badhouseplants/k8s-deployment
4
0
Fork 0
Code Issues 3 Pull Requests 14 Actions Packages Projects Releases Activity

Migrate to a new cluster

Browse Source
This commit is contained in:
Nikolai Rodionov 2024-07-24 09:29:44 +02:00
parent eb8fd9f465
commit 9ec7041ea9
No known key found for this signature in database
GPG Key ID: 0AA46A90E25592AD
30 changed files with 726 additions and 142 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
common/environments.yaml
View File

@ -1,5 +1,5 @@
environments:
badhouseplants:
kubeContext: badhouseplants
kubeContext: badhouseplants-new
etersoft:
kubeContext: etersoft

8
installations/applications/helmfile.yaml
View File

@ -106,6 +106,14 @@ releases:
- template: default-env-values
- template: default-env-secrets
- name: vaultwardentesttest
chart: softplayer-oci/vaultwarden
version: 2.0.0
namespace: debug-backup
inherit:
- template: default-env-values
- template: default-env-secrets
- name: shadowsocks-libev
chart: softplayer-oci/shadowsocks-libev
namespace: applications

10
installations/platform/helmfile.yaml
View File

@ -12,8 +12,6 @@ repositories:
url: https://zotregistry.dev/helm-charts/
- name: bedag
url: https://bedag.github.io/helm-charts/
- name: vmware-tanzu
url: https://vmware-tanzu.github.io/helm-charts/
releases:
- name: argocd
@ -47,11 +45,3 @@ releases:
inherit:
- template: default-env-values
- template: default-env-secrets
- name: velero
chart: vmware-tanzu/velero
namespace: platform
version: 7.1.2
inherit:
- template: default-env-values
- template: default-env-secrets

5
installations/storage/helmfile.yaml
View File

@ -11,7 +11,7 @@ repositories:
releases:
- name: rook-ceph
chart: rook-release/rook-ceph
installed: false
installed: true
namespace: rook-ceph
version: v1.14.8
inherit:
@ -19,7 +19,7 @@ releases:
- name: rook-ceph-cluster
chart: rook-release/rook-ceph-cluster
installed: false
installed: true
namespace: rook-ceph
version: v1.14.8
inherit:
@ -28,6 +28,7 @@ releases:
- name: longhorn
chart: longhorn/longhorn
namespace: longhorn-system
installed: false
version: 1.6.2
inherit:
- template: default-env-values

36
installations/system/helmfile.yaml
View File

@ -8,8 +8,6 @@ repositories:
url: https://kubernetes-sigs.github.io/metrics-server/
- name: jetstack
url: https://charts.jetstack.io
- name: longhorn
url: https://charts.longhorn.io
- name: bedag
url: https://bedag.github.io/helm-charts/
- name: metallb
@ -22,6 +20,10 @@ repositories:
url: https://helm.cilium.io/
- name: bedag
url: https://bedag.github.io/helm-charts/
- name: piraeus-charts
url: https://piraeus.io/helm-charts/
- name: vmware-tanzu
url: https://vmware-tanzu.github.io/helm-charts/
releases:
- name: namespaces
@ -46,6 +48,13 @@ releases:
namespace: kube-system
inherit:
- template: default-env-values
- name: snapshot-controller
chart: piraeus-charts/snapshot-controller
version: 3.0.5
namespace: kube-system
inherit:
- template: crd-management-hook
- name: cilium
chart: cilium/cilium
@ -65,6 +74,9 @@ releases:
set:
- name: crds.enabled
value: true
values:
- networkPolicy:
enabled: true
- name: issuer
chart: '{{ requiredEnv "PWD" }}/charts/issuer'
@ -73,18 +85,6 @@ releases:
- kube-system/cert-manager
inherit:
- template: default-env-values
- name: longhorn
chart: longhorn/longhorn
namespace: longhorn-system
version: 1.6.2
needs:
- kube-system/cilium
- kube-public/namespaces
inherit:
- template: default-env-values
- template: default-env-secrets
- template: ext-secret
- name: metrics-server
chart: metrics-server/metrics-server
@ -120,3 +120,11 @@ releases:
- kube-system/cilium
inherit:
- template: default-env-values
- name: velero
chart: vmware-tanzu/velero
namespace: kube-system
version: 7.1.2
inherit:
- template: default-env-values
- template: default-env-secrets

20
values/badhouseplants/secrets.funkwhale.yaml
View File

@ -1,10 +1,10 @@
djangoSecret: ENC[AES256_GCM,data:9ZPeukvGT3fQ19ef3Q0=,iv:P4VZY9Ils7CmQ9iDwbo8RmM1niY2xH8xY/BXJMjSp0w=,tag:ipIwKH4nVaGkbhITUZun+A==,type:str]
djangoSecret: ENC[AES256_GCM,data:fMSeOds/Jg/wwl1+yis=,iv:tUHZgRSBinNksTDZ8PKDwg2RKJzqi8QwxX42wySODeY=,tag:GEQzFKw+2M2lQql8c8FY/A==,type:str]
postgresql:
auth:
password: ENC[AES256_GCM,data:GVVmpA4LRiBe25NxUtyTVFDxq4mTRCfGnLgz39Y=,iv:eCKjnm44xfRCnqyGqo/bSPElItD/atx2NblTTeVuSDE=,tag:B3fkqQUK/wKo80GvPEOV4A==,type:str]
password: ENC[AES256_GCM,data:vJdVBHb5uYkxk/rp4Sbf7wVLGpR66OsVyA==,iv:L8YwhPyYpvMkGUoqtkctrNslW7LF2s4apZ26WbDBJtk=,tag:LG/39niDzaqQXQ2+NvU1GA==,type:str]
redis:
auth:
password: ENC[AES256_GCM,data:2kocp+hA3u/ZQi6OiwrbomeYiNvFtvU1G4poP1P+,iv:StiScUrhNpS2W/57LMHVmy3Grqg1hH95aCGwhr1XlzU=,tag:GdQ+JP4y+kDPe5EBbI5KIA==,type:str]
password: ENC[AES256_GCM,data:eN9uZXp9AoLe1QPtbHR5rXGKgSZFzyFMm5G+GrUq,iv:cD7XzjKcbrjjMSY2lCyL+CGYOnbduTiiGqAwKgDRV/s=,tag:05UomOmZ3oOzvmE4PLuFYQ==,type:str]
sops:
kms: []
gcp_kms: []
@ -14,14 +14,14 @@ sops:
- recipient: age1vzkv97n2p7gfkw8dyx8ctz2kumattz89th2jq47zyjyrarmnssysdkw9v8
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBtUWJITHdYVi9BTnlqZnlz
UjIweWZqV3pGcDVTWGZTdVFRYW8wMkZITWx3CmRCZTNYRk1KQUEzUHhMT3R4VkVF
b1BUd0lzRWVFR1RrRjFndnFuYWdOVncKLS0tIHU4UUpCNklsYnA1aVBHMzNVTVBy
dm43N2prYncxMFlIZW95MVdrTG96UFkKZWfR0r5LiQRo8C+lu1E2tX70BdmZ3n5W
bl6s0js6wcGEciwQ4jwxQvfsJrecCQLprUbynuGuQXrCqDIHxHsTiA==
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAyU082aUE4enJ2UllHQ3Z2
OU5ZZnNIb3JJT1ExSzBxSmpSejdnOW1LSnpnCk9XUTZMM3Y4Qkl3aGdPTTVUOEVW
dDV3QzdScWNMdFc1cHhKbVNoOHdDYU0KLS0tIFBZc1MrYkh2WVpPQWNaMWYrZVQ4
b2lvOS80WjVZQWRMREhrMVpWRjA5UkUK/iY1SvS1ubVj9WtWPfF2DOmOweFRoKgZ
WtN3jGFsHrgQiiuMlW4huYGqWKCASPoEW09vNJ/mrDBmp38YdQfczw==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2024-07-15T04:21:35Z"
mac: ENC[AES256_GCM,data:k06a/0Oh/xqrTo7396RqTDOvpXwor702HIKA99m+lT8aXrNQ1X2S6DZjDqeKdkjAcFfraWgKhc4kAq5kFH9zVq6T56E9VxxhgyQ9GkrX3Q33aehfD++57yWkkhwwYfFOzM5784CW6HHct7QZGPsNSYQO8IM+RJOKkPfa0taPraU=,iv:lsjg5Z0cix1uOC9ghj8Cg/bASB0BQEhnDG82opoW44Q=,tag:Q8xl1i1i4UA2uwnzb6TZIg==,type:str]
lastmodified: "2024-07-21T17:33:39Z"
mac: ENC[AES256_GCM,data:LTuNptcXyW7dNFVpIFwaD7D95lcoQWZIIQOvPFTpXh1xjdX66E7XXEWFNMn5p/PnDvvZdQ9IKSyR07ekzCLrSnoC0TYI6Sq1xY5tsR9WYAqK7CmqPbLYNxlBlViJW7UA4X9QjD9KdGMtsoKFgeU7t06QYFp7ooYjOn81Ny3jmyE=,iv:qR8AZ8uaD9Vu1ekXB2Rp5jjUv1xcNqS838f+/Unc3z4=,tag:+bimX/eyeSY4EM1fhOFUUA==,type:str]
pgp: []
unencrypted_suffix: _unencrypted
version: 3.9.0

