diff --git a/helmfile.yaml b/helmfile.yaml index 811708b..a0b58bb 100644 --- a/helmfile.yaml +++ b/helmfile.yaml @@ -7,5 +7,5 @@ helmfiles: - ./installations/platform/ - ./installations/pipelines/ - ./installations/monitoring/ - - ./installations/applications/ + - ./installations/applications/helmfile-{{ .Environment.Name }}.yaml - ./installations/games/ diff --git a/installations/applications/helmfile-badhouseplants.yaml b/installations/applications/helmfile-badhouseplants.yaml index f001f04..acada59 100644 --- a/installations/applications/helmfile-badhouseplants.yaml +++ b/installations/applications/helmfile-badhouseplants.yaml @@ -18,8 +18,6 @@ repositories: url: https://mailu.github.io/helm-charts/ - name: bedag url: https://bedag.github.io/helm-charts/ - - name: grafana - url: https://grafana.github.io/helm-charts - name: bitnami url: https://charts.bitnami.com/bitnami - name: allangers-charts @@ -100,14 +98,6 @@ releases: inherit: - template: default-env-values - template: ext-traefik-middleware - - name: grafana - chart: grafana/grafana - namespace: applications - version: 8.5.3 - installed: true - inherit: - - template: default-env-values - - template: default-env-secrets - name: server-xray chart: allangers-charts/server-xray namespace: applications diff --git a/values/badhouseplants/secrets.bitwarden.yaml b/values/badhouseplants/secrets.bitwarden.yaml deleted file mode 100644 index 7c296a8..0000000 --- a/values/badhouseplants/secrets.bitwarden.yaml +++ /dev/null @@ -1,24 +0,0 @@ -env: - ADMIN_TOKEN: ENC[AES256_GCM,data:Un3erp/7AQYYVT6cCavBn4iafHBIfUOIoy2kXrobgf4ten6uSFzYFg==,iv:28Tcn1/qIquS4jCNBTtspB9c+5U3Ut1zoY6gIez8fcs=,tag:32Q1+v5N5I483vpyXh0ogg==,type:str] -smtp: - password: ENC[AES256_GCM,data:dMQNw596ZcAGHZaosdFS6swfwp4=,iv:mg8e3oHbLT07pZEdDGwlBchPyT83xOdwKJg9CCaicnc=,tag:hp9zZKT+yWvahoBCR2Pw3g==,type:str] -sops: - kms: [] - gcp_kms: [] - azure_kv: [] - hc_vault: [] - age: - - recipient: age1vzkv97n2p7gfkw8dyx8ctz2kumattz89th2jq47zyjyrarmnssysdkw9v8 - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBDbVphZEgyRDZFWDA0QWZV - WlBVbSs3c3FicUFXdmxHTmNsZnJXZ2RMTlZFClhEU2xJREdCamtEallybCtFVVJy - UDlnbTIxb0V1RkpSNGJSNnBka3BqdlUKLS0tIHZPVkpKTDFqa1psWitMTW91NXNJ - anJUL09naXN1VlphRDRGWlFZRGRmUjgKhy/SgutXnq9fxGDShqB+j9Nb8VWyUPU+ - 4mpZtD6T9okYCR+b2AJRLU5Z0id9hlpeKswSPHtWyW0C564SV81IUg== - -----END AGE ENCRYPTED FILE----- - lastmodified: "2024-10-11T12:09:20Z" - mac: ENC[AES256_GCM,data:zZaIulEBE3C0PyB0jixdJQ+omQn31yovyArCNB/Qx3JAibE9BDI1jArlGCJwvOZwDiD/owsBu4HO1SDLqUFMm2bub0dF3lMuegPa+xdeEyyCABLls5XUPb4ger48Cgx1tSzHY9NnuQGOl88uK5IO9Jjd+F4tyAvTSfyV3wiUv8s=,iv:WHvek1NgurHqQKf1TEPtU75mJ0YLitd/RKuqzjdsBo0=,tag:JuklnYxZtZN2QeaaZkbVCQ==,type:str] - pgp: [] - unencrypted_suffix: _unencrypted - version: 3.8.1 diff --git a/values/badhouseplants/secrets.chartmuseum.yaml b/values/badhouseplants/secrets.chartmuseum.yaml deleted file mode 100644 index 713681c..0000000 --- a/values/badhouseplants/secrets.chartmuseum.yaml +++ /dev/null @@ -1,24 +0,0 @@ -env: - secret: - BASIC_AUTH_USER: ENC[AES256_GCM,data:rOnYoT71VKE=,iv:bhB9fIPxR2y9sS4jfbuhAIyzMHgoIRLFGXzQJ4763Cg=,tag:vazyqmJYgwaFooVWAg1zhg==,type:str] - BASIC_AUTH_PASS: ENC[AES256_GCM,data:aCXUAw==,iv:CL6ywqsc2hpTnBl7ndD0s49JNEmMNnu3X0gke4KT3qw=,tag:ieBBuooLxdH4d54SmsbeoQ==,type:str] -sops: - kms: [] - gcp_kms: [] - azure_kv: [] - hc_vault: [] - age: - - recipient: age1vzkv97n2p7gfkw8dyx8ctz2kumattz89th2jq47zyjyrarmnssysdkw9v8 - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB3TDZ2Q3RnTnR0ODRvbVVQ - aTRFOWNacmc4dEFhcGVWd1k1WEExL1hpZHgwCnZISmdkMHZzYUUwZktQYzdhTHpq - T1RWMk8xWEsxbHZPbWhFLzAvZkdtZjAKLS0tIFdNMkx3cVNSYTU5QTR2YXJTMkMz - alRWMndiRnpGemhpT3lpM1ZINDd4YUkKwAA+a3WqFGcpgsbfkXftky6CVUSMEiuw - mN42J6PTW8Rl2nRuB3SdtZE1t8u9iYpCqJw6IVwuFRV6oLAloxLzGw== - -----END AGE ENCRYPTED FILE----- - lastmodified: "2024-10-11T12:09:19Z" - mac: ENC[AES256_GCM,data:qu2/k8jkp7WNbC+/JlWY8jV6O4FLKtZog3C6LkyIMP0qFndzi+EjJ8+Zh4iFh2UPCBsd6BDltGYTWo1uSR59Y26nYb8qninj/JhLe/gEVf/BlCDNX1yv69h42EJ8zw0wu0H/MJqXVtXb24Zo3S7aJaujT2xGmL13bcm2c2RcMWY=,iv:ON4trCALaz+1w0CYS3LoPBi9JzqGqJoivbBhY6v7feU=,tag:psWGaINimCEE8dPwZM/nsg==,type:str] - pgp: [] - unencrypted_suffix: _unencrypted - version: 3.8.1 diff --git a/values/badhouseplants/secrets.drone-runner-docker.yaml b/values/badhouseplants/secrets.drone-runner-docker.yaml deleted file mode 100644 index 9ef8d48..0000000 --- a/values/badhouseplants/secrets.drone-runner-docker.yaml +++ /dev/null @@ -1,22 +0,0 @@ -env: - DRONE_RPC_SECRET: ENC[AES256_GCM,data:b8StV8Zb58vatfYMS5OxGqIH4sEd4bV7ia2CA24U,iv:IiFcTQGUmYa6UCBzx1yTDd0zwB6D1Cv0raXZxLXm1qA=,tag:NdY5Ga1YJIeF2r78sWGD/Q==,type:str] -sops: - kms: [] - gcp_kms: [] - azure_kv: [] - hc_vault: [] - age: - - recipient: age1vzkv97n2p7gfkw8dyx8ctz2kumattz89th2jq47zyjyrarmnssysdkw9v8 - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBLclJYWWplaUFFNnZFM1Q2 - bHU1SW5zUDRmbEpGUDRCa3R2Vmx4bXlkdmpVCkh3SFY1RGN6a3IzU0FvOWJyRCt1 - TDBRRUEyUy9CdTBtdmNtdDFwNUFhK28KLS0tIEY5UkxyZ08wQVBubGczTmlocGw2 - Q2Q0R2V1eTBMa1NuS1NEbGlJV2VuSEEKxfw9PP3tePQfVyRZlt+eZiIVXwQxE2Cj - Nko+N0dEX4uOmczxkvJItRHapv/iI6wgRYbgQ+Mugu+nQW3OHYZTYA== - -----END AGE ENCRYPTED FILE----- - lastmodified: "2024-10-11T12:09:19Z" - mac: ENC[AES256_GCM,data:lPoN/GfnabnQ3BNPYlGs4pT4YgsIc7LAJjbPfSmcLtO/El0mBx5cLv/8RvwjurzZPbloleWb+CXQ1xUteRd5RW3hVgL3JHNqAqXODxKm8gXYTeH1VJXeuU8Gphf8gcGtyGm4a0nq7Pg5337tAHAN0wHzrRyaUr5Kb0u/7H8PsCc=,iv:vHx1Nt2XaEfl1baR9Qn/ijJC70SGmcF2UVGpkWjZG28=,tag:ko+1eVJopLyLfn2p2bm1KA==,type:str] - pgp: [] - unencrypted_suffix: _unencrypted - version: 3.7.3 diff --git a/values/badhouseplants/secrets.drone.yaml b/values/badhouseplants/secrets.drone.yaml deleted file mode 100644 index b58b7e5..0000000 --- a/values/badhouseplants/secrets.drone.yaml +++ /dev/null @@ -1,24 +0,0 @@ -env: - DRONE_RPC_SECRET: ENC[AES256_GCM,data:2JhrMcPV9NhkPLxaOjzEik9OewCF6eo9FdzAiR3z,iv:ouToTniIMiy757x40MKMtmLFBVzpuGxSYOTMZmmN8ck=,tag:EcWfQE32Z+8GylrQt756Zw==,type:str] - DRONE_GITEA_CLIENT_ID: ENC[AES256_GCM,data:Sz7lzp/KrbzBjLzO4skVxdCSD0JEElzQmyyNeEx6tvANUo7k,iv:9/y3Ou8H/PL2hMsirJaqviKGQuzVlzL43iGAKQb9NII=,tag:KJBZeV85cNYiHI59wd4dCQ==,type:str] - DRONE_GITEA_CLIENT_SECRET: ENC[AES256_GCM,data:UrpGaPvfYOEaRbdCtcvnQ0xiSbLSM9/Pz0H6kGAffLKynrdVzXDgX72khI2NXdHRdPHj+MyPuJkR,iv:Y9aCzdSH5cAIZfk84Clto/IrQMRaoH+bOkvbP+9CcLM=,tag:76C0qUc4aHI37AFxchPTkA==,type:str] -sops: - kms: [] - gcp_kms: [] - azure_kv: [] - hc_vault: [] - age: - - recipient: age1vzkv97n2p7gfkw8dyx8ctz2kumattz89th2jq47zyjyrarmnssysdkw9v8 - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB4QTVWdGcxRkIyK2p4aGRB - eVNWUmVNQ3Q3Y1ZlS29pcmk2aHdhelRZc3dnCmtjMDZxWnNXeE9WdEdRb1BwQ0d3 - bGhvNENZZGZKalUydWY1Q2lTaERLTWMKLS0tIDVJeFNmK3FEUkhtVEx2SnZrVGZU - V1puOUtWZXhWem9BOUZkRlBId01Ra2sK6ygmeCGnQ7PIcQRvo6vKFUw4QfE0rk7Z - yCGEfw9Z4tRrYuwsH/ju17BsQ60xr9MtNHJv/KXp+KMyZSYSKOgKeA== - -----END AGE ENCRYPTED FILE----- - lastmodified: "2024-10-11T12:09:19Z" - mac: ENC[AES256_GCM,data:y6CG6iyu5m86zHgT1b4sU4R32eMO7PolAq3vzx5xixRpDPnR9MS7vsDZyFtUnjbdC50VsheX41wH8/8EAAM+MxOtSv2EWtg/FNTkk00WXZPeiPms4sIs/JpJyqnNCCnuzdq7mtdEJqQ6M3frr8b7wWfAxMAUOwOroiOGBpArUHg=,iv:TxAFskuoLmSjpdahY2otzNtSKj0kxVmMzJGmlXHicxw=,tag:IrlYfnX9zGptVcukz8KU8g==,type:str] - pgp: [] - unencrypted_suffix: _unencrypted - version: 3.7.3 diff --git a/values/badhouseplants/secrets.gitea-archived.yaml b/values/badhouseplants/secrets.gitea-archived.yaml deleted file mode 100644 index 2cc9110..0000000 --- a/values/badhouseplants/secrets.gitea-archived.yaml +++ /dev/null @@ -1,48 +0,0 @@ -gitea: - admin: - username: ENC[AES256_GCM,data:gzyRrkFLLv4=,iv:obfaa7iVArqZsfXI9glfNVhnEzNPnoPvA9WZrqzURd8=,tag:acNtWDEkberOYJmCV6TLoQ==,type:str] - password: ENC[AES256_GCM,data:ylUbx7eGK2L/jwQVm4new94lJes=,iv:reeJTq7vWcfjggl9X+/t0yYzaz7xuiZLZM0xW7zlfcI=,tag:d0bbyZWF8XBteoFdQmLItw==,type:str] - config: - mailer: - PASSWD: ENC[AES256_GCM,data:+iZZ+TRnsUYqB4CziPOV/KSwLyk=,iv:QsHjgoEWy4mEf/NNBnuPFpXBFHoACn8pfQmbF1wI2ZM=,tag:IPI4XHVRR0DxsKhJH3dqGA==,type:str] - database: - PASSWD: ENC[AES256_GCM,data:Am9lPqVGt7IwC2T2idrs2P2OiAo=,iv:r2H7aSJKraBoDydV6N29hsRiH6bLUM0aJHPmo3dbSP4=,tag:w3eeDRy9LIDFKZjtYJJM6A==,type:str] - session: - PROVIDER_CONFIG: ENC[AES256_GCM,data:3tVvyvz7a2SvUp+mz8l2V56ZlMxi72TPVz2iKCIaCxLnOfjCrSvVBChjybb7ynoDxhng9MiGF0h2usSMp4VlbJ6WbDU5Ghe00j9uMv+VR7qqGS+NyUkmE9gHVQ9ulKsIPGR6+lFMNQnWr4IVYuGHARj/D1QTQF5p,iv:pkY0LBpXhnSr40YoZpklytGWmKe7CdsgPpQySXfON5g=,tag:WgS++CVD8HSDL9KtXBtgOQ==,type:str] - cache: - HOST: ENC[AES256_GCM,data:haL7aPBKjLuMVO5+QUI2iPCaV38PpB89BSFfnMbABcMW6ObuFspr6ANQyeu0mJAIoiLWGX5ccN7jEtz+6s4huIX8h0U+ZFQGgdgWwk0M8oqkBok9k04G7tu2ijWR0T7+AB4uoPZ8eFZMXzMr2AQfad8olYrQleZ3,iv:NMTgSxxvrut/Pxi5lZa6mbP/eOMt6rk2leFJESl5SJQ=,tag:2stVeo/nLKlL9I02iT1BnA==,type:str] - queue: - CONN_STR: ENC[AES256_GCM,data:CMRAtYIzG/AvUBfvLByug1MKIb+dyHlhCkZLZZtbpJG/QKQq8feuasi3blkDt2BvTTQgCtIohJH1MxRIv0K1QJltHRV25Jd0La+F4vB4THAYerhV08TN9ivQDA0ctQakXs32VepUk6+nBLT9HQ4XuHepmjXKnPsX,iv:PP0ZPxBulXce/bIUTuuQgiaOBWNcjMe2V/BgFGJm77Q=,tag:uRtNol2lmWj+tABDq3Avlg==,type:str] - oauth: - - name: ENC[AES256_GCM,data:qDiJteb8,iv:fJrSGxRPSljBLSnRRRCjsa3QCa730NGRyKJCVJe8YNE=,tag:B5uo6+ymfkP4hhh7fKab0g==,type:str] - provider: ENC[AES256_GCM,data:R1S/IC00,iv:XC1JS1oqZxbBZoraWemzXWGSnpvn9NTx8OA57HV1B8w=,tag:dy65miUvDRXJolx1Ris5Hw==,type:str] - key: ENC[AES256_GCM,data:S0vT3ueM6nBDhW/c3ub3jevPXNg=,iv:qFj+BT37ZKIH69ikEf1YMwE1LC+dyAW7tBXhY5X6mYY=,tag:jzM5iaedeyVEyLiLZNxXDA==,type:str] - secret: ENC[AES256_GCM,data:yNcySe+TMBe8z06hphaONhnsCHyDSurwRVAutB+EwYVULXv/yMpyBA==,iv:oTOGJmZi/26OvKG5gkrUoFVaJ8erkHfVi44FTy9kb1M=,tag:J4k1v03LUrXjWvnY36Lw8g==,type:str] - - name: ENC[AES256_GCM,data:AN+Jop7zdHBi,iv:N16HI6nVh8euitBKEq4yr3kr2cpLRb12XWKupXGR98A=,tag:j2Z0ya4YmpOPuv+x22j9zA==,type:str] - provider: ENC[AES256_GCM,data:HnCDFyNdpHmNwBi1yA==,iv:aXOjLsl1ZF3NCPpqyGrSM25lX3OLKoRpGzrRW47lGVg=,tag:ycnyck1ntEaF/ML/SMtRfA==,type:str] - skip_local_2fa: ENC[AES256_GCM,data:6ZZ7fQ==,iv:tZt+yIvuDbFa9BWsoeUvcOpIonlufb9FO7YU59mGkVs=,tag:R6LcDEw32ClPuxMtJQLrbg==,type:str] - key: ENC[AES256_GCM,data:tBQdB+s=,iv:iu8l1dGDIou4ytXhub7YKlIGs8WDEAAjKVbwd81m0Uc=,tag:CdIhMWs9lzRrUZw433/OFw==,type:str] - secret: ENC[AES256_GCM,data:S7KLS03ecfmFNR2OTP1SsAL+bSwfp6Sk/r4gUcUtKsUFUY4TNFDuqZJZzk/fws0RaH6y6t4qOlZZNk8WSTtEra3Tp2HIXkZ9UPnSjS7hurug8LH7W/NtwiHN+zz34QUXLuhQN62iAM3hPRpdxeZT57rd6c0C50nN1NB4BF0ip5s=,iv:KOLmK6UddEq9hv938m409ldxVpR8pQLiJwk7Sr0W4mA=,tag:QdKFa+RlLznzCUY1DZhSbQ==,type:str] - autoDiscoverUrl: ENC[AES256_GCM,data:XVuRhksTO6mZVyl+olvAn4w1LFZkX33oJlOnrAp2OhGCQJvse4yCi9LN/d/uoJ0PgmVR858SY+ZTa9qalh7seoGlYz2DZ0j4QVfLAYzVGgFRc2VRIfCQJDM=,iv:4U9CIgObfPwuqi/vxky4pNkL9R4BbStJ3YQ3MBH8LYo=,tag:Yn4Aemz5acXL7oZ4/gnIMA==,type:str] - iconUrl: ENC[AES256_GCM,data:Rkp/35aPe4Y9PoAZDp/9mwaxGUx0Nf1r+gmvKcUsm+SSQ6sFmPJ8hE/840KQEvHzCFbWfiIKxW5oEilKzjo84R1kvvZN+w==,iv:py3p4kh90W6BgAHmI2MIBu92y90M8QhQDmic0pX3m5c=,tag:r2kzVFGOv+mMBpHrDFOIPg==,type:str] - scopes: ENC[AES256_GCM,data:WvxMvU1yEwcCTvHfdg==,iv:S/aUhW0ASL4yAwe9IaeYdjokHrE+4MViEAGa+5wQlyY=,tag:RaCPYwWYsDVDAhs3H0cEWg==,type:str] -sops: - kms: [] - gcp_kms: [] - azure_kv: [] - hc_vault: [] - age: - - recipient: age1vzkv97n2p7gfkw8dyx8ctz2kumattz89th2jq47zyjyrarmnssysdkw9v8 - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBndHQ1Wm9LZjk1bEZ1WDA4 - NlBiaTRXTjZxekU4M3dsV0NDVEh1L0xlTkJRCm93d1lTNWZqaGpXa3ZJbUNzeVZL - SHhkdkZaNFZlZlg3TTRrYXNGemcwQTQKLS0tIDMvRGoxZnZqazJteTFPRytZVlQv - cWxqeHI2UDUzaWRwRmo3SzA2TWNNTlUKwkMM3BnRS8Rw8EJBZMMbzpF5duuHxBvD - clSIBIwNu9cvCOqFFrkO4/LiIpTp27n6WGO+l5ABoR1lUFnYx5hxqw== - -----END AGE ENCRYPTED FILE----- - lastmodified: "2024-10-11T12:09:19Z" - mac: ENC[AES256_GCM,data:cQfQVa9f3oXZSsXNPbgqHHPDuNtE001TbP0IWmifdHzK2RpMbECkgOmW9rHSzoql2BAmdP/iBjH1CYMmOQq3KrpA5kUPFTqPjv6NPnkkrl3QbyxhMrk+2YxSc4RSGcOKZnWCRHT4Lp0Un6MHy+LgeDskn2sGnXSzvysss39c6ng=,iv:pnoVAAX5ZWHQAHUmAyznuHoht6v5+kvM9GAF6iBKnQ8=,tag:eBCRunWxG3L/zMt3+SrwDw==,type:str] - pgp: [] - unencrypted_suffix: _unencrypted - version: 3.9.0 diff --git a/values/badhouseplants/secrets.iredmail.yaml b/values/badhouseplants/secrets.iredmail.yaml deleted file mode 100644 index 9a01fbe..0000000 --- a/values/badhouseplants/secrets.iredmail.yaml +++ /dev/null @@ -1,25 +0,0 @@ -config: - env: - FIRST_MAIL_DOMAIN_ADMIN_PASSWORD: ENC[AES256_GCM,data:Ih4m85BkxSvsu/VvaLSjEjz8feuI4xBroQ==,iv:NQpe96WmGRAnLmeAK0VT/zdJ8MS/8RfAJIwNsL8alHY=,tag:r+hV3K16EXGL+/N+zxNulg==,type:str] - MLMMJADMIN_API_TOKEN: ENC[AES256_GCM,data:oyDiDGlmzu4MHMbOecIn+DjG/glpp3GILJd7dj3b0gJzkpNhP7JKcwNql48=,iv:68Vli4aaCOiFixooz5cHABuRLuOrw9/HNpBNQzVwAkg=,tag:qexU0wB5RMfPGt9bNb9LYA==,type:str] - ROUNDCUBE_DES_KEY: ENC[AES256_GCM,data:jd8K2ZG9jeyQ/vcVN4QB0rC0z0nDEWz8lQQvwIATF7I=,iv:L3r0I8sQkoicwy6odvuF3HfIEDQVgnOtn/OMpF16Dis=,tag:DT3recJN7vLdehbJ2RKHEA==,type:str] -sops: - kms: [] - gcp_kms: [] - azure_kv: [] - hc_vault: [] - age: - - recipient: age1vzkv97n2p7gfkw8dyx8ctz2kumattz89th2jq47zyjyrarmnssysdkw9v8 - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBQNGE1MHRuUDNTazFBUmJk - Y2hJMEp0c1lncGthZ1VBQVJZODRtMW5jL1M0CmdTTVpqUVZ1c216NEp0YlVhR3VN - dFhUUGxjQTJHQlhXaytPLzAxbWkvTHcKLS0tIGx6ZVZUcUpUWDRXbmpLZlNwbTdi - aG00R21IbGFjZlFLbk5QcTNsc0dDTEkK6kXXYAYil6yejWI581qgT9EuJPdTmSlN - jT+huGvOXY+AFXO7nDmshT30Z/MkOkeGK6BoWPjRKbS18dp31YDlBg== - -----END AGE ENCRYPTED FILE----- - lastmodified: "2024-10-11T12:09:19Z" - mac: ENC[AES256_GCM,data:moiOYm5a8t+WYejUXLokC2vinLGA42fM856wGcM2Enjp7QCsP1qCrZa98ANAWKHPYGYT7tyB1VEs77ty6mPi45EkzFBbBcm5gVTosr2PMzS1KwdEM0men6FZySnB71xxG7ITzOvuyofFBV6RCxUK+hPNQf9wYIlq8vI0aDj8Xqk=,iv:DXfDtaH/S1lGHvhmMnnWF4sQC0Dq15BsbC9hV00cMNo=,tag:wOVe7/KU+5ilg8N9mKu5ng==,type:str] - pgp: [] - unencrypted_suffix: _unencrypted - version: 3.7.3 diff --git a/values/badhouseplants/secrets.longhorn.yaml b/values/badhouseplants/secrets.longhorn.yaml deleted file mode 100644 index 0bc479c..0000000 --- a/values/badhouseplants/secrets.longhorn.yaml +++ /dev/null @@ -1,26 +0,0 @@ -ext-secret: - name: ENC[AES256_GCM,data:VpMIFG58pA87paNdzbUl0A==,iv:COAFXS+dSFJ9JdQUPJr6sr7vzjdvjWU42Ml1aR980hg=,tag:zJOyB9goqh2psKqyq3cHCw==,type:str] - data: - AWS_ACCESS_KEY_ID: ENC[AES256_GCM,data:vktUyfqn,iv:1XwnZV8k0UUvH1ooSb3o5WZbQia5qaGiamJKG99r9n4=,tag:6yKsB4EkG30M5OA6lDJZCQ==,type:str] - AWS_ENDPOINTS: ENC[AES256_GCM,data:VQn3JGAf3GjpkapJTWbg2ze0CdsK49M=,iv:yxAr7M7WPW4Ry5+VevPmyRGFPIzEwtcdEOlbSkHDiTg=,tag:dLN1jEyW0/RWOPLtJ+k3eA==,type:str] - AWS_SECRET_ACCESS_KEY: ENC[AES256_GCM,data:djrr4NmXNvUcA9Hgp64=,iv:ab+wENEkReJbWv7yluqs5f2pMXJi3njvyWgM3IKLIgY=,tag:SLUv10bhdr4jc2/p8zXNow==,type:str] -sops: - kms: [] - gcp_kms: [] - azure_kv: [] - hc_vault: [] - age: - - recipient: age1vzkv97n2p7gfkw8dyx8ctz2kumattz89th2jq47zyjyrarmnssysdkw9v8 - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBNUTZHSmljT0ROMS9Vc1pC - c2JYUlpvMGFKdlBOMC84MWpTTkh0M09LZ25JCklwNmwxRGR5bVVuQlVTSWlvV2xi - bVFucGpoSlpFSGpXbHpmYndSb1RlcTgKLS0tIGlMNUVBdFNrWVpSaWFzNkFuNHI0 - d1hBLzZIUzRQZUhVN0RLTi9Xdms0SXMKOK2gnWuhMkIL8w8kakfrBsiARA5cipuL - TUuuaPaGUwvRh1Unb8TRKRc9OmxaEX0O7gTgTFE115UARam5ADUDUQ== - -----END AGE ENCRYPTED FILE----- - lastmodified: "2024-10-11T12:09:19Z" - mac: ENC[AES256_GCM,data:hlkRdzwZuUWIsdqYIJH8a6voIVkfEGtMMpKFAfXxVB7J8Vh1/BWSLozEXR9Wcxa/aD87SmQTLvYpPot67ixTHx0rYlPGemEeyPJvAzRjiOeF4XlLlWJqKCamkKmzxNiU4D3kgr9s29Zq+g2f3wAvX9Do/UxfP+mSGSfmNlfokT0=,iv:4YF4QMIiudGo93CM2UQ92/ZOnLYN/dyP2cEa6p0EPWA=,tag:J5OxKEUZsZF1Rd71Z7mItA==,type:str] - pgp: [] - unencrypted_suffix: _unencrypted - version: 3.9.0 diff --git a/values/badhouseplants/secrets.mailu.yaml b/values/badhouseplants/secrets.mailu.yaml deleted file mode 100644 index baa5a1a..0000000 --- a/values/badhouseplants/secrets.mailu.yaml +++ /dev/null @@ -1,38 +0,0 @@ -secretKey: ENC[AES256_GCM,data:83bxSBHMwPXo7f9uQs5omA==,iv:wjm4+scr3wFUgXpol+EYghbW6QNNPjG/Ly4MebVqWu8=,tag:OsYhZxN8Kr5at9AkyIKS/w==,type:str] -initialAccount: - enabled: ENC[AES256_GCM,data:2Mq+rw==,iv:FE39Ygp4f+42llF5nGcQhXmO0FwPCjLQYlN16fGS2c8=,tag:wwGxu37X13P0AXgchfdmkw==,type:bool] - username: ENC[AES256_GCM,data:NFF2wlfhx2U=,iv:+3HmKBgR8JdSKQl79x+FLVeWZoP9CZWAxAeEUoYaIAE=,tag:Mr9VWE+dQfK873Q7PDaUJw==,type:str] - domain: ENC[AES256_GCM,data:FZSLo6ILdSrjltMx1EF7WCDA,iv:LzQf1xoyHBIzz3Dlv2HYwJlPxU3xyy0m/Jp9RzeJ8TQ=,tag:k+rOCYF+sHqiU92gHfHs9Q==,type:str] - password: ENC[AES256_GCM,data:mb7FdDuEtjafzrfNXriq0JjwIVsyBYID7sEEdooe,iv:GG/vcep80OGQhL4TL/33RYdsZ91Senxoeomt12cNvjM=,tag:wzQG+Y+/RK2ugGjpkJDRoQ==,type:str] -postgresql: - auth: - password: ENC[AES256_GCM,data:FY5CE1pYShtlgB8IYaqRp1hysWL3ykhI/5fGwZ4d,iv:7EQUwcDYNDHWmxWgZx3D4XOcfHfDmljl/TUaqQw022M=,tag:XS1ywvMAoag0eu/5eWVlyg==,type:str] - postgresPassword: ENC[AES256_GCM,data:JNc4wXMYezKxWB0YJA82CMjo3kFJ/homIUlfFMra,iv:IzCwXuFHq1dNO1v43X9LeaLL6WHyX0VbHKMkHarzDLc=,tag:DxJaUhfWbJq9jmpv2F/IQQ==,type:str] - secretKeys: - adminPasswordKey: ENC[AES256_GCM,data:VFLgU4nQ/zZ2D7VN+beDDUTrnvfGdBnLaCRCdrwA,iv:pR4ybyQdsHa+4l//fGlOSbC32W8D5N3dpbV5zAslCO8=,tag:+G3HaTBxeViJPHOa3zUqww==,type:str] - replicationPasswordKey: ENC[AES256_GCM,data:a04vZTyLiw99+TGWP/OHISlgtL24gSoRsXT/NPtm,iv:+EcGrXZIFvXN+vHDZyQLbD25XHf9xRDmkMur/5cOQcQ=,tag:6+b7dmC00hfoOCLKOeh44Q==,type:str] - userPasswordKey: ENC[AES256_GCM,data:8hgmiSMgigW2kINZcElVPQDViMb9/BynfEobdh5H,iv:JdvAIpfIhaqPNO1ffc8rN0N6QTWfaFfCTpbuoXVgrR0=,tag:RnlPdkQnBlgHKssFYIDmxA==,type:str] -global: - database: - roundcube: - password: ENC[AES256_GCM,data:I2v1MBqWzyQwbM7/a0030BrTd5vMzfui+A==,iv:8qwI9R+NkvHGhGr2WBMiZOVzIMWnUMu6stIVvrPzQqw=,tag:yixSyGBk6rdWxaZxb+TiFQ==,type:str] -sops: - kms: [] - gcp_kms: [] - azure_kv: [] - hc_vault: [] - age: - - recipient: age1vzkv97n2p7gfkw8dyx8ctz2kumattz89th2jq47zyjyrarmnssysdkw9v8 - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBteU4raWV3SFAyMGgyb0tK - SnREZnhyVDFrcTRpYWFhVWcyUmlDcmI1a0VRCnMvY1NGekNHTzdKeWdUVTQxbTdQ - Y0pyS1dGenV2cGd6QzZ4U3dUWDF5SjgKLS0tIGVwZ3NOTk0waUFFVDZTdnVic2pB - U2xkVThoZ0VKQk84Rk1UY3J6MXp1TzAKdMaqA+BJS9RXCWI5Sxr50M0+yxpeoq5u - ev6fvxqkMBcIVgR0s9NeeluHLTr/Rxo4beb4qN5qMeLkGDbcV5eBUg== - -----END AGE ENCRYPTED FILE----- - lastmodified: "2024-10-11T12:09:19Z" - mac: ENC[AES256_GCM,data:Bknntp44iiuRJlljijiR+zdxePtM1Q0kb0z3MVh4krjQrOvn5W8mVyhB3EcY5JDiAQ5KGMI6CfuUAFB9e8pqpHlpRILVot9sunw/MCsxhz4ZYJvic9OcEmopKbTZTGA+v4iL89SjgAAeclM0SUOCIUo9FBL35s5VO9XWSQoEf9k=,iv:O8LjgMO17VBSb0AGNONbwJHu5qHBvVtt9iovywHBEqg=,tag:E3piCvHmENugYfA0GXbM0Q==,type:str] - pgp: [] - unencrypted_suffix: _unencrypted - version: 3.9.0 diff --git a/values/badhouseplants/secrets.mariadb.yaml b/values/badhouseplants/secrets.mariadb.yaml deleted file mode 100644 index cd13b79..0000000 --- a/values/badhouseplants/secrets.mariadb.yaml +++ /dev/null @@ -1,24 +0,0 @@ -auth: - rootPassword: ENC[AES256_GCM,data:ff825CsmvG34ZWZWR+tV0ea+2kM=,iv:nUZGeUM7Ck0h72q5bPjH9UB3zAictnmOtsLQtNTVrYY=,tag:jt//DeLPMCOvT5XDZ+b8Ug==,type:str] - password: ENC[AES256_GCM,data:f0XcbH96uQ0HJIxfvkS0s7XGlsVJfHNrSg==,iv:Vn39GFekmWjbloTjkwuQVC0SmO37yBqNhUM9wHZS+H4=,tag:Ewigym1uzTIcQnNQ3rYLKw==,type:str] - replicationPassword: ENC[AES256_GCM,data:qSENgwBts6ubaf+CLE60AtKzh8H5/2O9lA==,iv:GZW5ktMxg/zb+4ic8T6n36RQPkQxr4K+PM4DF+8gGF0=,tag:PBCegHMiEmUCbKi4TleT6Q==,type:str] -sops: - kms: [] - gcp_kms: [] - azure_kv: [] - hc_vault: [] - age: - - recipient: age1vzkv97n2p7gfkw8dyx8ctz2kumattz89th2jq47zyjyrarmnssysdkw9v8 - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBWZG8ydzB4VXRpdFEwK2Nt - VitsbStwbklocUJNYWFwTW1yN3ZDK2l3S1NNCnZEZ0pMY2RPMHZPVk8wa3dzVExv - MThHQzdPbk5pSDFMaG5UL1g5YzBMVFkKLS0tIG4wS3d0ZWlFUElqb0lCZk1nL1k2 - eHVsVy9keGd4ZkhNMkw4d0FzZGg3bEEKuXM57Vi0jDcTiOMWMO7nBt5JUgE5k6hc - XjVIcfLyO/Grnc2qjhxFx+Z912VHWKpDSRouDorKKWBMJXWLAvaTTw== - -----END AGE ENCRYPTED FILE----- - lastmodified: "2024-10-11T12:09:19Z" - mac: ENC[AES256_GCM,data:pkF3MIcsSbA04qc1IdBMkwfpsVqSZ+X+Gmmqmo+dUhhgtpPB+64vwfAlK6FR1+eaJGH+QJk8R5NQR9IXmjGdssdSIe8iY3rqPooaMsO9VjPDkdccqsPNeLwiulu42KnMHP4vSdWj/4GQazsBBjE/lD9dOdnWCJ4HHw02/q10uuk=,iv:qliRDArrD6i6Td6cFJNYEE1UugeK8yhiLm3ONSgXc3U=,tag:X9V4lgWclYk87RiD3tgiiA==,type:str] - pgp: [] - unencrypted_suffix: _unencrypted - version: 3.8.1 diff --git a/values/badhouseplants/secrets.mealie.yaml b/values/badhouseplants/secrets.mealie.yaml deleted file mode 100644 index e776460..0000000 --- a/values/badhouseplants/secrets.mealie.yaml +++ /dev/null @@ -1,21 +0,0 @@ -test: ENC[AES256_GCM,data:+Y+a6Q==,iv:yRpujiEbPbMSKwwP0MWqUMCNPbi0/XMc/XBVxcxPj7g=,tag:sgGCCFjHtpqcih4gC8AkWQ==,type:str] -sops: - kms: [] - gcp_kms: [] - azure_kv: [] - hc_vault: [] - age: - - recipient: age1vzkv97n2p7gfkw8dyx8ctz2kumattz89th2jq47zyjyrarmnssysdkw9v8 - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBiL0dPeFJnNTRVWFBNRnRl - OWZxQXlYdXFiRUxYTzBWNjBWamI4M2NxbWdNCit6K3FYRys4RzAwODZ0Z2ljMlpU - Znh5ZmpTM2VUK1ZCeVpVeTJvSHdGNFEKLS0tIHZrNU9RWHIrTlpRUWpvVUVqUlJY - ZW1sWWhPSXp0L3h4VHdteWJDdHR6MlEK1DQLcUwvMVhxOQVO/Z/y066qOJFWUQmT - NsLA9zGQce0WuXvDltvDltaAOCcs9mpETAOxEdz8GkGqxkXZ3ZRgHw== - -----END AGE ENCRYPTED FILE----- - lastmodified: "2024-10-11T12:09:19Z" - mac: ENC[AES256_GCM,data:d6xwPAr/NQ+0ciDeV6Ph3xlvWPjPDkrkwlkeVrp/sFi2WqjWLjAd+vEb677yXXZ3jBcVN+Mu/DaBTJr1G6/1K4d99s9VGPtYvRHRbK/J5FVN9De8tA65DsQOMGKUgBt+JCB1jMDU5wRvMWAi9J4ejYIgaZ8iiyXK6b/tAs5hkiE=,iv:9QFJsBG76E90Qc06nZzwV2ON4gXTmtvy2/CjfRCSDlw=,tag:LHmzhiIuiGmUA9DeSdei3w==,type:str] - pgp: [] - unencrypted_suffix: _unencrypted - version: 3.9.0 diff --git a/values/badhouseplants/secrets.mysql.yaml b/values/badhouseplants/secrets.mysql.yaml deleted file mode 100644 index 12a7ef4..0000000 --- a/values/badhouseplants/secrets.mysql.yaml +++ /dev/null @@ -1,23 +0,0 @@ -auth: - rootPassword: ENC[AES256_GCM,data:kDtOehAfpQ4TXN/pFUJiytrz5ZA=,iv:DJ893dKr/4SFBEl8HnYv2PMb3Nb2AfL1RVgN2QmDRmA=,tag:1TkFcvDTnd2RhMX8L02y3w==,type:str] - password: ENC[AES256_GCM,data:8oEQPuP0poFEpA==,iv:d9ZmklpwJa13wyNjrqNfFMEbJDSQ+NeyB4gj+59g09Q=,tag:c8Wz0wIPrvAH6k9FPRGC8A==,type:str] -sops: - kms: [] - gcp_kms: [] - azure_kv: [] - hc_vault: [] - age: - - recipient: age1vzkv97n2p7gfkw8dyx8ctz2kumattz89th2jq47zyjyrarmnssysdkw9v8 - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBySC9wei9qb05GODBkTVZn - RVJ6S1RON0FaVTFXU0xzQmdLTlhDN0pzR2k4CldlOUdCZkkrQytSaVpYck0wMFVr - R2FWbGlNTUhHdUg2WklTSGR0b3NWV3MKLS0tIFFwSDJKMHJFdlE1WnBjVzVKWU5P - TzBBM09GS3ZXcU5hZ1FZcWFUYW1JVEUKjTIAcTBu2PpjLOikACcqVErrP61OrwlS - XzEpBU3mz9J+tp0RK2mtv6UulKQKFntZys2YLDZAgVDOvqxtNrDjCA== - -----END AGE ENCRYPTED FILE----- - lastmodified: "2024-10-11T12:09:19Z" - mac: ENC[AES256_GCM,data:3JjNzcBM3KfmmdK7aGUmxrqIUW7sz6ogFRVDC+hrPi7+6b8LyOK4ztP5KZq1Fcuv9xRr+OEpdhVKyDyfluvHcaJB8DurTePfffAIs7neeu53/IUq1+cyyZ9elRQWJp51FsOaP/nkUoIEVA9he5mhmMGUiUrOlzGRfD0Sh1KJI8I=,iv:z2lA6YLJEs+yv2AjAtL8QL9P1vy1g7WGh3BbhDZ/J5s=,tag:2HjZvdsNxzV6f7BajZRQYQ==,type:str] - pgp: [] - unencrypted_suffix: _unencrypted - version: 3.7.3 diff --git a/values/badhouseplants/secrets.nrodionov.yaml b/values/badhouseplants/secrets.nrodionov.yaml deleted file mode 100644 index 20aa925..0000000 --- a/values/badhouseplants/secrets.nrodionov.yaml +++ /dev/null @@ -1,22 +0,0 @@ -wordpressPassword: ENC[AES256_GCM,data:UFZCIa4YNbcNFQ==,iv:Q5n+72jgUJKIpwblr8/VfBqPDfJZclipDKVTjt4BWWw=,tag:RBJy121o8C9LpB8pxdpXHQ==,type:str] -wordpressEmail: ENC[AES256_GCM,data:COX4/ZgQEIasfo2Q7ReSs0sWeK3k,iv:AZX5Gzd4vde+sM5XBuiKjAc72GWHfL46OoG6XMaKrq0=,tag:wMSjQKfu2leyfiddfOV7og==,type:str] -sops: - kms: [] - gcp_kms: [] - azure_kv: [] - hc_vault: [] - age: - - recipient: age1vzkv97n2p7gfkw8dyx8ctz2kumattz89th2jq47zyjyrarmnssysdkw9v8 - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBhQVdUUmRESFRKY1BKbk9x - V2hhK1krMFBBcDdYemVqZTJCeU4wanpoM0g4Ck5GNGRZenBNQ1h1c3FYQUNUTGFn - bk5yODlyM3lCYU1UWkpBdEt2VTVyU3cKLS0tIEsrRmduT1VxN1BJUFp2OWxONERa - c0hUamZJTU5ud0lNdGNwS0NwejVwblEKP0Mz4KIHhM+Y8whJ6oo/zSzg1SUtXrst - 5uGKdbPy3jLYWlZLv4/7VPSS40t21UBLdP0y42AZEbbBn5XEHtbu1w== - -----END AGE ENCRYPTED FILE----- - lastmodified: "2024-10-11T12:09:19Z" - mac: ENC[AES256_GCM,data:+kLHyFmO43JOPbZMIqVIPpngAPthoQXMdVOsDwvBrpIRnjkU5iHpbBAo+Gn6QePm+9BKWJw4Dmzg0N/nT+u9o2Owyi3qlvbiSPnaTfswIpJMRhpPF++6t4aZZXUJeAUoq750iAgZnuBNMDuLpFpKzDu5kgpXRCInksPav+/kp6Y=,iv:8Yziaw6iAs2rWz43foBHz+Ug1SpZwNF614CwDk0rsZ0=,tag:hPr3OvLtsvXquTnHDXADtA==,type:str] - pgp: [] - unencrypted_suffix: _unencrypted - version: 3.9.0 diff --git a/values/badhouseplants/secrets.postgres16-gitea.yaml b/values/badhouseplants/secrets.postgres16-gitea.yaml deleted file mode 100644 index 57f33dc..0000000 --- a/values/badhouseplants/secrets.postgres16-gitea.yaml +++ /dev/null @@ -1,24 +0,0 @@ -global: - postgresql: - auth: - postgresPassword: ENC[AES256_GCM,data:GsNMbddMFxPNxZKfYqknBjpVOLSJRSua9vzls8fJNXs8aCNNjqOHFhr8KuUtd17t18o=,iv:O6zXIoWS71n+ZZ4d0JyfL1PEyLBPvt/JdWARc4yqc8Y=,tag:rCIvB4sIiCHl1qHf78PDtg==,type:str] -sops: - kms: [] - gcp_kms: [] - azure_kv: [] - hc_vault: [] - age: - - recipient: age1vzkv97n2p7gfkw8dyx8ctz2kumattz89th2jq47zyjyrarmnssysdkw9v8 - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBwMzBnYmd2U2lQQXorZTMz - NFAxQ25GMDJEZmQyY2RKUzUrMWxBVWJpV0RzCkh3VFhCNE1xandKei9KWWR4OU5J - M0Q1WTRMcXF0N3NtbS9QZ0J3U2VtbzAKLS0tIEhsNGZsUW1ydWFkZjFoRmVlS2Jl - Yk0zVnM3dFpqdDJuZEpZbTBmWGRJL28K9xfMizVfaWfll7x73eZwSMisX0zuGoWM - s1ffBVMu6tzm3sCHoXWhGi1GvsdwspSCBS2+pyc3Z/cK67SDVP6uZQ== - -----END AGE ENCRYPTED FILE----- - lastmodified: "2024-10-11T12:09:19Z" - mac: ENC[AES256_GCM,data:GFVtew/Ppk32XpUSMCfxj7nP+xreo8G3ys3cjq5Fxwf6hwhUCjfPn1ZYapLAcdA36G4xf1/hpwrSK2zV7X1aiz266qiDP1fmBTLSLW0zzf4HvnzGleXNQrss3ezBCqSEJGSrFks5Xpti0zvLpERo5KZSnBND/scKDuIVv7EcboU=,iv:1AWLLzOx3T2o0tTA2V2Qs/qlIbEGySHd2OXpFT+BDqk=,tag:Ic4L77/Pbv1dmLRLaODb6Q==,type:str] - pgp: [] - unencrypted_suffix: _unencrypted - version: 3.8.1 diff --git a/values/badhouseplants/secrets.shadowsocks-libev.yaml b/values/badhouseplants/secrets.shadowsocks-libev.yaml deleted file mode 100644 index f9eecdd..0000000 --- a/values/badhouseplants/secrets.shadowsocks-libev.yaml +++ /dev/null @@ -1,26 +0,0 @@ -env: - secrets: - sensitive: ENC[AES256_GCM,data:OKmFKw==,iv:7ohWwGwj/b+N3szJtcz/Ye6tJb+QptwhHwsyCBIp4NQ=,tag:es+T0GPlQfXcWFZWcr+W6w==,type:bool] - data: - PASSWORD: ENC[AES256_GCM,data:Lk395om/fVRf+IMWuhkuZrigyOXAs+uO7FdRUyVij9BAxlYUkUtsFlBECXnbuGOvGMA=,iv:tEpD8oPSWEfRto31eMXzGB8n0VqPYuqEO0RODyeZPV8=,tag:Ul7nG7whesyoXTGTJaFvBA==,type:str] - DNS_ADDRS: ENC[AES256_GCM,data:fTdhllypHai9JA==,iv:pRo9XdiFFU7eIX8cuYEpt2+uGKpfw8Xw+qtvW3msWMg=,tag:OKL/B6r2uQtHBpZOyLiYGA==,type:str] -sops: - kms: [] - gcp_kms: [] - azure_kv: [] - hc_vault: [] - age: - - recipient: age1vzkv97n2p7gfkw8dyx8ctz2kumattz89th2jq47zyjyrarmnssysdkw9v8 - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBka1ZpUmY0OVNpME5Delgw - Y1AycVJRd3RxVWlzV1A4Z1JBT0ZBNWcvdkRNCk9iWDVXWld5VmJNRXdGSGV1TGpH - MmdtNXdKQWhtdlJqSFk0MjA2WngzdnMKLS0tIHp3eEpoVWV4NXhLM2R6OEdmdW9u - T1R2SDJQdzh3MzRPd2hYMTh2NDVmckEKPvwz47sdpioDJyS+pBnLmW0+nPZLq9D0 - y9TdTHNPFL1lFxlCAdOzN2iuHz2Wp2/PmYPf2ueZWsoylEoSSWIz6w== - -----END AGE ENCRYPTED FILE----- - lastmodified: "2024-10-11T12:09:19Z" - mac: ENC[AES256_GCM,data:glgdOQIAulwfUbGdvVetITTvzqTOeNlspDqcnXs2f2RPE+LikRs1rbVNLbaGo48xL2CM3f4ahTeLGl3FyqB8bNlFTEy/AuW2MyRFfusLqUynb3fkKAEOwe3GNG3Pc65HmjnkjXWsXMxaMtxZ/Ge7ap+VsODd9DwahHEGdRNxgWU=,iv:PjTBbh9Jmt9651mGxKIKTf/DZPPoQ0rKLumFmPWOpig=,tag:iDBmO9IzqqJW0tL39udwUQ==,type:str] - pgp: [] - unencrypted_suffix: _unencrypted - version: 3.9.0 diff --git a/values/badhouseplants/secrets.tandoor.yaml b/values/badhouseplants/secrets.tandoor.yaml deleted file mode 100644 index 94ba23d..0000000 --- a/values/badhouseplants/secrets.tandoor.yaml +++ /dev/null @@ -1,22 +0,0 @@ -env: - SECRET_KEY: ENC[AES256_GCM,data:g+evPub7DL4bx++hXhlkYTetJp5vRKYYGPpFwfi0,iv:JuSUmrUUgVL07y4mQ+z3lNRLpe0io4uDKndWpEgIVDU=,tag:Ug42srZ8fmlACGvkQSQoeQ==,type:str] -sops: - kms: [] - gcp_kms: [] - azure_kv: [] - hc_vault: [] - age: - - recipient: age1vzkv97n2p7gfkw8dyx8ctz2kumattz89th2jq47zyjyrarmnssysdkw9v8 - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBiQ3dMMExTTCtkWmtWUVVK - Skh5RGxqeXJGUlFUcFNHakoxdEdEeHFyQVZVCnd5a2tYWlBHNlp5YThVdE5nUzFh - MnpWZDQyM1RQaFRrZUo5bFBHR2RZU2cKLS0tIEZLUUVJWksvRTcwZGljUFJWUGgx - MnlLbjl6TlJRVTBLa1FPTGZXNHU5WTAKmaTikdqlf1dpIEJWbhW2fSzocPH5QFNE - 6yuw30lTnU4MWMXhRzU+os6KrdVKcqLz+1tlZ8vm2GgwXKaoLHwBng== - -----END AGE ENCRYPTED FILE----- - lastmodified: "2024-10-11T12:09:19Z" - mac: ENC[AES256_GCM,data:uVFM0dsJoAxj5IItz6RXtSlzgArjqMW/DrdECpmmrLURUwLcBN8b7elCXWOECMBVM8iYKa08ZMIdTqwQZjPkNPrId6LVi+eHzUnCizbOVYKBmhT8nsZhKXczg6ItLKwPnPzSAQhPriSS38Ht+nHztwRYew89JOoMckWNlh41VSY=,iv:2ktCH78U4hRSkg/QiOBXA/TlZjYEl+4Taux/w4+Rr/M=,tag:illBKjzl+WeCmbVWCGEfVw==,type:str] - pgp: [] - unencrypted_suffix: _unencrypted - version: 3.8.1 diff --git a/values/badhouseplants/secrets.vaultwardentesttest.yaml b/values/badhouseplants/secrets.vaultwardentesttest.yaml deleted file mode 100644 index a3d3e21..0000000 --- a/values/badhouseplants/secrets.vaultwardentesttest.yaml +++ /dev/null @@ -1,30 +0,0 @@ -env: - secrets: - enabled: ENC[AES256_GCM,data:ljks7A==,iv:nEzYTUi6VLTOIoPuKljxwNLoo1jD2twVXG8rbJt++5E=,tag:EdWckiqrQxyklQJmz09+dQ==,type:bool] - sensitive: ENC[AES256_GCM,data:7aMiSg==,iv:/mNXXR6oI4/eMiyym+kK9N6q8RtchsGGZghgdrw9iMM=,tag:WBPyhtQTLGTJitzveJrWog==,type:bool] - data: - SMTP_USERNAME: ENC[AES256_GCM,data:9w+i/hHE6WQB2k10yb8VHJAQeNgH7untgNNl,iv:9w05Hm9MDcrUDar2yo35jy/fDrF5aluf9T9gmuOCQjw=,tag:bKlUJQRUqFw5ZXBlhPt7tg==,type:str] - ADMIN_PASSWORD: ENC[AES256_GCM,data:4mt21Q7l7gPjVKeHuoC7J9H7egmJ0nS3onWr0rAA/113iwa2XiLweRY/3obx5o0Q62k=,iv:hZDJMVhowwfpfxVobPztO4Dx5jEp6Vf57uWWppAC+Ak=,tag:pADNCgYM6yPfa/dESLVHQw==,type:str] - ADMIN_TOKEN: ENC[AES256_GCM,data:8S1LvFWo5FmEk0JPzg2AbJd+kCPiTu+Pri9RcpSS9+0GBnfwgbqttykFvoBulSIjO7LfYGfi4aB3lFHyOVu22HROVtBXf+0pswBk4jOkSHuCRbCH6Q==,iv:55Fl+NLBKUsgjugCHp7tmhM4fCCtzPrZdCyJfgFomWU=,tag:nw/oOZiKy4MIFedRiPkxlA==,type:str] - DATABASE_URL: null - SMTP_PASSWORD: ENC[AES256_GCM,data:kIBW21OPVOjJpwF5Fa77Qyz/GRM=,iv:jOnAkVsEfSdGrwIIuc7PKPvACTGe3racjcjqqcfLjgE=,tag:hAD5/FisMJTTS7tA9r2FMQ==,type:str] -sops: - kms: [] - gcp_kms: [] - azure_kv: [] - hc_vault: [] - age: - - recipient: age1vzkv97n2p7gfkw8dyx8ctz2kumattz89th2jq47zyjyrarmnssysdkw9v8 - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSByOEhvMVlneVhUb01PZ29a - V0dkQlRkSjRSTGxnVi93b3phbld4Zzg2YWdNCm5wRUlpYWdoWnlyeXVsQk9YdnJL - R3QvWlhBSDFobUR0ZklGQUVHUzRoRFUKLS0tIGp2RmY5dUNUbElyRlI4UkRIM0gx - UnFxbE91SEo4VkxzSzQzQWhUbTJURVEKbnW2PsaPXxNEyP8YGwynYufnT4cXThRd - dWDY25xuE4tFFYQZJN5FCye0DoLhBtoqMN6BxG94LhmsnW0a2+tU3g== - -----END AGE ENCRYPTED FILE----- - lastmodified: "2024-10-11T12:09:20Z" - mac: ENC[AES256_GCM,data:1Iz6m+g4LPGsx+6uKCxTmEUu4jRsrB9Y9l6oqusVazUWjNe1xQDPR0+urhC2zUNSbqmUK/BIieUSPL0sjghRCxN6rLdOwO5rrLFGQZu0WGST2HqLxoyE1JxRBQG6UHrnzfUk2YIKVmrEZIvRBnTkTETWBALQM9So1NU7y5xZtis=,iv:0Tpf3WWsSjEnVpnFjSpUl19XaY7a8waTKQWoRgozfCU=,tag:s1uMN54TbPPb13CVoSc6WA==,type:str] - pgp: [] - unencrypted_suffix: _unencrypted - version: 3.9.0 diff --git a/values/badhouseplants/values.chartmuseum.yaml b/values/badhouseplants/values.chartmuseum.yaml deleted file mode 100644 index 3073b19..0000000 --- a/values/badhouseplants/values.chartmuseum.yaml +++ /dev/null @@ -1,25 +0,0 @@ -env: - open: - AUTH_ANONYMOUS_GET: true - DISABLE_API: false - CORS_ALLOWORIGIN: "*" -persistence: - enabled: true - accessMode: ReadWriteOnce - size: 2Gi - path: /storage -ingress: - enabled: true - pathType: "ImplementationSpecific" - annotations: - kubernetes.io/ingress.class: traefik - kubernetes.io/tls-acme: "true" - kubernetes.io/ingress.allow-http: "false" - kubernetes.io/ingress.global-static-ip-name: "" - cert-manager.io/cluster-issuer: badhouseplants-issuer-http01 - traefik.ingress.kubernetes.io/router.entrypoints: web,websecure - hosts: - - name: chartmuseum.badhouseplants.net - path: / - tls: true - tlsSecret: chartmuseum.badhouseplants.net diff --git a/values/badhouseplants/values.crossplane.yaml b/values/badhouseplants/values.crossplane.yaml deleted file mode 100644 index 1c19d22..0000000 --- a/values/badhouseplants/values.crossplane.yaml +++ /dev/null @@ -1,3 +0,0 @@ -provider: - packages: - - xpkg.upbound.io/crossplane-contrib/provider-kubernetes:v0.13.0 diff --git a/values/badhouseplants/values.docker-mailserver.yaml b/values/badhouseplants/values.docker-mailserver.yaml deleted file mode 100644 index 45b25ef..0000000 --- a/values/badhouseplants/values.docker-mailserver.yaml +++ /dev/null @@ -1,71 +0,0 @@ -traefik: - enabled: true - tcpRoutes: - - name: docker-mailserver-smtp - service: docker-mailserver - match: HostSNI(`*`) - entrypoint: smtp - port: 25 - - name: docker-mailserver-smtps - match: HostSNI(`*`) - service: docker-mailserver - entrypoint: smtps - port: 465 - - name: docker-mailserver-smpt-startls - match: HostSNI(`*`) - service: docker-mailserver - entrypoint: smtp-startls - port: 587 - - name: docker-mailserver-imap - match: HostSNI(`*`) - service: docker-mailserver - entrypoint: imap - port: 143 - - name: docker-mailserver-imaps - match: HostSNI(`*`) - service: docker-mailserver - entrypoint: imaps - port: 993 - - name: docker-mailserver-pop3 - match: HostSNI(`*`) - service: docker-mailserver - entrypoint: pop3 - port: 110 - - name: docker-mailserver-pop3s - match: HostSNI(`*`) - service: docker-mailserver - entrypoint: pop3s - port: 993 - -rainloop: - enabled: true - ingress: - enabled: true - hosts: - - mail.badhouseplants.net - annotations: - kubernetes.io/ingress.class: traefik - kubernetes.io/tls-acme: "true" - kubernetes.io/ingress.allow-http: "false" - kubernetes.io/ingress.global-static-ip-name: "" - cert-manager.io/cluster-issuer: badhouseplants-issuer-http01 - tls: - - secretName: mail-tls-secret - hosts: - - mail.badhouseplants.net - -demoMode: - enabled: false -domains: - - badhouseplants.net - - mail.badhouseplants.net -ssl: - useExisting: true - existingName: mail-tls-secret -pod: - dockermailserver: - enable_fail2ban: "0" - ssl_type: manual -service: - type: ClusterIP -spfTestsDisabled: true diff --git a/values/badhouseplants/values.drone-runner-docker.yaml b/values/badhouseplants/values.drone-runner-docker.yaml deleted file mode 100644 index 923e72d..0000000 --- a/values/badhouseplants/values.drone-runner-docker.yaml +++ /dev/null @@ -1,16 +0,0 @@ ---- -env: - DRONE_RPC_HOST: drone.badhouseplants.net - DRONE_RPC_PROTO: https - DRONE_NAMESPACE_DEFAULT: drone-service -rbac: - buildNamespaces: - - drone-service -dind: - resources: - limits: - cpu: 2000m - memory: 2024Mi - requests: - cpu: 100m - memory: 512Mi \ No newline at end of file diff --git a/values/badhouseplants/values.drone.yaml b/values/badhouseplants/values.drone.yaml deleted file mode 100644 index 8a1eb82..0000000 --- a/values/badhouseplants/values.drone.yaml +++ /dev/null @@ -1,18 +0,0 @@ -# ------------------------------------------ -# -- Istio extenstion. Just because I'm -# -- not using ingress nginx -# ------------------------------------------ -istio: - enabled: true - istio: - - name: drone-http - gateway: istio-system/badhouseplants-net - kind: http - hostname: drone.badhouseplants.net - service: drone - port: 8080 -env: - DRONE_SERVER_HOST: drone.badhouseplants.net - DRONE_SERVER_PROTO: https - DRONE_GITEA_SERVER: https://git.badhouseplants.net - DRONE_USER_CREATE: username:allanger,admin:true diff --git a/values/badhouseplants/values.iredmail.yaml b/values/badhouseplants/values.iredmail.yaml deleted file mode 100644 index fd50394..0000000 --- a/values/badhouseplants/values.iredmail.yaml +++ /dev/null @@ -1,4 +0,0 @@ -config: - env: - HOSTNAME: mail.badhouseplants.net - FIRST_MAIL_DOMAIN: badhouseplants.net \ No newline at end of file diff --git a/values/badhouseplants/values.istio-gateway-resources.yaml b/values/badhouseplants/values.istio-gateway-resources.yaml deleted file mode 100644 index acbca74..0000000 --- a/values/badhouseplants/values.istio-gateway-resources.yaml +++ /dev/null @@ -1,98 +0,0 @@ -certificate: - enabled: true - certificate: - - name: nrodionov-wildcard - secretName: nrodionov-wildcard-tls - issuer: - kind: ClusterIssuer - name: badhouseplants-issuer - dnsNames: - - nrodionov.info - - "*.nrodionov.info" - - name: badhouseplants-wildcard - secretName: badhouseplants-wildcard-tls - issuer: - kind: ClusterIssuer - name: badhouseplants-issuer - dnsNames: - - badhouseplants.net - - "*.badhouseplants.net" -istio-gateway: - enabled: true - gateways: - - name: badhouseplants-net - servers: - - hosts: - - badhouseplants.net - - '*.badhouseplants.net' - port: - name: grpc-web - number: 8080 - protocol: HTTPS - tls: - credentialName: badhouseplants-wildcard-tls - mode: SIMPLE - - hosts: - - badhouseplants.net - - '*.badhouseplants.net' - port: - name: http - number: 80 - protocol: HTTP2 - tls: - httpsRedirect: true - - hosts: - - badhouseplants.net - - '*.badhouseplants.net' - port: - name: https - number: 443 - protocol: HTTPS - tls: - credentialName: badhouseplants-wildcard-tls - mode: SIMPLE - - name: nrodionov-info - servers: - - hosts: - - nrodionov.info - - dev.nrodionov.info - port: - name: http - number: 80 - protocol: HTTP2 - tls: - httpsRedirect: true - - hosts: - - nrodionov.info - - dev.nrodionov.info - port: - name: https - number: 443 - protocol: HTTPS - tls: - credentialName: nrodionov-wildcard-tls - mode: SIMPLE - - name: badhouseplants-vpn - servers: - - hosts: - - '*' - port: - name: tcp - number: 1194 - protocol: TCP - - name: badhouseplants-ssh - servers: - - hosts: - - '*' - port: - name: ssh - number: 22 - protocol: TCP - - name: badhouseplants-minecraft - servers: - - hosts: - - '*' - port: - name: minecraft - number: 25565 - protocol: TCP diff --git a/values/badhouseplants/values.istio-ingressgateway.yaml b/values/badhouseplants/values.istio-ingressgateway.yaml deleted file mode 100644 index b97223d..0000000 --- a/values/badhouseplants/values.istio-ingressgateway.yaml +++ /dev/null @@ -1,72 +0,0 @@ -service: - type: LoadBalancer - externalTrafficPolicy: Local - ports: - - name: shadowsocks - port: 8388 - protocol: TCP - targetPort: 8388 - - name: minecraft - port: 25565 - protocol: TCP - targetPort: 25565 - - name: ssh-gitea - port: 22 - protocol: TCP - targetPort: 22 - - name: http2 - port: 80 - protocol: TCP - targetPort: 80 - - name: grpc-web - port: 8080 - protocol: TCP - targetPort: 8080 - - name: https - port: 443 - protocol: TCP - targetPort: 443 - - name: tcp - port: 1194 - protocol: TCP - targetPort: 1194 - # ----------- - # -- Email - # ----------- - - name: smtp - port: 25 - protocol: TCP - targetPort: 25 - - name: smtps - port: 465 - protocol: TCP - targetPort: 465 - - name: smtp-startls - port: 587 - protocol: TCP - targetPort: 587 - - name: imap - port: 143 - protocol: TCP - targetPort: 143 - - name: imaps - port: 993 - protocol: TCP - targetPort: 993 - - name: pop3 - port: 110 - protocol: TCP - targetPort: 110 - - name: pop3s - port: 995 - protocol: TCP - targetPort: 995 -podAnnotations: - proxy.istio.io/config: '{"gatewayTopology" : { "numTrustedProxies": 0, "forwardClientCertDetails": SANITIZE } }' -resources: - requests: - cpu: 100m - memory: 128Mi - limits: - cpu: 200m - memory: 1024Mi diff --git a/values/badhouseplants/values.istiod.yaml b/values/badhouseplants/values.istiod.yaml deleted file mode 100644 index d788392..0000000 --- a/values/badhouseplants/values.istiod.yaml +++ /dev/null @@ -1,14 +0,0 @@ ---- -pilot: - resources: - requests: - cpu: 50m - memory: 2048Mi -global: - proxy: - resources: - requests: - cpu: 20m - memory: 128Mi - limits: - memory: 128Mi diff --git a/values/badhouseplants/values.kimai.yaml b/values/badhouseplants/values.kimai.yaml deleted file mode 100644 index 315d171..0000000 --- a/values/badhouseplants/values.kimai.yaml +++ /dev/null @@ -1,71 +0,0 @@ -ext-database: - enabled: true - name: kimai-mariadb - instance: mariadb - credentials: - mariadb-password: '{{ .Password }}' - -global: - storageClass: ceph-filesystem -kimaiEnvironment: prod -kimaiAdminEmail: overlord@badhouseplants.net -kimaiAdminPassword: 'ZYdsgd^X9LsjxmJ7i6Xjx6LEMDbK8EJ$JCtX$P$6SisEKGJaqL' -kimaiMailerFrom: kimai@example.com -kimaiMailerUrl: null://localhost -kimaiTrustedProxies: "" -kimaiRedisCache: false -replicaCount: 1 -kimaiAppSecret: CVUwPmI9m6 -updateStrategy: - type: RollingUpdate -resources: - limits: - memory: 200Mi - requests: - cpu: 200m -service: - type: ClusterIP -ingress: - enabled: true - pathType: ImplementationSpecific - apiVersion: "" - ingressClassName: traefik - hostname: kimai.badhouseplants.net - path: / - annotations: - kubernetes.io/tls-acme: "true" - kubernetes.io/ingress.allow-http: "false" - kubernetes.io/ingress.global-static-ip-name: "" - cert-manager.io/cluster-issuer: badhouseplants-issuer-http01 - traefik.ingress.kubernetes.io/router.entrypoints: web,websecure - tls: true - selfSigned: false - -configuration: |- - monolog: - handlers: - main: - path: php://stderr - -persistence: - enabled: true - storageClass: ceph-filesystem - accessModes: - - ReadWriteMany - size: 512Mi - dataSource: {} - existingClaim: "" - selector: {} - annotations: {} - -mariadb: - enabled: false -externalDatabase: - host: mariadb.databases.svc.cluster.local - port: 3306 - serverVersion: '8.0' - user: applications_kimai_mariadb - database: applications_kimai_mariadb - ## NOTE: Must contain key `mariadb-password` - ## NOTE: When it's set, the `externalDatabase.password` parameter is ignored - existingSecret: kimai-mariadb-creds diff --git a/values/badhouseplants/values.local-path-provisioner.yaml b/values/badhouseplants/values.local-path-provisioner.yaml deleted file mode 100644 index 95dd553..0000000 --- a/values/badhouseplants/values.local-path-provisioner.yaml +++ /dev/null @@ -1,6 +0,0 @@ -storageClass: - create: true - defaultClass: true - defaultVolumeType: local - reclaimPolicy: Delete - volumeBindingMode: Immediate diff --git a/values/badhouseplants/values.longhorn.yaml b/values/badhouseplants/values.longhorn.yaml deleted file mode 100644 index 179720e..0000000 --- a/values/badhouseplants/values.longhorn.yaml +++ /dev/null @@ -1,31 +0,0 @@ -defaultSettings: - backupTarget: s3://longhorn@us-east1/backupstore - backupTargetCredentialSecret: s3-backup-secret - guaranteedEngineManagerCPU: 2 - guaranteedReplicaManagerCPU: 2 - storageOverProvisioningPercentage: 300 - storageMinimalAvailablePercentage: 5 - storageReservedPercentageForDefaultDisk: 1 - defaultDataPath: /media/longhorn - defaultReplicaCount: 1 -csi: - kubeletRootDir: /var/lib/kubelet/ - attacherReplicaCount: 1 - provisionerReplicaCount: 1 - resizerReplicaCount: 1 - snapshotterReplicaCount: 1 -persistence: - defaultClassReplicaCount: 1 - defaultNodeSelector: - enable: true - selector: longhorn - defaultClass: false -enablePSP: false -longhornUI: - replicas: 1 -longhornManager: - nodeSelector: - node-role.kubernetes.io/longhorn: "true" -longhornDriver: - nodeSelector: - node-role.kubernetes.io/longhorn: "true" diff --git a/values/badhouseplants/values.mailu.yaml b/values/badhouseplants/values.mailu.yaml deleted file mode 100644 index eecaa03..0000000 --- a/values/badhouseplants/values.mailu.yaml +++ /dev/null @@ -1,199 +0,0 @@ - -# ------------------------------------------ -# -- Database extension is used to manage -# -- database with db-operator -# ------------------------------------------ -ext-database: - enabled: true - name: mailu-postgres16 - instance: postgres16 - extraDatabase: - enabled: true - name: roundcube-postgres16 - instance: postgres16 - -# ------------------------------------------ -# -- Istio extenstion. Just because I'm -# -- not using ingress nginx -# ------------------------------------------ -traefik: - enabled: true - tcpRoutes: - - name: mailu-smtp - service: mailu-front - match: HostSNI(`*`) - entrypoint: smtp - port: 25 - - name: mailu-smtps - match: HostSNI(`*`) - service: mailu-front - entrypoint: smtps - port: 465 - - name: mailu-smpt-startls - match: HostSNI(`*`) - service: mailu-front - entrypoint: smtp-startls - port: 587 - - name: mailu-imap - match: HostSNI(`*`) - service: mailu-front - entrypoint: imap - port: 143 - - name: mailu-imaps - match: HostSNI(`*`) - service: mailu-front - entrypoint: imaps - port: 993 - - name: mailu-pop3 - match: HostSNI(`*`) - service: mailu-front - entrypoint: pop3 - port: 110 - - name: mailu-pop3s - match: HostSNI(`*`) - service: mailu-front - entrypoint: pop3s - port: 993 -subnet: 192.168.0.0/16 -sessionCookieSecure: true -hostnames: - - email.badhouseplants.net -extraTls: - - hosts: - - badhouseplants.net - secretName: mailu-root-domain -domain: badhouseplants.net -persistence: - single_pvc: false -limits: - messageRatelimit: - value: "100/day" -tls: - outboundLevel: secure -ingress: - enabled: true - ingressClassName: traefik - tls: true - annotations: - kubernetes.io/tls-acme: "true" - kubernetes.io/ingress.allow-http: "false" - kubernetes.io/ingress.global-static-ip-name: "" - cert-manager.io/cluster-issuer: badhouseplants-issuer-http01 - traefik.ingress.kubernetes.io/router.entrypoints: web,websecure - tlsFlavorOverride: mail - # realIpFrom: traefik.kube-system.svc.cluster.local - # realIpHeader: "X-Real-IP" -front: - hostPort: - enabled: false - extraEnvVars: - - name: PROXY_PROTOCOL - value: "mail" - - name: REAL_IP_FROM - value: "192.168.0.0/16,10.43.0.0/16" - - name: AUTH_RATELIMIT_IP - value: 100/hour - - name: AUTH_RATELIMIT_USER - value: 50/day -admin: - resources: - requests: - memory: 100Mi - cpu: 70m - limits: - memory: 700Mi - cpu: 600m - startupProbe: - enabled: true - failureThreshold: 10 - initialDelaySeconds: 10 - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 5 - persistence: - size: 256Mi -redis: - resources: - requests: - memory: 100Mi - cpu: 70m - limits: - memory: 200Mi - cpu: 200m - master: - persistence: - enabled: false -postfix: - resources: - requests: - memory: 1024Mi - cpu: 200m - limits: - memory: 1024Mi - cpu: 200m - persistence: - size: 1Gi -dovecot: - logLevel: DEBUG - resources: - requests: - memory: 100Mi - cpu: 70m - limits: - memory: 400Mi - cpu: 300m - persistence: - size: 512Gi -roundcube: - resources: - requests: - memory: 100Mi - cpu: 70m - limits: - memory: 200Mi - cpu: 200m - persistence: - size: 512Mi -mysql: - enabled: false -postgresql: - enabled: false -## If using the built-in MariaDB or PostgreSQL, the `roundcube` database will be created automatically. -externalDatabase: - ## @param externalDatabase.enabled Set to true to use an external database - enabled: true - type: postgresql - existingSecret: mailu-postgres16-creds - existingSecretDatabaseKey: POSTGRES_DB - existingSecretUsernameKey: POSTGRES_USER - existingSecretPasswordKey: POSTGRES_PASSWORD - host: postgres16-postgresql.databases.svc.cluster.local - port: 5432 -rspamd: - resources: - requests: - memory: 100Mi - cpu: 100m - limits: - memory: 500Mi - cpu: 400m - startupProbe: - periodSeconds: 30 - failureThreshold: 900 - timeoutSeconds: 20 - livenessProbe: {} - readinessProbe: {} -webmail: - persistence: - size: 512Mi - storageClass: "" - accessModes: [ReadWriteOnce] - claimNameOverride: "" - annotations: {} -global: - database: - roundcube: - database: applications-roundcube-postgres16 - username: applications-roundcube-postgres16 - existingSecret: roundcube-postgres16-creds - existingSecretPasswordKey: POSTGRES_PASSWORD diff --git a/values/badhouseplants/values.mariadb.yaml b/values/badhouseplants/values.mariadb.yaml deleted file mode 100644 index 18f41dc..0000000 --- a/values/badhouseplants/values.mariadb.yaml +++ /dev/null @@ -1,5 +0,0 @@ -initdbScriptsConfigMap: "" -primary: - persistence: - enabled: true - size: 512Mi diff --git a/values/badhouseplants/values.mealie.yaml b/values/badhouseplants/values.mealie.yaml deleted file mode 100644 index d7e26d4..0000000 --- a/values/badhouseplants/values.mealie.yaml +++ /dev/null @@ -1,75 +0,0 @@ ---- -ext-database: - enabled: true - name: mealie-postgres16 - instance: postgres16 - credentials: - POSTGRES_SERVER: "{{ .Hostname }}" - POSTGRES_PORT: "{{ .Port }}" - -workload: - containers: - mealie: - envFrom: - - environment - - secretRef: - name: mealie-postgres16-creds - livenessProbe: - httpGet: - port: 9000 - readinessProbe: - httpGet: - port: 9000 - -ingress: - main: - class: traefik - annotations: - kubernetes.io/tls-acme: "true" - kubernetes.io/ingress.allow-http: "false" - kubernetes.io/ingress.global-static-ip-name: "" - cert-manager.io/cluster-issuer: badhouseplants-issuer-http01 - traefik.ingress.kubernetes.io/router.entrypoints: web,websecure - rules: - - host: mealie.badhouseplants.net - http: - paths: - - backend: - service: - name: "{{ include \"chart.fullname\" $ }}" - port: - number: 9000 - path: / - pathType: Prefix - tls: - - hosts: - - mealie.badhouseplants.net - secretName: mealie.badhouseplants.net -env: - environment: - sensitive: false - data: - ALLOW_SIGNUP: "true" - PUID: "1000" - PGID: "1000" - TZ: Europe/Berlin - MAX_WORKERS: "1" - WEB_CONCURRENCY: "1" - BASE_URL: https://mealie.badhosueplants.net - DB_ENGINE: postgres - OIDC_AUTH_ENABLED: "true" - OIDC_SIGNUP_ENABLED: "true" - OIDC_CONFIGURATION_URL: "https://authentik.badhouseplants.net/application/o/mealie/.well-known/openid-configuration" - OIDC_CLIENT_ID: mealie - OIDC_USER_GROUP: "Family" - OIDC_ADMIN_GROUP: "DevOps" - OIDC_AUTO_REDIRECT: "true" - OIDC_PROVIDER_NAME: authentik - secrets: - sensitive: true - data: - POSTGRES_USER: ~ - POSTGRES_PASSWORD: ~ - POSTGRES_SERVER: ~ - POSTGRES_PORT: ~ - POSTGRES_DB: ~ diff --git a/values/badhouseplants/values.minio-operator.yaml b/values/badhouseplants/values.minio-operator.yaml deleted file mode 100644 index d249ba4..0000000 --- a/values/badhouseplants/values.minio-operator.yaml +++ /dev/null @@ -1,2 +0,0 @@ -operator: - replicaCount: 1 diff --git a/values/badhouseplants/values.minio-tenant.yaml b/values/badhouseplants/values.minio-tenant.yaml deleted file mode 100644 index ad029f3..0000000 --- a/values/badhouseplants/values.minio-tenant.yaml +++ /dev/null @@ -1,136 +0,0 @@ -secrets: null -tenant: - name: minio - # The Kubernetes secret name that contains MinIO environment variable configurations. - # The secret is expected to have a key named config.env containing environment variables exports. - existingSecret: false - configSecret: - name: myminio-env-configuration - accessKey: minio - secretKey: minio123 - pools: - - servers: 1 - storageClassName: ceph-filesystem - name: main - volumesPerServer: 1 - size: 5Gi - storageAnnotations: { } - annotations: { } - labels: { } - tolerations: [ ] - nodeSelector: { } - resources: { } - securityContext: - runAsUser: 1000 - runAsGroup: 1000 - fsGroup: 1000 - fsGroupChangePolicy: "OnRootMismatch" - runAsNonRoot: true - containerSecurityContext: - runAsUser: 1000 - runAsGroup: 1000 - runAsNonRoot: true - allowPrivilegeEscalation: false - capabilities: - drop: - - ALL - seccompProfile: - type: RuntimeDefault - topologySpreadConstraints: [ ] - env: - - name: MINIO_IDENTITY_OPENID_CONFIG_URL - value: https://authentik.badhouseplants.net/application/o/minio/.well-known/openid-configuration - - name: MINIO_IDENTITY_OPENID_CLIENT_ID - value: minio - - name: MINIO_IDENTITY_OPENID_CLIENT_SECRET - value: Z2vCo8rw5jsEVZlvc3wCjPjUIcN31PAxEJQvZvzfawUtWPRCefk8uCjzffsOlK61RImz7IRUeGOfBeDnt7Xa8hpnhkXe6Dq2kBF0lZaUh0v3Jm3HV9zNONdAjxWaUJrh - - name: MINIO_IDENTITY_OPENID_SCOPES - value: openid,profile,email,groups - - name: MINIO_IDENTITY_OPENID_CLAIM_NAME - value: groups - - name: MINIO_IDENTITY_OPENID_REDIRECT_URI - value: https://minio-new.badhouseplants.net/oauth_callback - - name: MINIO_IDENTITY_OPENID_DISPLAY_NAME - value: Authentik - - name: MINIO_SERVER_URL - value: https://s3-new.badhouseplants.net:443 - mountPath: /export - subPath: /data - metrics: - enabled: false - port: 9000 - protocol: http - certificate: - externalCaCertSecret: [ ] - externalCertSecret: [ ] - requestAutoCert: false - certConfig: { } - features: - bucketDNS: false - domains: { } - enableSFTP: false - ### - # Array of objects describing one or more buckets to create during tenant provisioning. - # Example: - # - # .. code-block:: yaml - # - # - name: my-minio-bucket - # objectLock: false # optional - # region: us-east-1 # optional - buckets: - - name: test - users: [ ] - podManagementPolicy: Parallel - liveness: { } - readiness: { } - startup: { } - lifecycle: { } - prometheusOperator: false - additionalVolumes: [ ] - ### - # An array of volume mount points