diff --git a/installations/platform/helmfile.yaml b/installations/platform/helmfile.yaml index c26aea0..2cc6aa6 100644 --- a/installations/platform/helmfile.yaml +++ b/installations/platform/helmfile.yaml @@ -12,6 +12,8 @@ repositories: url: https://zotregistry.dev/helm-charts/ - name: bedag url: https://bedag.github.io/helm-charts/ + - name: vmware-tanzu + url: https://vmware-tanzu.github.io/helm-charts/ releases: - name: argocd @@ -45,4 +47,11 @@ releases: inherit: - template: default-env-values - template: default-env-secrets - + + - name: velero + chart: vmware-tanzu/velero + namespace: platform + version: 7.1.2 + inherit: + - template: default-env-values + - template: default-env-secrets diff --git a/installations/storage/helmfile.yaml b/installations/storage/helmfile.yaml new file mode 100644 index 0000000..7bbeb7b --- /dev/null +++ b/installations/storage/helmfile.yaml @@ -0,0 +1,35 @@ +{{ readFile "../../common/templates.yaml" }} + +bases: + - ../../common/environments.yaml + +repositories: + - name: longhorn + url: https://charts.longhorn.io + - name: rook-release + url: https://charts.rook.io/release +releases: + - name: rook-ceph + chart: rook-release/rook-ceph + installed: false + namespace: rook-ceph + version: v1.14.8 + inherit: + - template: default-env-values + + - name: rook-ceph-cluster + chart: rook-release/rook-ceph-cluster + installed: false + namespace: rook-ceph + version: v1.14.8 + inherit: + - template: default-env-values + + - name: longhorn + chart: longhorn/longhorn + namespace: longhorn-system + version: 1.6.2 + inherit: + - template: default-env-values + - template: default-env-secrets + - template: ext-secret diff --git a/values/badhouseplants/secrets.velero.yaml b/values/badhouseplants/secrets.velero.yaml new file mode 100644 index 0000000..58c329d --- /dev/null +++ b/values/badhouseplants/secrets.velero.yaml @@ -0,0 +1,25 @@ +credentials: + useSecret: ENC[AES256_GCM,data:FiegMQ==,iv:bZB11+MhsNGPuprsMvQtClZq8OV8fqbPce3Eupswte0=,tag:ycXSZBJyI6P8/gCgv5exKQ==,type:bool] + name: ENC[AES256_GCM,data:WGAJC/rfYcRo8NSPSYrM,iv:2HXiJWCXQ35fUMpKk7B0a854pzgKIwkN+b7Df55sqJI=,tag:dUtBG5NTFx3LafLX5tXmMw==,type:str] + secretContents: + data: ENC[AES256_GCM,data:OKCSfWAHMQcnZKWXrR5typuPqiHJhOqaRF8N2qOptrvZAxYNbqvp1wU485N0c2bI45RcD08IDcmwl4IwcQ0fIpVWcNSkwCWQ,iv:ZJv8AiCYHyBAwX7WTI/skV00Y4jBA95SZWVfaVaIvqM=,tag:8hcgKSHAAp3W4BNOhmao7Q==,type:str] +sops: + kms: [] + gcp_kms: [] + azure_kv: [] + hc_vault: [] + age: + - recipient: age1vzkv97n2p7gfkw8dyx8ctz2kumattz89th2jq47zyjyrarmnssysdkw9v8 + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB6NzI3QzV0bnVpWlRlMGtD + SjZzZHlRaGMxZldzampxbERONmZqVkk3dFNJCjlXZ3NpQlZZQ1RVVHE1SU1IY204 + ZmFsdVcwcldZQm9abko5NytXVk5JRGcKLS0tIHd1dzZ4YkJTMUdscTRubXRaemVV + YlZzRTNSOTZ4NmgvQmRQbVluUk4yTjQKg2iVVuqZmzkvmrhOcOzUc5GB2eZW07pV + nWBaGBaSUKBQZxOooGiuMj7qGcfPrVRcLmM/brCYfEpmLHWjvJ+Nwg== + -----END AGE ENCRYPTED FILE----- + lastmodified: "2024-07-20T17:31:44Z" + mac: ENC[AES256_GCM,data:/WGEptmu5VTNE4sTFfDueJiteaPSJQn+dyfTN4dXnHwi5htBfGtRwsp9VWMsh22GR5fpkTYFBr9W1rFQ12fvv8TtxhiVyRmiCABd9LVxVsf459jgGg/BKvnoqh8OvjrindD5NxgsL/6aUMVYpacD49bmDPfres6ijiboBvn4sQE=,iv:hUIsTHP3SXdrppTGa6Azc2SSBsMuR0j8joGpCWNiiEg=,tag:K1p0o/AegrwT1cYJBiDQDQ==,type:str] + pgp: [] + unencrypted_suffix: _unencrypted + version: 3.9.0 diff --git a/values/badhouseplants/values.velero.yaml b/values/badhouseplants/values.velero.yaml new file mode 100644 index 0000000..647f822 --- /dev/null +++ b/values/badhouseplants/values.velero.yaml @@ -0,0 +1,29 @@ +initContainers: + - name: velero-plugin-for-aws + image: velero/velero-plugin-for-aws:v1.7.0 + imagePullPolicy: IfNotPresent + volumeMounts: + - mountPath: /target + name: plugins +configuration: + features: EnableCSI + backupStorageLocation: + - name: default + provider: aws + plugin: velero/velero-plugin-for-aws:v1.2.1 + bucket: restic + accessMode: ReadWrite + credential: + name: velero-s3-creds + key: data + config: + region: us-east-1 + s3ForcePathStyle: true + s3Url: https://s3.e.badhouseplants.net:443 + publicUrl: https://min.e.badhouseplants.net:443 + volumeSnapshotLocation: + - name: aws + provider: aws + config: + region: us-east-1 +deployNodeAgent: true