54
values/badhouseplants/secrets.gitea.yaml
View File

@ -1,31 +1,31 @@
gitea:
admin:
username: ENC[AES256_GCM,data:3vMaczD5ogk=,iv:r1mcBtnCn9Rea94wxlJl2k9WOgBreSqhvC731ylzTyk=,tag:128Zocc29xbuiMeX6YsPfw==,type:str]
password: ENC[AES256_GCM,data:2dpL5krpBiANfPPUE1ESiVZZmsc=,iv:TrQxyzIrixeR6UcBN+pol6PPOHME+dKAzpB7S7LyTXE=,tag:gkwkU0tnVaA7w1ELvC8QrA==,type:str]
username: ENC[AES256_GCM,data:jWOKYLR8wEY=,iv:obfaa7iVArqZsfXI9glfNVhnEzNPnoPvA9WZrqzURd8=,tag:ZQykUfckAD6CcRsAxYLfww==,type:str]
password: ENC[AES256_GCM,data:ckwTYUA05SSl+3KD9G/XtQW+nnM=,iv:reeJTq7vWcfjggl9X+/t0yYzaz7xuiZLZM0xW7zlfcI=,tag:x0Dtf3ea53+1c0jhn2C5zw==,type:str]
config:
mailer:
PASSWD: ENC[AES256_GCM,data:6j3SksBlJAHGdxYMakPlT5BiH2A=,iv:psdKPFPL//zxhzpIYoOYWRkXuRe3zvdWuEMmxhvdTUw=,tag:pD8GVh9CQwoRTQyYDDqYiw==,type:str]
PASSWD: ENC[AES256_GCM,data:ZXMbptf1Tn8QVf9H6gLuLIpI+gs=,iv:QsHjgoEWy4mEf/NNBnuPFpXBFHoACn8pfQmbF1wI2ZM=,tag:/T6PGia+mkzmcUkWANO25w==,type:str]
database:
PASSWD: ENC[AES256_GCM,data:53PIleLwdXm19T5w3ia+NRZI6fGcIsc=,iv:Rzv2j5pRV/lZv6LOm9L52rZV80jB/X46kSugtPYSy9A=,tag:IZQsgKZ/rejAY/yqWZ7Ztg==,type:str]
PASSWD: ENC[AES256_GCM,data:mfMbZf7Kbn+5gwLi2JGMt6otMlQ=,iv:r2H7aSJKraBoDydV6N29hsRiH6bLUM0aJHPmo3dbSP4=,tag:WwBHKRYdJIv6IGQehO2yEg==,type:str]
session:
PROVIDER_CONFIG: ENC[AES256_GCM,data:pd+v0a7iN+FEHNTPTWQkqRqisFkhYx7Y+VEt14OiGwCtqWCyO/KhAYi+5M9sehLc4BlhkZqkQsNk03UtbRqh0N9FcceQDFurAT/UT6hqfLV0afpS2tBq1v6Oy8PPF+/xty43SalSFdmAJqmRWdxQ7MYdi5O/BFB9,iv:aghnx3uzAN88Z01OCLuKpQHfmhlz3QfSOKE1DLFcIRc=,tag:mByau0gklRRqdhqshNM1AQ==,type:str]
PROVIDER_CONFIG: ENC[AES256_GCM,data:YexjXlIj5mtwhv5HD2rmpzo3hqIXpZkyPk0njFYe3tceDV2uclpLCmIrZOumwo4TdWtIZ5Axs336vXtFvi4LFSyyrzSnqSPNxC1aNHwmj4keMY1qvPG0qRCoS7Q7JcCak41gRopbx+RLn7BENZ6s0e19u5PXLDSB,iv:pkY0LBpXhnSr40YoZpklytGWmKe7CdsgPpQySXfON5g=,tag:96UXoPksLxE+mJzyjzjqEA==,type:str]
cache:
HOST: ENC[AES256_GCM,data:s0pp4tFpn+BSuptnNiF1DsUzCnKcSk5+6fg7dbeUXHk0v57sv3NU2A2enBIVXz3Q/x84iecThl2jJubv+WdaHcuyrojqIycxkCZBX3Qf1gGz6ntAEzLVrsqxBND2Q2Te7vh6sKkxNEfqIrxJ6gGUMVlBJuJEPTDQ,iv:DrEhNNhxlbmt20vHtHUUQefPthaDVi0iKHUlVncjCus=,tag:m5XtiUANaRcBniV5Zgb1JQ==,type:str]
HOST: ENC[AES256_GCM,data:C4GD2Nbb9Yi7TTKvipoPW3wM7e9BvQziBqweB/AUTq78pk20c2QoirNDETqcGaA002Phr8SwttdljnjVhCMr/w+Np/XkNy2rSB00A6R8t5/gDDoxUE92R2RLFIRB3Ao4UwKdL2X/YvzX1xDq/WC/i7VmvPTnLbas,iv:NMTgSxxvrut/Pxi5lZa6mbP/eOMt6rk2leFJESl5SJQ=,tag:bKJ1P6KXdjHC3bFmreD7OA==,type:str]
queue:
CONN_STR: ENC[AES256_GCM,data:aOXNVddJsB7ivhZIz68Du7UovOH9txmWBp7hFTNDCX9iN0kQYFEFTsgo3CopaBraDN8Px9AkuoGoReFeeQmobBOoVhLh8uUDc4wh8vX0/7kQF0Y0nL+CvZX/ARdq+quVS2ezT3Q/L9//3i5/+c/JhoXjsnsjd5/3,iv:WGkgDxJvI5n3DmlEvTtTtXhtBLNbUCInoX65pf6xY2I=,tag:ffWgPiWY7aTP2t8a0vJHVQ==,type:str]
CONN_STR: ENC[AES256_GCM,data:28O5cVRnezFBWnyILjGxLf39SrS7nYNuI0km29qz5Q2qPGwojiLziyTsBb9AUlLZc5nLcGEUIJ5vnXONtw96aOobDwwyLmPE8X/QnpRvjRN4DmAF7LO98AuyTrTXEOSNMp3Dee88F9T9wdwr5ekh1Fb/gBSJpkkt,iv:PP0ZPxBulXce/bIUTuuQgiaOBWNcjMe2V/BgFGJm77Q=,tag:BDteA6nftpa6q6djyhivGg==,type:str]
oauth:
- name: ENC[AES256_GCM,data:28rs8MIG,iv:1BMEey0O/bP6dn4AoyvQijYsGxgcgYL42Hg4cfZmoE0=,tag:fgINzelLtjMmoNFKMpDvlg==,type:str]
provider: ENC[AES256_GCM,data:7DgUWPMQ,iv:zl2CGsU3BVlv8/RWvZPbWuPTURqK4WP/7nossqToglM=,tag:1J0ocYVcuONp+fP/EkDGQQ==,type:str]
key: ENC[AES256_GCM,data:i2eFPPatiIdP48nDlS0daVVJJuQ=,iv:mA1BYXBbq/lN3VqltqJNr1xx5V/JCFm8WSpgwkl0NaE=,tag:vEhBiSUjcdnrTiuR1i6bOA==,type:str]
secret: ENC[AES256_GCM,data:z3ZnGxQgQUwd7tFhFoCOsfjKbuwEjxBXSCxYKmTgLC86Q85CnWuQ5A==,iv:bn06FAyDoLV8Cvl3p8Iwq8xN9Y/9aa8vWDYZ7QbBic8=,tag:ABBcxyv3DSRG+KUiZtWd4Q==,type:str]
- name: ENC[AES256_GCM,data:DRvxuHW5YHyd,iv:lmorxsp6UQXMGzDtTOxsk9Spt6PtQqBZXpGLjWPSfwc=,tag:c+Z8bTWIBMb0T9zUp43t/A==,type:str]
provider: ENC[AES256_GCM,data:bVFY/VZYbfttfSVH2w==,iv:zkvp53USluN03spZBnMjgQeWVJeX1AawOWP7ZFT8ghM=,tag:YD1DspS7NCpGdDaItllYCA==,type:str]
skip_local_2fa: ENC[AES256_GCM,data:5QYHsA==,iv:uFJpxGZJVj+HMGNGAvoEmvYKGO9m2F1KwGBDgr3X7Cc=,tag:7hO+Gl+Y4rJ3386z9H+uug==,type:str]
key: ENC[AES256_GCM,data:CkXCnBs=,iv:w5E3CBdi+Cbyd9PsLjkstKcJDqqh6p9Xy4CExk2YDgE=,tag:FYYVedUt4tmzpHdgn4mm0g==,type:str]
secret: ENC[AES256_GCM,data:8euQctcEMSlv4JR4fLgDAZlnRAKe2P8HD+GNBirWqonb9MoDZLaKQcM4w8Y1Ya2BhJaPfYK2mSizxT0QUhRtN8BMn1h2/b+UDHvGNxheM/5FbTUaSI88HYX7UUcb1bn/2LJIaLoDs59fCkoAWrBRWqoXE5KL/2ZXEDVB9mbtpZg=,iv:iv5U21TIAr+bPc5yi7lNaZonjbh52A5uxPWZCpN00Eg=,tag:NOOhDxyNnWemsRG0ttu/NA==,type:str]
