badhouseplants/k8s-deployment
4
0
Fork 0
Code Issues 3 Pull Requests 2 Actions Packages Projects Releases Activity

Compare commits

base: badhouseplants:a2c8749f956ec331ef8b20283018d9bc3cf08d6c
Branches Tags
badhouseplants:main
badhouseplants:renovate/postgresql-16.x
badhouseplants:add-ci
badhouseplants:refactor-again
badhouseplants:stale-teleport-installation
badhouseplants:script-fox-xray
badhouseplants:before-single-node
..
compare: badhouseplants:64f75e0644ab2a74de5274cca77ec243b4c897aa
Branches Tags
badhouseplants:main
badhouseplants:renovate/postgresql-16.x
badhouseplants:add-ci
badhouseplants:refactor-again
badhouseplants:stale-teleport-installation
badhouseplants:script-fox-xray
badhouseplants:before-single-node

1 Commits
a2c8749f95 ... 64f75e0644

Author SHA1 Message Date
Devops Bot
64f75e0644 chore(deps): update helm release velero to v8.7.1 2025-04-03 01:01:06 +00:00
58 changed files with 596 additions and 603 deletions
Show Stats Expand all files Collapse all files

4
.sops.yaml
View File

@ -8,7 +8,3 @@ creation_rules:
key_groups:
- age:
- age1vzkv97n2p7gfkw8dyx8ctz2kumattz89th2jq47zyjyrarmnssysdkw9v8
- path_regex: common/values/secrets.*
key_groups:
- age:
- age1vzkv97n2p7gfkw8dyx8ctz2kumattz89th2jq47zyjyrarmnssysdkw9v8

17
common/templates.yaml
View File

@ -1,6 +1,3 @@
helmDefaults:
kubeContext: {{ .StateValues.kubeContext }}
templates:
# ---------------------------
# -- Hooks
@ -42,19 +39,19 @@ templates:
- '{{ requiredEnv "PWD" }}/values/{{ .Environment.Name }}/secrets.{{ `{{ .Release.Name }}` }}.yaml'
common-values:
values:
- '../values/common/{{ `{{ .Release.Namespace }}` }}/{{ `{{ .Release.Name }}` }}/values.yaml'
- '{{ requiredEnv "PWD" }}/values/common/{{ `{{ .Release.Namespace }}` }}/{{ `{{ .Release.Name }}` }}/values.yaml'
common-values-tpl:
values:
- '../values/common/{{ `{{ .Release.Namespace }}` }}/{{ `{{ .Release.Name }}` }}/values.gotmpl'
- '{{ requiredEnv "PWD" }}/values/common/{{ `{{ .Release.Namespace }}` }}/{{ `{{ .Release.Name }}` }}/values.gotmpl'
env-values:
values:
- '../values/{{ .Environment.Name }}/{{ `{{ .Release.Namespace }}` }}/{{ `{{ .Release.Name }}` }}/values.yaml'
- '{{ requiredEnv "PWD" }}/values/{{ .Environment.Name }}/{{ `{{ .Release.Namespace }}` }}/{{ `{{ .Release.Name }}` }}/values.yaml'
env-values-tpl:
values:
- '../values/{{ .Environment.Name }}/{{ `{{ .Release.Namespace }}` }}/{{ `{{ .Release.Name }}` }}/values.gotmpl'
- '{{ requiredEnv "PWD" }}/values/{{ .Environment.Name }}/{{ `{{ .Release.Namespace }}` }}/{{ `{{ .Release.Name }}` }}/values.gotmpl'
env-secrets:
secrets:
- '../values/{{ .Environment.Name }}/{{ `{{ .Release.Namespace }}` }}/{{ `{{ .Release.Name }}` }}/secrets.yaml'
- '{{ requiredEnv "PWD" }}/values/{{ .Environment.Name }}/{{ `{{ .Release.Namespace }}` }}/{{ `{{ .Release.Name }}` }}/secrets.yaml'
# ----------------------------
# -- Extensions
# ----------------------------
@ -71,7 +68,7 @@ templates:
version: 2.0.0
alias: traefik
values:
- '../values/common/values.tcp-route.yaml'
- '{{ requiredEnv "PWD" }}/values/common/values.tcp-route.yaml'
ext-udp-routes:
dependencies:
- chart: bedag/raw
@ -128,7 +125,7 @@ templates:
version: 2.0.0
alias: ext-database
values:
- '../values/common/values.database.yaml'
- '{{ requiredEnv "PWD" }}/values/common/values.database.yaml'
ext-secret:
dependencies:
- chart: bedag/raw

6
helmfile.yaml Normal file
View File

@ -0,0 +1,6 @@
bases:
- ./common/environments.yaml
- ./common/templates.yaml
- ./helmfiles/base.yaml
- ./helmfiles/system.yaml
- ./helmfiles/platform.yaml

25
helmfile.yaml.gotmpl
View File

@ -1,25 +0,0 @@
---
bases:
- ./common/environments.yaml
---
helmfiles:
- path: ./helmfiles/base.yaml
values:
- kubeContext: "{{ .Environment.KubeContext }}"
- {{ toYaml .Environment.Values | nindent 8 }}
- path: ./helmfiles/system.yaml
values:
- kubeContext: "{{ .Environment.KubeContext }}"
- {{ toYaml .Environment.Values | nindent 8 }}
- path: ./helmfiles/platform.yaml
values:
- kubeContext: "{{ .Environment.KubeContext }}"
- {{ toYaml .Environment.Values | nindent 8 }}
- path: ./helmfiles/databases.yaml
values:
- kubeContext: "{{ .Environment.KubeContext }}"
- {{ toYaml .Environment.Values | nindent 8 }}
- path: ./helmfiles/applications.yaml
values:
- kubeContext: "{{ .Environment.KubeContext }}"
- {{ toYaml .Environment.Values | nindent 8 }}

28
helmfiles/applications.yaml
View File

@ -1,28 +0,0 @@
bases:
- ../common/templates.yaml
repositories:
- name: gitea
url: https://dl.gitea.io/charts/
- name: bedag
url: https://bedag.github.io/helm-charts/
- name: minecraft
url: https://itzg.github.io/minecraft-server-charts/
releases:
- name: app-gitea
chart: gitea/gitea
version: 11.0.0
namespace: org-badhouseplants
inherit:
- template: env-values
- template: env-secrets
- name: minecraft
chart: minecraft/minecraft
namespace: games
version: 4.26.1
inherit:
- template: common-values-tpl
- template: env-values
- template: env-secrets

7
helmfiles/base.yaml
View File

@ -1,10 +1,7 @@
bases:
- ../common/templates.yaml
releases:
# -- This one must be executed with --take-ownership at least once
- name: namespaces
chart: ../charts/namespaces
chart: ./charts/namespaces
namespace: kube-system
createNamespace: false
inherit:
@ -12,7 +9,7 @@ releases:
- template: env-secrets
- name: roles
chart: ../charts/roles
chart: ./charts/roles
namespace: kube-system
createNamespace: false
needs:

76
helmfiles/platform.yaml
View File

@ -1,6 +1,3 @@
bases:
- ../common/templates.yaml
repositories:
- name: keel
url: https://keel-hq.github.io/keel/
@ -10,23 +7,11 @@ repositories:
url: https://kubernetes-sigs.github.io/external-dns/
- name: minio-standalone
url: https://charts.min.io/
- name: db-operator
url: https://db-operator.github.io/charts
- name: zot
url: https://zotregistry.dev/helm-charts/
- name: goauthentik
url: https://charts.goauthentik.io/
- name: flux-community
url: ghcr.io/fluxcd-community/charts
oci: true
- name: bedag
url: https://bedag.github.io/helm-charts/
- name: argo
url: https://argoproj.github.io/argo-helm
releases:
- name: external-dns
chart: external-dns/external-dns
labels:
layer: platform
version: 1.15.2
namespace: platform
inherit:
@ -34,22 +19,6 @@ releases:
- template: env-values
- template: env-secrets
- name: flux2
chart: flux-community/flux2
installed: false
version: 2.15.0
namespace: flux-system
inherit:
- template: common-values-tpl
- name: argocd
chart: argo/argo-cd
version: 7.8.23
namespace: argocd
inherit:
- template: env-values
- template: env-secrets
- name: keel
chart: keel/keel
version: v1.0.5
@ -79,44 +48,3 @@ releases:
- template: common-values-tpl
- template: env-values
- template: env-secrets
- name: db-operator
namespace: platform
chart: db-operator/db-operator
version: 1.34.0
inherit:
- template: common-values-tpl
- name: db-instances
chart: db-operator/db-instances
namespace: platform
needs:
- platform/db-operator
version: 2.4.0
inherit:
- template: env-values
- template: env-secrets
- name: zot
chart: zot/zot
version: 0.1.67
namespace: platform
condition: workload.enabled
inherit:
- template: common-values-tpl
- template: env-values
- template: env-secrets
- name: authentik
chart: goauthentik/authentik
version: 2025.2.2
namespace: platform
createNamespace: false
condition: workload.enabled
needs:
- platform/db-operator
inherit:
- template: common-values-tpl
- template: env-values
- template: env-secrets
- template: ext-database

11
helmfiles/system.yaml
View File

@ -1,6 +1,3 @@
bases:
- ../common/templates.yaml
repositories:
- name: coredns
url: https://coredns.github.io/helm
@ -57,7 +54,7 @@ releases:
- template: common-values-tpl
- name: issuer
chart: ../charts/issuer
chart: ./charts/issuer
namespace: kube-system
missingFileHandler: Warn
needs:
@ -88,7 +85,7 @@ releases:
- kyverno/kyverno
- name: custom-kyverno-policies
chart: ../kustomizations/kyverno/{{ .Environment.Name }}
chart: ./kustomizations/kyverno/{{ .Environment.Name }}
namespace: kyverno
needs:
- kyverno/kyverno
@ -105,7 +102,7 @@ releases:
- template: common-values-tpl
- name: metallb-resources
chart: ../charts/metallb-resources
chart: ./charts/metallb-resources
version: 2.0.0
condition: base.enabled
namespace: kube-system
@ -157,7 +154,7 @@ releases:
- name: velero
chart: vmware-tanzu/velero
namespace: velero
version: 8.7.2
version: 8.7.1
condition: velero.enabled
inherit:
- template: common-values-tpl

31
installations/applications/helmfile-badhouseplants.yaml
View File

@ -16,6 +16,17 @@ repositories:
# url: git+https://gitea.badhouseplants.net/badhouseplants/open-strike-2.git@helm?ref=main
releases:
- name: gitea
chart: gitea/gitea
version: 11.0.0
namespace: applications
installed: false
inherit:
- template: default-env-values
- template: default-env-secrets
- template: ext-database
- template: ext-tcp-routes
- name: app-vaultwarden
chart: allangers-charts/vaultwarden
version: 3.1.1
@ -32,6 +43,16 @@ releases:
- template: env-values
- template: env-secrets
- name: app-tandoor-recipes
installed: false
chart: allangers-charts/tandoor-recipes
version: 0.2.0
namespace: org-badhouseplants
inherit:
- template: env-values
- template: env-secrets
- template: ext-database
- name: app-tandoor-recipes
chart: allangers-charts/tandoor-recipes
version: 0.2.0
@ -57,6 +78,14 @@ releases:
- template: env-values
- template: env-secrets
- name: app-gitea
chart: gitea/gitea
version: 11.0.0
namespace: org-badhouseplants
inherit:
- template: env-values
- template: env-secrets
- name: server-xray-public
chart: allangers-charts/server-xray
namespace: public-xray
@ -70,7 +99,7 @@ releases:
- name: server-xray-public-edge
chart: allangers-charts/server-xray
installed: false
installed: true
namespace: public-xray
version: 0.6.0
inherit:

23
installations/applications/helmfile-xray-1.yaml Normal file
View File

@ -0,0 +1,23 @@
bases:
- ../../common/environments.yaml
- ../../common/templates.yaml
repositories:
- name: allangers-charts
url: ghcr.io/allanger/allangers-charts
oci: true
releases:
- name: server-xray-public
chart: allangers-charts/server-xray
namespace: public-xray
version: 0.6.0
inherit:
- template: default-env-secrets
- template: default-env-values
- template: ext-self-signed-cert
- name: promtail
chart: grafana/promtail
namespace: promtail
version: 6.16.6
inherit:
- template: default-env-values
- template: default-env-secrets

16
installations/applications/helmfile-xray-2.yaml Normal file
View File

@ -0,0 +1,16 @@
bases:
- ../../common/environments.yaml
- ../../common/templates.yaml
repositories:
- name: allangers-charts
url: ghcr.io/allanger/allangers-charts
oci: true
releases:
- name: server-xray-public
chart: allangers-charts/server-xray
namespace: public-xray
version: 0.6.0
inherit:
- template: default-env-secrets
- template: default-env-values
- template: ext-self-signed-cert

23
helmfiles/databases.yaml → installations/databases/helmfile.yaml
View File

@ -1,14 +1,12 @@
bases:
- ../common/templates.yaml
- ../../common/environments.yaml
- ../../common/templates.yaml
repositories:
- name: bitnami
url: registry-1.docker.io/bitnamicharts
oci: true
- name: bedag
url: https://bedag.github.io/helm-charts/
commonLabels:
installation: databases
releases:
- name: redis
chart: bitnami/redis
@ -16,10 +14,8 @@ releases:
condition: redis.enabled
version: 20.11.3
inherit:
- template: common-values-tpl
- template: env-values
- template: env-secrets
- template: default-env-values
- template: default-env-secrets
- name: postgres16
labels:
bundle: postgres
@ -28,10 +24,8 @@ releases:
condition: postgres16.enabled
version: 15.5.38
inherit:
- template: common-values-tpl
- template: env-values
- template: env-secrets
- template: default-env-values
- template: default-env-secrets
- name: postgres17
labels:
bundle: postgres
@ -40,6 +34,5 @@ releases:
condition: postgres17.enabled
version: 16.3.4
inherit:
- template: common-values-tpl
- template: env-values
- template: env-secrets
- template: default-env-values
- template: default-env-secrets

9
installations/development/helmfile.yaml Normal file
View File

@ -0,0 +1,9 @@
bases:
- ../../common/environments.yaml
- ../../common/templates.yaml
repositories:
- name: argo
url: https://argoproj.github.io/argo-helm
releases:
- name: badhouseplants
namespace: platform

9
installations/games/helmfile.yaml
View File

@ -18,3 +18,12 @@ releases:
- template: ext-tcp-routes
- template: default-env-values
- template: default-env-secrets
- name: team-fortress-2
chart: allangers-charts/team-fortress-2
namespace: team-fortress-2
version: 0.1.2
inherit:
- template: ext-tcp-routes
- template: default-env-values
- template: default-env-secrets

119
installations/platform/helmfile.yaml Normal file
View File

@ -0,0 +1,119 @@
bases:
- ../../common/environments.yaml
- ../../common/templates.yaml
repositories:
- name: argo
url: https://argoproj.github.io/argo-helm
- name: db-operator
url: https://db-operator.github.io/charts
- name: zot
url: https://zotregistry.dev/helm-charts/
- name: bedag
url: https://bedag.github.io/helm-charts/
- name: crossplane-stable
url: https://charts.crossplane.io/stable
- name: goauthentik
url: https://charts.goauthentik.io/
- name: minio-standalone
url: https://charts.min.io/
- name: kyverno
url: https://kyverno.github.io/kyverno/
- name: external-dns
url: https://kubernetes-sigs.github.io/external-dns/
- name: keel
url: https://keel-hq.github.io/keel/
- name: uptime-kuma
url: https://helm.irsigler.cloud
releases:
- name: db-operator
namespace: platform
chart: db-operator/db-operator
version: 1.34.0
- name: db-instances
chart: db-operator/db-instances
namespace: platform
needs:
- platform/db-operator
version: 2.4.0
inherit:
- template: default-env-values
- template: default-env-secrets
- name: zot
chart: zot/zot
version: 0.1.67
createNamespace: false
installed: true
namespace: platform
condition: workload.enabled
inherit:
- template: default-env-values
- template: default-env-secrets
- name: authentik
chart: goauthentik/authentik
version: 2025.2.2
namespace: platform
createNamespace: false
condition: workload.enabled
needs:
- platform/db-operator
inherit:
- template: default-env-values
- template: default-env-secrets
- template: ext-database
- name: minio
chart: minio-standalone/minio
version: 5.4.0
namespace: platform
inherit:
- template: default-env-values
- template: default-env-secrets
- name: kyverno
chart: kyverno/kyverno
namespace: kyverno
labels:
bootstrap: true
version: 3.3.7
- name: kyverno-policies
chart: kyverno/kyverno-policies
namespace: kyverno
labels:
bootstrap: true
version: 3.3.4
needs:
- kyverno/kyverno
- name: custom-kyverno-policies
chart: "../../kustomizations/kyverno/{{ .Environment.Name }}"
namespace: kyverno
labels:
bootstrap: true
needs:
- kyverno/kyverno
- name: external-dns
chart: external-dns/external-dns
version: 1.15.2
namespace: platform
inherit:
- template: default-env-values
- template: default-env-secrets
- name: keel
chart: keel/keel
version: v1.0.5
namespace: platform
- name: uptime-kuma
chart: uptime-kuma/uptime-kuma
version: 2.21.2
namespace: platform
inherit:
- template: default-env-values

52
installations/system/helmfile.yaml Normal file
View File

@ -0,0 +1,52 @@
bases:
- ../../common/environments.yaml
- ../../common/templates.yaml
repositories:
- name: bedag
url: https://bedag.github.io/helm-charts/
- name: metrics-server
url: https://kubernetes-sigs.github.io/metrics-server/
- name: jetstack
url: https://charts.jetstack.io
- name: metallb
url: https://metallb.github.io/metallb
- name: traefik
url: https://traefik.github.io/charts
- name: coredns
url: https://coredns.github.io/helm
- name: cilium
url: https://helm.cilium.io/
- name: local-path-provisioner
url: git+https://github.com/rancher/local-path-provisioner@deploy/chart?ref=master
- name: istio
url: https://istio-release.storage.googleapis.com/charts
- name: zot
url: https://zotregistry.dev/helm-charts/
releases:
- name: istio-base
chart: istio/base
condition: istio.enabled
namespace: istio-system
inherit:
- template: crd-management-hook
- name: istio-ingressgateway
chart: istio/gateway
condition: istio.enabled
installed: false
namespace: istio-system
needs:
- istio-system/istio-base
inherit:
- template: default-env-values
- name: istiod
chart: istio/istiod
condition: istio.enabled
namespace: istio-system
inherit:
- template: default-env-values
needs:
- istio-system/istio-base

38
kustomizations/kyverno/badhouseplants/pvc-patch.yaml
View File

@ -37,22 +37,22 @@ spec:
storageClassName: openebs-hostpath
accessModes:
- ReadWriteOnce
#- name: remove-unwanted-annotations
# match:
# any:
# - resources:
# kinds:
# - PersistentVolumeClaim
# namespaces:
# - games
# mutate:
# patchesJson6902: |-
# - path: "/metadata/annotations/volume.beta.kubernetes.io~1storage-class"
# op: replace
# value: openebs-hostpath
# - path: "/metadata/annotations/volume.beta.kubernetes.io~1storage-provisioner"
# op: replace
# value: openebs.io/local
# - path: "/metadata/annotations/volume.kubernetes.io~1storage-provisioner"
# op: replace
# value: openebs.io/local
- name: remove-unwanted-annotations
match:
any:
- resources:
kinds:
- PersistentVolumeClaim
namespaces:
- games
mutate:
patchesJson6902: |-
- path: "/metadata/annotations/volume.beta.kubernetes.io~1storage-class"
op: replace
value: openebs-hostpath
- path: "/metadata/annotations/volume.beta.kubernetes.io~1storage-provisioner"
op: replace
value: openebs.io/local
- path: "/metadata/annotations/volume.kubernetes.io~1storage-provisioner"
op: replace
value: openebs.io/local

