrypted
version: 3.7.3

23
badhouseplants/values/secrets.tekton-pipeline.yaml Normal file
View File

@ -0,0 +1,23 @@
auth:
git:
password: ENC[AES256_GCM,data:X1wVDcAeDP9IY/Kry+pP3BayBFJJ4o4NxA==,iv:qVG9R033GKeQxaVpCpN3hUV9d6dGULceEPt70U5psX0=,tag:jgmc/T42T9/JH3PgN6v2qA==,type:str]
sops:
kms: []
gcp_kms: []
azure_kv: []
hc_vault: []
age:
- recipient: age1vzkv97n2p7gfkw8dyx8ctz2kumattz89th2jq47zyjyrarmnssysdkw9v8
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBEdmJzcTFKd1M2dUZyTmxZ
Mnljc1FCRk9tQUFyWUk4U21kYWR0MVMzSms4CjdCNTFONTJGU1B4bDBOQnp3NEtW
UDZpTkU4bWFrYVhiV0tUbGRmaTlPTUEKLS0tIHJmTkhGbTZiQkQzR2VHckRoVFVF
eUtWMXpDWlBwVE1zM1FOMklQd3BhZk0KvJBAxTdAQCHGDd7W2qv/31OblHrX7o0X
0GCL/z1dw+sG4GS0zwgxVu8jlGzWK8PCZjq5k8bMMzbbKtUNKiShuA==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2023-09-27T04:26:20Z"
mac: ENC[AES256_GCM,data:Hknt7Td7Tyx/c98Xf7dbsaGRLKO1zzZR34ZarkZtFVyvTcB0kxb5VWeJv+O215UAXEjPE7LUB2gHvhAtgLsAnek55stjZ84ifz923gMKB2ul18TeX4s0oqXyKvKZyv7SKPsVduSA4EutbrOnxLiZCmL8b/u0Y6scUH5pOe7aydg=,iv:vXvdvPE4n6ZYb0CXZZppWuvFFOlDEM2dMiiUwVTTTvE=,tag:gfNWefDG3cC1QzNGwgs5mQ==,type:str]
pgp: []
unencrypted_suffix: _unencrypted
version: 3.8.0

1
badhouseplants/values/values.funkwhale.yaml
View File

@ -53,3 +53,4 @@ redis:
host: redis-master.database-service.svc.cluster.local host: redis-master.database-service.svc.cluster.local
auth: auth:
enabled: true enabled: true
database: 3

4
badhouseplants/values/values.istio-ingressgateway.yaml
View File

@ -22,6 +22,10 @@ service:
port: 1194 port: 1194
protocol: TCP protocol: TCP
targetPort: 1194 targetPort: 1194
- name: tcp
port: 25
protocol: TCP
targetPort: 25
# ----------- # -----------
# -- Email # -- Email
# ----------- # -----------