autoDiscoverUrl: ENC[AES256_GCM,data:rWc8bAMGwtIq6Ywb8tVAy9vgxf5ReZ5yqJESlTMFgW0mHTRjLMt8TFijMBHT/FFnnFFN2xapf6rU2bfPmtQBUgnLLDAmalRk1YnzAl+xdjM0e/BLv4q+H4k=,iv:BEEuNh3NcX27/+pzQjKyPiY2IIK3FSsSt5+p/1p79h0=,tag:bNYgc7vYMTpVQ6XROaMwqw==,type:str]
iconUrl: ENC[AES256_GCM,data:o7ZGL3fIiuHSiEXZK0NzACq/qb66QoLEhhtjlSRtCl6t/4mVTKOAj6Extgfl4r9l7k9GRAKVFus9H1BkVmeZGC7cVNpcEw==,iv:vgJB5pRtElNuNOTL6vBTHV4f9m5dh4EtjqIZvaC5xTM=,tag:GpFqcnWJLq5nmukzu9CwnA==,type:str]
scopes: ENC[AES256_GCM,data:+et7Z/Hfd5kmpXyqCA==,iv:GfKUWYynq6CrDLmi6GiCwPN0m7xLgb/BxtUahn2qmhw=,tag:bSlFzz6eRhpy9r21iO6/6g==,type:str]
- name: ENC[AES256_GCM,data:DWCdEzwP,iv:fJrSGxRPSljBLSnRRRCjsa3QCa730NGRyKJCVJe8YNE=,tag:vQFTYVUQXPcB3Mx9/qGfVw==,type:str]
provider: ENC[AES256_GCM,data:mSnq2rOw,iv:XC1JS1oqZxbBZoraWemzXWGSnpvn9NTx8OA57HV1B8w=,tag:kPxdj8h8Qk9oGayi3Di7yQ==,type:str]
key: ENC[AES256_GCM,data:ft+Zqnu7oXHxMnMcRFpT934TGL0=,iv:qFj+BT37ZKIH69ikEf1YMwE1LC+dyAW7tBXhY5X6mYY=,tag:+p+3+GX5zakkXyi41H7Iog==,type:str]
secret: ENC[AES256_GCM,data:CSGrxpxfGoKs4wHKl25s37Nenw/0nuagCa6Ed++nE9lnQlZ8G193CQ==,iv:oTOGJmZi/26OvKG5gkrUoFVaJ8erkHfVi44FTy9kb1M=,tag:upHqogYqdVZlUyJT3BG0/g==,type:str]
- name: ENC[AES256_GCM,data:iZ2gRgmkZGcG,iv:N16HI6nVh8euitBKEq4yr3kr2cpLRb12XWKupXGR98A=,tag:L+rWF5wbrwWHhSus1JGP2Q==,type:str]
provider: ENC[AES256_GCM,data:2HlYsjvxnOx1sHuKlw==,iv:aXOjLsl1ZF3NCPpqyGrSM25lX3OLKoRpGzrRW47lGVg=,tag:LzGsYa36wqgch/nw+en6oA==,type:str]
skip_local_2fa: ENC[AES256_GCM,data:QYsYyg==,iv:tZt+yIvuDbFa9BWsoeUvcOpIonlufb9FO7YU59mGkVs=,tag:+2rr0Q7c9XfwjFR7C+ikuA==,type:str]
key: ENC[AES256_GCM,data:4/jJ0cc=,iv:iu8l1dGDIou4ytXhub7YKlIGs8WDEAAjKVbwd81m0Uc=,tag:D2BiWDfubzbK0cJl1Bk/0Q==,type:str]
secret: ENC[AES256_GCM,data:iRRUJl5r7wJQY4SWaSMF2ut2+I37CGPhXOpCkMENNRm6dvFp7YNyiHVQT61PsWnoyWz9lFJMkjCnY98JDjvjWuYCW8O30IEklq/N4KYSgD5TLEWu1OCcPC8A7yMZJSI8rxTLKcevuGJD7ZT8hWl3nZDTkUwTEJy0qREqyhc8caQ=,iv:KOLmK6UddEq9hv938m409ldxVpR8pQLiJwk7Sr0W4mA=,tag:ZDBZwa6ZAQw4qGU9C+Z/xQ==,type:str]
autoDiscoverUrl: ENC[AES256_GCM,data:YxqoKonuM10Fawz8qJiOVILsoJDKuRotf4SHw/Vvw0srWvc26rpwzKoP+kj1u/UFv6pDmnBvrAgYVPGyJt/e4TgmsPDYfH6D0IVngaFLI5KDRll5aIUaAeQ=,iv:4U9CIgObfPwuqi/vxky4pNkL9R4BbStJ3YQ3MBH8LYo=,tag:Ouwcj0tjKu7eykoT3Rnkwg==,type:str]
iconUrl: ENC[AES256_GCM,data:OmHXFvlKnclwjbTc9AXbcMZOb7qW7om7Tgf7b3uHLgOmakuyTq7QhXM3oFQN+T/+J+Cna8MP27coLBDW8TL7RefT1TapSA==,iv:py3p4kh90W6BgAHmI2MIBu92y90M8QhQDmic0pX3m5c=,tag:yqci0Lu7K16/JBlJGkoXng==,type:str]
scopes: ENC[AES256_GCM,data:IvNV7Q+7vPJn7EJZ7Q==,iv:S/aUhW0ASL4yAwe9IaeYdjokHrE+4MViEAGa+5wQlyY=,tag:OxkVQCSfjCQePnJqt+EcNg==,type:str]
sops:
kms: []
gcp_kms: []
@ -35,14 +35,14 @@ sops:
- recipient: age1vzkv97n2p7gfkw8dyx8ctz2kumattz89th2jq47zyjyrarmnssysdkw9v8
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBKby9xeUJBa3NuYzhGL0pY
QmVnNm9XR2E2MlRNTzhMUmQrdjdqS005djBRCnNGMHNhYzJEODZDUTdnVUJGTmhk
cFFVRTJFN3lwaWxBWHM3K3BZNVFqalkKLS0tIFl2OHVQRVJ2aDJuU0wraU5YcXlY
M25YSCttNGlBaTJyZTZlV1loampJK1UKoxw7UJF0Fv0BK8sQFePWT7GR00f50hMz
cC7b41VLLIVFF2ZmnS7eQEKPCcR8OjcjTo37RtqiTp9Perh4Cd0H3A==
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBDeU9sbjV2b0JjcVZsbFUv
OWpSYVhBSlBrR2FOVWlDZnhTRk84YmlpK3hRClBZeTQvclE1VkhkMkltbjMrN3Vk
cko2M2VsNkpNSjhPZExUUTB4enV6WTQKLS0tIHdOV0FidU5wN0ltNTVlNVF6MVJB
ajlnQzNTK3NzcnJZN0FGVmx1VjhQVk0K2m9pzSB9gqIkOLBr/WwnrZfcj5633tFJ
PI+H+aXZwJtKuN4YOw0rlp5Jp4iQ9aD/9TLqYT6xQJbU1nibqCca1w==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2024-07-11T13:24:17Z"
mac: ENC[AES256_GCM,data:4mPa4PInVeSKOA4VfC7gwYAcU1R3NCMBtn6oC2vLVHk192MBnMYnlLb8+bAYG2TVR38sdcVRfWugucijEouwWcCAixvPoPB55O2q0LtOS075PcmCiBUY2EQwYbfbgSXIvxm8pNa2izKFI6sabXFVhwP1Ofp/O9PVRUk7WYHuQgI=,iv:LNJ1mh5jZLum/kOZPfLIi9B7jSJxkWk0ZrY9yTy6KlE=,tag:XxeroRfGPXN3aJyIxUa50A==,type:str]
lastmodified: "2024-07-21T12:10:40Z"
mac: ENC[AES256_GCM,data:JlINn9gcMkhLNbCuOmfrnhB5f2K94KO+8qSOeKf5KjeJFv5AmGP/ssCPVRxko8Mi68l7JueggjTLJUgRRuLr2JdH9lI3URK8Oh63d5iYbn/y0LIPJC//mw/WWrNO15H5tR4dt1vPOzi0KwozvpLt0R8SYYwU+IIF3Ej/kG2KMyk=,iv:ZKsYYVkeCjvPptzH00V2SFKFQ0St/TOnxSAbqWpWWZI=,tag:NSG4lsk+Adglo3R/e8ZceA==,type:str]
pgp: []
unencrypted_suffix: _unencrypted
version: 3.8.1
version: 3.9.0