21
values/badhouseplants/argocd/argocd/secrets.yaml
View File

@ -1,21 +0,0 @@
configs:
cm:
dex.config: ENC[AES256_GCM,data:/PUs7FdzvwQzsRpJ98cL9f9tYvIab8s34GaQY7vrCg0W8WJIU2EuzknA3WQVEHryL+qC6xS/CH/7R7arb8zkIoTpFle6Hz0+S9FO6FYBnmDuL1Koc8YuuwNqcUoALXa0trpqT+X7h+RyolbkO4wzLvRB468Kwqdg3Ed6spAt0HjviZRz+EqWx5T7/e+E4m30kY9oWE/GVtShRb1gTzknczh6zxDKDl6fMFNWsSSU1JMCW8+zM9WxZ4+AaFP/nPI+/IeAqSiPaVEsQgDfIegkBtzBXK0SZNDCoLryOAXhp2jqM5HT4uHXkbghPqXY570=,iv:EguMqSLbgYS+/9HW73VTi1l6i7uQW0LvyxJ7keyWeiI=,tag:evws7j6zoZ+bE2sBX8PgJg==,type:str]
credentialTemplates:
ssh-creds:
sshPrivateKey: ENC[AES256_GCM,data:j5tZRZ97nshiSM/BU2uHCNWkk2dEYJP5rFWlaM/VFXSa9K2m16qVGzomOxiLF6MuF/w28JKXVBds7wvzMqGmimkDQCDnpDMdM8n+nFrBipldBsLAhD1FBR0VQS8JeBobUzBkWyCxiPwlnx58rYet+44yCp2t4iR2ymIRSyfFWIDnY9jlTOEy7sl06BeWHH2cyBFSI+dOF7xj9XOBqcKMjcDMynSMULg1JDOXaTlKyKO1L2uRByg0VbygiIqgM2d5UcyUTAppeT9pU5QQyHJJq/n70s0K8rR8w8KVoKmkegK/QGLTd6AOqMgsthMLGp6/q+f65jbAh1DYfb3PwbXHKVvki+Jueg8pXcwswazDn5acniKSz+NQIzNk5YSI+tMGUtUru013EXPcKKVrRoehS+gRoXh6Hax1dTAM6YE1g0Ws2kY5wgGUMMFQKDvnZazKDQJK8vLyQ5VX+w+vqv/AJtm6XyD7sySbRttuNkXOKWe9NBuH85UbxAGmSHPvk4q0l97yNTvt5+F3beQU3yn0s9MJ1l6M/DYqp9PM,iv:IKGB1ylSDqd5MvjgOQlF26u/rNYfg8u6rYwdbqauvSI=,tag:VrYXRz5l+d+h/JaViMt9mg==,type:str]
sops:
age:
- recipient: age1vzkv97n2p7gfkw8dyx8ctz2kumattz89th2jq47zyjyrarmnssysdkw9v8
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBGMDhFNGM2MHdBWnhpVG12
T0Q3cTF1WlRsb25zQzZiczBqVytNanlXZVR3CnVKamhvV0l4VjREN2JCMXJvakxi
KzNBdCs3QzVyZ2tMOGJDc0VXbHY1eUEKLS0tIE83TWdveFhiaGN4QTBoR3J0TXQx
bi9SNEI5eDFBWUxvU1p4Z0UwUFczSWcKtfjZsrEJSFZ5RSJsLU3X3WtapjE8yidF
S49BQXS6rEuWe8BH6i2me2j7/UiS/fY2w61TzZ5AQVZfwePN60g3BA==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2025-04-10T19:10:16Z"
mac: ENC[AES256_GCM,data:J/dmpRJYe4xtu4KWyCNbyyIieul0618jp7YtT/+zNLvKG8K70nsYuNvGxXbE8Qqj+zXNVClJbW1U8dKGwU03u8T7QDB2PVd7ViI7JdRPKfiNIPabi8i/BZwEdLnAlidpjm0UYkC4VIVOR8DzAowOtHrqe4uo5bGXEkUl9OqVH18=,iv:2bh0LHfhSYIliepDsb5GU3B2K/213naEFdLbanI9GlY=,tag:VWN34NbtH+Xh576mW0Dy+Q==,type:str]
unencrypted_suffix: _unencrypted
version: 3.10.1

6
values/badhouseplants/kube-system/namespaces/values.yaml
View File

@ -1,9 +1,5 @@
namespaces:
- name: registry
- name: flux-system
defaultRegcred: true
- name: argocd
defaultRegcred: true
- name: kube-system
defaultRegcred: true
- name: production
@ -26,6 +22,8 @@ namespaces:
defaultRegcred: true
- name: games
defaultRegcred: true
- name: team-fortress-2
defaultRegcred: true
- name: pipelines
defaultRegcred: true
- name: public-xray

4
values/badhouseplants/org-badhouseplants/app-gitea/values.yaml
View File

@ -41,7 +41,8 @@ gitea:
metrics:
enabled: true
serviceMonitor:
enabled: true
# -- TODO(@allanger): Enable it once prometheus is configured
enabled: false
config:
database:
DB_TYPE: postgres
@ -65,7 +66,6 @@ gitea:
LFS_START_SERVER: true
LANDING_PAGE: explore
START_SSH_SERVER: true
ENABLE_PPROF: true
storage:
STORAGE_TYPE: minio
MINIO_ENDPOINT: "s3.badhouseplants.net:443"

15
values/badhouseplants/org-badhouseplants/app-stalwart/values.yaml
View File

@ -50,14 +50,13 @@ extraVolumes:
emptyDir: {}
ingress:
main:
metadata:
annotations:
cert-manager.io/cluster-issuer: badhouseplants-issuer-http01
kubernetes.io/ingress.allow-http: "false"
kubernetes.io/ingress.class: traefik
kubernetes.io/ingress.global-static-ip-name: ""
kubernetes.io/tls-acme: "true"
traefik.ingress.kubernetes.io/router.entrypoints: web,websecure
annotations:
cert-manager.io/cluster-issuer: badhouseplants-issuer-http01
kubernetes.io/ingress.allow-http: "false"
kubernetes.io/ingress.class: traefik
kubernetes.io/ingress.global-static-ip-name: ""
kubernetes.io/tls-acme: "true"
traefik.ingress.kubernetes.io/router.entrypoints: web,websecure
config:
files:
config:

29
values/badhouseplants/platform/db-instances/secrets.yaml
View File

@ -1,29 +0,0 @@
dbinstances:
postgres16:
secrets:
adminUser: ENC[AES256_GCM,data:uuu/xvwJkHk=,iv:Pk+i8bf7AeeG9wKVh1RDJy7Dt3r5b1UKy4SJijlZfq0=,tag:QO3gwYXAG0sBBuHcKfTNQg==,type:str]
adminPassword: ENC[AES256_GCM,data:tjWATjuJT+C97D4TLQgk55BZOwVv,iv:1MWYtksmrEBQtOdGvtc6MZyLP4yBKA88eIpQ4mZCULM=,tag:3hOlT5n2Wd81ebxeEgW5tw==,type:str]
postgres17:
secrets:
adminUser: ENC[AES256_GCM,data:4w2EItIM++Q=,iv:cQLryeBskm2Y9OlbMFgQEWEBi7z/VxucLWbwZXsRtto=,tag:Ir2Q7KZv/sSDdA1MX/Niqw==,type:str]
adminPassword: ENC[AES256_GCM,data:wHUL2p8CXYwoEFu3ffCCsQO9xn/GqOZ6JPrcHKzy,iv:khoogPPFHSd+4xyp+jf1w0RfOUgrKzAmFjLnisQ8HXU=,tag:GRnkCQ0uOlUt2AiEAceFRQ==,type:str]
sops:
kms: []
gcp_kms: []
azure_kv: []
hc_vault: []
age:
- recipient: age1vzkv97n2p7gfkw8dyx8ctz2kumattz89th2jq47zyjyrarmnssysdkw9v8
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBuL1lwdVNHMm9nZHRld2lO
Rm4xVnVHWG9hNDc1cUVyakxzUU1PcFJhalM4CkNicEdUV2lEYWMwaWNqeGcrQ2p1
Qmw1b1FzRllqYW85bjF0cmRGcW1MbjQKLS0tIENUcG1oOXFNV3REaFU0aUEyd2k4
RDgzRmlKT1ArblpOV1plcFpyMnJXZTQKgm8Eaw591+EHZWofXAADTXRHPOdOvdOM
jYne1szB/V9UJz+pmLa10tNgruga+P5yP/j+DGcYrTj0pVh5IJLjTA==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2024-10-30T19:59:46Z"
mac: ENC[AES256_GCM,data:3KrwiArDx/bPAHbFGgb9BdDVHC+uC1IHp4LZXlYRZzWSKtX1t+ODQVzUW97kigGFG1sx6WXddl/w3XeNOoT9JbS5iPXJQe6KAPleNV50S/oab+U53WeloO8uL68Wrk9v/NwMhCKwE9cCqBBhqk7wCb6N9ivt45mLrUf06L8fok0=,iv:bOWhyIm8FhKtZAZH/78bukkeDp5P4XShSD20mgr4Neo=,tag:RZMx9bi+ZEcLwTzk+Gm8RQ==,type:str]
pgp: []
unencrypted_suffix: _unencrypted
version: 3.9.1

21
values/badhouseplants/platform/db-instances/values.yaml
View File

@ -1,21 +0,0 @@
dbinstances:
postgres16:
monitoring:
enabled: false
adminSecretRef:
Name: postgres16-secret
Namespace: databases
engine: postgres
generic:
host: postgres16-postgresql.databases.svc.cluster.local
port: 5432
postgres17:
monitoring:
enabled: false
adminSecretRef:
Name: postgres17-secret
Namespace: databases
engine: postgres
generic:
host: postgres17-postgresql.databases.svc.cluster.local
port: 5432

20
values/badhouseplants/platform/zot/secrets.yaml
View File

File diff suppressed because one or more lines are too long

27
values/badhouseplants/platform/zot/values.yaml
View File

@ -1,27 +0,0 @@
image:
repository: ghcr.io/project-zot/zot
tag: v2.1.3-rc4
ingress:
enabled: true
className: traefik
annotations:
traefik.ingress.kubernetes.io/router.entrypoints: web,websecure
kubernetes.io/tls-acme: "true"
kubernetes.io/ingress.allow-http: "false"
cert-manager.io/cluster-issuer: badhouseplants-issuer-http01
pathtype: Prefix
hosts:
- host: zot.badhouseplants.net
paths:
- path: /
tls:
- secretName: zot.badhouseplants.net
hosts:
- zot.badhouseplants.net
service:
type: ClusterIP
persistence: false
pvc:
create: false
mountConfig: true
mountSecret: true

