From 383aecd43c2b05f920c5a0c7042d71804e45dae3 Mon Sep 17 00:00:00 2001 From: Nikolai Rodionov Date: Wed, 16 Oct 2024 10:59:38 +0200 Subject: [PATCH] WIP: Trying to install external-dns --- installations/platform/helmfile.yaml | 9 ++++++++ .../badhouseplants/secrets.external-dns.yaml | 23 +++++++++++++++++++ .../badhouseplants/values.external-dns.yaml | 4 ++++ values/badhouseplants/values.gitea.yaml | 1 + values/badhouseplants/values.traefik.yaml | 5 ++++ 5 files changed, 42 insertions(+) create mode 100644 values/badhouseplants/secrets.external-dns.yaml create mode 100644 values/badhouseplants/values.external-dns.yaml diff --git a/installations/platform/helmfile.yaml b/installations/platform/helmfile.yaml index ec2bd2b..0dd44e0 100644 --- a/installations/platform/helmfile.yaml +++ b/installations/platform/helmfile.yaml @@ -18,6 +18,8 @@ repositories: url: https://charts.min.io/ - name: kyverno url: https://kyverno.github.io/kyverno/ + - name: external-dns + url: https://kubernetes-sigs.github.io/external-dns/ releases: - name: argocd chart: argo/argo-cd @@ -104,3 +106,10 @@ releases: bootstrap: true needs: - kyverno/kyverno + - name: external-dns + chart: external-dns/external-dns + version: 1.15.0 + namespace: platform + inherit: + - template: default-env-values + - template: default-env-secrets diff --git a/values/badhouseplants/secrets.external-dns.yaml b/values/badhouseplants/secrets.external-dns.yaml new file mode 100644 index 0000000..a812101 --- /dev/null +++ b/values/badhouseplants/secrets.external-dns.yaml @@ -0,0 +1,23 @@ +env: + - name: ENC[AES256_GCM,data:RLLp8toAkoWLWRjp,iv:UUP3i5QkNBw/pgYmxHtRUDx0E6i42e/Ioh1z6WnLESk=,tag:+PEinrzkisEQx5gVCpdJ3g==,type:str] + value: ENC[AES256_GCM,data:RKiCvUOctYha7fusMWNrOKHPgmMMjuejDCip470QMHQcxY1S+yJfXA==,iv:ESfZNZimJkD5T4tzRPMu53H+ushbhOuXaOdX73MaWV0=,tag:F516VFRCw6k589vClX8Jfw==,type:str] +sops: + kms: [] + gcp_kms: [] + azure_kv: [] + hc_vault: [] + age: + - recipient: age1vzkv97n2p7gfkw8dyx8ctz2kumattz89th2jq47zyjyrarmnssysdkw9v8 + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB3eE5LTURCa1pyRjBocVpP + ZGxXMUZkUC9XK0xNb2duRnJiOHNzNGp0YXdrCkNvNWMvYWkyTHhQU1ZZeng2bmlz + bGRrd3p2dmx6MjBuc0lYakhMNERMOVUKLS0tIGpsRHcxdUFtTHlXVGZLTEZ0c0ov + b0RMSlFCM250MXJHbWhRTWtGbkxHc0kKpyzba8yp0xN1KjcUACcmlznH9vQtYAsL + 3bm7Cw2AZO7nkdCxky/ITd8N3rbqAVGeM2CeTAxpcMbEXKq66/yqDA== + -----END AGE ENCRYPTED FILE----- + lastmodified: "2024-10-15T15:21:16Z" + mac: ENC[AES256_GCM,data:aIXlmeiqaFu9Jn0zI1qyU3iAkhLKgqMwwLcLDlr+LeYX/88cZtzgP683jW3MYC/LxnNh4LG7v8EK/HViNnCkrvZ5iC9cibRPQYZJrkR3B3oGk4L+RxPws2VUa72pJsG0bQ8M2DDCoDO2T9OuuflqYENPLyYLL7D7CaeSj9w8G0A=,iv:EDaGmWFUnzp0vkIeR1J8iZ9+PjOMuRi4YltoqJAN0P0=,tag:DsSd6Nplvy0nIWaCJgnhgg==,type:str] + pgp: [] + unencrypted_suffix: _unencrypted + version: 3.9.1 diff --git a/values/badhouseplants/values.external-dns.yaml b/values/badhouseplants/values.external-dns.yaml new file mode 100644 index 0000000..fad21e1 --- /dev/null +++ b/values/badhouseplants/values.external-dns.yaml @@ -0,0 +1,4 @@ +provider: + name: cloudflare +domainFilter: + - badhouseplants.net diff --git a/values/badhouseplants/values.gitea.yaml b/values/badhouseplants/values.gitea.yaml index c522eec..a637901 100644 --- a/values/badhouseplants/values.gitea.yaml +++ b/values/badhouseplants/values.gitea.yaml @@ -26,6 +26,7 @@ ingress: kubernetes.io/ingress.global-static-ip-name: "" cert-manager.io/cluster-issuer: badhouseplants-issuer-http01 traefik.ingress.kubernetes.io/router.entrypoints: web,websecure + external-dns.alpha.kubernetes.io/ingress-hostname-source: defined-hosts-only hosts: - host: gitea.badhouseplants.net paths: diff --git a/values/badhouseplants/values.traefik.yaml b/values/badhouseplants/values.traefik.yaml index d779286..fa0029e 100644 --- a/values/badhouseplants/values.traefik.yaml +++ b/values/badhouseplants/values.traefik.yaml @@ -106,3 +106,8 @@ ports: exposedPort: 8388 expose: default: true +providers: + kubernetesIngress: + publishedServicePath: + enabled: true + publishedServicePath: "195.201.249.91"