24
values/badhouseplants/secrets.longhorn.yaml
View File

@ -1,9 +1,9 @@
ext-secret:
name: ENC[AES256_GCM,data:4jH3h48Oeu9W8sgd+l5iUw==,iv:JNo5Tf6f+tGCPr/U34/bneEMwudmr8SWRpOwlJCV0AI=,tag:/K4o9qn35GePLKb9Fv97oQ==,type:str]
name: ENC[AES256_GCM,data:IpPv89vpwii27UclFUCcTA==,iv:qMeYGveJD198bxIZjfMIdZu7dBipRCu4EsoeiBC6Efs=,tag:k79JW54qd/xfgyHmkbR4Iw==,type:str]
data:
AWS_ACCESS_KEY_ID: ENC[AES256_GCM,data:hlYynKiN,iv:rDL66gw8x0wckf04nUkSOQWp6KJ9nPKH6yaYpwvAC/I=,tag:nVc6H58vgxN4SS/28LAnGw==,type:str]
AWS_ENDPOINTS: ENC[AES256_GCM,data:L2WqNECWNHWRDpT6bSu8FqZ2b7m9R5k=,iv:nhhhrTImNU40+vMt36ZpE2w4gX1RoMnabP+mG1SGnIc=,tag:ioNkPx8195u0XoqD8qoSEg==,type:str]
AWS_SECRET_ACCESS_KEY: ENC[AES256_GCM,data:aVaJV7mg6lKUWvL04Oo=,iv:Wf9HYaznYFWptMR9T63r+wrd340BSQOMpKosfvseaoY=,tag:SzkFOXOjiH2QcxSa/Y5Xxg==,type:str]
AWS_ACCESS_KEY_ID: ENC[AES256_GCM,data:Dl1SneGa,iv:AVFCJ75cJ+RKYSvtLJtR0iickPLhgyJku+I0l8t0Hhc=,tag:QwUpBSLDlHNUR1w4xLlQ8w==,type:str]
AWS_ENDPOINTS: ENC[AES256_GCM,data:RfiEBXY9wl3rzrTXq2JBy0EavblH+EM=,iv:Y1MptogOs9MQmnW5Lzo0WuwiDkq5WGQmWRE/12CxJeg=,tag:4xbTXBmQfWMukzVItYD5Nw==,type:str]
AWS_SECRET_ACCESS_KEY: ENC[AES256_GCM,data:k/I4oC2s7rkChuc68pk=,iv:SzWiTO/74MzobUXgA8C/abM+WOV/dO18LP1ogxHQJ28=,tag:xQcPyCiPd2JW1qEQlImpBg==,type:str]
sops:
kms: []
gcp_kms: []
@ -13,14 +13,14 @@ sops:
- recipient: age1vzkv97n2p7gfkw8dyx8ctz2kumattz89th2jq47zyjyrarmnssysdkw9v8
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBnSUs2OXBJbDFCYVhkUjdu
d2o4cXl4d2x3aXFSMm5HT0ZPMWI3YmhHRncwCmtWaDd5Q2d0cEVicE1MOW0xQ0li
aXZlbXBubVVoaTMwNCtiaUxRS3NUQlUKLS0tIGJuMlZZOWhxb0pCSy9wQkNNRk1o
WmwxN2NZRTNRK2dtU2pkMU9WZHkxSFEKUNcfWgzUU6LYxoQflAC6KZXINguTywjR
WJCBbihip0RfFeyiy9E1/O75OVnqwOUHgE7YWv9gekzm6GJhsuLTzQ==
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB2YWcyYWhCT1NoTTlGWW1p
OVF1RVU0a1lPOEVFM3NkU3BQZkE5RWUwZ3prCkhaMUp4OWlLS2orMDFQR1ZzWTJ0
QnJSOStDOG9Ob0diOThDZE0zQ0dibDAKLS0tIG5QSEpPUjFnZ2cxYW5FanJtRTNO
SUdza2xlTWtlRHFLb0pYZjBabzdvVkUKqUYqyBcS+UTc00KYC+BCRvFLq7Q9LQx+
NwenXMGEDJ6EEcmiHW1qMFxf9me6zFoF1te37nJ5yOYqh91C6OhILw==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2024-07-13T13:04:38Z"
mac: ENC[AES256_GCM,data:ncKEHKNJSSjAXa5T5pBJoRCht228MMOb63JfaRDiGxZKOxi8wSF/UUyq1Vs3OjiklHeUwvgxG+gIpJHf1Png7zTWRXdptNLZu04Bog/RWa5L2Ow9BXq2GQ9h/YVZkgSB9Hvzu/pfU6efAaPqE+at/5sF2TIYB8ezoVsFQk+kRoI=,iv:s3ebxJZeYnR7BqpG14h+52BtvChup9ohY1O2DQrh0tk=,tag:I+sRnkOYwcx1j4YQKb4Cjw==,type:str]
lastmodified: "2024-07-20T21:35:51Z"
mac: ENC[AES256_GCM,data:KQXidT8xb6tfar6nuWmmT8vYPHafMz/jdvBYWU9+FPU4zOnDoz4PN+c22PAfHIvlWuA/BPtBii9xMExGRAOo6cdwfK4B7SynELVU5sETlhRRiz5Cb/hjXuW+wBi+ydWjQv0hDiRqnjAmrzvChUFXYQyI0pMXeA2MzyqPPEJAc0U=,iv:Bvj4vxvvampJcXZSNQIIIHPIiH5aGqX2Fx6jCWjNj4U=,tag:EixnB5lnc2zhAYO1+k589g==,type:str]
pgp: []
unencrypted_suffix: _unencrypted
version: 3.8.1
version: 3.9.0