26
values/badhouseplants/secrets.argocd.yaml Normal file
View File

@ -0,0 +1,26 @@
configs:
cm:
dex.config: ENC[AES256_GCM,data:bSlWRFGEJG2minUCqhi822rrOd/oiYtiiH6+qN58W1ZgWED8Fk2v6BfH4oIircNOKi57SDl/LU9L6ZtjN4rE1WApRUrffdvfVEz9n6wSfz3IZAzr0X4QXqqybpsj0M02yJYYmu/BQn2HBI6mCuARZRo9XN14+qamF59fg+/uPYQ0ZYPemgU0xPaCKBt2YAPLZEJdxOi1lBTFSNnJ1bLSC5aaW3/C4RqRIwAlEn0EEoimiBXaVSiCvqEqgvtTFjq8PCu+zmZ9wy1Kw/BvfLDXIRNZzR3uV/8TnUy2+joU5wlYKHNUxehE/tIn9T1hOoFKKmBbVKHs6Wh8Nwo5iIy0x0EatZP/5KrgRZPc7ZF03ZlGjOKk6Ap5AvhWQgO9JFJ94dgCdmk9gzCuuHjiZh9qat7alkFBnEYsOrprEvLkpavxFj9om3pY61Qg/i9fk9gFtxoM7yTaxHTuIUsXpto+/ofviFPTm7dgrIMPbERJYaN7ETcrHglJPp/zizQkaKNspOcBCMkAnFCaVn257/an7iLhm7orcdDt7nVLGlCQyq4GBEdy5+x4JVIF9H27R2d9774TTHrFYWo68pDndrT5OCviZebuVqPj0W9LASkUcIwB2mPj6Gi3OBAuQLX48f5s9uGLfNh4UXdz4Rp6zKJJ0IImly7ut5yglrwFxDpXcLoku8/lyEeQlkOADP3+bBcpB36rBLm9gZ77CjHMNsu2zCNx3pMu6W2GAWJbv7FysAMASHfikhaCDx6oxlJdaGnYk8LJeWhSLERsP2qwkSEDr42A4YRsmsvkKohcZy4Ub3xQWE3dwTrc6vr8wJ8Sqj0cK8y7RaM79SulBJ8WExg6nzvZRfOcp8I=,iv:/xI16L5fvHC2IPAsEpg5QR4vz7Tnjlnl0C7cEDSSnek=,tag:5XLlpaauuQQuy3SrPdYZNw==,type:str]
credentialTemplates:
ssh-creds:
sshPrivateKey: ENC[AES256_GCM,data:iIxxWhxfKhcHoTOfECWhOP+725xbUWIlq+cIoehrxMBP6XfHvxZpN3tQegeH5geYlbYWy5/kvJ5aLWVPEtWy19GjwoGk0ozS5l3AufIroWm3W/zkD+bcCgG+4wKTI6YQq0KVQDYY2ZMyxFnKLPXWdKDJSIS0y0dQB8G9fQeANUvtozXAcMpLfoAPKEUpZQhY5e3vMut3lUDF12u3S0kWJJF8xTjTNjmR0IrLWILc8TH5EKTHrLGfFB8M+T3P8+zatIFE9w+RInp1t0yU+OHFWeu0WSt+tLOc+DBTQhdugKd62nnmRAav/O3DJqCVGe7/JP6ZwGdHw8f/zEf+FnDJq6I8LnHQl35KGYH8FftzA0uG5UCoXPkTz69HRa2gDsuY4YSuAoWkDIFIrf85hfC+pl//1McjIExkY2fW+t4FWWZSoCAGRzQymXetDh6KColRGNMk1LOjUXFTV+AHB8rm7ZQ4+mGw5IVdBLE/TcmmHOyQq9fHQaUZMvj/9/p2DIS39rQbRRplR9JJIA7OrlwZUZLuLxXshUjP3hB8TJHXdo1eJWEWB8XaCwOX8mI4xVa+tVC4GazHvpvhOxWAgBhG/Ba6eXSFY+bQz6tySg3WEESEZ+ihC20AjAn1kFKQz55vxI9/NLcUw++LmwV5f0f0Qk91HLkQR16/P6h8ce71P8knhDP5gDBVuPHM94NJ3TW9klzfhMFwNZXwtEqwiTUBSbYwzYs5AMwLhYjLDHrWodulmVFfhw6qCekDkMup/PPim/Khk/6yZPDW/Re4MNpRWsfM+AT5SomhRBf3VFI0PRyXaPHXNU62OwjCs6+Z0SBjdx357qt8q3G35eF1Ido79U5W7YtPN8V/lgNJxGCZsOgX6+Mgq1JIlrHkU//emgRXVQnAtQDr9SGf9NR4L4qwzGpdbhzYNlQ3756ycdjFZ+itaBP6vaq2Eszj6EzTODunMonFWCAyxlgeAMXpQAhlJVvu02cdipK6mkwC++nPqCknCnLEKJNHKEBlzcmJ7Bg09HiS4IXkXryEQ+BU0YLJWDIDTVFRG8tleATDJ6uFhBoryS52SVbfXPK88SGL1bAFdtvNXF4bsefQC3gI/pBKW4gS5EyCr11joocAsHX+CIe54K+UQdGF3cvIAjwbBRDjzW8+JTnZWdb0z5joWi2pQGpg9aB6XddBww5VJhRoiOOJrc+RKzg4WMwNDm1Th8QaTrAHpO+ILiDFXTviexk+Ggg9m0MpqKX25EHQVmjL68D03lyJ99xlU7Ee9Uvk5DeamPpdvuwWTSm6NUrJ1LeKt1Sw7wIAwbVan45G7yRahIH/+BJPm6byMAyB109jTJdfEqzNgowN4rJXd+1g7K6+jMCbgv0pA3aqHLbWZt0n1ZCA4BztwxuT3zvzXZnLpe0HJeauZls49YEGhvWpcxXDRNoZ5nXKZ94K0hbaLVzpx1mWp0lGxSTlGFyBQVhhAKF0MClVuyGVLRuuYCHcPdx521pK4qeEQo3gr6XTM4H3fkqhKsxsJVx43gjtj8bhEmlScHX839+D8rlVYQZwupSmSCYfnUnk9Izm5hcEGkpzemribmv/pD7Lqu72TbqpI7dj4GKFjfeG8gIwKlqHhBY64YBeYGVRjJrxYIQBkLswA5yrIeu9UZJMF4uc2s90sYye8jrI6FNV4C5EhD2HDUGOvjDwgIlV6RyDJCuPeuR6Qm6OO9NMby9Xi5xQdg/tGtkghTQzgRUGMW+bpurr1IplYpJfY8mQBz38ibvKp6Xjl7bTlc8IUanugG9HKETiXhNDDQVhhfZrsfwIwx6ejCNombMrMlV3k9ZSvKyvg/dpUQPxayKMolE11b2mA71dkNUVt0LjhjIO2PA1Das5PRAqu6QBevXSoBSb2A5VLok2BtqZo4kKhboL8vl2FcJO9lGB3ZuxQaNX7c30H4n57Ri/JgXG22L1IJMfAvw4e1HlLvop0sgoGkz0Ngz+U2VzPRMuUwPjKTUSN/tq4FpXvUCA5g/YmNhCnDH/LGTJsN26zEjqjYvALtTprmFqSN1I+8QM3ZA3ZaE+EcquhD4CNfcN1kvkz/4Yv+9sQym2fqbLGKzSSEXKVtnJnIlttfiDD/4wU3ARDqnzwWq+SJe3aEnnz05i13m5TGdQV1QQ3NwHIpk0leRIu9X9afvR/uInjkSNKhB00JWPhYzp7htnFo0uVvqHGBKRuK2KQOnANjaQweesoIHM+bj/v1ryr/i6Owf8D+Go5ESMPVTUD6xVTvdkE2gn+DN6mYZH3G2vIjbze5PNJ1GA11Mzhekh+1QxyBpbHPlDaaVzF+sEyCPdnvlAYZ4bycae2eIrToxmSv1EBTmBRJEq42RcC16xB9I+uxBFEJFM0A8lVOW/7J4qbMfyYb7+naptsNN3wgPg5E2iQI6kLLAy1cDtkbDLhczm4w9sz+4SRLcAt0jXMx8422BjxuuwEApyyVjTwtzL3p0z1fCNlBBfwOBlUfTR42Z04Q6XnQFmCUMaL9ZZQHHjVYlQTvY/61eLcADFxu77Y1pYh8NP6jJyuAynJmy6IRMMoYw1mhvZWxnqxgyvPZQ6a952yd24GArB8YRTcKM1d6cbVTvyOrHns+rNeviwqb2c1446/mdUvHurYfnxbc/NTzNTaKWnwRMcnPRkpqbH0XkIAooQLKgmTvDs4IdK89Ja5iHu408TMZUgNkXqCjJ7WsZQZ2I3ogZPdMCxpZdcRNhcS98Sf6BlF3zxbBtLSc5Jv5buXPYYOFGrDJa09LG6YEU4Sk1P62Sm1KtR8XgaKWbx+jXQSbgBKavGC8Wh1C0OHVlJzDirskjSs6Unr2lUpyp75IaGDaWin1we3J+kxfpFKZDBh147Bf9XoTXVvi/GtSMYGmv77r7kZHuNTriXlW+lrak6wnATo9+Bi4bT3B6KurTcEROM2RC+fnG8Az9eUOSg/SUtaV3swmN6g/9DfeYCZY06zpXpmDV1Ib3hexidrnu5FvQcUofr/FzwP+Md2KZ3rapDXcFxRGG1Pggf/N3bXpGkHJXkeAghWXn6UWObrssbcCEsTKBI9vnioP0a62tObwrLKJQMvEZDm6WDGcFmZIWmpHAXakpxdGiqqOe/NMJAneGZWTdLYFs5OUKiMVAf4UUCdM/j4W2i/h1uluqJvRlZxOsM1XK0tj3KMveWqVsJeT8MK6QESLVa7o03ZVvv92KBamNy/16N66U4imzo+23FKPJupPnaMuhYCt5nVK+2DerhtismXBrWKyIPpoAW/8L9KXPW/UzMuClDSZ7Uo2e5pZ3PTHH+EBpjbCQj1veIskTXog2KFbv0bgiXzX3oWrmlFh1D9pwg752V9ZSGOP/eZdQ/cxdOURhu+ZWPG7WgxyyX/ZVh1aZRaBRuw5FAsqhZtjhkqiWtUHznaBRgn55poux+GFkN7XxHxO7idum6ecPLF6xPNyqkvPm5lUNdfml6qP6tQfO0uQ==,iv:cswd5iTvERSH5JQUz6IT7U9+agzsS3PheG4Md71hSrY=,tag:QeBr865/eWBrZtcrE3QRYQ==,type:str]
sops:
kms: []
gcp_kms: []
azure_kv: []
hc_vault: []
age:
- recipient: age1vzkv97n2p7gfkw8dyx8ctz2kumattz89th2jq47zyjyrarmnssysdkw9v8
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBlOVJweE5UeUlhUkNId0w2
a1kwM1dsWjJtZUt1QmNTZmlJNHkxRHdwaFhjCnoySGZDYUVJdzNGYUNyRnRKOXIr
SktxNlNBbmRDRXdZTDFFRnRnSVpwNXcKLS0tIHJaOUwya0pqRlBRVFZvaERjQk5N
aWVQUFo3bDJpK1R6SEJpMVdmWks1dkkK50KPI/hji2aJ1CLYqtxU87oE2tsBcl+I
d+Vs4aKRjY/mpdO7NWhmeguH1boGhMaKpZlSV+TZGBtEsl7RQ6mbtQ==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2024-10-14T08:08:21Z"
mac: ENC[AES256_GCM,data:pRtlf2AnmG9ztZyXwbxR2foagCMBX8BwfhLrsoLeEpSyFLbNMKIGKMSZKaJ3r9IU7gErXh4KoUGXcg31LB80B1G+YFlICvxmlXX0MB3MmedzTi6I6N7ydFse11n3WF/XaRUhpZVE9sCyZgNxgyuhf0LTnS0FU7tauVgAERAazYE=,iv:zwojdj+/HIglNNdS/lYokVqiAvH0pTZIk5jK20oiA7c=,tag:rRi0uEIP8ag/45cv8/4FYg==,type:str]
pgp: []
unencrypted_suffix: _unencrypted
version: 3.9.1

0
values/badhouseplants/platform/authentik/secrets.yaml → values/badhouseplants/secrets.authentik.yaml
View File

0
values/badhouseplants/games/minecraft/secrets.yaml → values/badhouseplants/secrets.minecraft.yaml
View File

0
values/badhouseplants/databases/postgres16/secrets.yaml → values/badhouseplants/secrets.postgres16.yaml
View File

0
values/badhouseplants/databases/postgres17/secrets.yaml → values/badhouseplants/secrets.postgres17.yaml
View File

0
values/badhouseplants/databases/redis/secrets.yaml → values/badhouseplants/secrets.redis.yaml
View File

37
values/badhouseplants/secrets.server-xray-public-edge.yaml
View File

File diff suppressed because one or more lines are too long

37
values/badhouseplants/secrets.server-xray-public.yaml
View File

File diff suppressed because one or more lines are too long

26
values/badhouseplants/secrets.zot.yaml Normal file
View File

File diff suppressed because one or more lines are too long

43
values/badhouseplants/argocd/argocd/values.yaml → values/badhouseplants/values.argocd.yaml
View File