50
badhouseplants/values/values.minecraft.yaml
View File

@ -30,10 +30,11 @@ istio:
image: image:
tag: java17-graalvm-ce tag: java17-graalvm-ce
pullPolicy: Always pullPolicy: Always
resources: resources:
requests: requests:
memory: 512Mi memory: 3Gi
cpu: 50m cpu: 256m
limits: limits:
memory: 3Gi memory: 3Gi
@ -42,6 +43,7 @@ lifecycle:
- bash - bash
- -c - -c
- for i in {1..100}; do mc-health && break || sleep 20; done && mc-send-to-console setpassword 11223345 - for i in {1..100}; do mc-health && break || sleep 20; done && mc-send-to-console setpassword 11223345
readinessProbe: readinessProbe:
command: command:
- mc-health - mc-health
@ -50,7 +52,9 @@ readinessProbe:
timeoutSeconds: 10 timeoutSeconds: 10
livenessProbe: livenessProbe:
timeoutSeconds: 10 timeoutSeconds: 10
minecraftServer: minecraftServer:
overrideServerProperties: true
eula: "TRUE" eula: "TRUE"
onlineMode: false onlineMode: false
difficulty: hard difficulty: hard
@ -58,10 +62,14 @@ minecraftServer:
version: 1.20.1 version: 1.20.1
maxWorldSize: 90000 maxWorldSize: 90000
type: "PAPER" type: "PAPER"
paperDownloadUrl: https://api.papermc.io/v2/projects/paper/versions/1.20.1/builds/100/downloads/paper-1.20.1-100.jar paperDownloadUrl: https://api.papermc.io/v2/projects/paper/versions/1.20.1/builds/170/downloads/paper-1.20.1-170.jar
gameMode: survival gameMode: survival
pvp: true pvp: true
memory: 2512M rcon:
enabled: true
withGeneratedPassword: false
port: 25575
serviceType: ClusterIP
extraPorts: extraPorts:
- name: metrics - name: metrics
containerPort: 9225 containerPort: 9225
@ -79,6 +87,28 @@ persistence:
dataDir: dataDir:
enabled: true enabled: true
Size: 15Gi Size: 15Gi
mcbackup:
enabled: true
backupInterval: 2h
pauseIfNoPlayers: "false"
pruneBackupsDays: 2
rconRetries: 5
rconRetryInterval: 10s
excludes: "*.jar,cache,logs"
backupMethod: restic
resticRepository: s3:https://s3.e.badhouseplants.net:443/restic/minecraft
resticAdditionalTags: "mc_backups"
pruneResticRetention: "--keep-last 12 --keep-daily 1 --keep-weekly 2 --keep-monthly 2 --keep-yearly 2"
resources:
requests:
memory: 512Mi
cpu: 100m
persistence:
backupDir:
enabled: false
# ---------------------------------------------
# -- Install Plugins
# ---------------------------------------------
initContainers: initContainers:
- name: install-prometheus-exporter - name: install-prometheus-exporter
image: alpine/curl image: alpine/curl
@ -104,6 +134,18 @@ initContainers:
- name: plugins - name: plugins
mountPath: /data/plugins mountPath: /data/plugins
readOnly: false readOnly: false
- name: install-gravity-control-plugin
image: alpine/curl
command:
- curl
- -L
- https://github.com/e-im/GravityControl/releases/download/v1.3.0/GravityControl-1.3.0.jar
- -o
- /data/plugins/GravityControl-1.3.0.jar
volumeMounts:
- name: plugins
mountPath: /data/plugins
readOnly: false
extraVolumes: extraVolumes:
- volumeMounts: - volumeMounts:
- name: plugins - name: plugins

1
badhouseplants/values/values.mysql.yaml
View File

@ -4,4 +4,3 @@ primary:
auth: auth:
createDatabase: false createDatabase: false

25
badhouseplants/values/values.openvpn.yaml
View File

@ -13,10 +13,31 @@ istio:
hostname: "*" hostname: "*"
service: openvpn service: openvpn
port: 1194 port: 1194
- name: openvpn-tcp-fake-port
gateway: badhouseplants-vpn
kind: tcp
port_match: 25
hostname: "*"
service: openvpn
port: 1194
# ------------------------------------------
image:
tag: v2.6.5-xor-4.0.0beta08
storage:
class: longhorn
size: 512Mi
storageClassName: longhorn
openvpn: openvpn:
server: "tcp://195.201.250.50:1194" proto: tcp
host: 195.201.250.50
easyrsa:
cn: Bad Houseplants
country: Germany
province: NRW
city: Duesseldorf
org: Bad Houseplants
email: allanger@zohomail.com
service: service:
type: ClusterIP type: ClusterIP
port: 1194 port: 1194

4
badhouseplants/values/values.tekton-pipeline.yaml Normal file
View File

@ -0,0 +1,4 @@
auth:
git:
username: tekton
url: https://git.badhouseplants.net

7
docs/restic.md Normal file
View File

@ -0,0 +1,7 @@
# Restic
We are using restic for backing up the Minecraft server
## How to restore
TODO: Describe the restoration process

2
environments.yaml
View File

@ -3,5 +3,3 @@ environments:
kubeContext: badhouseplants kubeContext: badhouseplants
etersoft: etersoft:
kubeContext: etersoft kubeContext: etersoft
arm-badhouseplants:
kubeContext: arm-badhouseplants