38
values/badhouseplants/secrets.mailu.yaml
View File

@ -1,21 +1,21 @@
secretKey: ENC[AES256_GCM,data:0LlGX1QG39jemZ8X2Itq2A==,iv:Dt1YoxrQ3yxJVZ3sc60kWXDvtwKCO7PrsZRMZUDOHpg=,tag:NY/8/xxnYcX/Hv1BCIKCjw==,type:str]
secretKey: ENC[AES256_GCM,data:2C/EqqjWummBL0sY/ae+BA==,iv:wjm4+scr3wFUgXpol+EYghbW6QNNPjG/Ly4MebVqWu8=,tag:YndPQnLhZ14gRqonk4xoeg==,type:str]
initialAccount:
enabled: ENC[AES256_GCM,data:rCMSGQ==,iv:mltQk4uc4jETPOimbRirrlxWxPsck6cLOM387chFtt4=,tag:3cy2sk+WPle9T96PcdWL+g==,type:bool]
username: ENC[AES256_GCM,data:2s3WINCPpAg=,iv:inUPAt/Q/lqSi88CKIEcexkbeJwSkS7pCWJqjDBbZ68=,tag:793MA/57fipWdODD2zcaUg==,type:str]
domain: ENC[AES256_GCM,data:IPoIY+yGxry3QQTRbdfbaRJU,iv:xG3mp+yAf+J2V0owRYi3XUCpQjtxAA+92bNiKTLvhvw=,tag:JogwzTxnImd4iKgJz76yaA==,type:str]
password: ENC[AES256_GCM,data:e2d9qYEUjkxbQRatzDslMTGDZhIqZwgr9t/olN2G,iv:uynCQDAKn7IoVpd1VLhWAI6dK2hN7LNC9PFNnOkYGOU=,tag:gqZSMCh3j/9lA7m6RQm6Ag==,type:str]
enabled: ENC[AES256_GCM,data:gmF9JQ==,iv:FE39Ygp4f+42llF5nGcQhXmO0FwPCjLQYlN16fGS2c8=,tag:C2BfQ+gu9OEEUeIRWYgNcw==,type:bool]
username: ENC[AES256_GCM,data:0gRIKqZDUNM=,iv:+3HmKBgR8JdSKQl79x+FLVeWZoP9CZWAxAeEUoYaIAE=,tag:afGcj8YwcpIEfHgz4nmvBg==,type:str]
domain: ENC[AES256_GCM,data:0SA71hSApv98uXP/fYFNGkJA,iv:LzQf1xoyHBIzz3Dlv2HYwJlPxU3xyy0m/Jp9RzeJ8TQ=,tag:gweJ4PV0eooqKKbb9aG7fA==,type:str]
password: ENC[AES256_GCM,data:+qLfSVDzhWYB19lt6RzPnXN2qFJAAUGeljwZQoCl,iv:GG/vcep80OGQhL4TL/33RYdsZ91Senxoeomt12cNvjM=,tag:fDu7NMjotkiIYKiVA3hUtg==,type:str]
postgresql:
auth:
password: ENC[AES256_GCM,data:YHgy0iu0oaaRBiiO0FXCN2o9d76Vgdbxi3Mnoerj,iv:d0tOkZsXvbEVA8awiX3P9AMrctbvy2JIbGggua5dTzs=,tag:v8b7QHY+5urMsV53IL7wsA==,type:str]
postgresPassword: ENC[AES256_GCM,data:LJH0X2ptmy3xNOHcpWr1FQ0IA1v8q1GmzXrhRwZz,iv:kLh8rb/75uGQL4uFbNLxzD+U59LcKkDeY4uExgbfgoE=,tag:abbtDQZAdzzrMsw0ErnX9w==,type:str]
password: ENC[AES256_GCM,data:8miAR6Z7PB01YtzlXJ+lmMNhVMD9GAwp2C8yUh1K,iv:7EQUwcDYNDHWmxWgZx3D4XOcfHfDmljl/TUaqQw022M=,tag:y+Z7sP5MHmjustVgcFhDow==,type:str]
postgresPassword: ENC[AES256_GCM,data:FBsPXyaLACvCcPiKYSidzanPmDSuQm00Y0VVGgFk,iv:IzCwXuFHq1dNO1v43X9LeaLL6WHyX0VbHKMkHarzDLc=,tag:dI7K0RpiTS6CT1IAP+rinQ==,type:str]
secretKeys:
adminPasswordKey: ENC[AES256_GCM,data:30CNkafy6P0F5UCvjxMus9Isi/FzDzyOqMT+VFk0,iv:1s7dFCEGD6soA+uwjAzKmvCltS+YUVY1/2Tk3ZOBemU=,tag:IO+YBBWmmUnyxbsigACRwA==,type:str]
replicationPasswordKey: ENC[AES256_GCM,data:pdBxjNmwcsDj0/dC5324XVUBpemUM8LbjxVlBwt/,iv:+wfSUgLgCORtSe1Vf02LZx0U9eEs6Bd9OgH3n6kK8BQ=,tag:E+FgJG2z8/TBAmy7+XlYSw==,type:str]
userPasswordKey: ENC[AES256_GCM,data:3s35K9e4RHRvpt85ft2Msb9GfC6TlGnjIT8B/obp,iv:KnuBW4b0LOuHwXNzgxVqpVDnijiV+DoyQfveHvgCsp8=,tag:G3FcSSPMJy/7IUsUPLbuSw==,type:str]
adminPasswordKey: ENC[AES256_GCM,data:bg+ZALMVfw1KCMoHM2dJMl4nrXHCWffOfrEGoacX,iv:pR4ybyQdsHa+4l//fGlOSbC32W8D5N3dpbV5zAslCO8=,tag:Ws/qcvr9nRoelgY0j+LWtQ==,type:str]
replicationPasswordKey: ENC[AES256_GCM,data:hISKDJ7aX/purQqNitCirYLEWMWjsI+UXHiNZBK/,iv:+EcGrXZIFvXN+vHDZyQLbD25XHf9xRDmkMur/5cOQcQ=,tag:Z/HCw6NblVy+17i5UiZjAw==,type:str]
userPasswordKey: ENC[AES256_GCM,data:Eo3jeY1rnrqe/Onk1Lsp/oQN72yS93tl21srZ/0b,iv:JdvAIpfIhaqPNO1ffc8rN0N6QTWfaFfCTpbuoXVgrR0=,tag:mjwsTPUh/Gw9UL9fOyAKsg==,type:str]
global:
database:
roundcube:
password: ENC[AES256_GCM,data:WUgeCqoWVRCdrA==,iv:5HO53lEArnIqRlWnQqlSKZ+hs7DxDAc9D3wHmbvb68M=,tag:nrjt2qnqGDmT/rv7JNR8Mg==,type:str]
password: ENC[AES256_GCM,data:Gj+fV//U0QG1SLZfGu3Ya/UVEaXAhJ730A==,iv:8qwI9R+NkvHGhGr2WBMiZOVzIMWnUMu6stIVvrPzQqw=,tag:eLx/hj++cVk7lyfKRZM7PA==,type:str]
sops:
kms: []
gcp_kms: []
@ -25,14 +25,14 @@ sops:
- recipient: age1vzkv97n2p7gfkw8dyx8ctz2kumattz89th2jq47zyjyrarmnssysdkw9v8
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAvVlBCaDl3OHBxTnM4aWRS
L1Q2aC9uT20rUlgvQXFkVThsa1JBS3ZwdnlrCmwxQnNRazlENVFPUER4WEx2ODVu
Ukx1RHQ5c2NCZHptNm9IV2cxdHlmUFkKLS0tIG9kRUhzZDlocEhNQlFrYVpZdzVj
aXFnN08yR2JMVkNGcjE1UDFDWjBWSzAKQIt/5DQkW8FTQTQyWfU8QSxMQ8TV1J8i
l326pi2q+TuLoIvef8EKA+qax56OGnqESl2JcyHCAyT2T1tTzM1bpw==
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAzUDlSNEcybzhtQk5JY256
bzlsU1B0aTNOaFV1NE1va0tnOWE2cHpTQzIwCksrRnQ1NjlvUERJN0gveG1YVDhP
aGZrSVlZTG1BMDMzQ1d5MncySnlGRXcKLS0tIFNOQmJpeUNUQWVJYWM4SWc0UlNi
OWErZ1dRazBaZE5sdjA5SzVYZ2R4d3cKRPu6CwvAJxsmhPYJEbfuOmBVJ8I2NGFC
6njQe1PrSbvymUkdn9CCJr43iLjDw1TWKbR6CLSrt9HbE0UGqEP4og==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2024-02-04T09:30:41Z"
mac: ENC[AES256_GCM,data:5SE/XCKyCArO+AqhRJb8h3K1WYys5OHcOfZuRW8j8i3SMEtb+84D1KcsgEFBsJmvffbpxaKXcz7umEIKG+LWLeLjvCgqHwZa7Tidn1X07a9Dep74BfvTNZWVCKEAi/6YcHkLIsVM9Bkl0MOPZTxDjmzVsdiCR+3nfZ6RJ4AysxA=,iv:Yf8m6YNxycoZj+uYAe4rKRmzQiuZtmpLrYYmxDvwPbA=,tag:TcrPy/gj/je8gGOw3jiZ1w==,type:str]
lastmodified: "2024-07-21T14:32:03Z"
mac: ENC[AES256_GCM,data:qsF4gGUbmyNU+dBRMj0FO1njv/pNA74noT8qT6pmq8qniuAxuyn6FGr6HOBVtJmitCH+fZIClw9nk+Gh3hUAX8YM1m7Ymx0nBI9cfP0RyDVHiooHyWrraEryXIOtSK8vXlCO22qJCwPRrU7nNd6u1vfQTq3l8L9EV4ImqLYbZZk=,iv:G3k8upjBuFhmVfwWtcebu1IhzLMRM/yOy33CzMM8MPM=,tag:AhMUuVZmIXAIYb+6qAcwdg==,type:str]
pgp: []
unencrypted_suffix: _unencrypted
version: 3.8.1
version: 3.9.0

20
values/badhouseplants/secrets.nrodionov.yaml
View File

@ -1,5 +1,5 @@
wordpressPassword: ENC[AES256_GCM,data:yYE91wuc9uOzIQ==,iv:jLqs0BZcEIG73roA/wxtK74xX+osePoIaKhg6XvuAXE=,tag:9a3n1tbRAy4TaU0OE8uZcQ==,type:str]
wordpressEmail: ENC[AES256_GCM,data:Fy6mIfhu0DuO+MSp1TPN7On6cFZk,iv:bxYiJBYgbuQsWPRWKfubmNZ/jShMBLeiPDyw7XtOAkY=,tag:RyBuqoNGoTzKR68RNSgumA==,type:str]
wordpressPassword: ENC[AES256_GCM,data:0JSm0szXtZwNPw==,iv:ohVbIeIqhwdoJkPhEta+3sXopGkoL6Z3PVsWthZ2RGM=,tag:9a8xiWdWgyEc7u6ek856yA==,type:str]
wordpressEmail: ENC[AES256_GCM,data:mCbGYDbY37zHVqYo2ZacGWbtVxud,iv:w3La8QpCs1GKWspjVe5XTZ6zcLSnApJw9i6MtYI8rP8=,tag:H+4M42u/5lE64LqyD5JEbw==,type:str]
sops:
kms: []
gcp_kms: []
@ -9,14 +9,14 @@ sops:
- recipient: age1vzkv97n2p7gfkw8dyx8ctz2kumattz89th2jq47zyjyrarmnssysdkw9v8
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA1V2tQdkFWenZWZU1pT1JY
cXpVV3UxNnN6and1R0lBd1NrcXdWNTdibkFnCkJxeERBYyt4ZUtabWl5dlIxNmJZ
blhSUHZWTk1PVS9RUThlNFRBREh0T1UKLS0tIENKK200NnRDNUJCeGNTeFB5Z1BI
a2l5SG4yTjhmUlorWlJNbmFDekN5LzgKCS8nqMu72GDYjuSrfgbp/KZbHfhOdpyu
WpT0T6pk/oOc9ohQKGD/jvcjrMW7OZ5uYpZc/4gPdLKcOnNB+BEo/g==
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA4elh3ZjU2Z1JPckRmRi9Q
ZURUaHNuMk9wQ0JWMktBZ08vZXpkQi9sNnhNCmxudXBIcDh5WGpJSTdXOUcxRGpx
S3RobjJwV01zamozeUJGWjZ2SkJnNHMKLS0tIHE4NlVCZnVqUTByT0xtVlpBNUZk
T2NTYWFZRkQxSzdTN3ppOWtaeHBxWU0KPH4OOrTptzmv9+QzSc6Kvq2leVc0/H2X
3bwsZK0/0toEEPGyrpJFcof1G9Y6GmW2JT2O79K5hm9R9FP1lqaxJA==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2024-07-11T17:30:01Z"
mac: ENC[AES256_GCM,data:KWW440Ez01/kjq1TxLMZLLpyUmPluUJLvgPuY94/O56jz5/ewzkOY+yL4Wc20M++bITNBQUCw4y9HTC4jS2/vWITZnc9Dik8AcbpBrttMIE0fs+WeLudbt56lCCbcddoyOfAvGU+2t74da2uHQVpKBT1jsp/DVlZuFsHUuJeJP8=,iv:cnOqF84iRhDG04oWvWUyXxFmJbluM86TvwEVu7Z7hRA=,tag:nYXMxfm8drvklhSXcGSKNA==,type:str]
lastmodified: "2024-07-21T12:13:26Z"
mac: ENC[AES256_GCM,data:lBIOKXgW5EDzYGdXUP5c0OzdsyOVTbPhpNshlarm7UozDdnEW7brB0izRCp0+FjDxcDlhuBcpR69kel4x0O9NvDvCQHO6TfbEdFy43IgIg6bZAEAa55KNCeaXa9x+lyNWkTNJ066bcQYu8yFj2aOqwrksU96xsBqMk7t0CPgrDc=,iv:e5bjuz9ii50r22Dd7EHPqC71CJAA+jCW1VDQnyqk7TQ=,tag:eHW9xmzVASBGadSfTQwquQ==,type:str]
pgp: []
unencrypted_suffix: _unencrypted
version: 3.8.1
version: 3.9.0