associated to each Tenant container. - # - # Specify each item in the array as follows: - # - # .. code-block:: yaml - # - # volumeMounts: - # - name: volumename - # mountPath: /path/to/mount - # - # The ``name`` field must correspond to an entry in the ``additionalVolumes`` array. - additionalVolumeMounts: [ ] -ingress: - api: - enabled: true - ingressClassName: traefik - annotations: - kubernetes.io/tls-acme: "true" - kubernetes.io/ingress.allow-http: "false" - kubernetes.io/ingress.global-static-ip-name: "" - cert-manager.io/cluster-issuer: badhouseplants-issuer-http01 - traefik.ingress.kubernetes.io/router.entrypoints: web,websecure - tls: - - secretName: s3-new.badhouseplants.net - hosts: - - s3-new.badhouseplants.net - host: s3-new.badhouseplants.net - path: / - pathType: Prefix - console: - enabled: true - ingressClassName: traefik - annotations: - kubernetes.io/tls-acme: "true" - kubernetes.io/ingress.allow-http: "false" - kubernetes.io/ingress.global-static-ip-name: "" - cert-manager.io/cluster-issuer: badhouseplants-issuer-http01 - traefik.ingress.kubernetes.io/router.entrypoints: web,websecure - tls: - - secretName: minio-new.badhouseplants.net - hosts: - - minio-new.badhouseplants.net - host: minio-new.badhouseplants.net - path: / - pathType: Prefix diff --git a/values/badhouseplants/values.mysql.yaml b/values/badhouseplants/values.mysql.yaml deleted file mode 100644 index b2209a0..0000000 --- a/values/badhouseplants/values.mysql.yaml +++ /dev/null @@ -1,6 +0,0 @@ -primary: - persistence: - size: 500Mi - -auth: - createDatabase: false diff --git a/values/badhouseplants/values.nrodionov.yaml b/values/badhouseplants/values.nrodionov.yaml deleted file mode 100644 index 9c94680..0000000 --- a/values/badhouseplants/values.nrodionov.yaml +++ /dev/null @@ -1,64 +0,0 @@ -ext-database: - enabled: true - name: nrodionov-mariadb - instance: mariadb - credentials: - mariadb-password: "{{ .Password }}" - -ingress: - enabled: true - pathType: ImplementationSpecific - hostname: dev.nrodionov.info - path: / - annotations: - kubernetes.io/ingress.class: traefik - kubernetes.io/tls-acme: "true" - kubernetes.io/ingress.allow-http: "false" - kubernetes.io/ingress.global-static-ip-name: "" - cert-manager.io/cluster-issuer: badhouseplants-issuer-http01 - tls: true - tlsWwwPrefix: false - selfSigned: false -wordpressBlogName: Николай Николаевич Родионов -wordpressUsername: admin -wordpressFirstName: Nikolai -wordpressLastName: Rodionov -wordpressTablePrefix: wp_ -wordpressScheme: http -existingWordPressConfigurationSecret: "" -resources: - requests: - memory: 300Mi - cpu: 10m -service: - type: ClusterIP - ports: - http: 8080 - https: 8443 - -persistence: - enabled: true - accessModes: - - ReadWriteOnce - accessMode: ReadWriteOnce - size: 512Mi - dataSource: {} - existingClaim: "" - selector: {} - -externalDatabase: - host: mariadb.databases.svc.cluster.local - port: 3306 - user: applications_nrodionov_mariadb - database: applications_nrodionov_mariadb - existingSecret: nrodionov-mariadb-creds -mariadb: - enabled: false - primary: - persistence: - enabled: true - storageClass: "" - accessModes: - - ReadWriteOnce - size: 3Gi - diff --git a/values/badhouseplants/values.postgres16-gitea.yaml b/values/badhouseplants/values.postgres16-gitea.yaml deleted file mode 100644 index e4a9d2d..0000000 --- a/values/badhouseplants/values.postgres16-gitea.yaml +++ /dev/null @@ -1,38 +0,0 @@ -architecture: standalone - -auth: - database: postgres - -persistence: - size: 1Gi - -metrics: - enabled: false -primary: - persistence: - size: 1Gi - resources: - limits: - ephemeral-storage: 1Gi - memory: 1024Mi - cpu: 500m - requests: - cpu: 100m - ephemeral-storage: 50Mi - memory: 256Mi - podSecurityContext: - enabled: true - fsGroupChangePolicy: Always - sysctls: [] - supplementalGroups: [] - containerSecurityContext: - enabled: true - seLinuxOptions: {} - runAsNonRoot: false - privileged: false - readOnlyRootFilesystem: true - allowPrivilegeEscalation: false - capabilities: - drop: ["ALL"] - seccompProfile: - type: "RuntimeDefault" diff --git a/values/badhouseplants/values.rook-ceph-cluster.yaml b/values/badhouseplants/values.rook-ceph-cluster.yaml deleted file mode 100644 index 4e602ce..0000000 --- a/values/badhouseplants/values.rook-ceph-cluster.yaml +++ /dev/null @@ -1,119 +0,0 @@ -toolbox: - # -- Enable Ceph debugging pod deployment. See [toolbox](../Troubleshooting/ceph-toolbox.md) - enabled: true -cephBlockPools: [] -cephObjectStores: [] -cephFileSystems: - - name: ceph-filesystem - spec: - metadataPool: - replicated: - size: 3 - dataPools: - - failureDomain: host - replicated: - size: 3 - name: data0 - metadataServer: - activeCount: 1 - activeStandby: true - resources: - limits: - cpu: ~ - memory: "512Mi" - requests: - cpu: "100m" - memory: "512Mi" - priorityClassName: system-cluster-critical - storageClass: - enabled: true - isDefault: true - name: ceph-filesystem - pool: data0 - reclaimPolicy: Delete - allowVolumeExpansion: true - volumeBindingMode: "Immediate" - mountOptions: [] - # - discard - parameters: - csi.storage.k8s.io/provisioner-secret-name: rook-csi-cephfs-provisioner - csi.storage.k8s.io/provisioner-secret-namespace: "{{ .Release.Namespace }}" - csi.storage.k8s.io/controller-expand-secret-name: rook-csi-cephfs-provisioner - csi.storage.k8s.io/controller-expand-secret-namespace: "{{ .Release.Namespace }}" - csi.storage.k8s.io/node-stage-secret-name: rook-csi-cephfs-node - csi.storage.k8s.io/node-stage-secret-namespace: "{{ .Release.Namespace }}" - csi.storage.k8s.io/fstype: ext4 - -cephClusterSpec: - dashboard: - enabled: true - ssl: false - all: - nodeAffinity: - requiredDuringSchedulingIgnoredDuringExecution: - nodeSelectorTerms: - - matchExpressions: - - key: role - operator: In - values: - - ceph - mgr: - count: 1 - mon: - count: 1 - resources: - api: - requests: - cpu: "500m" - memory: "512Mi" - limits: - memory: "512Mi" - mgr: - requests: - cpu: "500m" - memory: "512Mi" - limits: - memory: "512Mi" - mon: - limits: - memory: "512Mi" - requests: - cpu: "300m" - memory: "512Mi" - osd: - requests: - cpu: "500m" - memory: "1408Mi" - limits: - memory: "1408Mi" - #limits: - # cpu: "400m" - # memory: "1280Mi" - #requests: - # cpu: "200m" - # memory: "256Mi" - -cephFileSystemVolumeSnapshotClass: - enabled: true - name: ceph-filesystem - isDefault: true - deletionPolicy: Delete - -ingress: - # -- Enable an ingress for the ceph-dashboard - dashboard: - annotations: - kubernetes.io/ingress.class: traefik - kubernetes.io/tls-acme: "true" - kubernetes.io/ingress.allow-http: "false" - kubernetes.io/ingress.global-static-ip-name: "" - cert-manager.io/cluster-issuer: badhouseplants-issuer-http01 - traefik.ingress.kubernetes.io/router.entrypoints: web,websecure - host: - name: dashboard-ceph.badhouseplants.net - path: "/" - tls: - - hosts: - - dashboard-ceph.badhouseplants.net - secretName: dashboard-ceph.badhouseplants.net - ingressClassName: traefik diff --git a/values/badhouseplants/values.rook-ceph.yaml b/values/badhouseplants/values.rook-ceph.yaml deleted file mode 100644 index 2c05e13..0000000 --- a/values/badhouseplants/values.rook-ceph.yaml +++ /dev/null @@ -1,218 +0,0 @@ ---- -monitoring: - enabled: true -csi: - enableRbdDriver: false - csiRBDProvisionerResource: | - - name : csi-provisioner - resource: - requests: - memory: 128Mi - cpu: 50m - limits: - memory: 256Mi - cpu: 200m - - name : csi-resizer - resource: - requests: - memory: 128Mi - cpu: 50m - limits: - memory: 256Mi - cpu: 200m - - name : csi-attacher - resource: - requests: - memory: 128Mi - cpu: 50m - limits: - memory: 256Mi - cpu: 200m - - name : csi-snapshotter - resource: - requests: - memory: 128Mi - cpu: 50m - limits: - memory: 256Mi - cpu: 200m - - name : csi-rbdplugin - resource: - requests: - memory: 128Mi - cpu: 50m - limits: - memory: 256Mi - cpu: 200m - - name : csi-omap-generator - resource: - requests: - memory: 12Mi - cpu: 250m - limits: - memory: 1Gi - cpu: 500m - - name : liveness-prometheus - resource: - requests: - memory: 128Mi - cpu: 50m - limits: - memory: 256Mi - cpu: 50m - - # -- CEPH CSI RBD plugin resource requirement list - # @default -- see values.yaml - csiRBDPluginResource: | - - name : driver-registrar - resource: - requests: - memory: 128Mi - cpu: 50m - limits: - memory: 256Mi - cpu: 50m - - name : csi-rbdplugin - resource: - requests: - memory: 128Mi - cpu: 50m - limits: - memory: 256Mi - cpu: 50m - - name : liveness-prometheus - resource: - requests: - memory: 128Mi - cpu: 50m - limits: - memory: 256Mi - cpu: 50m - - # -- CEPH CSI CephFS provisioner resource requirement list - # @default -- see values.yaml - csiCephFSProvisionerResource: | - - name : csi-provisioner - resource: - requests: - memory: 128Mi - cpu: 50m - limits: - memory: 256Mi - cpu: 200m - - name : csi-resizer - resource: - requests: - memory: 128Mi - cpu: 50m - limits: - memory: 256Mi - cpu: 200m - - name : csi-attacher - resource: - requests: - memory: 128Mi - cpu: 50m - limits: - memory: 256Mi - cpu: 200m - - name : csi-snapshotter - resource: - requests: - memory: 128Mi - cpu: 50m - limits: - memory: 256Mi - cpu: 200m - - name : csi-cephfsplugin - resource: - requests: - memory: 128Mi - cpu: 50m - limits: - memory: 256Mi - cpu: 50m - - name : liveness-prometheus - resource: - requests: - memory: 128Mi - cpu: 50m - limits: - memory: 256Mi - cpu: 50m - - # -- CEPH CSI CephFS plugin resource requirement list - # @default -- see values.yaml - csiCephFSPluginResource: | - - name : driver-registrar - resource: - requests: - memory: 128Mi - cpu: 50m - limits: - memory: 256Mi - cpu: 50m - - name : csi-cephfsplugin - resource: - requests: - memory: 128Mi - cpu: 50m - limits: - memory: 256Mi - cpu: 50m - - name : liveness-prometheus - resource: - requests: - memory: 128Mi - cpu: 50m - limits: - memory: 256Mi - cpu: 50m - - # -- CEPH CSI NFS provisioner resource requirement list - # @default -- see values.yaml - csiNFSProvisionerResource: | - - name : csi-provisioner - resource: - requests: - memory: 128Mi - cpu: 50m - limits: - memory: 256Mi - cpu: 200m - - name : csi-nfsplugin - resource: - requests: - memory: 128Mi - cpu: 50m - limits: - memory: 256Mi - cpu: 50m - - name : csi-attacher - resource: - requests: - memory: 128Mi - cpu: 50m - limits: - memory: 256Mi - cpu: 50m - - # -- CEPH CSI NFS plugin resource requirement list - # @default -- see values.yaml - csiNFSPluginResource: | - - name : driver-registrar - resource: - requests: - memory: 128Mi - cpu: 50m - limits: - memory: 256Mi - cpu: 50m - - name : csi-nfsplugin - resource: - requests: - memory: 128Mi - cpu: 50m - limits: - memory: 256Mi - cpu: 50m diff --git a/values/badhouseplants/values.shadowsocks-libev.yaml b/values/badhouseplants/values.shadowsocks-libev.yaml deleted file mode 100644 index ecd3993..0000000 --- a/values/badhouseplants/values.shadowsocks-libev.yaml +++ /dev/null @@ -1,16 +0,0 @@ -traefik: - enabled: true - tcpRoutes: - - name: shadowsocks-libev - service: shadowsocks-libev-shadowsocks - match: HostSNI(`*`) - entrypoint: shadowsocks - port: 8388 -traefik-udp: - enabled: false - tcpRoutes: - - name: shadowsocks-libev - service: shadowsocks-libev-shadowsocks - match: HostSNI(`*`) - entrypoint: shadowsocks-udp - port: 8388 diff --git a/values/badhouseplants/values.tandoor.yaml b/values/badhouseplants/values.tandoor.yaml deleted file mode 100644 index c30f79e..0000000 --- a/values/badhouseplants/values.tandoor.yaml +++ /dev/null @@ -1,55 +0,0 @@ -istio: - enabled: true - istio: - - name: tandoor-http - gateway: istio-system/badhouseplants-net - kind: http - hostname: tandoor.badhouseplants.net - service: tandoor - port: 8080 - -ext-database: - enabled: true - name: tandoor-postgres16 - instance: postgres16 - credentials: - POSTGRES_HOST: |- - "{{ .Hostname }}" - POSTGRES_PORT: |- - "{{ .Port }}" - -envFrom: - - secretRef: - name: tandoor-postgres16-creds -env: - TZ: UTC - DB_ENGINE: django.db.backends.postgresql - EMAIL_HOST: badhouseplants.net - EMAIL_PORT: 587 - EMAIL_HOST_USER: overlord@badhouseplants.net - EMAIL_HOST_PASSWORD: nxVa8Xcf4jNvzNeE$JzBL&H8g - EMAIL_USE_TLS: 1 - EMAIL_USE_SSL: 0 - DEFAULT_FROM_EMAIL: tandoor@badhouseplants.net -persistence: - config: - enabled: true - retain: true - storageClass: longhorn - accessMode: ReadWriteOnce - size: 1Gi - media: - enabled: true - mountPath: /opt/recipes/mediafiles - retain: true - storageClass: longhorn - accessMode: ReadWriteOnce - size: 1Gi - static: - enabled: true - type: emptyDir - mountPath: /opt/recipes/staticfiles - django-js-reverse: - enabled: true - type: emptyDir - mountPath: /opt/recipes/cookbook/static/django_js_reverse diff --git a/values/badhouseplants/values.vaultwardentesttest.yaml b/values/badhouseplants/values.vaultwardentesttest.yaml deleted file mode 100644 index f783bf0..0000000 --- a/values/badhouseplants/values.vaultwardentesttest.yaml +++ /dev/null @@ -1,78 +0,0 @@ -workload: - kind: Deployment - strategy: - type: RollingUpdate - containers: - vaultwarden: - mounts: - storage: - data: - path: /app/data/ - extraVolumes: - logs: - path: /app/logs - envFrom: - - environment - - secrets -ingress: - main: - class: traefik - annotations: - kubernetes.io/ingress.class: traefik - traefik.ingress.kubernetes.io/router.entrypoints: web,websecure - kubernetes.io/tls-acme: "true" - kubernetes.io/ingress.allow-http: "false" - kubernetes.io/ingress.global-static-ip-name: "" - cert-manager.io/cluster-issuer: badhouseplants-issuer-http01 - rules: - - host: vaulttest2.badhouseplants.net - http: - paths: - - backend: - service: - name: '{{ include "chart.fullname" $ }}' - port: - number: 8080 - path: / - pathType: Prefix - tls: - - hosts: - - vaulttest2.badhouseplants.net - secretName: vaulttest2.badhouseplants.net -extraVolumes: - # -- Because by default the fs is read-only, we need to add an emtpy dir volume - logs: - emptyDir: {} -storage: - data: - storageClassName: openebs-hostpath -env: - environment: - enabled: true - sensitive: false - data: - DOMAIN: https://vaulttest2.badhouseplants.net - SMTP_HOST: mail.badhouseplants.net - SMTP_SECURITY: "starttls" - SMTP_PORT: 587 - SMTP_FROM: vaulttest@badhouseplants.net - SMTP_FROM_NAME: Vault Warden - SMTP_AUTH_MECHANISM: "Plain" - SMTP_ACCEPT_INVALID_HOSTNAMES: "false" - SMTP_ACCEPT_INVALID_CERTS: "false" - SMTP_DEBUG: false - DATA_FOLDER: /app/data/ - ROCKET_PORT: 8080 - SHOW_PASSWORD_HINT: true - SIGNUPS_ALLOWED: true - INVITATIONS_ALLOWED: true - SIGNUPS_DOMAINS_WHITELIST: "test.com" - SIGNUPS_VERIFY: false - WEB_VAULT_ENABLED: true - LOG_FILE: /app/logs/log.txt - LOG_LEVEL: info - DB_CONNECTION_RETRIES: 10 - DATABASE_MAX_CONNS: 10 - ORG_GROUPS_ENABLED: true - ORG_EVENTS_ENABLED: true - ORG_CREATION_USERS: "" diff --git a/values/badhouseplants/values.wikijs.yaml b/values/badhouseplants/values.wikijs.yaml deleted file mode 100644 index 3363157..0000000 --- a/values/badhouseplants/values.wikijs.yaml +++ /dev/null @@ -1,47 +0,0 @@ ---- -ext-database: - enabled: true - name: wikijs-postgres16 - instance: postgres16 - credentials: - DATABASE_DATASOURCE: "postgres://{{ .Username }}:{{ .Password }}@{{ .Hostname }}:{{ .Port }}/{{ .Database }}?sslmode=disable" - -volumeMounts: - - name: postgres-creds - readOnly: true - mountPath: "/etc/postgres/connection_string" - subPath: DATABASE_DATASOURCE -volumes: - - name: postgres-creds - secret: - secretName: wikijs-postgres16-creds - #externalPostgresql: - # databaseURL: $(cat /etc/postgres/connection_string) - -ingress: - enabled: true - className: traefik - annotations: - kubernetes.io/tls-acme: "true" - kubernetes.io/ingress.allow-http: "false" - cert-manager.io/cluster-issuer: badhouseplants-issuer-http01 - traefik.ingress.kubernetes.io/router.entrypoints: web,websecure - hosts: - - host: wikijs.badhouseplants.net - paths: - - path: "/" - pathType: Prefix - tls: - - secretName: wikijs.badhouseplants.net - hosts: - - wikijs.badhouseplants.net - - -postgresql: - enabled: false - postgresqlHost: postgres16-postgresql.databases.svc.cluster.local - postgresqlPort: 5432 - postgresqlUser: applications-wikijs-postgres16 - postgresqlDatabase: applications-wikijs-postgres16 - existingSecret: wikijs-postgres16-creds - existingSecretKey: POSTGRES_PASSWORD diff --git a/values/etersoft/values.openvpn-xor.yaml b/values/etersoft/values.openvpn-xor.yaml deleted file mode 100644 index d9580ab..0000000 --- a/values/etersoft/values.openvpn-xor.yaml +++ /dev/null @@ -1,46 +0,0 @@ ---- -# ------------------------------------------ -# -- Istio extenstion. Just because I'm -# -- not using ingress nginx -# ------------------------------------------ -# istio: - # enabled: true - # istio: - # - name: openvpn-tcp-xor - # gateway: istio-system/badhouseplants-vpn - # kind: tcp - # port_match: 1194 - # hostname: "*" - # service: openvpn-xor - # port: 1194 -# ------------------------------------------ -traefik: - enabled: true - tcpRoutes: - - name: openvpn - service: openvpn - match: HostSNI(`*`) - entrypoint: openvpn - port: 1194 -tcproute: - enabled: false -storage: - size: 128Mi - -openvpn: - proto: tcp - host: 195.201.249.91 - -easyrsa: - cn: Bad Houseplants - country: Germany - province: NRW - city: Duesseldorf - org: Bad Houseplants - email: allanger@zohomail.com - -service: - type: ClusterIP - port: 1194 - targetPort: 1194 - protocol: TCP