5
etersoft/helmfile.yaml
View File

@ -0,0 +1,5 @@
---
bases:
- ../environments.yaml
- ../repositories.yaml

22
etersoft/values/secrets.drone-runner-docker.yaml
View File

@ -1,22 +0,0 @@
env:
DRONE_RPC_SECRET: ENC[AES256_GCM,data:RAZbnTrv9PxiCLLqjKWBtFWd+Nzqma8Zw+NuKRLO,iv:IiFcTQGUmYa6UCBzx1yTDd0zwB6D1Cv0raXZxLXm1qA=,tag:83bnBW+MhkKehZfso3g+/g==,type:str]
sops:
kms: []
gcp_kms: []
azure_kv: []
hc_vault: []
age:
- recipient: age1vzkv97n2p7gfkw8dyx8ctz2kumattz89th2jq47zyjyrarmnssysdkw9v8
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBOVk0yaTlySHpuOWFFT3J5
Z210NzJPTmV0akdFQ1REM1JzK0pwTC9XWjJJCm54QmQ3ODJwakZuamMzYTBIeEJi
aUxKNmQ3dU52V2N2cjl5VTJpTTAwWGsKLS0tIDFyR2o2VnQ4QWFCWWRzZGNMZnNQ
em1VMlhBNGRrVFhXVUVRdU16Q1Q4bUEKvZ6UbZsfdvfCk37FlEN4vg0RTnPO2nwh
DY4klzcan+9DBRT2qdIIy6pj94GuSoXKXEYc9X0AvYab/HoLithMWA==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2023-05-21T09:27:21Z"
mac: ENC[AES256_GCM,data:U2JETtW0lbb2znJBupGMPsab13y5M1v1N0wkFxEBs+YVNFhnkvIqSZiY5mq9KTYiY4tRzw1kV+jqP0jNsODekCI1++4NBuQsGSZFUoTERHgTRlnz1aAS+nf39lvYnWyQxsQmw9vY/GQ/yluBJkOEV/EoIF3wHjxZe1HCBIViPyk=,iv:WMj7aSgW8LdNQbOgC4FcyOtR/3gjckiHO8vlZGdiTeY=,tag:Xty2QVLJ/D2dlzQY13od5w==,type:str]
pgp: []
unencrypted_suffix: _unencrypted
version: 3.7.3

16
etersoft/values/values.drone-runner-docker.yaml
View File

@ -1,16 +0,0 @@
---
env:
DRONE_RPC_HOST: drone.badhouseplants.net
DRONE_RPC_PROTO: https
DRONE_NAMESPACE_DEFAULT: drone-service
rbac:
buildNamespaces:
- drone-service
dind:
resources:
limits:
cpu: 2000m
memory: 2024Mi
requests:
cpu: 100m
memory: 512Mi

6
etersoft/values/values.minio.yaml
View File

@ -71,6 +71,8 @@ policies:
- resources: - resources:
- 'arn:aws:s3:::longhorn/*' - 'arn:aws:s3:::longhorn/*'
- 'arn:aws:s3:::longhorn' - 'arn:aws:s3:::longhorn'
- 'arn:aws:s3:::restic/*'
- 'arn:aws:s3:::restic'
actions: actions:
- "s3:DeleteObject" - "s3:DeleteObject"
- "s3:GetObject" - "s3:GetObject"
@ -81,6 +83,10 @@ buckets:
policy: none policy: none
purge: false purge: false
versioning: false versioning: false
- name: restic
policy: none
purge: false
versioning: false
metrics: metrics:
serviceMonitor: serviceMonitor:
enabled: false enabled: false

4
etersoft/values/values.openvpn.yaml
View File

@ -14,7 +14,9 @@ istio:
service: openvpn service: openvpn
port: 1194 port: 1194
storageClassName: microk8s-hostpath storage:
class: microk8s-hostpath
size: 5Gi
openvpn: openvpn:
server: "tcp://91.232.225.63:1194" server: "tcp://91.232.225.63:1194"
service: service:

20
helmfile.yaml
View File

@ -9,48 +9,42 @@ releases:
- <<: *metrics-server - <<: *metrics-server
installed: true installed: true
namespace: kube-system namespace: kube-system
createNamespace: true createNamespace: false
- <<: *istio-base - <<: *istio-base
installed: true installed: true
namespace: istio-system namespace: istio-system
createNamespace: true createNamespace: false
- <<: *istio-gateway - <<: *istio-gateway
installed: true installed: true
namespace: istio-system namespace: istio-system
createNamespace: true createNamespace: false
- <<: *istiod - <<: *istiod
installed: true installed: true
namespace: istio-system namespace: istio-system
createNamespace: true createNamespace: false
- <<: *cert-manager - <<: *cert-manager
installed: true installed: true
namespace: cert-manager namespace: cert-manager
createNamespace: true createNamespace: false
- <<: *minio - <<: *minio
installed: true installed: true
namespace: minio-service namespace: minio-service
createNamespace: true createNamespace: false
- <<: *openvpn - <<: *openvpn
installed: true installed: true
namespace: openvpn-service namespace: openvpn-service
createNamespace: true createNamespace: false
- <<: *metallb - <<: *metallb
installed: true installed: true
namespace: metallb-system namespace: metallb-system
createNamespace: true createNamespace: true
- <<: *drone-runner-docker
installed: true
namespace: drone-service
createNamespace: true
helmfiles: helmfiles:
- path: {{.Environment.Name }}/helmfile.yaml - path: {{.Environment.Name }}/helmfile.yaml

17
manifests/debug/istio-stuff.yaml
View File

@ -1,17 +0,0 @@
apiVersion: networking.istio.io/v1alpha3
kind: EnvoyFilter
metadata:
name: proxy-protocol
namespace: istio-system
spec:
workloadSelector:
labels:
istio: ingressgateway
configPatches:
- applyTo: LISTENER
patch:
operation: MERGE
value:
listener_filters:
- name: envoy.listener.proxy_protocol

17
manifests/debug/proxy-prot.yaml
View File

@ -1,17 +0,0 @@
apiVersion: networking.istio.io/v1alpha3
kind: EnvoyFilter
metadata:
name: proxy-protocol
namespace: istio-system
spec:
configPatches:
- applyTo: LISTENER
patch:
operation: MERGE
value:
listener_filters:
- name: envoy.listener.proxy_protocol
- name: envoy.listener.tls_inspector
workloadSelector:
labels:
istio: ingressgateway

83
manifests/debug/test.yaml
View File

@ -1,83 +0,0 @@
apiVersion: networking.istio.io/v1alpha3
kind: Gateway
metadata:
name: httpbin-gateway
spec:
selector:
istio: ingressgateway
servers:
- port:
number: 80
name: http
protocol: HTTP2
hosts:
- "test.badhouseplants.net"
- hosts:
- "test.badhouseplants.net"
port:
name: https
number: 443
protocol: HTTPS
tls:
credentialName: badhouseplants-wildcard-tls
mode: SIMPLE
---
apiVersion: networking.istio.io/v1alpha3
kind: VirtualService
metadata:
name: httpbin
spec:
hosts:
- "test.badhouseplants.net"
gateways:
- httpbin-gateway
http:
- route:
- destination:
host: httpbin
port:
number: 8000
---
apiVersion: v1
kind: ServiceAccount
metadata:
name: httpbin
---
apiVersion: v1
kind: Service
metadata:
name: httpbin
labels:
app: httpbin
service: httpbin
spec:
ports:
- name: http
port: 8000
targetPort: 80
selector:
app: httpbin
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: httpbin
spec:
replicas: 1
selector:
matchLabels:
app: httpbin
version: v1
template:
metadata:
labels:
app: httpbin
version: v1
spec:
serviceAccountName: httpbin
containers:
- image: docker.io/kong/httpbin
imagePullPolicy: IfNotPresent
name: httpbin
ports:
- containerPort: 80