21
values/badhouseplants/secrets.shadowsocks-libev.yaml
View File

@ -1,8 +1,9 @@
env:
secrets:
sensitive: ENC[AES256_GCM,data:DAkG0Q==,iv:TBwu9ozIY9hHOtgZD8kXC9zL7jbguCBnB0CCXgNY0BA=,tag:Yxlv4EE9V0D+OsjSQccbsQ==,type:bool]
sensitive: ENC[AES256_GCM,data:ICQFLQ==,iv:7ohWwGwj/b+N3szJtcz/Ye6tJb+QptwhHwsyCBIp4NQ=,tag:U6+qYO6PFMU/UBkEzGTM6Q==,type:bool]
data:
PASSWORD: ENC[AES256_GCM,data:cgMrKkfKHg06GuNGA1YFyD7RzGg8NK57eAyULtB9f5AYEG2GH642nmmHPCOyUpkItSg=,iv:u1kzkrG9CBXWPYDQa1aasym4dkbxGQoerZYqh4rGVjQ=,tag:QDdQ4+1KX77GGp7lNYCq4g==,type:str]
PASSWORD: ENC[AES256_GCM,data:sgD/f785ojMPeXQEOfHQ8a8YIfty2kZ863xlhbWR5RI6BBAlqUcxzoEPuf1ywhhEDo4=,iv:tEpD8oPSWEfRto31eMXzGB8n0VqPYuqEO0RODyeZPV8=,tag:jWMyVDhOrP+e+lonf4PkWQ==,type:str]
DNS_ADDRS: ENC[AES256_GCM,data:FizWUQGwUB6a9g==,iv:pRo9XdiFFU7eIX8cuYEpt2+uGKpfw8Xw+qtvW3msWMg=,tag:/syUOyvBsNdDxwWkvqSxLQ==,type:str]
sops:
kms: []
gcp_kms: []
@ -12,14 +13,14 @@ sops:
- recipient: age1vzkv97n2p7gfkw8dyx8ctz2kumattz89th2jq47zyjyrarmnssysdkw9v8
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBpRW40RDJkLzBDcXBxTkRN
akhJRGdTUnFPNmZRVEQzcXdjdXFaK1IvRVc0CnJ0MGdrVHA4SzVueWQ3U0lKMHk2
Q0psQ1p5RTdDdEtqZ0EvcWw3RWYvb2cKLS0tIFU5R1VJN1U0ck1QTnp2c0p1bzBZ
aE5DUWh0elFVMVNJN212cG5JV3AzSFUKvMFOpbGIbLtGYldgvrfKbcJO17OPGZoc
TdHaWk2f+HVb29M2D9ovW4ewuxLL/ADNl4rAGMVmpxEAVfxO5XPXlQ==
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA0YXlKeWtrQ3k1RXJrWUF1
TmFYRVlxdVhRckpnZ044VU42R01YK0g1ejFzCk0waHM3NlpYRmRERWV2TzJ2cDZu
YXRheDNNNkFFUHpGOFVUdjlwZkI2TTQKLS0tIENtK0QzOE9XWGF6SXlOem1BTnps
YWhWUnhFb25xWUcwV0pjK0FYKzM5eEkK4u3dZXpMw4VRON+SCvFgGsI4pn3jGxpM
1Hy591bCkC+W5n6okuQauJUIEu28KE3EomZh9h7hg7gY5pUUMZhz8Q==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2024-07-09T18:58:52Z"
mac: ENC[AES256_GCM,data:T1TdR8G2G+aN/tYGzmEGIvkd6cCpGa9wiEZK4g3dR2Qe4eFi9go7h9X81VE3v+HgjwxDfWm4uITNthWgGN7P0hVV6SWwRiG01CnVYDQgRh+tEBKPOFcmq6Tvm5xNGUfv9OeaF1TizIFFDeQ4a/A0qWGR4ZN6HYk2J6lIAccxEmQ=,iv:dz59+TwgL8O94h2rQsSiDY2lRu3dJdNveR4nCQDYzlc=,tag:hLuLZRv63c1oz/cBh0obHg==,type:str]
lastmodified: "2024-07-21T18:28:16Z"
mac: ENC[AES256_GCM,data:ZNv1Pf1d48G5/EyKlEmD5rd3PenkGk3mVcrjhpiYWO47XiOO94oh/T6oibq9aNEcsl3KE9K9HH9fqJY+TboxJTHRAwr1f2ayzFxSn++axxxM0bxLpvd4CnDprjWaBaTNQPlGxLBtVeVqMmDiolWi5ow9cHS0FumpyvMHEnwm0Uo=,iv:1KPnOCF4AK1l5AEujspxq72cBa94mmeuZl8KSZ9OWPE=,tag:I5nRlK0veei0++nxh0wFWA==,type:str]
pgp: []
unencrypted_suffix: _unencrypted
version: 3.8.1
version: 3.9.0

30
values/badhouseplants/secrets.vaultwardentesttest.yaml Normal file
View File

@ -0,0 +1,30 @@
env:
secrets:
enabled: ENC[AES256_GCM,data:vAWPyA==,iv:nEzYTUi6VLTOIoPuKljxwNLoo1jD2twVXG8rbJt++5E=,tag:fQ6mHwjdsaaLXjPgy691RQ==,type:bool]
sensitive: ENC[AES256_GCM,data:vM91LA==,iv:/mNXXR6oI4/eMiyym+kK9N6q8RtchsGGZghgdrw9iMM=,tag:TCULlwJIKVSXF6IMuEV0aw==,type:bool]
data:
SMTP_USERNAME: ENC[AES256_GCM,data:2vIkJbVsF88SqkOCLspDd1qADWvlvDxZTPED,iv:9w05Hm9MDcrUDar2yo35jy/fDrF5aluf9T9gmuOCQjw=,tag:CIJKd8lyUZUuwsCBbdaBsA==,type:str]
ADMIN_PASSWORD: ENC[AES256_GCM,data:2i85zdr26/Id0zhtsAe0zJGavxYOxZ/zd7/bK+uEhPzQTduz7j3oXb9mvqpZD8PJxiw=,iv:hZDJMVhowwfpfxVobPztO4Dx5jEp6Vf57uWWppAC+Ak=,tag:MBKd6JS8nw4NscKfHIb22A==,type:str]
ADMIN_TOKEN: ENC[AES256_GCM,data:VyDuMYCnyC1NRkqMAnnejfPe2UpEDRiAHMt8CO2WWpbGWI2mUb3ApmnBmYclo2xpYduAwHzYfCtR3xZbXCsU5Tx7pNeGXkDaNL68Hzy90p3C9wVhjA==,iv:55Fl+NLBKUsgjugCHp7tmhM4fCCtzPrZdCyJfgFomWU=,tag:oSrfwc1gLy/VmQfeEBcElA==,type:str]
DATABASE_URL: null
SMTP_PASSWORD: ENC[AES256_GCM,data:iztp5mMTHIm4OROpLRZf/VC5ZO8=,iv:jOnAkVsEfSdGrwIIuc7PKPvACTGe3racjcjqqcfLjgE=,tag:BWBWJnWvaaSZM5u6Z1ywSA==,type:str]
sops:
kms: []
gcp_kms: []
azure_kv: []
hc_vault: []
age:
- recipient: age1vzkv97n2p7gfkw8dyx8ctz2kumattz89th2jq47zyjyrarmnssysdkw9v8
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBhLzVRdW5ITFJmWHE5dkRr
R3pGbTh3UmFTTXR4VVVGRjlSUURudmxwM1hjCk16U3BKYkZTcmdwaFZtcTZNYk9C
M0ZBZk52bDBuNWZwa21SMU1mSnhmWEUKLS0tIGZVV01KQ3Z6OGltN1RFSks5MVJI
a2xWUGZpMmovY1Qya05nVXRZVUFDTFEKhF34OSdGZizs1/Rs9qvUOVtomQBvOFbS
hRsK3Orwig4HJdzj1UOZd8UMGwj6Mzhw+aKUJKL67igMwxbxVcaU1Q==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2024-07-15T18:51:59Z"
mac: ENC[AES256_GCM,data:FWplZ9jLQM4WkYU+FH3Unmq7o0Ma4vqXB6dX6ZAp87URaP3NHLfK8kFGlvUJKWDBKPOVlvdAMo9Mc+3yLwJgmhMEYOt7OX/tu1tRVKRD1LsyvCMJEMFDyBCwvdXw0p5dvap5/strpZU65keBKjfqhJvnAsDtAPQBrhV1kfiotRY=,iv:1J1DCgmJPAPQm0zsjCiyunNFqddhJfNBhBLJnESt17s=,tag:GSbogrUfTkIhGqYAFJQSpg==,type:str]
pgp: []
unencrypted_suffix: _unencrypted
version: 3.9.0

4
values/badhouseplants/values.authentik.yaml
View File

@ -33,6 +33,9 @@ authentik:
enabled: false
redis:
enabled: true
master:
persistence:
enabled: false
server:
ingress:
annotations:
@ -61,4 +64,3 @@ worker:
- name: postgres-creds
mountPath: /postgres-creds
readOnly: true

2
values/badhouseplants/values.cilium.yaml
View File

@ -7,4 +7,4 @@ endpointRoutes:
ipam:
ciliumNodeUpdateRate: "15s"
operator:
clusterPoolIPv4PodCIDRList: ["10.244.0.0/16"]
clusterPoolIPv4PodCIDRList: ["192.168.0.0/16"]