@ -104,31 +104,22 @@ configs:
accounts.drone.enabled: "true"
credentialTemplates:
ssh-creds:
url: git@gitea.badhouseplants.net
ssh:
# -- Specifies if the argocd-ssh-known-hosts-cm configmap should be created by Helm.
create: true
knownHosts: |
gitea.badhouseplants.net ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDDpR4dE3oAGModn9GWtwVYrsnFod6pBXU8Z/uRj8l/hHjQaipISwNu8pqteGvssZatXBPkRj3zcf6yqgzufz9dXvt42XBN+H8c9UfeVrysivfTZ2DY3/J+vj0UBZy6kmf/sj83MTDaO2fIpnXOD2o3YYUeRVLL5YzTX1l22ih+LvvynY3gtmncf1SZOee1FTNJ2PdYi38F8Vp1MLAgcOTTsBd0WjCgx5xinzlPXwSxp6l4tp+aB6tsL4j5/6yudJfMkaOGTBCqybXyt6xYnYLTBbgmNlMd/0N9iOw4RYZfIaPDry6lTgNlJUWO5E7psckyjnCs1dvDRrJgL98q7X7+v8WNOqJMOFczLDAVtYq9akSFkJfAoNZ6FY4p//Xbgy3kukRlcSbot5ecBxPw0Cr9HAmO46uiaUHhPnVySyPKTiaDpOc5pjp6vak277jhSOqx0fX38aSVXyGJ5DYDgcg6f2nWjjhiLC3N3HDLtVjDJ6aw/yilldCRLugxXYT+nDtJjz84S8c13HvsREeW0vTncsBiY7y0WWCQyWj2W3Hp9SSNHuwl5xr+gQWSlhzBuDTceDlf4/TjaUIngWV+hVdkJEBFAcb9Oxib6AqF6Qrrw5lJUaboEA5RQs9Lh0lFfuirANzpVy1t279wZ0AEf6oFdeXLeHiV56QzKJLnbkzg8Q==
url: git@github.com
applicationSet:
metrics:
enabled: false
serviceMonitor:
enabled: false
repositories:
go-test:
url: git@gitea.badhouseplants.net:sharing/go-test-project.git
name: go-test
argo-deployment:
url: git@github.com:allanger/argo-deployment.git
name: argo-deployment
insecure: "true"
type: git
cluster-config:
url: git@github.com:allanger/cluster-config.git
name: cluster-config
insecure: "true"
type: git
#applicationSet:
# metrics:
# enabled: false
# serviceMonitor:
# enabled: false
#
# repositories:
# argo-deployment:
# url: git@github.com:allanger/argo-deployment.git
# name: argo-deployment
# insecure: "true"
# type: git
# cluster-config:
# url: git@github.com:allanger/cluster-config.git
# name: cluster-config
# insecure: "true"
# type: git

5
values/badhouseplants/platform/authentik/values.yaml → values/badhouseplants/values.authentik.yaml
View File

@ -14,10 +14,10 @@ ext-database:
database: "{{ .Database }}"
authentik:
email:
host: stalwart.badhouseplants.net
host: email.badhouseplants.net
port: 587
username: bot@badhouseplants.net
use_tls: true
use_tls: false
use_ssl: false
timeout: 30
from: bot@badhouseplants.net
@ -26,6 +26,7 @@ authentik:
user: file:///postgres-creds/username
password: file:///postgres-creds/password
name: file:///postgres-creds/database
secret_key: "2Scv6ivCfV6uGRTx9Kg5CYJ2KjBRHpR8GqSBearnBYvBFZBwR7"
# This sends anonymous usage-data, stack traces on errors and
# performance data to authentik.error-reporting.a7k.io, and is fully opt-in
error_reporting:

8
values/badhouseplants/values.gitea.yaml
View File

@ -40,11 +40,11 @@ replicaCount: 1
clusterDomain: cluster.local
resources:
limits:
memory: 1.5Gi
memory: 1024Mi
cpu: 1
requests:
cpu: 1
memory: 1.5Gi
memory: 1024Mi
persistence:
enabled: true
size: 15Gi
@ -57,7 +57,8 @@ gitea:
metrics:
enabled: true
serviceMonitor:
enabled: true
# -- TODO(@allanger): Enable it once prometheus is configured
enabled: false
config:
database:
DB_TYPE: postgres
@ -81,7 +82,6 @@ gitea:
LFS_START_SERVER: true
LANDING_PAGE: explore
START_SSH_SERVER: true
ENABLE_PPROF: true
storage:
STORAGE_TYPE: minio
MINIO_ENDPOINT: "s3.badhouseplants.net:443"

4
values/badhouseplants/values.memos.yaml
View File

@ -2,8 +2,8 @@ shortcuts:
hostname: notes.badhouseplants.net
ext-database:
enabled: true
name: memos-postgres16
instance: postgres16
name: memos-postgres17
instance: postgres17
credentials:
MEMOS_DRIVER: postgres
MEMOS_DSN: "{{ .Protocol }}://{{ .Username }}:{{ .Password }}@{{ .Hostname }}:{{ .Port }}/{{ .Database }}?sslmode=disable"

106
values/badhouseplants/games/minecraft/values.yaml → values/badhouseplants/values.minecraft.yaml
View File

@ -1,15 +1,33 @@
service-account:
enabled: true
resources:
- name: minecraft-exporter
label:
app: minecraft-minecraft-metrics
endpoints:
port: metrics
traefik:
enabled: true
tcpRoutes:
- name: minecraft-tcp
entrypoint: minecraft
gateway: istio-system/badhouseplants-minecraft
match: HostSNI(`*`)
service: minecraft-minecraft
port: 25565
# --------------------------------------------------
# -- Main values
# --------------------------------------------------
image:
tag: java23-graalvm
#tag: java21-graalvm
tag: java21-jdk
pullPolicy: Always
resources:
requests:
memory: 2.5Gi
memory: 3.5Gi
cpu: 2.5
limits:
memory: 2.5Gi
memory: 3.5Gi
lifecycle:
postStart:
- bash
@ -34,23 +52,32 @@ readinessProbe:
successThreshold: 1
timeoutSeconds: 20
minecraftServer:
memory: 2000M
memory: 3000M
jvmOpts: |
-server
jvmXXOpts: |
-Xms2000G -Xmx2500G -XX:+UseG1GC -XX:+UnlockExperimentalVMOptions -XX:G1NewSizePercent=20 -XX:G1ReservePercent=20 -XX:MaxGCPauseMillis=50 -XX:G1HeapRegionSize=32M
-Xms3000G -Xmx3500G -XX:+UseG1GC -XX:+UnlockExperimentalVMOptions -XX:G1NewSizePercent=20 -XX:G1ReservePercent=20 -XX:MaxGCPauseMillis=50 -XX:G1HeapRegionSize=32M
overrideServerProperties: true
eula: "TRUE"
onlineMode: false
difficulty: hard
hardcore: true
version: "1.21.5"
version: "1.21.1"
maxWorldSize: 90000
type: "FABRIC"
gameMode: survival
pvp: true
modUrls: []
serviceType: NodePort
#- https://github.com/CaffeineMC/lithium-fabric/releases/download/mc1.20.1-0.11.2/lithium-fabric-mc1.20.1-0.11.2-api.jar
#- https://github.com/CaffeineMC/sodium-fabric/releases/download/mc1.20.1-0.5.11/sodium-fabric-0.5.11+mc1.20.1.jar
#- https://github.com/CaffeineMC/lithium-fabric/releases/download/mc1.20.1-0.11.2/lithium-fabric-mc1.20.1-0.11.2.jar
#pluginUrls:
# - https://github.com/dmulloy2/ProtocolLib/releases/download/5.2.0/ProtocolLib.jar
# - https://mediafilez.forgecdn.net/files/3789/833/GravityControl-2.0.0.jar
# - https://mediafilez.forgecdn.net/files/3151/915/CrackShot.jar
# - https://s3.badhouseplants.net/public-download/MechanicsCore-3.4.8.jar
# - https://s3.badhouseplants.net/public-download/WeaponMechanics-3.4.9.jar
rcon:
enabled: true
withGeneratedPassword: false
@ -58,7 +85,7 @@ minecraftServer:
serviceType: ClusterIP
extraPorts:
- name: metrics
containerPort: 19565
containerPort: 9225
protocol: TCP
service:
enabled: true
@ -66,11 +93,12 @@ minecraftServer:
labels:
exporter: minecraft
type: ClusterIP
port: 19565
port: 9925
ingress:
enabled: false
persistence:
storageClass: openebs-hostpath
#storageClass: local-path
dataDir:
enabled: true
Size: 9Gi
@ -93,6 +121,35 @@ mcbackup:
persistence:
backupDir:
enabled: false
# ---------------------------------------------
# -- Install Plugins
# ---------------------------------------------
initContainers:
- name: 0-download-mods
image: alpine/curl
command:
- curl
- -L
- "https://s3.badhouseplants.net/minecraft-mods/server_mods.tar"
- -o
- /download/server_mods.tar
volumeMounts:
- name: download
mountPath: /download
readOnly: false
- name: 1-copy-plugins-to-minecraft
image: ubuntu
command:
- sh
- -c
- cd /mods && tar -xvf /download/server_mods.tar || true
volumeMounts:
- name: plugins
mountPath: /mods
readOnly: false
- name: download
mountPath: /download
readOnly: false
extraVolumes:
- volumeMounts:
- name: plugins
@ -105,36 +162,3 @@ extraVolumes:
- name: download
emptyDir:
sizeLimit: 500Mi
extraDeploy:
- |-
apiVersion: monitoring.coreos.com/v1
kind: ServiceMonitor
metadata:
name: minecraft
spec:
endpoints:
- interval: 30s
port: metrics
scrapeTimeout: 10s
path: '/'
namespaceSelector:
matchNames:
- games
selector:
matchLabels:
app.kubernetes.io/instance: minecraft
- |-
apiVersion: traefik.io/v1alpha1
kind: IngressRouteTCP
metadata:
name: minecraft-tcp
spec:
entryPoints:
- minecraft
routes:
- match: HostSNI(`*`)
services:
- name: minecraft
nativeLB: true
port: 25565

2
values/badhouseplants/databases/postgres16/values.yaml → values/badhouseplants/values.postgres16.yaml
View File

@ -9,7 +9,7 @@ metrics:
primary:
persistence:
size: 2Gi
resources:
resources:
limits:
ephemeral-storage: 1Gi
memory: 512Mi

0
values/badhouseplants/databases/postgres17/values.yaml → values/badhouseplants/values.postgres17.yaml
View File

4
values/badhouseplants/values.prometheus.yaml
View File

@ -1,3 +1,7 @@
# ------------------------------------------
# -- Istio extenstion. Just because I'm
# -- not using ingress nginx
# ------------------------------------------
coreDns:
enabled: false
kubeEtcd:

0
values/badhouseplants/databases/redis/values.yaml → values/badhouseplants/values.redis.yaml
View File

29
values/badhouseplants/velero/velero/secrets.yaml
View File

@ -1,21 +1,26 @@
credentials:
useSecret: ENC[AES256_GCM,data:JeoOyQ==,iv:fu/UL5pN+RfYRluV1ipqbJ7AMmb6mBzo9Cs8MEaH90g=,tag:SXueO8IzwQ12MjSQUx5K4A==,type:bool]
name: ENC[AES256_GCM,data:jHBOoXdfbcm9/tWworFG,iv:EZdqinT6tBFS2t7/l3bA2A5OspmmXVBhlM4ENIMlWeI=,tag:ltP1tFsWxRiQV8GgNe2RmA==,type:str]
useSecret: ENC[AES256_GCM,data:7gOgTQ==,iv:Wiutik5u1CZ3jkI5lL4JLwvKDQrjNPSfmnyet7SBVzo=,tag:SYm+fm393zhqNMKejQfYKw==,type:bool]
name: ENC[AES256_GCM,data:NKs3qbFPKGIhXI7lzGTq,iv:MWumBc7eHro/P1oLZxQArvfoWmdJN+S0d/Qxb+ohI9E=,tag:pxJQzB82Us+UflGc271wGg==,type:str]
secretContents:
hetzner: ENC[AES256_GCM,data:cLAnAdz3RlBE4YOVDIcQ+gjWxsA2jsNJgh2zkBV9LbPHU2eJDaLmQIzGov28vQK0tpdGBk8uncjg7eLVpqQFnn/+4mbMrCICLNqeNYJNG9sTRhBoA8EqODRQ7mJoHMdvSqk8dp+9nGXrgO/HCKZCbg==,iv:pEQbq9pqWcuUG3Jj93QNbD4N9a/NxLPc1XqmfYNdOoc=,tag:Ss8hyMYYm24UG2aVXw6MQQ==,type:str]
etersoft: ENC[AES256_GCM,data:f7opp9R8bLoOSqpzJdjUXiVHF0hxH3uE+fRQfgEA/G0wDrPio6SPNUG+ROeZCrLJgizFTR6x4/r/yTIglEeaa9aefF1OG9dEdlpko7AALnf3DYQ=,iv:NGXNl5BbQS5dgVn5wNqN7ba11AeDgHXPloYTBC95l2E=,tag:kA/7bvS9h20/a7se5e1zUg==,type:str]
hetzner: ENC[AES256_GCM,data:tlumlKIfwugQj5Dj8Lu9HuEcKRv8v/JhTTz4oOvRavxmeBIGElfn/MyWbK68pagfDatyKsrYjqPTutYykJWVOWdHFOCIXunnI8vkDbzpxAH0BqyZQrek3s4mkTOPJkjfW6V1MNr5AvWMYLwptcIp2Q==,iv:E3jBlMgIXzuLCNVxEBlTiiVpLCdEolJuv96bSYamwLI=,tag:4zkhZUu+on0K1zF4/8tiWQ==,type:str]
etersoft: ENC[AES256_GCM,data:/kQ9eCnHIfDSzHxy2tbVgwe7C0cF+l5LaKCgksodxUJgxTQs2pJHyx4cluoW62RwOQKHxMCy3IaqphD2zZOIVKbR0q3xVmBoxcBxrKE5UIlSxbQ=,iv:YcJF8OMiFMz147c8lXVU+ccjq1okYnHiwUvJLmJHi20=,tag:hnwtfAkBCpZUy4TEGtMOOw==,type:str]
sops:
kms: []
gcp_kms: []
azure_kv: []
hc_vault: []
age:
- recipient: age1vzkv97n2p7gfkw8dyx8ctz2kumattz89th2jq47zyjyrarmnssysdkw9v8
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA2emd4d1gyWjlYL3dYRmw4
Y2J0UkJaMTR6b0NsNTVzcTBHMXJ3WnNRdWlJCnB0ZEJmclRzY0Y1WEsvQmRWYU9k
cDRtQ3J4azNBUnN5bVUvdm9EbEo1ZHcKLS0tIGN6L0VpTWlQNm1sVnA4UldBbk9C
Q1dWek5PVjNkZUdJYllJSTZhQ1p0QU0K4LFd1ITs38M101fqy6KZGZ43x4Ou3VtB
EN1uxBEt5AdfX4F+FbOnA5qAOUdRRN31TjIXs948E/1vgm8zRxSx1Q==
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBiaW9NQVR6OGtLV3ZqMThn
bWsrcGZKNVk1cXB2aDc5RnRNbTMwZVoyRERVCnEyQ2tFSlZmTnhRdGQxNW1BVGNs
QzBjM2tXWnhQYTBaR1pUZnUzMWpYTmMKLS0tIGQ1emdDNlVGdzNWRlRQcU5xSWxB
bWdPdVF3RjU0Z0RQWXZWVUVocVBTeWsKogQ3kmwrShfBOwMC+JHNiavRHryv+WNY
dkUkONkUH5HEWN/6M7bsMMqjkH0D/upD5UXOXr4fiibcM/w+XI/BpA==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2025-04-02T21:11:55Z"
mac: ENC[AES256_GCM,data:ArJNDbctyrzJIVo9CojFPAKlhW9xCBYvfpA27iG2YGWYfCRQ0uAIVmUn0jVsbfYWdtQ5WZD7p05itXMobQMMlFlv3twi7B7taXYXQQzZghhOCVJBYo8I3gFl9wxVpKHNc+WxuerFCQUCOXyBMI9CLmXsKBwlciLl78OSU6SMe/s=,iv:wHFF4yhYLs6QjOcvcU4WDpNyjQZl0dI42mouVR/43Eo=,tag:notDIF/S/r7MlYogftz9aA==,type:str]
lastmodified: "2024-12-16T14:51:45Z"
mac: ENC[AES256_GCM,data:65vGxoFLwH9WpxvqKYi1FEb8DhRWpq4K5cTjfqQEXDxbzKDk/RjTtHpFZ2iLnAOcL2ECvL+JU9yPeM7fS06nTW/TC/oP3yNGfyJp84IWNzrBVBE8HCTaXthxcRSIbGwvdCihViT4gZU7VkMaDt1WnEesjq/KQqcK/TSpCxhSyjI=,iv:HPfV3MRyeilrAFprdsLT6H//V74YzRiGM8O7TmU/g5c=,tag:tQHA6JW5ELAUXzIlJdLYFA==,type:str]
pgp: []
unencrypted_suffix: _unencrypted
version: 3.10.1
version: 3.9.2

1
values/badhouseplants/velero/velero/values.yaml
View File

@ -22,7 +22,6 @@ configuration:
s3Url: https://nbg1.your-objectstorage.com
publicUrl: https://nbg1.your-objectstorage.com
checksumAlgorithm: ""
- name: etersoft
provider: aws
plugin: velero/velero-plugin-for-aws:v1.11.1

6
values/common/databases/postgres16/values.gotmpl
View File

@ -1,6 +0,0 @@
global:
imageRegistry: {{ .Values.registry }}
imagePullSecrets:
- regcred
security:
allowInsecureImages: true

6
values/common/databases/postgres17/values.gotmpl
View File

@ -1,6 +0,0 @@
global:
imageRegistry: {{ .Values.registry }}
imagePullSecrets:
- regcred
security:
allowInsecureImages: true

6
values/common/databases/redis/values.gotmpl
View File

@ -1,6 +0,0 @@
global:
imageRegistry: {{ .Values.registry}}
imagePullSecrets:
- regcred
security:
allowInsecureImages: true

22
values/common/flux-system/flux2/values.gotmpl
View File

@ -1,22 +0,0 @@
imagePullSecrets:
- name: regcred
cli:
image: {{ .Values.registry }}/fluxcd/flux-cli
helmController:
create: true
image: {{ .Values.registry }}/fluxcd/helm-controller
imageAutomationController:
create: false
image: {{ .Values.registry }}/fluxcd/image-automation-controller
imageReflectionController:
create: false
image: {{ .Values.registry }}/fluxcd/image-reflector-controller
kustomizeController:
create: true
image: {{ .Values.registry }}/fluxcd/kustomize-controller
notificationController:
create: false
image: {{ .Values.registry }}/fluxcd/notification-controller
sourceController:
create: true
image: {{ .Values.registry }}/fluxcd/source-controller

33
values/common/games/minecraft/values.gotmpl
View File

@ -1,33 +0,0 @@
image:
repository: {{ .Values.registry }}/itzg/minecraft-server
pullSecret: regcred
# ---------------------------------------------
# -- Install Plugins
# ---------------------------------------------
initContainers:
- name: 0-download-mods
image: {{.Values.registry}}/alpine/curl
command:
- curl
- -L
- "https://s3.badhouseplants.net/minecraft-mods/server_mods.tar"
- -o
- /download/server_mods.tar
volumeMounts:
- name: download
mountPath: /download
readOnly: false
- name: 1-copy-plugins-to-minecraft
image: {{ .Values.registry }}/ubuntu
command:
- sh
- -c
- cd /mods && tar -xvf /download/server_mods.tar || true
volumeMounts:
- name: plugins
mountPath: /mods
readOnly: false
- name: download
mountPath: /download
readOnly: false

5
values/common/kube-system/traefik/values.yaml
View File

@ -5,10 +5,7 @@ globalArguments:
ports:
web:
redirections:
entryPoint:
to: websecure
scheme: https
permanent: true
port: websecure
deployment:
replicas: 2

12
values/common/platform/authentik/values.gotmpl
View File

@ -1,12 +0,0 @@
global:
image:
repository: {{ .Values.registry }}/goauthentik/server
imagePullSecrets:
- name: regcred
redis:
global:
imageRegistry: {{ .Values.registry}}
imagePullSecrets:
- regcred
security:
allowInsecureImages: true

4
values/common/platform/db-operator/values.gotmpl
View File

@ -1,4 +0,0 @@
image:
repository: {{ .Values.registry }}/db-operator/db-operator
imagePullSecrets:
- name: regcred

5
values/common/platform/zot/values.gotmpl
View File

@ -1,5 +0,0 @@
image:
repository: {{ .Values.registry }}/project-zot/zot-linux-amd64
serviceAccount:
create: false
name: default

8
values/common/velero/velero/values.gotmpl
View File

@ -15,14 +15,6 @@ initContainers:
volumeMounts:
- mountPath: /target
name: plugins
metrics:
enabled: true
scrapeInterval: 30s
scrapeTimeout: 10s
serviceMonitor:
autodetect: true
enabled: true
{{- else }}
initContainers:
- name: velero-plugin-for-aws