80
manifests/git_clone.yaml Normal file
View File

@ -0,0 +1,80 @@
apiVersion: tekton.dev/v1beta1
kind: Task
metadata:
name: git-clone-repo
namespace: tekton-jobs
spec:
workspaces:
- name: src
mountPath: /src
params:
- name: url
steps:
- name: Git Clone
image: alpine/git
script: |
#!/bin/bash
---
apiVersion: tekton.dev/v1beta1
kind: Task
metadata:
name: write
namespace: tekton-jobs
spec:
workspaces:
- name: src
mountPath: /custom/path/relative/to/root
steps:
- name: goodbye
image: ubuntu
script: |
#!/bin/bash
cat $(workspaces.src.path)/check
---
apiVersion: tekton.dev/v1beta1
kind: Pipeline
metadata:
name: hello-goodbye
namespace: tekton-jobs
spec:
tasks:
- name: read
taskRef:
name: read
workspaces:
- name: src
workspace: src
- name: write
runAfter:
- read
taskRef:
name: read
workspaces:
- name: src
workspace: src
workspaces:
- name: src
---
apiVersion: tekton.dev/v1beta1
kind: PipelineRun
metadata:
name: hello-goodbye-run
namespace: tekton-jobs
spec:
pipelineRef:
name: hello-goodbye
namespace: tekton-jobs
params:
- name: username
value: "Tekton"
workspaces:
- name: src
volumeClaimTemplate:
spec:
accessModes:
- ReadWriteOnce # access mode may affect how you can use this volume in parallel tasks
resources:
requests:
storage: 1Gi

3
manifests/badhouseplants-ip.yaml → manifests/metallb/badhouseplants-ip.yaml
View File

@ -1,5 +1,4 @@
# addresspool.yaml # addresspool.yaml
---
apiVersion: metallb.io/v1beta1 apiVersion: metallb.io/v1beta1
kind: IPAddressPool kind: IPAddressPool
metadata: metadata:
@ -7,4 +6,4 @@ metadata:
namespace: metallb-system namespace: metallb-system
spec: spec:
addresses: addresses:
- 195.201.250.50-195.201.250.50 - 195.201.250.50-195.201.250.50

3
manifests/etersoft-ip.yaml → manifests/metallb/etersoft-ip.yaml
View File

@ -1,5 +1,4 @@
# addresspool.yaml # addresspool.yaml
---
apiVersion: metallb.io/v1beta1 apiVersion: metallb.io/v1beta1
kind: IPAddressPool kind: IPAddressPool
metadata: metadata:
@ -7,4 +6,4 @@ metadata:
namespace: metallb-system namespace: metallb-system
spec: spec:
addresses: addresses:
- 91.232.225.63-91.232.225.63 - 91.232.225.63-91.232.225.63

13
manifests/tekton/cdh.yaml Normal file
View File

@ -0,0 +1,13 @@
apiVersion: tekton.dev/v1beta1
kind: Task
metadata:
name: check-da-helm
namespace: tekton-pipelines
spec:
params:
- name: environment
type: string
steps:
- name: check-da-helm
image: ghcr.io/allanger/check-da-helm-helmfile-secrets:stable
script: "cdh --kind helmfile -p helmfile.yaml --helmfile-environment \n"

13
manifests/tekton/gitea-event-listener.yaml Normal file
View File

@ -0,0 +1,13 @@
---
apiVersion: triggers.tekton.dev/v1beta1
kind: EventListener
metadata:
name: gitea-webhook
spec:
serviceAccountName: pipeline
triggers:
- name: tekton-greeter-webhook
bindings:
- ref: gitea-triggerbinding
template:
ref: tekton-greeter-trigger-template

