diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index ecdf6b4..12634c4 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -8,9 +8,10 @@ repos: hooks: - id: yamlfmt exclude: | - (?x)^( - .*secrets.*yaml - )$ + (?x)( + ^charts/| + ^.*secrets.*yaml| + ) # - repo: https://github.com/codespell-project/codespell # rev: v2.2.4 # hooks: diff --git a/charts/namespaces/chart/templates/namespaces.yaml b/charts/namespaces/chart/templates/namespaces.yaml index 3e87e83..830bd41 100644 --- a/charts/namespaces/chart/templates/namespaces.yaml +++ b/charts/namespaces/chart/templates/namespaces.yaml @@ -15,5 +15,16 @@ metadata: {{- with $ns.annotations}} {{- toYaml . | nindent 4 }} {{- end }} +{{- if $ns.defaultRegcred }} +--- +apiVersion: v1 +kind: Secret +type: kubernetes.io/dockerconfigjson +metadata: + name: regcred + namespace: {{ $ns.name }} +data: + .dockerconfigjson: {{ $.Values.defaultRegcred }} +{{- end }} {{- end }} {{- end }} diff --git a/installations/platform/helmfile.yaml b/installations/platform/helmfile.yaml index f2135a7..97e6237 100644 --- a/installations/platform/helmfile.yaml +++ b/installations/platform/helmfile.yaml @@ -1,4 +1,4 @@ -bases: +1ybases: - ../../common/environments.yaml - ../../common/templates.yaml diff --git a/installations/system/helmfile.yaml b/installations/system/helmfile.yaml index 1a9f8c6..2e1614d 100644 --- a/installations/system/helmfile.yaml +++ b/installations/system/helmfile.yaml @@ -25,7 +25,8 @@ repositories: url: git+https://github.com/rancher/local-path-provisioner@deploy/chart?ref=master - name: istio url: https://istio-release.storage.googleapis.com/charts - + - name: zot + url: https://zotregistry.dev/helm-charts/ releases: - name: namespaces chart: '{{ requiredEnv "PWD" }}/charts/namespaces/chart' @@ -33,6 +34,7 @@ releases: createNamespace: false inherit: - template: default-env-values + - template: default-env-secrets - name: roles chart: '{{ requiredEnv "PWD" }}/charts/roles' @@ -181,3 +183,13 @@ releases: - template: default-env-values needs: - istio-system/istio-base + + - name: zot-mirror + chart: zot/zot + version: 0.1.67 + createNamespace: false + installed: true + namespace: kube-system + inherit: + - template: default-env-values + - template: default-env-secrets diff --git a/values/badhouseplants/secrets.gitea.yaml b/values/badhouseplants/secrets.gitea.yaml index 982e5ae..362888b 100644 --- a/values/badhouseplants/secrets.gitea.yaml +++ b/values/badhouseplants/secrets.gitea.yaml @@ -1,33 +1,33 @@ gitea: admin: - username: ENC[AES256_GCM,data:XdPhs58Q9gw=,iv:OC1PBo59fDJoGapR5ddOJ3aP//lIp2O+IUFxZ7p8Y2U=,tag:xubvAEW/Fn+oyhxvsUfU+A==,type:str] - password: ENC[AES256_GCM,data:FLIa8F0y596vVOM6ih9sHl9r4VM=,iv:lXzCTCA0g2hjia4NSfrUhfXL6Pr7UkSQRcXxbnWg1do=,tag:a1iRT01JWuEH0B9N5U3DuQ==,type:str] + username: ENC[AES256_GCM,data:u1KcCwDNplU=,iv:s9mWKPTz+8rFKS2RmFPxCGOIPXFHLvLX3v0t+DemDEU=,tag:MmGR2LqDmHw10uJdPe/tSw==,type:str] + password: ENC[AES256_GCM,data:mBhL52UJwOwWpRGRfc5WNAvYwHo=,iv:hGt1kGA2miwzMidwD0AT62oXs1CAwAFpKk3XltqsCz8=,tag:bfhsQxef8cKEes1JkTQw/w==,type:str] config: storage: - MINIO_SECRET_ACCESS_KEY: ENC[AES256_GCM,data:PF4yojmx0lgNT2dKVyCXwY5HTScbiIN5Zg==,iv:6LQ7S5DHmk9yo4GkhvWt7uDkGrCfPdI7K/VuGtWmX+w=,tag:YiFcVaAwSw7ymw430IAjgQ==,type:str] + MINIO_SECRET_ACCESS_KEY: ENC[AES256_GCM,data:5VjeSHLIDvZB/VE7OJ1eqWOnT5NU64om0g==,iv:OFK7MYlb9QfV4ZHIECa3vHG9pBp1TCGSqqUJX3D7uGE=,tag:Ibmihyp3TXarFtr/tDtEEQ==,type:str] mailer: - PASSWD: ENC[AES256_GCM,data:3IHYRUj0jgojliVqfZAHXHnL0jqX4zz/gQ==,iv:jnJhJVQKDdpf/2zkJBOh+J5KPfQ8HMNqcdegzw4wsos=,tag:iV4FCaR7yv4/2o30Bk0mOg==,type:str] + PASSWD: ENC[AES256_GCM,data:lIv1/BEEkouDVqNy4u+u7WCY4zz3ow7fWg==,iv:we77bHyHyAYCMxFGG13sE/M+5Tv2VeYfrg9bsa3leec=,tag:TOltFQbhrXMJW5w5x27YjQ==,type:str] database: - PASSWD: ENC[AES256_GCM,data:hRcButljKxyK2kpkHEOOVVcc+/o=,iv:2gXfHlveKVZJivb+x52Ntqx2io679rSTOddb+N0lSFc=,tag:QAV1d/NhYpdcueyEO8/Zmg==,type:str] + PASSWD: ENC[AES256_GCM,data:a3AV8QMYOxlWiU7G1DRCaOSdHKA=,iv:3ZCwEMo3/3rmGJXgDr/Pw+rNQBU14rUKQ7330otX1qQ=,tag:KjwexsLkYaHsTdXoHwXBJA==,type:str] session: - PROVIDER_CONFIG: ENC[AES256_GCM,data:UFPgJIBlAiiWvE+kxb3zSqkqLONQoWbgyiORYnQUPhH/CICGmI/zuxxlkSKTHk3EPhV0Zd3zaG1chI8jpYX1d0y8pBdHg9IncsolGncj4P4jgiS0p7yup1e0yWHBmbyCwEErFr7h//TDC1zojcdoCuViZSMEfg89,iv:gSiTMscOca0mIC7JJx4SQIaMFvoTZkHHJUynHubgr7w=,tag:JFTdwuqtkvBiHLMXC0PsBA==,type:str] + PROVIDER_CONFIG: ENC[AES256_GCM,data:nPtmi3wG3+wVkyb+IV832he9rUo2TRRx6cTqvGdVSIZMfcfUvS4rmSH7CQ28OYK6f+WEKs8PkjfrBzEP1mPFHC5eRQfg4ryaqM7eWmHaJipcg4h2nzH9ii6FXyYtmm2zFsTnodOJryEo0T/nMaGhEt7+eylCL+L4,iv:8UFjsAEtMjMqyC9Ib3ipoqpshFrsdE9d3dg7Cewv7dU=,tag:gGVNGk66/Kr/dZ6B3wbD4A==,type:str] cache: - HOST: ENC[AES256_GCM,data:JVIJ/OUU+mxzHVdHhtiOgs4kq5xkpdy8xSedpVjw+L7PkhPjVtGyQ6KNhM04Yqe2CbdLJJQWks2gcYnVp3l7Lmf1OXND5IOhfzzuO2tcZkClqww4KSEGuOoUz2nb3U3TEt5sFQtsPMruEnEqD+qhtz5P+TQrSsxX,iv:6ACIES1T71UH9nW5bCnvL2V8kVr+rxPs3uy/7fh0g94=,tag:bjJVglzPvDAeEdZ5lafU9g==,type:str] + HOST: ENC[AES256_GCM,data:tXEIBKqGyeuAc/adO6DjcyAAGgcIuwxJ8T0Zsi1xMy3I3gXbzeTG6XwyAesiUoHifoYTpn3wWbf+pIh8KtGFXb58UcEOgHmnADPWALiXKFoZmvtHDL+JEjOjd0tyoskJNf4Oi4BckJDnfpYuMqJW9qcQbsxlB1My,iv:kJ7XRqvUVEGUC9aAPYO+1oZA3QPc/SE9apaeTgLf3wA=,tag:525IBTPiuZIkAxAIiRE35w==,type:str] queue: - CONN_STR: ENC[AES256_GCM,data:a3Ye/OgqUxGhysskzfSwP2IVCpt1oMegema+oW0s6OaD5POXho+vTUiutEV33ruk07PtBi6zYnukoAXVlT5l2xVfvWLKebDT56Jc0K+k0fmzO5R0tcvyg6c3DaoEdfcs7ih4OXGfgD8bCmMCGHUtYZnHYqACMLUQ,iv:1xryG/UYu7zm3zhx/bvtYf23E8xNDHmi8Us0FCKgZg8=,tag:FwLJvK+uWQvmIYmmp4IjQQ==,type:str] + CONN_STR: ENC[AES256_GCM,data:Z1+u7JAcgNXkrO80YC2bMDk5VMyTFRAxDPc75ZPKbaD5+nsWQusvnHTS68rAu/WT21xAFpny7geERIOEZIewpucNoCTlqHVfJu/tsl40qMoBfjEWuwfaRM+AlNaXm5USTXkk+alQ3eJ2KIIhfhY1cd1yohRoKvAd,iv:bmLkzWqR8SwHLgWG6SWdeNr1w0fcZP8qNRlhfQfvJqs=,tag:QY5A8YGy0+3BnWSLBcsK5w==,type:str] oauth: - - name: ENC[AES256_GCM,data:1HbV3MFK,iv:87vcJ57cwyfXIvfTG5lbn8NXl2OxwzXTwJuja8N8ozs=,tag:CTsu4f+GE3d8H4Mu+G1ZvA==,type:str] - provider: ENC[AES256_GCM,data:bB0yq9oJ,iv:icFjcFRPU6yLoToqz+L2dsC61tClM3y9RuWt1ORjAio=,tag:gCiMVVT1gA6UfyrMkYrPMw==,type:str] - key: ENC[AES256_GCM,data:Yr9hJMRpeFa8CvbELFy7PhS5E7A=,iv:lwRygPesEp50MWM04RpRP7ARIiuoLXlIfxjx6R7X5y4=,tag:Zl7mivC9/BvyUCl/UGqw6g==,type:str] - secret: ENC[AES256_GCM,data:hShUsbiZjHcYkPHx3YG0UekTM+HsrmT30R0Qa0/6WWIXjn0PoZqBWQ==,iv:CfbPvj+H0VpmhRPoPsHus1eUmPC06u313PqJ/cO7QtM=,tag:5EhZbN6ylXhmCjWaHIq70A==,type:str] - - name: ENC[AES256_GCM,data:dkrcYEhE/0qh,iv:rmRZLqFJ6IJ2D4cXhe0VfKE/Fn33aJ+0JzccT23Uayc=,tag:vF82viM5iPIuXVkVDofcGg==,type:str] - provider: ENC[AES256_GCM,data:z4By7Eq1cS1z4f3l9g==,iv:WBAvO3PutqxzhSrkFVPVTexf1FhTLYA3ej55uis/7sQ=,tag:oo2Mxh2h66Fny2r3tY2rdQ==,type:str] - skip_local_2fa: ENC[AES256_GCM,data:K0Zwsw==,iv:h9u4eCWadGKzXQzdCGLhmVQUub77YbVCujYEVGUIa90=,tag:oFOxu6VQnOOorB77MlmnkQ==,type:str] - key: ENC[AES256_GCM,data:kV0u7XE=,iv:KUOrvGVCB9R2OaPPy1N2fMNXneuSdnyl3a+JHlxN7Cw=,tag:XH/v7NFfkjGIkffICmHVhQ==,type:str] - secret: ENC[AES256_GCM,data:mOfvg3DO+/hjsvyzugeEfQejYPA2Yy89dlMvgrzMBeeTKkx8btB9wpMzKiSCMr3tAyIyqrxpdhJ0OxCMhH8gQJcC/FeE8SkYtRW3/gGqgodDjDyWAFOMufnvlsxM8z9zKEroH85GU+RLvzXp3Ylj3GMb1mooNutz6NDle1OHFTM=,iv:fUrf8JHUS+44mp+mtpw0jpZrNA+8YmsTU5NgmWOBT7g=,tag:1S2gNFUf0VheDta7pNgnzA==,type:str] - autoDiscoverUrl: ENC[AES256_GCM,data:XhZD57N1lMKvWUJtE1mMAw8TiECqGKHc6V7a4GjlG9hI51AeVPMeUtn5NhPj15ChjazDRWooZUQIYwNhaOMMtZ0OB+vW2eELo84y+islxPtzTm3gPdX2wtw=,iv:PTcNXkBCqh2F2fAzvxKZt++Yi3lnwetNWrfSgrrpeNE=,tag:OBRmdS+/rGViObEZozl2bg==,type:str] - iconUrl: ENC[AES256_GCM,data:VKrfFl5XZTPHGX+05Byw+h8tEb25NWoHSnws5dylc8XMlARq30LIFPMftuCAJ9Ig3oLqH5LIyDH59Bcy/pEBw3osw8jaow==,iv:iZGR4UvZv+YrjURsax7SDXx4HwtDXbn+G6oUVRWV9xA=,tag:x2mxauopN+vjuUjkZyAjBw==,type:str] - scopes: ENC[AES256_GCM,data:3TejcQxM0K60YVGJwA==,iv:R/E0Xfe9nI343TyOO/1FycvFXg6sP4j2DZrb05SuK8o=,tag:TAkoBe7LSRfdRz3UIlvZzQ==,type:str] + - name: ENC[AES256_GCM,data:7KhuIzC/,iv:nn4bNQ1/tBiqjnQxcyocZd0h/54mH+LlRtiAjWuPCOc=,tag:e+55SHN49Q6NzT7KSsh52A==,type:str] + provider: ENC[AES256_GCM,data:+TrDQq3Z,iv:AAwjnHG40IKAkSPO5gzwEC745NH+Y5BgZIiJJ5Z2+AE=,tag:DENE8aAHAG9DZhkPmZWYVQ==,type:str] + key: ENC[AES256_GCM,data:uOY9iM/dAkhGbWSsUbmN5rnbqUY=,iv:BQ3KjcHN1jJG28RkjjhsTgWm+lHmHzYS4/P4Vlp89hs=,tag:HY3fZysu7sCdyoR0TuRd6A==,type:str] + secret: ENC[AES256_GCM,data:5s12mFDJJLPRg/IsypTx/BpvobX0hluTSddTaCQ0SgYjt4lthZDGGg==,iv:ojiXiVQ7BFUNO2ukAK0ygUTu6KVDKu8AMVmHfBw8Ii0=,tag:0zcD8iNT8iutij1C+Hk7Hg==,type:str] + - name: ENC[AES256_GCM,data:S/RV60Bc3/lH,iv:xIG+UJnmkEvuo2mgu904Hdn18BhsOCtWVl/eL6ybcZs=,tag:nFKPEisO3U3hPJZASrytiw==,type:str] + provider: ENC[AES256_GCM,data:eZOq2jNeqLM7BzePXA==,iv:vHhMOtF/mqUorcKSe2djtWKcyc5F2c+udWclcOkxK/A=,tag:6yKwQj/9oDDIdHcRtIgW3A==,type:str] + skip_local_2fa: ENC[AES256_GCM,data:B8ObUg==,iv:mmfGkA+8HK6H3DS+Hl5Hz3s/pwGBoYcXQfJiPiBKYFs=,tag:ErmgC/mcQZJ5sI5eEtLHzg==,type:str] + key: ENC[AES256_GCM,data:+w1/goQ=,iv:cIOxkdP38IaiNZ3dig5xo2kYrXdAwqerojCXcBifYds=,tag:5/+QimbfqpfnaFgFT3gfLg==,type:str] + secret: ENC[AES256_GCM,data:Rg4rEk9j8zZcUCWbm6xmuEbRb107f5HaU8ClbUkXWKnnERkN91QYtSNlAEWfHBk30xmBObm/O2LlypYJWT5wO7LNw4G6q9yv5JaIc7vS1pjicDi2QNxAW89euELdlthFa2fXj4lNlKLgQr8TbC5wpX0oysC261MM9kgjLuTQnw8=,iv:ft8IMPIu2JuzeWdM53qN5kJQQR5Oq9d2yyNbAQdtdY4=,tag:cBMEqmoP3KAuOhuX364hew==,type:str] + autoDiscoverUrl: ENC[AES256_GCM,data:IlykewahSerO46QAqJrvryzHkZONrEDHYBgwq9Nkg1pja9X1l3YaMbsg9DYWUkod/ZlzrGUA8Qyi58WW07chkFDPvy/Cfbp7GZSosr9ZVv7LI7TlpZHxeaA=,iv:rp05dCHRMnysz98G3EbKBZWsBzHrGzSuC6FCr/S8evw=,tag:6UtCbpVoWLbv5W/cB1+qBg==,type:str] + iconUrl: ENC[AES256_GCM,data:Tp16796JFzlYfOSfI+ld+Lf7hCeS74ZDz0kA/I9P3v6G+3LQAUGOtfFTzx5mTsfpP1eQN4HgD2uU3lfLhSozril1qq3AZA==,iv:dQSq+IiRcepUZqLipRr6DOHH7Hg6h45gnr9LH9dWYdU=,tag:zeq3tVobXsOasCkIAw/riw==,type:str] + scopes: ENC[AES256_GCM,data:3qwG8sYZER/p9GgnuA==,iv:hvJvc1pwUgeatq9R8GBde1EQDJunwZBl+cmsqJr1PBY=,tag:ov+WHCFaNaA40PPvOzVPqQ==,type:str] sops: kms: [] gcp_kms: [] @@ -37,14 +37,14 @@ sops: - recipient: age1vzkv97n2p7gfkw8dyx8ctz2kumattz89th2jq47zyjyrarmnssysdkw9v8 enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB2Y01NOU5WWnZ6S1VaTm5G - KzhBSGhSQXZCbWEzckhIN2dEUUFISUN4NWpjCnBMMDhaS3Z3NTB6ZVJoak9nWTgv - WmhqSlh0Nmlna3NoMlQ3VjdZQ21IczAKLS0tIG5JVVJ1dmloYXVxZWhrVGFKMFcx - MXI3NnozVURjTzEwTk1vNjBZRDlmbkEKsBHUyaVMtl8lxKo6tRP2++WRf0RnwW6Z - EFhh4sywF/w2W7lSz1PAGUItp7YI55L6v6F3z4hsJjqSpxL/1F17QA== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBRZ0IxQnpLSmJjTm1jTkI4 + NkhuMUN3RVp0TEFSNHhtTkFvWDFaUXVpUlIwCkxWbkxnQkY2R3g0cUY5VG1Kb251 + VUhYZlNCWC82Z0h3SHpaSnVST2h0WTAKLS0tIHJWR2FuT1ArRFhMWnV4cW9EcnZw + UHpBeWgyN21CUThydi9XdFc2V2c0TTQK38CQDRnFpUmWjyvDGGQ3vQxhBvy2Xva+ + SCd8sJZc/bnVDOEidvV9oxJz4y0nj6RvgzcsU+M99YBJcuV12xPqag== -----END AGE ENCRYPTED FILE----- - lastmodified: "2025-03-25T18:38:21Z" - mac: ENC[AES256_GCM,data:iogjVYVKmj11IELxm7fAhUGpbp7upBAXQMu3bgWTL7LVe+624Nb//1sDAMUQAHsQEVq5R98gBsPZc5STVGvbxNrAQaElivhtxGCyHi9B1imFGmfHzaqu9j2VUC5IdF18gyizPHdJt+SLUfhg//3dsO3Emv/GfunzzXLDGkRQC60=,iv:bxgPg4HioG31P/0IhBPyZCkVkXeaTXoA4N5josDrWrE=,tag:xkQcIKszrG5iBNHyJdkP0g==,type:str] + lastmodified: "2025-03-26T11:56:44Z" + mac: ENC[AES256_GCM,data:cc0H+6P0uTl5kpMR0B9o5BP8l1KHjLHdMetPlmNEVQo3NCzm+0SBjGYOqNhr0EG2Gd6RKdsAADrZAwyH+pXA2pmNVdIehDBu4Xncwi8nrUY3gm3jBIG/01H5VLqtZCoLfbqQ4ANHrGhn7JE5bwrXbbmD4t/7E2i7qHLukPj4S8w=,iv:3+llbgLRU2tMr+S2nvyA8hGfCnnWnqprGSW9H3VSCH0=,tag:gzMc8wSjZfa4h0eN3V5Ylw==,type:str] pgp: [] unencrypted_suffix: _unencrypted version: 3.9.4 diff --git a/values/badhouseplants/secrets.namespaces.yaml b/values/badhouseplants/secrets.namespaces.yaml new file mode 100644 index 0000000..50c2abf --- /dev/null +++ b/values/badhouseplants/secrets.namespaces.yaml @@ -0,0 +1,21 @@ +defaultRegcred: ENC[AES256_GCM,data:QpL9wlCjErkjp16vsOAcsDA539EguT48JPb24oi6VexbbRm3cBVz9KDlrVhhbt1Uk8hMkbHfN+SQT+OQL38EW6fJiQ2CJ6JbVuyNXeolErxbeV2V9dWegiSjcekgS+tqs0YmshdfUpMFXIpmHWAsW2hty40b6+WE1iAmSf0NgrdYTG+ctMtetCIpiLwy3vgiBc581h0kmAxC3QCDVXIxtw0p0mtF3iHZmQv78FEd9CseTPH0jVlaoucM3mRPKNFi5j7sGQtrevYfPZpynpufTRLSkW84NddXbpk1gzFn5fbENjS1b0vrInqVkS0KMmewOGwf6coL0uELFclRQua1YO7hW5uVKZyUCn9UpCMFHWI=,iv:Vr6x3YFd7UGqId1PQOJqJmpSWxlalIcQdsfwCmQkdQo=,tag:rtFEPOYSzf7M8vTwe3hxtA==,type:str] +sops: + kms: [] + gcp_kms: [] + azure_kv: [] + hc_vault: [] + age: + - recipient: age1vzkv97n2p7gfkw8dyx8ctz2kumattz89th2jq47zyjyrarmnssysdkw9v8 + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBPTSs0WkNIdlhxVURXcU5u + WDMzb000cUE5TnpPajRHZnZLblpKY0RUZmlnCnNpbno2VUVHb1g2cy9XUEV2eHdz + QWI0VVVJSllIRHdRZFdlRmFOckVmV2MKLS0tIDJER2UrTXArblBnckxJY3hSaXZk + Tk5SK3Y2YVBPem1HVjI1ejhaK2tmTVkKgfdOUiERRABkvvYLe3P7hAOoc97dNmnF + rAwK+FrRrAnfeG2R9RegocbDv64ieB1vwJpW2LeainGchn9opNjeeQ== + -----END AGE ENCRYPTED FILE----- + lastmodified: "2025-03-26T19:22:13Z" + mac: ENC[AES256_GCM,data:JYkxfsrFgYHrxQTPh4uZ1RIqexJnaYefRWzYFzpE6Or2in/UBDG+UghYtbld8+wI6xSMMwfh8BgmOwUWWhqzCwzHEVaiNjRUNisw/epdbKwCuou1h6m4e8vid8NG8+FttWK2QvIzEKM9ONTJPcoCRjiKIBH7dGBAeCjAOJy6PlA=,iv:n26YeGhiZ80SQYfFUA5Lv0THDTPYvOvWoU23nTut7Qw=,tag:C3ij7ClL2ra6hutcTtbP9g==,type:str] + pgp: [] + unencrypted_suffix: _unencrypted + version: 3.9.4 diff --git a/values/badhouseplants/secrets.redis.yaml b/values/badhouseplants/secrets.redis.yaml index fc27f76..09b5332 100644 --- a/values/badhouseplants/secrets.redis.yaml +++ b/values/badhouseplants/secrets.redis.yaml @@ -1,26 +1,26 @@ global: - redis: - #ENC[AES256_GCM,data:d/vtscwAkAPFyRz6Ap29M/oZGEcX3POnzAd6GCkHIiTLFinXzOAn/ruMSiMsnL9lJxj50foVeLIXnmtFDGxUPsxNU9jePD037t6vbtja,iv:ALXE7IPi2d79rOpBMwlfi9IPtcvfoSAxsDHwiVItk8U=,tag:cMoKK0zkagLc3uC8Ry5hBw==,type:comment] - #ENC[AES256_GCM,data:XQ6nK+hlKfFOBDye9a2a,iv:ptA0TWsjVjOQGOCe8leC7ZjRX8gSnbjb94NWZMccxSs=,tag:9vw4k4N1wI/C7jf7ZPxi7w==,type:comment] - #ENC[AES256_GCM,data:eTsTA07O2Y/468A=,iv:ZWOZO3GAYbU/Bq5ejdzDUsrYpkfwNtK23zH+XS5PUsk=,tag:KL1Z0a+BxBW4Y+aeJb78lA==,type:comment] - password: ENC[AES256_GCM,data:kFbVUyKL0B9GhOapmqOS/FyTaXZEGUmSFFLxYIzX,iv:sLue4AmkT12DoPrWH3VxpvXFBHYhYRUTWcNoC+ojhGY=,tag:ikQsyximPvONoANv/61GXA==,type:str] + redis: + #ENC[AES256_GCM,data:INOZ17f72Qf6D+drbcvmnZRBRIeXLSAV9RmfOLZFp45qt8GWSHMnevqq9ge4Zlydtsd3BDek/JLUNl6YHPPq9qM1EFujY2htbOHyf0Cn,iv:zZDMizNKFllCyNH/bUF+vuB9YOikjo3q5ebzu3LYvCc=,tag:H0XX/D9xh0HS0Xnqgs/aag==,type:comment] + #ENC[AES256_GCM,data:JiLOpJanuZnMpN5dMvw2,iv:YEVZSdRHez1lCb61hWLvalLq8F67l7KF0WXmmuj9bck=,tag:KnpfgwUYBQLZsj4Jk13RtQ==,type:comment] + #ENC[AES256_GCM,data:mzDGjHlXUunu1yA=,iv:LOOU/QGaHKeDrssbk1haYd0lPclbFak9GygEbbN0gFs=,tag:4cUubeiY6aJj5KVKVkdFUA==,type:comment] + password: ENC[AES256_GCM,data:kN93kIMiVTGWbaYgMC1n1MWqdl8s3cbZS5vvYTa2,iv:Qy+GQchC6s2PoarPWtquipF9gAVYZR6mn0GeHABRogE=,tag:V/xbfm9u51UUG+we/3nNLQ==,type:str] sops: - kms: [] - gcp_kms: [] - azure_kv: [] - hc_vault: [] - age: - - recipient: age1vzkv97n2p7gfkw8dyx8ctz2kumattz89th2jq47zyjyrarmnssysdkw9v8 - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBORUEvSlFCTzh4N2NGVkhO - SlJXQlNvYjdCQmVjQWVpZ2YyUjlmWkZrWVdVCk1FK1VjVmpCWEVScVo0YldZQWxE - L2I1RnNsVWJGRll5MXNjam1zMzU5OWcKLS0tIFI0eUFEYTdyWkFEb0xQeTBaZi9J - aUJ0Umg5T1BFN1lEbThJTXErUkxKaGsK1Vvk45dshvEGF3OZfrLJPabHgvWFT8ps - f7Ygd+3XhZUBUBi50Em/xzmKQXL0I0Ps9JetSbQ/Amlmp9gU8VqRGw== - -----END AGE ENCRYPTED FILE----- - lastmodified: "2024-10-14T08:08:22Z" - mac: ENC[AES256_GCM,data:9dykGJs5NFjahNZ+4orzMh2u7UBRHMVCv5J9QxRqAzE2aT556W6bZoV9n0V5b7Z6jhVGHFxA4do9RoFT2lq7aMVpQ4nl4iSXuavPiuoBeq8aIwykpCF0cs5dHxQP7R5US2A8rzsSScIBbB2i1LhRtpiVVGmekVp1YSZJWcNhMNk=,iv:tWf4DjEcAff4LupkpFiR/Ss3iYBqtvcQGW/xAeCDIvw=,tag:nbWpyxzNKKrbo8HjMBbeMg==,type:str] - pgp: [] - unencrypted_suffix: _unencrypted - version: 3.9.1 + kms: [] + gcp_kms: [] + azure_kv: [] + hc_vault: [] + age: + - recipient: age1vzkv97n2p7gfkw8dyx8ctz2kumattz89th2jq47zyjyrarmnssysdkw9v8 + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBrOHRuN1J1ODYvc0Z3OW5H + NFhVM0dWWGZETU0vTzVkeUk1NFVWc2FSaGprCm5NalJKUWxtLzA5VTU3YjR5VWtx + NExtbTZZZUZteVBTYnNWTVZvbnF5VFUKLS0tIEpBTDhPbkVLVytaY29aUktmZGF2 + bnVKWmI4RWpLaGU5WTIwblJRcDFDMlUK2BHkUNbpRMo0jm2Sk+Qcf4giufJtaJyM + xuoG41AqGs4+KEDS8/rF9HK7z+2Wk9H5b8L+/W0n+J5EPOvwvFePTA== + -----END AGE ENCRYPTED FILE----- + lastmodified: "2025-03-26T12:23:02Z" + mac: ENC[AES256_GCM,data:xrA6hCFIH/R/j/V1T60xx5Eix5Z5ETREQP4zYriLkZQ4hEzL2WdJFExK1VXSfX4KmIR8215XHmHnWu70eIoAnFUaozBosIFtJz0YNrNNok6MeDGD5fy5mcBQfCqLw+rwbW/uxY7DQrchgVT9iFAkpRSoVPUzn6ku/xCmTmSlv3E=,iv:lNLR5QHKPUWb1Mz8mIFCHnjpuQVF7ttNTOy9+jEzLyo=,tag:G4iZ/9nWKh97JLGOxbgSQg==,type:str] + pgp: [] + unencrypted_suffix: _unencrypted + version: 3.9.4 diff --git a/values/badhouseplants/secrets.zot-mirror.yaml b/values/badhouseplants/secrets.zot-mirror.yaml new file mode 100644 index 0000000..ff88a50 --- /dev/null +++ b/values/badhouseplants/secrets.zot-mirror.yaml @@ -0,0 +1,22 @@ +authHeader: ENC[AES256_GCM,data:nmlP0vRoKJRivvwJArnEO26sqIwFtnK5MYVPJBBCmAGCPpe/U00gYu6JET0gPqGV,iv:+GZwWrxoWw0mAZxZdITBLtHgRKYIyaj/NQwHbD8KppA=,tag:MAer3FiaBxyNwJr0BbDtow==,type:str] +_mirror_password: ENC[AES256_GCM,data:W2xy2RMmD4d6N+DNceIgtDGUpygOGEbWgGa9Icsy,iv:YsQfm/EmBYY35q2irlZ2rmzkbJzlFnfgMSEKq0G1I5o=,tag:7rNG02Wm9g8GUXeM4nTHqA==,type:str] +sops: + kms: [] + gcp_kms: [] + azure_kv: [] + hc_vault: [] + age: + - recipient: age1vzkv97n2p7gfkw8dyx8ctz2kumattz89th2jq47zyjyrarmnssysdkw9v8 + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBPVUlyVFZWcWFuWnEyS2Nv + Tkx6aTZKY1czQ25RTHhKNWNNQ0xIaWJLb1VFCkdoT0RBTW9EWG8zbzYxekdsUEY2 + bE9nQUthV3NCa0kzRnBwZ2U2MWlVNzAKLS0tIFY4RVJDM05ZVmR3NEt5YUlpOWZa + ZVc1bmJnU1o4U3NGaGN0Sk90YTR0ckkK8gmkHty4Gwt4vuVK3xhWWg4h/EgvJULh + Trgn0lzx2pCThg/+82u5J1T/QLXdbbDFFFwGldiMwNjZQfpOmrZpVw== + -----END AGE ENCRYPTED FILE----- + lastmodified: "2025-03-26T21:04:45Z" + mac: ENC[AES256_GCM,data:cTN6wq1m1XtsfNujCfQ4nKtX1Pkc8MFCipUeScDLJUuZZwg4St0h1OkYtYJBWeVSt3CSjjexQpb7Oi9K8wukboIVevaIj0BTT1hkf2ZUFeIV8W62mtftfdRex0yJ/4h1gTZaYBhHEw+qD6r+XvavDs1m22FF5RuF+5qfGUEWA4I=,iv:RsVuXbLVfZSJ7AkIvEdf7H2auFTiqXgpXLe/LbATAo8=,tag:1V5eIiJzjzv4C1JNNf5Quw==,type:str] + pgp: [] + unencrypted_suffix: _unencrypted + version: 3.9.4 diff --git a/values/badhouseplants/secrets.zot.yaml b/values/badhouseplants/secrets.zot.yaml index b015704..adc3003 100644 --- a/values/badhouseplants/secrets.zot.yaml +++ b/values/badhouseplants/secrets.zot.yaml @@ -1,8 +1,9 @@ configFiles: - config.json: ENC[AES256_GCM,data:1oXxlNdFye/cCLMSNAoRA2gXCS32KVDgCYCQSJcvhlepGRxHGNZO29w5GEVDrVPxTYN7Fod/QFxfzNgfJWifYbbA7Oqp5+dEyPoybMVBI/JOc99iWuOTYq9dtiJSAZLzuVJP1EGv5WUplFBE7J2BOm+q/bIjpBv9GZCyAxO23gWipTGxvgwekuR6qhHi0PJrC0evwPflY8APvysoZM+eGEsuAbz5WVctbeD4cfHkpKko7jIqbUb3hGowIYd4UNt645FsGhDQPuIe5+5v2Xup6Ldf6+9mrY1PSzfgNDgyhfkwMqtei6bDrb/VXWbgI+pqk0mEQ98nfYp6EMSYqODYruV0IaoQY5a89N9XOe5MBpmC5QK7BDin7gQYKIbSjkoMx9BvmfeuWu+n3Ej4rxPAi0W3FMWwNLOiQIaR0wYZgFBnvkwDw2vKI0K55T1WeLhWKesR6wOxgJRFkfpJ9ouwNk7RwF2wKCEm+hoCdFzvdjTOq36NzMHn++kQ2ZaUnufoLBMqyfpOKDoY2AXMPnYqwnsrlUfGlthmjoBxwtgZ6MlHPN9ZSXy99bjhY/Lc7369wIweAFAwODRZ2bZAy6q8Xhd0CSVXp44m3wZveGq6vhKnfSyka8HkyAfuXXHd6scrfy0rEt5yuBvKrbae4+X2git3sAyTRmbOxhiwsQKJwBXjTr2NcJ8VaGZY+GON54s2ahmCh/ETSqbONM3nYYG8xddnXJeFX+xnCBL0bU8FoKuGyV4gcOkfXcdRVrYoiD/z/ltl1LLrKmnwaECQ2nBxBS4rQF9Sa0ScZjVaavYD+6yN+Uicm73AMr021xTdr53InwKJZtz7dghd+v5ISXViFfGLdvN+8TGOrJlHsBvpdxs4sVUwjiazzfdwy2WTxjbu1GoZLA1+RKPXiJOR8hmggTcpX3ymly27Ws9stEGiV4bijW2xmYOQxX1E+hah3SYzIbRWaUVobrtegOi/PtAY0Cs7vPLJ/d3ZOoGMW4O1gHB8zqk7emPJR7yatMxBl0q/ZMctWG+G8aCKAOyhzDdKP4RRwiccqGR3r6YEmM+hiCRwT7aVnu6jukGmKt1jlvSbrw3SQ8EDNiMs7rxwuNYSaL1kaK9MC1Nvxct4c9rqrYe7Ths+3GATxnn/7TyWDKR+JYgGbkNWRQ4PmHLSs8F8eUWV+vUTT6wtyvblA/O8uA4FrEA/+vP1/RpbRDaQ1HM96r3UPRgvxb90nhplpcOR7xDfzq6vE7VPmkUfOG8yndKQsvKTCD318lqVjRnXdfR6NcaT+BMYSBVPHO1T3sZR4TgwAzEL4Ps4NLzKyF12n6o9iUEu99PIQjYma9u5hGWM1f3GkkDClUlsYPNCu+IThSNrGQVyKgxbIk1Dl1uDEpjSGyDutMvWqgsDPz0I+4qvrBBknqdDfnaWzT8xPB1+NU5e9Yc7epuHoPTiiGjtXKaz4xhyTBbAa+VS4WLRc2Rnvyp0I+ps0DxQ+lxaB9wV1N3LbhVgjFeH1D0fHyMrGn3W5bjsNE0aVRMNqRKBJUTEbNHRK3gfQxIFol2suSEL/fYZXDJbdRMNhYTRVq6VNvaD5LIbebgCHyvubaxk9dcmV3Nhc+zkeLb/Y9zTeBcf//Fs4TC/BQV3FapISFSXBKPir5QzQwiaqWSMYuvebaU9UaYPamXMPlWhlxKhFcOC9jF6Zc2JPmf0C+PPSKzAvPuQqCQ0384GuCzwdLUR69vjR2mlgZ0PLu94CCRSifkwZkGUUlqHccE0FEYRD3LtDnFv2v0nlxeuJAixQEPTOcq0T184fSmLQZ09JxU8mBmc7Ca9nhEDQpaxLf5QbiHbTgoDuCeEXYzNwFhHRj1mWKl49YjELOQpvnrzrYE01uqBJi1+yxSd1i1BQsBt6ZD+8Dw1vsKQ4Tfr96FWkPgRb8FXGfIcDrjUPzTOlJbu7qwplqdCefRBocv78k0nKTlK/jG5VpIFsQDJloBBSXIcva/qsaQ/z4GAX0cstrE0MtwkRmFmPLfZyCr+rMzS1Kj2jFKS1OrmueQRZpZQn1MkCIDOZx3x1/yTagg/pr8zcYKojrLMM1D4ovp1MHfmaRP5TEnVoEs9yQwEhh95S/qjiS9HaH9YbCF9ccih/P8X5rmkMvsgc8RzJpGFifIIoDkZXbN00gzkJSvNaRG7lA3kyWkCOSISm0O2Ry1KN0Nk/NqHpzaGdp51kuhpdNTLGnpO/ShJKNOUavNfYiLiHxpnqkojbPp0tauVtA1PqiAiMkmcXxE6/QYmZSEMWBHudy28A1LB97e8g7DG6xOk0Gw0mm0uC9OcyLKn7N25QUPgktWatbH17T6fzDF3E0qz8E1vlLWPIj6n/2Enu9mpnCCllaCL+yNbVGyBLTPF151ftlvN00sXluxPJmC4IA5NYiDlvAQJ3siHgM5i4HkpcLrlM7gHwDoxVN7unWdOPwxMa01ddNGFv/sd2jfOmrDiDD/JbvjMTisryjhaoeBVb/9eD0KDebWCDHB6wqw7yzAExWRESGx63zewRuZcfkQhRnh506VhIizq4YFiSW5nJPe/N+C4mbQYfr1ye6fixf9M+kTUirVbBg1lBMRamsjpzTMMtYdEIfoYt7YGD6fh2T31R5eMQL7FgBu8fvoUJ2WD7tNZRAwN1VchPAdewAEhS2rPvVIqU7HEHt6o0CLRPmo8Q6mbu7WBr9NFiLJxn/JbeotuTNr2hev8WYoynhP5a0T3II395sxNr2DCozeTTnJZ8twiN5Fq9DK10ScTaBGWbtF3GzbmxE0G7klahazdGtrltVkyxfsse0SlDx/eVEzqK2648wvExh09Y/8nZu0+E6PZyCb3SbMSND2wzRJafdJNbgGjHmkDiMQGIi4CbfbLNrBjq+lE0CwBjZ/X1DkW6BGndQdslu7B++AMYAw5Wa/BZIL4uEeUl3Dabii+C8/wRY4gbV6URKadN+NLqzcZ0dMKprgxVB8UbN7ujzpN91Rr28VBAI4555PL8OTJnYjLjMY7lMLFe49MjFqDkTwiI6QZS6L0ooK9wn2934dzFCU5jfXpuIulwxGBdpnOMxAZLwjDzQ1nvXaPVQs5Ho+lmWdZhsEaCr1lnEEXeKn/NpY9ToQ1GY69HrliCEeLXd1WB4pUaK4QIXxPoB3HhPuIHUuqwPl54C614CZmandjrIXM9TwLVitJbVV10CrzavSm9riJgPtB+7R5SMlAOMyriKQGU5UBP6RDQESK5kcL0YelhTRI6mD1YrWRSd+vgZofPeM/sDt/RHY/4/7K2vpH/yzxWaxlsYfFZYaco2mQzEfjPI5ZvksEpnsnQwdWx6iyQm9yJohaOkaLpxpMymu8nHAs4VAHkl5AMrMa767yvB8Hcx1VZwy2a36f2FW5Y5ODwNtmOKNMtkv18dZS69otL68oB+CgeUNwtudyoQawRIfD9lKE+AEUaeXAlH0jO/CpuscqautztHk0b0SN9+7I0S4jRSNjsQyx2Syf5aIrjNtUnkpKl/E0tPbSmSgGey8YZ5JAFLcfnELFQqIBQDzTNvqOXFD2C2jCttbo0Yjy/Qw7aI/IFy+dRnPbkSIcPXQXO9kioETNUDUGDm9MOWOdlH22JWTqa5xhsyHYfQ1Pf9cI7oKD6LlTEUjMjWDL4AKGu/pVk9/aJinvhT49nzYSviT/idMfEa9k22vVpKaEJH+o76dz8TcQOwMvjNHbEWCMju5tXw61Bab8mJSy52Oz+KDiuL0PiJSRGSAwra27Vc4C4JW9XzRMs7evuRGQaNIluaEsTC7saD2NorF9/w52W8hOljT1MmgNGYKW2NRYTso/8XB6bWbunPrgUi/6gqitB1VAIXN1i32lbFlyxlwlflZ6TL/T7oO0CZ0uVTbxBHS8ZcXeNtentFyFBcYprHIyneGc+8buaqRv86Eppa55Ty0/EePqodP2f1CPhq8SX746yHUHE7AbnlBXq1/tYLswGNDd0BXmif2A7bZndA4=,iv:Asa4F/s7qG9VRvbeG1icV09T/r8fp4DL+tfMPUbNY+E=,tag:kTLhhdGSM8NEF+DQStML3A==,type:str] + config.json: ENC[AES256_GCM,data:DPoFySg479DhMWFsxD0RD2+nKvki4vSfIXkhHailIqdp59MeAtJBuiLYmMHeKJe+5ZOC3IIlVFBM+qXtB1vy923XMIIZMrPOkWvJlTHjDc1pdtPkvdJLuwd/yia8PQ/rZDapNKvPB+kwXYRsBIOgB3VPDdMLINkeJouMsNcywYnkReSad/wQyxURL643HbEo6LadZ6qVugbylDZt5+zaptSyxsCGjQ5VWzMxyiPyQp0lh5vps5azoszg4L9oR7TMaaUCMRb0f70clWmA2CcNXKpC+BDA2DfesmKK97pg+RfNZST2NmKa8YC2RWPD9kFuDC21O1WBfXz0ofBlVoqRXGKhooMUBHu5uhtwRGCDmJ9CaP+ZGFVgC1nez5bd4nmtjaUlSLGzAY0ZESKr/o/RRHRQRN0gqgN2mUkM7VS/A4HRhIlSxFX8Uwk624EvA9cw+2iojaU0Iu2XDj1L2ec5JxtJA8INLatxBl01G/S0Q8A7M8Pg58V4VX0bmsIEe+gStFz9f/VThwGv/IUuB1p1OX6UvDsiRZgxT91EkDh/3vn8ufIa99dSUKvGT3aVutq3XS4G9PeHWQT06pwF/4REoVxghH1hhSoArEiPlfqS7yCKHQ8zKLXu/SiXLUY61n/GoJwqDfap91tHPYWCWQBNOGwqvGd3LWwxdhepziL74n7ehYsLJczM/I9l5KSEqhN5gGPXHzNxk/dFJ5u40kjNGJGPB5fuQm2vkj5vpEIOEeJyRfQNUahLLa+j/BhWDHhY+T3vCVaDGYg4K9DF0VsLQh0Mg/PEpz5grvHuKA8HTlL/AoDQCZSXD0m4oXFvbecJ3V4khJzSk/E1vT480UiK83hj8NIEoKoGKw42HWIZheFnI4etxqDj8VhQSm5twXI2np8NoYahy8KjG2xbRTdbYbiaPVjYZrOvItFFvBlFZBPQUvUYLNAR0lMsBfU3zGoyvNWpBgCXmDHDnx6iJgGcunluK19rRppC7B3BEBhoFO5+Uut7fv2hLaCh1+5kMTvz6+vv4GwQd98wdGBjC0BWzVoVOvDhhRhTVMjfSSn0eM5cmE9Ck4Ho06/g5z0FV69mxMm53bBoZO7bv2sihRwWfT6LULgPA+/aF1J5FOs76nVm6W7MZz/FKxks9X9lfM86MQ7tqHJOWZffxvYy3fV7cA5Xj5artgjySvv2X3GYFLlZjuJIWozO+6M/ydjA9ilg7gGw7qve/4RWuG9LV0W2/d14NedDNlHAQF2GTkUaQLEhXQBmq10FU4ePsell0kKKEcyaxGUFij/JfRG6RBQBkjfAaZcVkiOeuZvT2ierxGRcRpzHXMM6xylkvrmpKovK6+fWM732I2dawO0Dh7ba46B1WkLkb2Tzmz1+xtrCdrZm0I95Ygkj4rH2s+UsgJ3b0t76eWBJHiws7P0kO4xgUiPQrFNMl/wUgjr/R/BuhwbMs/n07VroQhknlVItKKfByMlR9AAn9rEJC4L45usFJXc8Uv2nXS3JgNhYOO8nriiTC6H8B8USlYU8Jd6zlImIYdxwWvMKvKPysEhK9MyfX8lfdxnEnlpQBqGbJW0r37SzlXZSyk+YLneaNl+Irz00+9e07xd2CaX7AJ+1JtqrYQMvPAfCx/uyLf3jeO2k0h01jFoGdo/8ErV/eqjm0plaZLdTRHgbJ4spgXGlTkTpS/cemAtV8D7YLBIk2Sh8HJH9+iJSOfTpALMWkFzi4E7K3a3VMlj0w+RniyGNiUNNk1CpojADpT0mefpjO6wOdEIEVE93LdxDGmHEbm35OIxPcNUH2RTKzzvORLpDYo4OmJZcSNTmQQ0rXAwK6a7TPFdCIBz9oVQKko8pksVZDTYA4UKqOl7WJcd/R26Fr8oceuVW/N4w/stC3yYx7lz2Mx8mO9lF+XkmXNhqOv8whh4iL9Mxe9cD0W2FPwIZNyMSj07NTWld3zJ3QY6ab4hdQMfZ8fWvm9tQCfOPvDpUd4N0rukSFdl7UB5jPqkcpKLn4Cyp0NyRMpAr3sRXdYtQf/avBAbN4Bu1EMqL8Rlbxg6v0jusHczrErkBWvuF2cuuPxjsBUh5O3pHEwA6XiUzBCQzxVXr/Pp5MyYbxoH9+U/oSajn7b2a/sqkDHA/XxgeNaTp4IYBJsXFgg61ot826qDWQkubZeH+tY72RJXQ2Hs0t/v++2bdFMfz6Dtd1yaQfq9uXf+SyQeSas7/4E6fY7g3DnxFx0Z55Ma/Ao7QyJb0LSoGHyttB0OnSOYK9UsQix0d0W92XBta712bWn6Fo3rxDJGPStKQck6bFTSveziqLC2vnQc8BBZ+Qa7ffnloPg+uyUJ+xh8kMzV09EXUhRzEZp767MnNq+eYOPkW0k1M5TXpe0picvPdX2R+XSH1h/4JlLh6wrgQdh9K+nExaNeBVUgUaupyKC5xP3WARj+cnsVFAV9bXlU32mxWfqk6ZVqvlKj+1ejapkg+7OiwjifYoVNW/QevDxRHS0nqwBQCqGRDI0M2cjn5TMBYidK6CdwPJrfR5WEilAklanHPC40N0J4X/Vlhf2XPHXcqlt5fzK7KGOlpLgsFE/i/Q2S59affDK6oYwZVmvcejXmNjqeLxcrb4NcysgjWvT7Xbpj/JbYJrCEgwpLynPNXECu0WeM44H2TSIha56pGQp545SpF4+ivSvkpJYmspjLcdjsavqBHvIhWZtWoRJcoCVuawQVXg+9ld9bzuQGz/axCgRn9NIH3LfsFdw8fzjQJcJInN98ljPw4uM/7ry52kjQydRLIPyPBLQ40e9sKYIO3cH/nOEHfYPBe6VsevZFNzzOtpEQv/5XBQ25ls9FQitY6xolYRwQg6pLLY9p7yCOUUFucnv9N0Muj0QF9zIEaMrhA2LboCyqawGStSsO+aKhmsJE5Z5Eb/b6Y7QXIym+O8ewOcvTxIQYBKIrrfHb58my7tesJ6+Z6XsAwp4J9/cwE/kgT3nXBqzZskFj7LSj+x3HAYVo3RKAvZe0OOiUTUE28y4trVh6yROfeqSh+kUxklf9NCSgILjeHu7JGfOnZ5wpIUry0PX7DPTosDu78qse/rvm8nuvlVhaZOviQ7ZWKnHgrNngnZiBsnSnKCmgImDJU04hqIUU6hbsd5DKHyiAwSHFXK44s5DU0Nyb3DQSIes2p08TQmX4LO8TD90xQyCnknm2dU8zd90XJ8qhGZl9FzudVXWuo62gUIlTaB7Q12NM+N2VeshVAFU28ZGsOUdVMC/7s5UGp8R2UDqYSVwoT6cLL3UPlcdgjUe5Ig4w5DN88IEOYAka92zF7yx01RJJUy0zWsRI0l61vjxb6+5qZmaKmy2DXvSUQ8FOD4mTLlDXzm2FcWxdu2Bl1STY0tl2X3EUBmdTysRUkgedowET9BdRR/AtuMEhpa6nXxjP+Vj4HJ+X/HW+t4XSOS5tHT4D14rQvmBZDmm1mRH/gWAhWxhU3wKIYx7c4N43OB6qRd5Sv/sA6+V1VfF8gUpmN19tWv6pOjaqBJXWfeb+84xAlPMg6kD8KikCuxzLrIrRmUQWl48qgK82TzA6oW+E50d+6D76xcRk5AfEWPj924smgsXLLKT4PeDlNvDsLN18r8d2BAqeIDrbLDb4fbQfXNhwuB/Elcb0EyY5qZZn1B9jhWDIhKVtG5ZiW+YxBQ9jHRVvge0OhQelMNvPwGvLvigs8TO6E1owFjtxheJVKwt4HlPFysAQ5GIyZRlLudexn2NNqIiXVAeD/5Y0yXWbQNM0VWSH/nQ408k+BA7y4vpTJvpzucVrtXcvCYErOgWLPYgEKbtxmuoHjZ7S0Pz1nuJZfIszyVTqbSxhoUOCr2EFl+1PbbNl1hKMC0pqPUY47xpxufefw5RHSgG8aQbgnaR3WvNHy3vHyxihzmS/h8ql8iG16B6JGvSkXeKUwxBX7EGq3c8S2bD/1f+osFfxOYqeFvNjw0Odr2TQZmL+i6jJsfK2nrDvLtprOohVhdS39uw/h+GPF51sghWyADN3YiKNRLBwWh+yPjKEXxneUlASPEhUnv1KPxsYsLexupHeE11lytOxTt2/T2kFFgQksafpkox1Rsy3N2TBA4fl38HQNfWAuPiwF0Qg8oG7AIRlxcC7qcXHe1RIl/8jG5h2m1X/rhCnVmZvaQZKsXUX3/oAO/J9NY5/u8a+ng4LXYZUrEADVg7Nfu2LzjLPHCq7b8Fuc/2orutTRAQUOecIf95exxN2kUo4VQwoC2ymHxjrHKRRmPNOwdtMkXOavMIdwUgn0fC5ZuvFSo0stM1Kr8G2fZscJuOOihmc4He3Mj5SjlUWUwQy15dMFzk4ULycSY69WJpjiEr8l5J6a+7kuo3rrBysBX0cijRRLTCwAFvMKaP1xd5VgF40Sia5rWJrWwatARO5G67wowXtL7sVj8Gg/vLN8vLDlCFxNpW0J5VGoVx9rmrUF94xfoskXLnAyDpNA2Pr+njy2iRSzPDJcKbuu2wOr1Z85ghloo8MC0GZwt92cmm3laZFhl4dDGt97sWQ8s73dOO16Dj6aeK/HLe5n4H11AcvvBRmZ6LxjR/DK512IHgFcAIxY64OrYp9uKeHmQG3yy6d6ppv1xwZPXSYGYCodqa2oxVa8cbkstMlL83yPkPIIbviY3W+swDPShEU8nVBuspcy5Wf9Zi8hbhiZsKz/kXpx3uPozi5uQ0gPhjZY/QHEQtnZgf/OWUmbclvRD37Nh6EdzxPxgsldLDQQcfbpaTkPhR1bTKOFvg4lG/F1dmJUmGD4Bmyh0seJ2Pj274R8IQWXttNUm38/TkJPiimneqjxhEo7wtEjdE8tf9KOZEXOreZfX50EKxeCDW5ysJ94SLqUH3nSMxkkS6vCakCGWv/h7tSDl9uYq2bqWNiAmMT0WdElgQEtYWZopjdTIAhcsTT5ZsU0MPPFOOoVuPqyzr6sfDWBedwa0ED6eTRtoshI3sgG638bCoBVIutoYRS6wYBwiL7k3nRmHr1ZszICHMxAUlOwRroOqWLQWRxZ5dAsvnO7beBWnWTHOP1S5iI5PVMDMGufNBvVYMhK9gN+pYA/LtYB23noO7EBlZ9mk6rlnMe5oigS6GU6W5seVgNL98Jav3bBl8KspEX+xHbDxlzplhTbAYIZ4h6ivUQ1ydwxFX6WF9PPb8H/nT0+PYLJE4v0ueouho3pj/zmaaO76OmjxnVdw9RamLHNmlKfpk0PqArHykoHR5ZbDVUEENvjsxfQjlE7eLaJq7rUralAHC63yUUvYF+Fc1Ibd5jQWGFMRjCLa9025WndGs7SDClsURp0UWiaFBJGkaz7qYcH59L8HzL1buBePXk4strYEaM3OtrXFS2EzMtRpjsjdyr98yzHNhZKb4DFolC1bS2UrP5RIWpSQuZGZL/PDace5TTiJo8HlVWgzqbh+nGOYunTXJDjCKpdfaReoht/gJKU9sUF0YWRVMMXSepPJYqtJp6TFiHCKc5HrOp6piuHDaCHk2ljilTPBO6/bjr0p6GmPDMC3z90pFgG5F2DUxgWR3ixp/sfigIJK2l4mRfa1IDn3mAuJh4ErwO3X4Izj+3jlb8oTNdiPaMShurXnw2l7yhnmnw9dLP/McgUTTaV1XkltJSvgXioF6VljVLch5F5mqniZUjR32uLOdqqW1cGoTTIkVgDDNqFD25bv+E2w2atGM+DeMlGivW+sGiqAp8Ovk1TqALKNzSEC1eoEgrKLsa75nkgiuC4IKyLeYe1ya/x+QIZPz2NtgN06vLobwXirs3HWjgFXCxiZdJvP8uddDQN+AP+/CYgVNmaGuH0JyQIqZ3tu2gPCg4DCN6Gfg4sQUC9AKP9XMPXT1st3QBZQKqCFcCI+LX7EUEPyHo5VkC9xI0wQZAuQOv2ztr/pfJlz4KmCSbZJHO5ILp3N07ZbrFd3NmeT+a+ec3jAwbKUwKSbERMgX3aw9R+YPxcmX78c6ZByE8t22gckt9AOhWEhK8yQJyG7YkrrO0CdRCcX+wQLDILupCazxnmiHaWlXHWFtTHCyz9CcHpPlGQmM3BdPoCJ8d2B2ypC3xEVzqOvQnp77tLaNsQ9QPsccCGDZVlB/fBX30iGiHR11wQarmvrcR4/ci7bdgwDCFwRq8FHN3O7o7kVDzTkcG3Nmtcxq5OfGtIZw4lJpUHMfjISIR621lUF/ynZ+RSIdjvkl+rhDJk0zIkds7PLMlsTNFMrDST/cZ34x31D9GljfCm0MYNVi/4kaglq/171L+ECg5CtPhTdAdsBYa1i7fXGY5rfVc1p4q+elxnMhVN/elbsGxTGuJPWc1qv4i9WV/qrynSwn3MlSTq5IxwJ2/9Rrr+t6BbwAd9dNwXJDmAOsWnFbLre5j1m2nOBDqwvfslgUQSRJeKR6Oe6aNWO1FVPG5nTHmq/ykHlMOqjO2UBHbyApnRZMFSvD5JYCHKgWcmKGxVfkSSndyO1NcW3+AgphA/oMZPsrAr+TudKP3NzE9O,iv:ZpRMwXU8uzrq92ttYubvSVHBCsjwKSWQw4aBAt65PRc=,tag:nxCF65ogHW9S47E+ferWlw==,type:str] secretFiles: - htpasswd: ENC[AES256_GCM,data:hCsJzYgbKvlkGMuTcz2xHfNiTJBBM2xELPFHsMD1lVpIkKjrZ59qlxzcBGLbIhbaZxsQD0fzo8M6BleMcOXAe/SgKVrrN0OjxdbE7KGsdHYJ/wqhUvcUsuIvxynW6PZ8E4PAx9xzw74TNpRmALZXG3XJ3zux0KPP8VkexEDKWKjdLai8JBJ2cg==,iv:2kV72lXIGhle3oDx6DD0B7Nh7RddazRYnyPAGK2KEbQ=,tag:FTxliX8Ot7k2c1GeSn1blw==,type:str] -authHeader: ENC[AES256_GCM,data:0leouuWFMTuXMy2ZGBFsGy0Vflw/R9lTGQHTbdkC9QqO7g9sqCsYIFcUUxtcR4lb,iv:5hJTHz3B50ix6jrtp9d12MaILBcY+s8Sq9/gPPTQ+7Y=,tag:ZEaOd+TVVRnOW6RYPPKhRA==,type:str] + htpasswd: ENC[AES256_GCM,data:vm0MpJ7W14jFkWYfBxTzpmnMuJk+ZqLw76o/AE6zcyxKQbMryVJhHzzB24ltxdt3dX9DNjJ4d6TDi5rJPN4YCiI9pcg5AHVrE948VnV0ZR11vzlCQygEDUwB84XI7qOE/VEyzp9cfumD3QwpUmMlWAo5MH2WQX5gtw+Sj4HySuUWNeLq6PfjmNq6NcAKU151iW8RpMnQt0CbDbCjU0s51+BoFkTvDLnmVIt6+b7sMCGbsqTPBkfaYKRToEHT0rQQ9mNWDDVtdk2xZjV9LGfqQlY=,iv:fjqu2sa2Cmc/eCDPMihFJDj22P6jleSR2DsCBmaFPb0=,tag:INtXn7pcbmBRiQUxHfGOSw==,type:str] +authHeader: ENC[AES256_GCM,data:tbNgoesDcwIulISFAYh7SWS13uNRe0IFUwZjh6qYz+Hl+knhCwmveCpyzdvj4gr5,iv:spCRbrSKfi/dgeHwMoA5sP5457gpOC8FeBST8l81kcU=,tag:nYYWghezNmDJlCWEJ3cRDA==,type:str] +_mirror_password: ENC[AES256_GCM,data:qGnelVeodvAobqCsNwXcBD+f2nUPjpHMrInQrEv5,iv:/9t/DozaySe5oDv3apzcQPBbsMSHrXsy8jWwvpyemmI=,tag:UHI62vlpOmIXgW4V3DHiZw==,type:str] sops: kms: [] gcp_kms: [] @@ -12,14 +13,14 @@ sops: - recipient: age1vzkv97n2p7gfkw8dyx8ctz2kumattz89th2jq47zyjyrarmnssysdkw9v8 enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBvcnczNzhJbGRHTGIwb3pn - NnpveWh0QkgyRkMrT1ZSeXFobE93STltdlJzCnVIUldqN2kyS1B4N2RuWlhxdFdn - V1E1UEpjakVVZXBTdGVrcjlxTWlicWsKLS0tIHFSTDBEWGZDNU9sRFNVQU5GRGx4 - ZUEwSHl0VTlFVTRLWXd3b3VMVldFWW8KOYLo0P/NDQErtBM8GRgfdIWnIHfEX1// - CmRVLbWuom/XSZWKyqh4csKfNb1u6170qo5ap8aQgYriD6MmzqPspA== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBDVk5uMmtXYWM4alpaZlRy + VFh6K2pRM1dybTNrZkJRQVlHdlQ0bS9FR0VNClc0aXhneVBVWHBZOUdGVVVWdThl + c2x5d05pamlCekp3UC9jWk1JcGhuRW8KLS0tIDJycjhLMEYvTXRrK2lBcjJFekZh + WUllQ2tweXY0N2Z6M2dTWGdNNGZNbEkKqb0QfN4BFO9yNoHMkmxriigYQWRINCAE + 74JJt8MFWDPrSck5jw2rW/zNF1mWmpV4Nx4AzconUWMWUdGTWi1YoQ== -----END AGE ENCRYPTED FILE----- - lastmodified: "2025-03-25T20:01:51Z" - mac: ENC[AES256_GCM,data:VfmoR7AdvKiN2U7I+iJ8J+t9mTovrW5c8NBOAxQFFZ6o5+nassIuHExUp4BJbqeoBINwDDk5eu/1dHB/bUmyAJ+Av2EX4h+RR1doSA6/YuyXaHXIiP7Q+Tzgv4sVsIYSvUKFL/HLbiDegcoZsEeF5bN0PlOSzniddoMsrySZZP4=,iv:zSUM1JyupVNGEOWM21P7fPn/ZI6VUxCjXYgUDevix8w=,tag:gNmJ2Ga4d15gYbAnDAbUZA==,type:str] + lastmodified: "2025-03-26T21:22:49Z" + mac: ENC[AES256_GCM,data:YwZ2ganiBD/H7uLAsU9leLR8v1eAo9PpCUt63LTVGYdTUjCxWM2KjzFfJkfYqON2XosnDxJPQVTj73m8rCJkphfNZ8aLOtMN9tJUB9puUHoBm4ul3kkaW/FlHEvpHMZzejO7LbfvfdcGaxSTLjMxSqMg7Q0wi241OrbKKupk0PQ=,iv:jPjqtFepMpIzjo6AOIxZ7K4Crsoe1jmFTmwkMg5dC50=,tag:v0vL5vIlVejJrZMYmu2q8Q==,type:str] pgp: [] unencrypted_suffix: _unencrypted version: 3.9.4 diff --git a/values/badhouseplants/values.namespaces.yaml b/values/badhouseplants/values.namespaces.yaml index cb6aa23..997a0f1 100644 --- a/values/badhouseplants/values.namespaces.yaml +++ b/values/badhouseplants/values.namespaces.yaml @@ -16,3 +16,5 @@ namespaces: istio-injection: disabled - name: org-badhouseplants - name: org-allanger + - name: kube-system + defaultRegcred: true diff --git a/values/badhouseplants/values.zot-mirror.yaml b/values/badhouseplants/values.zot-mirror.yaml new file mode 100644 index 0000000..1fefa8b --- /dev/null +++ b/values/badhouseplants/values.zot-mirror.yaml @@ -0,0 +1,148 @@ +image: + repository: ghcr.io/project-zot/zot + tag: v2.1.3-rc4 +ingress: + enabled: true + className: traefik + annotations: + traefik.ingress.kubernetes.io/router.entrypoints: web,websecure + kubernetes.io/tls-acme: "true" + kubernetes.io/ingress.allow-http: "false" + cert-manager.io/cluster-issuer: badhouseplants-issuer-http01 + pathtype: Prefix + hosts: + - host: registry.badhouseplants.net + paths: + - path: / + tls: + - secretName: registry.badhouseplants.net + hosts: + - registry.badhouseplants.net +service: + type: ClusterIP +persistence: false +pvc: + create: true + lavels: + velero.io/exclude-from-backup: true +mountConfig: true +mountSecret: true +configFiles: + config.json: |- + { + "distSpecVersion": "1.1.1", + "storage": { + "dedupe": true, + "gc": true, + "rootDirectory": "/var/lib/registry", + "retention": { + "dryRun": false, + "delay": "24h", + "policies": [ + { + "repositories": [ + "**" + ], + "deleteReferrers": false, + "deleteUntagged": true, + "keepTags": [ + { + "mostRecentlyPulledCount": 2 + } + ] + } + ] + } + }, + "http": { + "address": "0.0.0.0", + "port": "5000", + "externalUrl": "https://registry.badhouseplants.net", + "auth": { + "htpasswd": { + "path": "/secret/htpasswd" + } + }, + "accessControl": { + "metrics": { + "users": [ + "admin" + ] + }, + "repositories": { + "**": { + "anonymousPolicy": [], + "policies": [ + { + "users": [ + "mirror_user", + "overlord" + ], + "actions": [ + "read", + "create", + "update", + "delete" + ] + } + ] + } + } + } + }, + "log": { + "level": "info" + }, + "extensions": { + "scrub": { + "enable": true + }, + "metrics": { + "enable": true, + "prometheus": { + "path": "/metrics" + } + }, + "mgmt": { + "enable": false + }, + "sync": { + "enable": true, + "registries": [ + { + "urls": [ + "https://docker.io/library", + "https://docker.io" + ], + "content": [ + { + "prefix": "**", + "destination": "/dockerhub" + } + ], + "onDemand": true, + "tlsVerify": true + }, + { + "urls": [ + "https://registry.k8s.io" + ], + "content": [ + { + "prefix": "**", + "destination": "/k8s" + } + ], + "onDemand": true, + "tlsVerify": true + } + ] + } + } + } + +secretFiles: + htpasswd: |- + overlord:$2y$05$RhAeAsFY32y8h0japhT72.SQTPXgHc54RCp4CZ4Udsg2.iQxJVeZ. + mirror_user:$2y$05$PkvVMY04ZGvuGUXkrez7peyXevl63ugFbdxZ.ON1G/Tof/0Uf5vZi + diff --git a/values/badhouseplants/values.zot.yaml b/values/badhouseplants/values.zot.yaml index ac9c6c6..597514c 100644 --- a/values/badhouseplants/values.zot.yaml +++ b/values/badhouseplants/values.zot.yaml @@ -1,5 +1,6 @@ image: repository: ghcr.io/project-zot/zot + tag: v2.1.3-rc4 ingress: enabled: true className: traefik diff --git a/values/common/values.coredns.yaml b/values/common/values.coredns.yaml index f67f8dc..b106187 100644 --- a/values/common/values.coredns.yaml +++ b/values/common/values.coredns.yaml @@ -1,3 +1,7 @@ +image: + repository: registry.badhouseplants.net/dockerhub/coredns/coredns + pullSecrets: + - name: regcred service: clusterIP: 10.43.0.10 replicaCount: 2 diff --git a/values/common/values.metrics-server.yaml b/values/common/values.metrics-server.yaml index cf13f80..7f48aa7 100644 --- a/values/common/values.metrics-server.yaml +++ b/values/common/values.metrics-server.yaml @@ -1,3 +1,7 @@ +image: + repository: registry.badhouseplants.net/k8s/metrics-server/metrics-server +imagePullSecrets: + - name: regcred apiService: insecureSkipTLSVerify: true nodeSelector: diff --git a/values/common/values.traefik.yaml b/values/common/values.traefik.yaml index 890d730..6520afd 100644 --- a/values/common/values.traefik.yaml +++ b/values/common/values.traefik.yaml @@ -7,3 +7,7 @@ ports: port: websecure deployment: replicas: 2 + imagePullSecrets: + - name: regcred +image: + registry: registry.badhouseplants.net/dockerhub/library