13
values/badhouseplants/values.mailu.yaml
View File

@ -54,7 +54,7 @@ traefik:
service: mailu-front
entrypoint: pop3s
port: 993
subnet: 10.244.0.0/16
subnet: 192.168.0.0/16
sessionCookieSecure: true
hostnames:
- email.badhouseplants.net
@ -90,7 +90,7 @@ front:
- name: PROXY_PROTOCOL
value: "mail"
- name: REAL_IP_FROM
value: "10.244.0.0/16,10.43.0.0/16"
value: "192.168.0.0/16,10.43.0.0/16"
admin:
resources:
requests:
@ -106,9 +106,8 @@ admin:
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 5
persistence:
size: 1Gi
size: 256Mi
redis:
resources:
requests:
@ -140,7 +139,7 @@ dovecot:
memory: 400Mi
cpu: 300m
persistence:
size: 1Gi
size: 512Gi
roundcube:
resources:
requests:
@ -150,7 +149,7 @@ roundcube:
memory: 200Mi
cpu: 200m
persistence:
size: 1Gi
size: 512Mi
mysql:
enabled: false
postgresql:
@ -182,7 +181,7 @@ rspamd:
readinessProbe: {}
webmail:
persistence:
size: 2Gi
size: 512Mi
storageClass: ""
accessModes: [ReadWriteOnce]
claimNameOverride: ""

3
values/badhouseplants/values.mariadb.yaml
View File

@ -15,5 +15,4 @@ initdbScriptsConfigMap: ""
primary:
persistence:
enabled: true
storageClass: longhorn
size: 1Gi
size: 512Mi

1
values/badhouseplants/values.namespaces.yaml
View File

@ -7,3 +7,4 @@ namespaces:
- name: platform
- name: games
- name: pipelines
- name: rook-ceph

3
values/badhouseplants/values.nrodionov.yaml
View File

@ -38,11 +38,10 @@ service:
persistence:
enabled: true
storageClass: ""
accessModes:
- ReadWriteOnce
accessMode: ReadWriteOnce
size: 2Gi
size: 512Mi
dataSource: {}
existingClaim: ""
selector: {}

6
values/badhouseplants/values.openvpn-xor.yaml
View File

@ -22,10 +22,10 @@ traefik:
match: HostSNI(`*`)
entrypoint: openvpn
port: 1194
tcproute:
enabled: false
storage:
class: longhorn
size: 512Mi
size: 128Mi
openvpn:
proto: tcp

7
values/badhouseplants/values.postgres.yaml
View File

@ -3,8 +3,9 @@ architecture: standalone
auth:
database: postgres
persistence:
size: 1Gi
primary:
persistence:
size: 1Gi
metrics:
enabled: false
enabled: false

2
values/badhouseplants/values.postgres16-gitea.yaml
View File

@ -9,6 +9,8 @@ persistence:
metrics:
enabled: false
primary:
persistence:
size: 1Gi
resources:
limits:
ephemeral-storage: 1Gi

4
values/badhouseplants/values.postgres16.yaml
View File

@ -3,12 +3,12 @@ architecture: standalone
auth:
database: postgres
persistence:
size: 1Gi
metrics:
enabled: false
primary:
persistence:
size: 2Gi
resources:
limits:
ephemeral-storage: 1Gi

184
values/badhouseplants/values.rook-ceph-cluster.yaml Normal file
View File

@ -0,0 +1,184 @@
toolbox:
# -- Enable Ceph debugging pod deployment. See [toolbox](../Troubleshooting/ceph-toolbox.md)
enabled: true
cephFileSystems:
- name: ceph-filesystem
spec:
metadataPool:
replicated:
size: 3
dataPools:
- failureDomain: host
replicated:
size: 3
name: data0
metadataServer:
activeCount: 1
activeStandby: true
resources:
limits:
cpu: "200m"
memory: "256Mi"
requests:
cpu: "50m"
memory: "128Mi"
priorityClassName: system-cluster-critical
storageClass:
enabled: true
isDefault: true
name: ceph-filesystem
pool: data0
reclaimPolicy: Delete
allowVolumeExpansion: true
volumeBindingMode: "Immediate"
mountOptions: []
# - discard
parameters:
csi.storage.k8s.io/provisioner-secret-name: rook-csi-cephfs-provisioner
csi.storage.k8s.io/provisioner-secret-namespace: "{{ .Release.Namespace }}"
csi.storage.k8s.io/controller-expand-secret-name: rook-csi-cephfs-provisioner
csi.storage.k8s.io/controller-expand-secret-namespace: "{{ .Release.Namespace }}"
csi.storage.k8s.io/node-stage-secret-name: rook-csi-cephfs-node
csi.storage.k8s.io/node-stage-secret-namespace: "{{ .Release.Namespace }}"
csi.storage.k8s.io/fstype: ext4
cephBlockPools: []
# - name: ceph-blockpool
# # see https://github.com/rook/rook/blob/master/Documentation/CRDs/Block-Storage/ceph-block-pool-crd.md#spec for available configuration
# spec:
# failureDomain: host
# replicated:
# size: 3
# # Enables collecting RBD per-image IO statistics by enabling dynamic OSD performance counters. Defaults to false.
# # For reference: https://docs.ceph.com/docs/latest/mgr/prometheus/#rbd-io-statistics
# # enableRBDStats: true
# storageClass:
# enabled: true
# name: ceph-block
# isDefault: false
# reclaimPolicy: Delete
# allowVolumeExpansion: true
# volumeBindingMode: "Immediate"
# mountOptions: []
# # - discard
# allowedTopologies: []
# parameters:
# imageFormat: "2"
# imageFeatures: layering
# csi.storage.k8s.io/provisioner-secret-name: rook-csi-rbd-provisioner
# csi.storage.k8s.io/provisioner-secret-namespace: "{{ .Release.Namespace }}"
# csi.storage.k8s.io/controller-expand-secret-name: rook-csi-rbd-provisioner
# csi.storage.k8s.io/controller-expand-secret-namespace: "{{ .Release.Namespace }}"
# csi.storage.k8s.io/node-stage-secret-name: rook-csi-rbd-node
# csi.storage.k8s.io/node-stage-secret-namespace: "{{ .Release.Namespace }}"
# csi.storage.k8s.io/fstype: ext4
cephObjectStores: []
# - name: ceph-objectstore
# spec:
# metadataPool:
# failureDomain: host
# replicated:
# size: 3
# dataPool:
# failureDomain: host
# erasureCoded:
# dataChunks: 2
# codingChunks: 1
# preservePoolsOnDelete: true
# gateway:
# port: 80
# resources:
# limits:
# cpu: "150m"
# memory: "256Mi"
# requests:
# cpu: "50m"
# memory: "128Mi"
# instances: 1
# priorityClassName: system-cluster-critical
# storageClass:
# enabled: true
# name: ceph-bucket
# reclaimPolicy: Delete
# volumeBindingMode: "Immediate"
# parameters:
# region: us-east-1
# ingress:
# enabled: false
cephClusterSpec:
dashboard:
enabled: true
ssl: false
all:
nodeAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
nodeSelectorTerms:
- matchExpressions:
- key: role
operator: In
values:
- ceph
mgr:
count: 1
mon:
count: 1
resources:
mgr:
limits:
cpu: "400m"
memory: "512Mi"
requests:
cpu: "200m"
memory: "256Mi"
mon:
limits:
cpu: "2000m"
memory: "1024Mi"
requests:
cpu: "300m"
memory: "128Mi"
osd:
limits:
cpu: "400m"
memory: "1280Mi"
requests:
cpu: "200m"
memory: "256Mi"
cephFileSystemVolumeSnapshotClass:
enabled: true
name: ceph-filesystem
isDefault: true
deletionPolicy: Delete
annotations: {}
labels: {}
# see https://rook.io/docs/rook/v1.10/Storage-Configuration/Ceph-CSI/ceph-csi-snapshot/#cephfs-snapshots for available configuration
parameters: {}
cephBlockPoolsVolumeSnapshotClass:
enabled: true
name: ceph-block
isDefault: false
deletionPolicy: Delete
annotations: {}
labels: {}
# see https://rook.io/docs/rook/v1.10/Storage-Configuration/Ceph-CSI/ceph-csi-snapshot/#rbd-snapshots for available configuration
parameters: {}
ingress:
# -- Enable an ingress for the ceph-dashboard
dashboard:
annotations:
kubernetes.io/ingress.class: traefik
kubernetes.io/tls-acme: "true"
kubernetes.io/ingress.allow-http: "false"
kubernetes.io/ingress.global-static-ip-name: ""
cert-manager.io/cluster-issuer: badhouseplants-issuer-http01
traefik.ingress.kubernetes.io/router.entrypoints: web,websecure
host:
name: dashboard-ceph.badhouseplants.net
path: "/"
tls:
- hosts:
- dashboard-ceph.badhouseplants.net
secretName: dashboard-ceph.badhouseplants.net
ingressClassName: traefik