0
message_file.tpl Normal file
View File

73
releases.yaml
View File

@ -26,6 +26,33 @@ templates:
args: args:
- -c - -c
- "helm show crds {{ .Release.Chart }} --version {{ .Release.Version }} | kubectl delete -f - || true" - "helm show crds {{ .Release.Chart }} --version {{ .Release.Version }} | kubectl delete -f - || true"
tekton-triggers-hook:
hooks:
- events: ["preapply"]
showlogs: true
command: "sh"
args:
- -c
- |
kubectl apply -f https://storage.googleapis.com/tekton-releases/triggers/previous/v0.25.0/release.yaml \
&& kubectl apply -f https://storage.googleapis.com/tekton-releases/triggers/previous/v0.25.0/interceptors.yaml
- events: ["prepare"]
showlogs: true
command: "sh"
args:
- -c
- |
kubectl diff -f https://storage.googleapis.com/tekton-releases/triggers/previous/v0.25.0/release.yaml || true \
&& kubectl diff -f https://storage.googleapis.com/tekton-releases/triggers/previous/v0.25.0/interceptors.yaml || true
- events: ["postuninstall"]
showlogs: true
command: "sh"
args:
- -c
- |
kubectl delete -f https://storage.googleapis.com/tekton-releases/triggers/previous/v0.25.0/release.yaml \
&& kubectl delete -f https://storage.googleapis.com/tekton-releases/triggers/previous/v0.25.0/interceptors.yaml
# ---------------------------- # ----------------------------
# -- Configs # -- Configs
# ---------------------------- # ----------------------------
@ -94,12 +121,12 @@ templates:
metallb: &metallb metallb: &metallb
name: metallb name: metallb
chart: metallb/metallb chart: metallb/metallb
version: 0.13.10 version: 0.13.11
cert-manager: &cert-manager cert-manager: &cert-manager
name: cert-manager name: cert-manager
chart: jetstack/cert-manager chart: jetstack/cert-manager
version: 1.12.3 version: 1.12.4
set: set:
- name: installCRDs - name: installCRDs
value: true value: true
@ -113,7 +140,7 @@ templates:
argocd: &argocd argocd: &argocd
name: argocd name: argocd
chart: argo/argo-cd chart: argo/argo-cd
version: 5.42.2 version: 5.46.2
inherit: inherit:
- template: default-env-values - template: default-env-values
- template: default-env-secrets - template: default-env-secrets
@ -126,7 +153,7 @@ templates:
prometheus: &prometheus prometheus: &prometheus
name: prometheus name: prometheus
chart: prometheus-community/kube-prometheus-stack chart: prometheus-community/kube-prometheus-stack
version: 48.3.1 version: 51.0.0
inherit: inherit:
- template: monitoring-common - template: monitoring-common
- template: default-env-values - template: default-env-values
@ -137,7 +164,7 @@ templates:
loki: &loki loki: &loki
name: loki name: loki
chart: grafana/loki chart: grafana/loki
version: 5.10.0 version: 5.20.0
inherit: inherit:
- template: monitoring-common - template: monitoring-common
- template: default-env-values - template: default-env-values
@ -145,7 +172,7 @@ templates:
promtail: &promtail promtail: &promtail
name: promtail name: promtail
chart: grafana/promtail chart: grafana/promtail
version: 6.14.1 version: 6.15.1
inherit: inherit:
- template: monitoring-common - template: monitoring-common
- template: default-env-values - template: default-env-values
@ -155,7 +182,7 @@ templates:
istio-common: istio-common:
labels: labels:
bundle: istio bundle: istio
version: 1.18.2 version: 1.19.0
istio-base: &istio-base istio-base: &istio-base
name: istio-base name: istio-base
@ -183,8 +210,8 @@ templates:
# ---------------------------- # ----------------------------
openvpn: &openvpn openvpn: &openvpn
name: openvpn name: openvpn
chart: allanger-charts/openvpn chart: allanger-gitea/openvpn
version: 1.0.3 version: 1.0.6
inherit: inherit:
- template: default-env-values - template: default-env-values
- template: ext-istio-resource - template: ext-istio-resource
@ -197,7 +224,7 @@ templates:
drone: &drone drone: &drone
name: drone name: drone
chart: drone/drone chart: drone/drone
version: 0.6.4 version: 0.6.5