51
values/etersoft/platform/minio/secrets.yaml
View File

@ -1,33 +1,38 @@
rootPassword: ENC[AES256_GCM,data:qnexaqMkE9mrB1xiX9wJ5Zck/A86UpliUw==,iv:ogGbSnHyC+NrlPkxnsWMypSLl1R/dmCHs41XGPVV+jQ=,tag:WjxWZVBsXfilMihi1AfnUg==,type:str]
rootPassword: ENC[AES256_GCM,data:kxg0YirkjeeTaKueH1G4RijoLjLGxHJP2w==,iv:FM83CGAl7E/xEh9k+GPy/z5apxlAb6/HEhznGcUcu64=,tag:Obw7iPuQltcaWwjZfAh7xQ==,type:str]
users:
- accessKey: ENC[AES256_GCM,data:5HL9wVqfA0M=,iv:5/93WLtsbjI8es0eR4v8L+d0rouppWv71yRUkVPlJaY=,tag:LWikGmdEB1En9kzK/q7iuA==,type:str]
secretKey: ENC[AES256_GCM,data:YQTRFqsrwgti2ClhOsNJ4mJ8UJFe5x2kHg==,iv:5eU6lMwai8fRQc2pGTfVOfKrVGZUFyu2h3E9UVDQMfo=,tag:C1zyKZACiLQHbrSOMxAPBQ==,type:str]
policy: ENC[AES256_GCM,data:xmfAJOUfKLo=,iv:ZtwUL9/Q9TwRKjWiQ9+lyRqC4rQG5sHDomRjwhJjaqE=,tag:ZER1ZAfuFxtm7uUOqVLdCg==,type:str]
- accessKey: ENC[AES256_GCM,data:AuteZNMO,iv:d6WqR5iwTxAExyavsSrAmd13VQ52wobBve6Borp4+ug=,tag:BFDiFc/XT3G2vxMj47p9Lg==,type:str]
secretKey: ENC[AES256_GCM,data:xA1OPlugsx3B/tQ7kPd7pmTWh5M+FtO2MA==,iv:R21qjcQT9D2wdnnRYM+zS+vsxEDNSVg2ScLLNxogfBU=,tag:zg6EAcmsZxRMwQHWSCsesA==,type:str]
policy: ENC[AES256_GCM,data:bYC8mdky,iv:0OmqMpDPVPPVGC4ZWrrS12DIMBztHDtt3Iumdxesa8M=,tag:I5BizMVL9OKnaVx5p89/Cg==,type:str]
- accessKey: ENC[AES256_GCM,data:h01uNoYYTNs=,iv:YkdniZm4pFzcEa+MfXazBClz6RrnYjzAh+3IbnVE0nQ=,tag:SFZ8HnM8N99CNLvEnWBXqA==,type:str]
secretKey: ENC[AES256_GCM,data:sr33gCJYEd2k7bbZNHKVgvOmUN235YJoUg==,iv:hGFkM9cS0cv+GOWpxn1YPjDJBqSZl3RHRrUM9TQt0A0=,tag:Uu7ItlGDxayQhG9vmSNp/Q==,type:str]
policy: ENC[AES256_GCM,data:QPL12F5ZWVI=,iv:wXBHgWlI6kFvGH6rp5pLEEcT7S2i58K3Pwa4D4407ks=,tag:JckGYguaJfvHK/sgSuKICQ==,type:str]
- accessKey: ENC[AES256_GCM,data:oJrvlRNB,iv:RTYdPqj5Q77NvJIUsRw7PA/7yhZ1YzjRWCYfvshXoCU=,tag:5gtdnE9cIUvZWWpQsO+2oA==,type:str]
secretKey: ENC[AES256_GCM,data:nZGlehkE2OhNjXLZk/4syI/xKRGmRmzltw==,iv:24Q/OVU2Rtz5ZmUcgJ6ZsOfXv97PXHL9456C5ccsVAA=,tag:xbU/qLleiUwUBzB1dU6/Ew==,type:str]
policy: ENC[AES256_GCM,data:eC7ZPjG/,iv:cEbFEZygJ7ntGA174A3p/RXhjK1QFVY1ldLiZFsaJ8M=,tag:cknvoIX5NONoni1mInssgg==,type:str]
oidc:
enabled: ENC[AES256_GCM,data:InAwLw==,iv:wdnXWnfIzS+eXwswgJhG2ZPg2Ub9YMiZXfV3ShWHZ7E=,tag:fYTaVa92A9gnkcEn1EMT3g==,type:bool]
configUrl: ENC[AES256_GCM,data:KgarNhP8BMR5ivK9MTCKUuXjT5zd8/9MO6JyUTfzCPmNoBqRTKPJzjdM29LIa6U1171BS4YqcxcIpIR6Y+72d0YTZuvgQQF0ztb904d8MUXgu3KtBZzAIbEhI9xu8MkGbTY=,iv:WMkgF03poOzKOBKEZkd54z41wp1cgZKFDI2/qAswl0w=,tag:1dEektNStbHBu6MzrD7wnw==,type:str]
clientId: ENC[AES256_GCM,data:L3CQnmb1XrLD3rqtffs=,iv:wN4l9DxccLlXpUPSvs3hx/Bag7+EPf9H7klUkvsKAZw=,tag:k9E/3o6OXHi6TiXnlPblNg==,type:str]
clientSecret: ENC[AES256_GCM,data:G809E5NifCWqqndhIG1dDNwUHUOhlDcyMBRE9O7PEXO9ZXRAdLaxVGGRHy7UpPwY1iYKpz7+WRAWmkh0vBcFdtxqnzHBlHD1pPF+vkN0pOG/jm0ds86AKrjQm6X2Zcf/p546+O+rw0ipgYyUS6zsZFfL5LQvkpU6sjF9wXxQQpQ=,iv:LwZw0tWUiGm6meZ5dMM5IvcD6rXgIhlKcpvqnScP+8U=,tag:0R2s2CYJWlbzzV5hNJ6uyw==,type:str]
claimName: ENC[AES256_GCM,data:xtR/BhXA,iv:Ku5QCNMqmWGINu6Bisla4oYwR046AeFrQzcLuXuO/c0=,tag:5laaIeCC3vng3xySerBi4Q==,type:str]
redirectUri: ENC[AES256_GCM,data:zmWLYgD0iE+wkydBQvj8oOy/EzNtdL5WBIVTvb8nlg4ES9n+pzw5fjMw0GIMrPs+I0s=,iv:1nvn8yOhz3PMB0GgFCzDPbx7HxPpLlPbbLcWX9HnTMk=,tag:lCPoujWw32Q/bqPrD9ur8A==,type:str]
comment: ENC[AES256_GCM,data:I4T+pUEdC+sQChKrxfwXT3jTOCQ=,iv:lJ9ccLVf+thEFT9erHuGVPp/LuyfiCaz1YCwrcW+kEQ=,tag:g0XtSnglE4Pvjgn0mKHfsQ==,type:str]
enabled: ENC[AES256_GCM,data:ZzHQSw==,iv:pAM6Sg5FOqk3OevwXxNz6+HoA+S9JKn3qXKBrvtQOjw=,tag:jIjUzOpsDTrmWXnVQZvOLQ==,type:bool]
configUrl: ENC[AES256_GCM,data:wM3MMDLR0hD0moLuOJbVV0FXEAcRpGQCiWZHIRfaer5WzSAnQH/8/PVkOnFy16uzsAf1IFbQIOjaXDw1alv3WxczIKpfXiR8mfNI013fCs+tURdOPCSdziQf9G1+sar9/Fs=,iv:95nxS+kP5Ml3WWbN6kGQxH0E/hLDUMp664OrQVZhH80=,tag:0PvfH+J9SQGwBJ/Kh7zgCA==,type:str]
clientId: ENC[AES256_GCM,data:UlETcj+fUPFDh2thR2Q=,iv:EF5QHrfstIqT5MYvrkQkUtcquG9SIsruYKSaR9adz5E=,tag:/yYOxzIIgoCRqsFSHyQanw==,type:str]
clientSecret: ENC[AES256_GCM,data:elh+rgMPMxJ3Tf+ufv4FBVQRBY+HeWbaSz4Mjx+CQIGzVBYDw2TaImgZbdIN7X+tVRdKjBUad7Bd4VUZoZt8kIacT4usJRQC9qErhMjnuT+OGzq6mSpXMztAzbGpL76L44S893sRkUkVwDpA6p4vqPSe5vMiaXZZAANIrhIDcRo=,iv:FIr6pRpJ3FlRchQs2Hg25bJu4HFYSy9HFiDhOPDPang=,tag:0pWGuHVwrlm11SqFKYj5ag==,type:str]
claimName: ENC[AES256_GCM,data:EOYQcSX7,iv:7ELctRaFlUmE/I9ExsLjMSCOrwLyTrJt5RQeDMqcZXI=,tag:CAEcRcWu0jkHxIdWFwoQvA==,type:str]
redirectUri: ENC[AES256_GCM,data:ek2cRHXtOCy9yNRrCyW6GFULz9ql7vzFIYc/7OBBlqQZmzMVEiNJ0B8Wej5TELIJ+do=,iv:IMr3J6Vcs7mT+agAcwaV8av7PUuOtvCdvLOOIKYwN2U=,tag:hLgtwpqtgsyoIF574C8UYA==,type:str]
comment: ENC[AES256_GCM,data:io98WZF69zRwoaDz1WXgb3gJ+Ac=,iv:Uw3p8734k25N+GZhQQ225Ye5mJInR4LcJ9LPcppEsgY=,tag:hvx6FxcwajTmC4gQGErWmQ==,type:str]
claimPrefix: ""
scopes: ENC[AES256_GCM,data:BGQgbk1zlBkf+kIT4+iKNuE1Xavoa2uv2WLB,iv:8fLWtfpBu/R/iu4q/ULHKSgSApzNImQknoqjh0mtUu0=,tag:LQ7QwEb1il2U7dPKdMG1/Q==,type:str]
scopes: ENC[AES256_GCM,data:mK8Vczvi5SSVPW6k9pLx2aOaXUdfujXE1G77,iv:M8TxsGfsnvdRyBo94JitBnx366MuRY5Q6vLNmCs0hp8=,tag:YaobqJvS7u6B9x0MN5VMzA==,type:str]
sops:
kms: []
gcp_kms: []
azure_kv: []
hc_vault: []
age:
- recipient: age1vzkv97n2p7gfkw8dyx8ctz2kumattz89th2jq47zyjyrarmnssysdkw9v8
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBDRzNRdGNJajZycHpwbFBJ
eUVJa2hVRmxuN0RIanZHU0Z6S3BIWXF4YTM4CmxtcG1aOThtLzExdGI0ZHRGN2Qy
NXFneUlHZUFvZTJzOVNKZ09lSUdzVk0KLS0tIFJZWm14bWgvMmNsYUtkVHVBQUJs
ckRqT1ZvWld4TjNHMmFtNFc1NGZWYkUKU3njj8FgDNTwziL7KS+nfRJ4yhiUod9Q
wbVc+Yxijtu+S0jkDdDSR4SmyeD3vRicCsRHGs5S+SS1pKcPEM3c3w==
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBFYlFwMzFCaG8wbk5ZcDI4
OU93MVNoZGNyL0h0WFhRM254eDF6Y2FkZjMwClJEcHNZcFVlaTB4eDlsMm5QaEYy
NE0rd3EzUytaVEc5Y3I0MUpJWnI1NkUKLS0tIHBlS1dKMG9kcXpJSHMzbDhXcGJx
OXIvTU1uSVFXenF5QU82VHFta3ZmS0UK86P5geFl4PEMgKqBW2AlQfyTjT84TRfE
NjjFcpeFsUa3GoSm+NHxjzXbEEWkQsVsLWqS48IAPhOiICyWPwiznA==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2025-04-05T11:29:21Z"
mac: ENC[AES256_GCM,data:kyFSH23LwA9JbzWrCFaQA1dzs1AUDVfp7vuYrbu3GnWAkS7YBR7/ZqdEQZZYtDphSYDcQPSvQf/aVgM77qgCxgYrBFF+HTLyTCLOB59+iftA7jPp4Tv9GyCTnrObkuQHYUdatV5iQwoa/qwS9TKi2/yWJQhfrbawjmJTHeiBpIk=,iv:SgIw7X3pZZUfU70Wf9WBFAXg9SLQheMwycQlC3C3Xtc=,tag:zcwc2mLFR57SgliiX7HnTw==,type:str]
lastmodified: "2025-02-20T16:42:14Z"
mac: ENC[AES256_GCM,data:DyBFmjgWcRCkEEpuDUL2M4w6DcJ+YiVaUZcCuHReTKZRuE0BcYn8TCKYqaILKM4B0ClLK4aYH194ZNysEMDoAVDnLaTWPa3as8dW8mwpeaPmV80CbnKsRLMajwWJi7T8LBYrHaSSZx8eCRHvXFaB3u8B7t31vmzwutlpu5BKQqc=,iv:RzcPzF0rrSVZNSuG/Juv/gFtSdPqgImU+jO0Z3oQVzQ=,tag:KkEecRrbBDImiTBhn4T0pQ==,type:str]
pgp: []
unencrypted_suffix: _unencrypted
version: 3.10.1
version: 3.9.4