215
values/badhouseplants/values.rook-ceph.yaml Normal file
View File

@ -0,0 +1,215 @@
---
csi:
csiRBDProvisionerResource: |
- name : csi-provisioner
resource:
requests:
memory: 128Mi
cpu: 50m
limits:
memory: 256Mi
cpu: 200m
- name : csi-resizer
resource:
requests:
memory: 128Mi
cpu: 50m
limits:
memory: 256Mi
cpu: 200m
- name : csi-attacher
resource:
requests:
memory: 128Mi
cpu: 50m
limits:
memory: 256Mi
cpu: 200m
- name : csi-snapshotter
resource:
requests:
memory: 128Mi
cpu: 50m
limits:
memory: 256Mi
cpu: 200m
- name : csi-rbdplugin
resource:
requests:
memory: 128Mi
cpu: 50m
limits:
memory: 256Mi
cpu: 200m
- name : csi-omap-generator
resource:
requests:
memory: 12Mi
cpu: 250m
limits:
memory: 1Gi
cpu: 500m
- name : liveness-prometheus
resource:
requests:
memory: 128Mi
cpu: 50m
limits:
memory: 256Mi
cpu: 50m
# -- CEPH CSI RBD plugin resource requirement list
# @default -- see values.yaml
csiRBDPluginResource: |
- name : driver-registrar
resource:
requests:
memory: 128Mi
cpu: 50m
limits:
memory: 256Mi
cpu: 50m
- name : csi-rbdplugin
resource:
requests:
memory: 128Mi
cpu: 50m
limits:
memory: 256Mi
cpu: 50m
- name : liveness-prometheus
resource:
requests:
memory: 128Mi
cpu: 50m
limits:
memory: 256Mi
cpu: 50m
# -- CEPH CSI CephFS provisioner resource requirement list
# @default -- see values.yaml
csiCephFSProvisionerResource: |
- name : csi-provisioner
resource:
requests:
memory: 128Mi
cpu: 50m
limits:
memory: 256Mi
cpu: 200m
- name : csi-resizer
resource:
requests:
memory: 128Mi
cpu: 50m
limits:
memory: 256Mi
cpu: 200m
- name : csi-attacher
resource:
requests:
memory: 128Mi
cpu: 50m
limits:
memory: 256Mi
cpu: 200m
- name : csi-snapshotter
resource:
requests:
memory: 128Mi
cpu: 50m
limits:
memory: 256Mi
cpu: 200m
- name : csi-cephfsplugin
resource:
requests:
memory: 128Mi
cpu: 50m
limits:
memory: 256Mi
cpu: 50m
- name : liveness-prometheus
resource:
requests:
memory: 128Mi
cpu: 50m
limits:
memory: 256Mi
cpu: 50m
# -- CEPH CSI CephFS plugin resource requirement list
# @default -- see values.yaml
csiCephFSPluginResource: |
- name : driver-registrar
resource:
requests:
memory: 128Mi
cpu: 50m
limits:
memory: 256Mi
cpu: 50m
- name : csi-cephfsplugin
resource:
requests:
memory: 128Mi
cpu: 50m
limits:
memory: 256Mi
cpu: 50m
- name : liveness-prometheus
resource:
requests:
memory: 128Mi
cpu: 50m
limits:
memory: 256Mi
cpu: 50m
# -- CEPH CSI NFS provisioner resource requirement list
# @default -- see values.yaml
csiNFSProvisionerResource: |
- name : csi-provisioner
resource:
requests:
memory: 128Mi
cpu: 50m
limits:
memory: 256Mi
cpu: 200m
- name : csi-nfsplugin
resource:
requests:
memory: 128Mi
cpu: 50m
limits:
memory: 256Mi
cpu: 50m
- name : csi-attacher
resource:
requests:
memory: 128Mi
cpu: 50m
limits:
memory: 256Mi
cpu: 50m
# -- CEPH CSI NFS plugin resource requirement list
# @default -- see values.yaml
csiNFSPluginResource: |
- name : driver-registrar
resource:
requests:
memory: 128Mi
cpu: 50m
limits:
memory: 256Mi
cpu: 50m
- name : csi-nfsplugin
resource:
requests:
memory: 128Mi
cpu: 50m
limits:
memory: 256Mi
cpu: 50m

6
values/badhouseplants/values.traefik.yaml
View File

@ -1,8 +1,8 @@
globalArguments:
- "--serversTransport.insecureSkipVerify=true"
#service:
# spec:
# externalTrafficPolicy: Local
service:
spec:
externalTrafficPolicy: Local
ports:
web:
redirectTo:

79
values/badhouseplants/values.vaultwardentesttest.yaml Normal file
View File

@ -0,0 +1,79 @@
---
workload:
kind: Deployment
strategy:
type: RollingUpdate
containers:
vaultwarden:
mounts:
storage:
data:
path: /app/data/
extraVolumes:
logs:
path: /app/logs
envFrom:
- environment
- secrets
ingress:
main:
class: traefik
annotations:
kubernetes.io/ingress.class: traefik
traefik.ingress.kubernetes.io/router.entrypoints: web,websecure
kubernetes.io/tls-acme: "true"
kubernetes.io/ingress.allow-http: "false"
kubernetes.io/ingress.global-static-ip-name: ""
cert-manager.io/cluster-issuer: badhouseplants-issuer-http01
rules:
- host: vaulttest2.badhouseplants.net
http:
paths:
- backend:
service:
name: '{{ include "chart.fullname" $ }}'
port:
number: 8080
path: /
pathType: Prefix
tls:
- hosts:
- vaulttest2.badhouseplants.net
secretName: vaulttest2.badhouseplants.net
extraVolumes:
# -- Because by default the fs is read-only, we need to add an emtpy dir volume
logs:
emptyDir: {}
storage:
data:
storageClassName: ceph-filesystem
env:
environment:
enabled: true
sensitive: false
data:
DOMAIN: https://vaulttest2.badhouseplants.net
SMTP_HOST: mail.badhouseplants.net
SMTP_SECURITY: "starttls"
SMTP_PORT: 587
SMTP_FROM: vaulttest@badhouseplants.net
SMTP_FROM_NAME: Vault Warden
SMTP_AUTH_MECHANISM: "Plain"
SMTP_ACCEPT_INVALID_HOSTNAMES: "false"
SMTP_ACCEPT_INVALID_CERTS: "false"
SMTP_DEBUG: false
DATA_FOLDER: /app/data/
ROCKET_PORT: 8080
SHOW_PASSWORD_HINT: true
SIGNUPS_ALLOWED: true
INVITATIONS_ALLOWED: true
SIGNUPS_DOMAINS_WHITELIST: "test.com"
SIGNUPS_VERIFY: false
WEB_VAULT_ENABLED: true
LOG_FILE: /app/logs/log.txt
LOG_LEVEL: info
DB_CONNECTION_RETRIES: 10
DATABASE_MAX_CONNS: 10
ORG_GROUPS_ENABLED: true
ORG_EVENTS_ENABLED: true
ORG_CREATION_USERS: ""

61
values/badhouseplants/values.velero.yaml
View File

@ -27,3 +27,64 @@ configuration:
config:
region: us-east-1
deployNodeAgent: true
schedules:
daiy:
disabled: false
labels:
backups: daily
schedule: "0 0 * * *"
useOwnerReferencesInBackup: true
paused: false
template:
ttl: "240h"
storageLocation: default
includedNamespaces:
- platform
- applications
- games
- databases
weekly:
disabled: false
labels:
backups: weekly
schedule: "0 1 * * 0"
useOwnerReferencesInBackup: true
paused: false
template:
ttl: "672h"
storageLocation: default
includedNamespaces:
- platform
- applications
- games
- databases
montly:
disabled: false
labels:
backups: monthly
schedule: "0 3 1 * *"
useOwnerReferencesInBackup: true
paused: false
template:
ttl: "1344h"
storageLocation: default
includedNamespaces:
- platform
- applications
- games
- databases
regular:
disabled: false
labels:
backups: regular
schedule: "0 */3 * * *"
useOwnerReferencesInBackup: true
paused: false
template:
ttl: "24h"
storageLocation: default
includedNamespaces:
- platform
- applications
- games
- databases

7
values/badhouseplants/values.woodpecker-ci.yaml
View File

@ -9,6 +9,9 @@ ext-database:
credentials:
WOODPECKER_DATABASE_DATASOURCE: "postgres://{{ .Username }}:{{ .Password }}@{{ .Hostname }}:{{ .Port }}/{{ .Database }}?sslmode=disable"
server:
persistentVolume:
enabled: true
size: 1Gi
ingress:
enabled: true
annotations:
@ -44,9 +47,9 @@ agent:
extraSecretNamesForEnvFrom: []
env:
WOODPECKER_SERVER: woodpecker-ci-server:9000
WOODPECKER_BACKEND_K8S_VOLUME_SIZE: 3Gi
WOODPECKER_BACKEND_K8S_VOLUME_SIZE: 2Gi
WOODPECKER_BACKEND_K8S_NAMESPACE: pipelines
WOODPECKER_BACKEND_K8S_STORAGE_CLASS: longhorn
WOODPECKER_BACKEND_K8S_STORAGE_CLASS: ceph-filesystem
serviceAccount:
create: true
rbac:

1
values/badhouseplants/values.zot.yaml
View File

@ -24,7 +24,6 @@ pvc:
create: true
accessMode: "ReadWriteOnce"
storage: 5Gi
storageClassName: longhorn
mountConfig: true
mountSecret: true
strategy:

2
values/common/values.metrics-server.yaml
View File

@ -1,4 +1,6 @@
apiService:
insecureSkipTLSVerify: true
nodeSelector:
node-role.kubernetes.io/master: "true"
args:
- --kubelet-insecure-tls