inherit: inherit:
- template: default-env-values - template: default-env-values
- template: default-env-secrets - template: default-env-secrets
@ -213,10 +240,19 @@ templates:
- template: default-env-secrets - template: default-env-secrets
- template: drone-common - template: drone-common
tekton-pipeline: &tekton-pipeline
name: tekton-pipeline
chart: cdf/tekton-pipeline
version: 1.0.2
inherit:
- template: default-env-values
- template: default-env-secrets
- template: tekton-triggers-hook
nrodionov: &nrodionov nrodionov: &nrodionov
name: nrodionov name: nrodionov
chart: bitnami/wordpress chart: bitnami/wordpress
version: 17.0.4 version: 17.1.7
inherit: inherit:
- template: default-env-values - template: default-env-values
- template: default-env-secrets - template: default-env-secrets
@ -235,15 +271,16 @@ templates:
minecraft: &minecraft minecraft: &minecraft
name: minecraft name: minecraft
chart: minecraft-server-charts/minecraft chart: minecraft-server-charts/minecraft
version: 4.9.3 version: 4.9.6
inherit: inherit:
- template: default-env-values - template: default-env-values
- template: default-env-secrets
- template: ext-istio-resource - template: ext-istio-resource
gitea: &gitea gitea: &gitea
name: gitea name: gitea
chart: gitea/gitea chart: gitea/gitea
version: 9.1.0 version: 9.4.0
inherit: inherit:
- template: default-env-values - template: default-env-values
- template: default-env-secrets - template: default-env-secrets
@ -253,7 +290,7 @@ templates:
funkwhale: &funkwhale funkwhale: &funkwhale
name: funkwhale name: funkwhale
chart: ananace-charts/funkwhale chart: ananace-charts/funkwhale
version: 2.0.1 version: 2.0.3
inherit: inherit:
- template: default-env-values - template: default-env-values
- template: default-env-secrets - template: default-env-secrets
@ -282,7 +319,7 @@ templates:
redis: &redis redis: &redis
name: redis name: redis
chart: bitnami/redis chart: bitnami/redis
version: 17.14.6 version: 18.0.4
inherit: inherit:
- template: default-env-values - template: default-env-values
- template: default-env-secrets - template: default-env-secrets
@ -290,7 +327,7 @@ templates:
postgres: &postgres postgres: &postgres
name: postgres name: postgres
chart: bitnami/postgresql chart: bitnami/postgresql
version: 12.8.0 version: 12.11.1
inherit: inherit:
- template: default-env-values - template: default-env-values
- template: default-env-secrets - template: default-env-secrets
@ -298,7 +335,7 @@ templates:
db-operator: &db-operator db-operator: &db-operator
name: db-operator name: db-operator
chart: db-operator/db-operator chart: db-operator/db-operator
version: 1.9.1 version: 1.10.1
db-instances: &db-instances db-instances: &db-instances
name: db-instances name: db-instances
@ -311,7 +348,7 @@ templates:
mysql: &mysql mysql: &mysql
name: mysql name: mysql
chart: bitnami/mysql chart: bitnami/mysql
version: 9.10.10 version: 9.12.2
inherit: inherit:
- template: default-env-values - template: default-env-values
- template: default-env-secrets - template: default-env-secrets

6
repositories.yaml
View File

@ -2,8 +2,6 @@
repositories: repositories:
- name: metrics-server - name: metrics-server
url: https://kubernetes-sigs.github.io/metrics-server/ url: https://kubernetes-sigs.github.io/metrics-server/
- name: allanger-charts
url: https://allanger.github.io/allanger-charts
- name: jetstack - name: jetstack
url: https://charts.jetstack.io url: https://charts.jetstack.io
- name: istio - name: istio
@ -37,4 +35,6 @@ repositories:
- name: db-operator - name: db-operator
url: https://db-operator.github.io/charts url: https://db-operator.github.io/charts
- name: allanger-gitea - name: allanger-gitea
url: https://git.badhouseplants.net/api/packages/allanger/helm url: https://git.badhouseplants.net/api/packages/allanger/helm
- name: cdf
url: https://cdfoundation.github.io/tekton-helm-chart/