39
values/etersoft/secrets.server-xray-public-bridge.yaml
View File

File diff suppressed because one or more lines are too long

37
values/etersoft/secrets.server-xray-public.yaml
View File

@ -1,32 +1,37 @@
files:
config:
enabled: ENC[AES256_GCM,data:/Pq9iw==,iv:HMs4LzwNIFF8XRmjQ4uqKu7X5QsV8Mk9I/yc/gZq62E=,tag:f8WZiM0PEXwwu+cMMOoRiw==,type:bool]
sensitive: ENC[AES256_GCM,data:nv0bwRU=,iv:E6FE7eGGHt1DfkMyRteMbnuaX4Kq9rWMmVISTE/eD5Q=,tag:OsPWtKkwawXqvIoc+Nwmeg==,type:bool]
enabled: ENC[AES256_GCM,data:QJdNMQ==,iv:m8KcSZ1Qi9lmCUTfJkceKMu1iWMBin2Y8P+6g7pSU4g=,tag:z4N53rRhoTNdlMK5nu8rYw==,type:bool]
sensitive: ENC[AES256_GCM,data:8ltdENw=,iv:qeBWpMCAxo0OwRc4B/6CAbkxn7Bal7iDfgidvqtEmpg=,tag:3ipWGmcf1ZjsNTP1zJuXhw==,type:bool]
remove: []
entries:
config.json:
data: ENC[AES256_GCM,data:p8tabUYlroJSzmGH4GQyrn+HCRKL3QtSoCIZTqS9h6B/KPLsGZVmpPlSZ06C0ahBYVDzsefE07//mkoa6zA8FmlPpyEiwOXJB3LE1xqSo/kH5Ckr1dSoUXiuSIARCigRqParHe8PHG9KTZvdOmrMaThpioWzL9wS9Qb/uqpg9A2P9eipmY/Gm6UcQDMbHXQRBBYcrZ8Ag7cYIjWI0Y6sqdtUuSPiWwBKGNdhZDoXNdb1EcDRKgJtQ1BiLBZ1EMzyD2SnrQbCShV3SCdzki3iRVol0n8oJ4DlCuRRWUzGWF1Qo42yqOd+xdgHI08hHcdww3+MIMIKouHaNibzBzE7tVlCHDqM/dLm3eoNAvyUza24ajmhyVxyzTRlY5seWqRv+P0E7JviiP3CQBk/zscIMMUn5zOsBtIpCPzQA/+lRbc9k2B6K18f/V8yiJH0z9ukxPxuRRE+AmTGvrd5eUnpu8ruczcavSzRViU3eN7EpkoJbFkSTKwaDlSO23d4vpyupjeVfQSJjEadqfSuOnv592/8SlLrMU7B2U/bhmFRggAfyQpxrOhO5p9EWioG2o3qNJA8dKU3Lj0AXKk0fv6O74PG32YjnUsMJxB6i6lrz9vGQ7Ris868FIbhPmRJyD4+5XBy1bAtjT/DULpA2J1ChaK5tKXtLrwRp+u6LJmhQo9Q8iTjoCciVwtgzc2sI1V+AaVEz9LfgoL1XeGRxtLi29graan9MTTqEdIOloibfT+BCAD3vVc145RzDVpM5v/D3mVni/R5XWIuZrMklkFf/K3fgF9SOkME1zHfIOr9i2W8egV/r3WxtjT6VoVKjkIc1Zje+52wd8cn76a7DCOfV50oYMdRSoMlrjRXcppN4NVYn0KNscILB/Hu0Itof76pRJJN6m682U2KlBGNn5K797TJas288vqoo01mPg7HZipsmkVYy43/9KntKxr5Zi21Cr4eltY9Yt5Za6olT8VeJTpRygglhyxaQmfQRG/+9r/DqWyIuXZvU7l+fozvOBevefgkmohGA20QbmQ7YpDUeQv18T0RgDwMC2PE1aNx3+luwOteI4jb1B8r99zuicAa1SgggGZy9bYtzGYliNOcZ8oK1nxth8W3k0qMmjBrGNpTn0tZ+J0LJTAZ56OLMQyJPFFAJqVzwLdJ06K0Cw/MlXfho4iH22qVNbUpIQ34ndhmrPlO4Py0oouqdupS4veY61Df+1yeMIFNMgaGxsSdBp10A5u+YF1BI6Tu6BlUhT7bAWfEjX/P7Eq/MS/yu5iU3yMzE3IPiq+ZgZ+fxQYwJkYcwiaSY67pqUy4URxVe98URpE06GD+I6bCWw28qSDVUC+pWLmw+ll2lMeB/QgBFsynKrW68wGU38O3agMAfK598EUBoMAgI7bap2nx57o/Y+UpNtTsHBpwKlgFYL5abwKCPCrhV4rnDJetjgCbTumduTqTE9ICu8m104bNTpw6mvLe+BWp/c43Xx3/9WmwIJVOLnM8prigehxBQoxFU2+CclriNYjTn8za/fZuNLJ/XWFoTwiVYCd7RXsPsxnVe2LuDRzkFK8U1JB42iAIKIo2/OwOPiKjBXtAk4Q76guUoxcoCVaj/q9+t74V5viTjlaX7scNd7hNNjs56S3+6ZNBL37yuKbf3nY5qzPYBVt3h2LAHHcdfxtNIsz8gIDKWkHxc8NOjgUIv/B5ENuJLcDn3W5VVcfTh08wuWR7mZO1xiOCPyLEmlB3hNJQLvoLPrMHfwGjxB8CwC2xrQ2ndEWlUwgXwPFrhmM3cGV/jWY2nXLeUieIiMVFldsjSDwA0XjcExs1RfWoO0ZrZs5+0YehDmjRQRq0XtSvsO+5IeE1bFoZRtzEUzf8iZNvBcHtc8FmRUPVFJKnh8RJGKDkbVKLYg0mGtDvzianLYdv3Ugrnal5e/Rjp6EbezVLUK3kvubFUjxSwFQBIjRfJUP2hmX70JRoMoWWpnJbpHgsjQNg2K7aQ45NTSJSP1VyD2H3gibm6zm7IYWTlQ7lpbdZH0MxH8WIFYa1UBMlNq0JCFc18jWLxcLMlCEoM/qX7GrjoCRaj6YZWH3MeseLxcyfoY8wRWHo7piJjdeDXBQTpvu6ClzHz36iVxpueCTTkhZbcf0dLsxxQ0qfzqZgOhtJq/wc5dOKyHRtCxCJnVvDl8twxA1h+fgXol2EpJvHVdFfKVq7/b+B+F2tSlEQtc4i9lFaMQaeXdlFZNhmp+/6ZKojowZWnAnhA+mC87+p/3yeII1Wf5ct9mFm+K2uit88nAzhxFQXpGuhUrMj+PHSVlyv1wY1i1vi4QfSGzm2VKU8Ajf+BpiVnb2kkKeUkrR5IR07fOpkJktmUqMlbxt1Q+V46cxEC2r3AA38OOPfrFGAb7yjT/DYwehBN9r6BIhgd+0DFFpL/W9HYu10j3NVNm40lkRl1+atdeDa6LXCR8ZNhHtK0zSPcpXFlsB07YYSjXblqtA1jKVMarrQDYLRueqYVjjkZV+VsxBexfHhj4ZO/hIHvP6Yb00qmlSQGGO17Cq3oZRj1TwIWsE28qKOkFWCquzjS/coE/rMVoN3aLp+KkZlEaB4fvZd8kflMIXS0C2weSMhLq4mQ8ICb81jzmrBvN/io2aV2V57feFg3gDnDtpEdzflh3fI8q+DbANdCBeIEaj+Iizbg/7tRV0XtgdkDbJGRMmDZ8V9veQT6NThlwtuAVDSusaTw/U7giMotC3GI4/7Tl3/G3KNlMOgzmUphDRA638YKw7TEFYKr068B3+ZyZQK4taxCkeKn2f9R/0Kg/JK238lR3vYZ2Ye6W1adv4rqVhMLSHbDSavqW8Q/wJnZkZVwXLWRHG+E6u74ufBp7Uxg/7aYbMGl4vMd8TcA/ydq7e/2jiZbwPVzXPMnKypBHwTdndJ6R09nwHMyz6iZ/0e4WVy6mrkR5LuIfTzA+7zhZN/kpUakhAj2bj9d6GwsawMCsZi2ld9XS+HJrqy53w52IWazsQeSGfEKklVcOyQHY21zN3aB63eixVrIMhmVlzu4HVnDoFvUCYs6ShCMTc8FJP3KFOUAl/vlzo81gnpEhWsYNseWSEcHLpdRVkPH55hqEjhQJFDxY8/dXhkU7X0fe5z0Y/I0ElPIR1sIzueD3f9ECiCZBvt/sHtfPuDWWEz0OZw8ga6BXAhDlfomT7bmImvWj+DYbnETxfkMXIifY01cTUn1Gq7WKxKWpcRB7Aj5bHyG4keGbi59NjY/n+DexxiQeXfPeCGJuth/dUC6DU+Z/CukN7L6FurZ2UAaAgHtYES1RR3YWC/MNokvRE5cOI=,iv:chRQSyE0r7SQ462WWUUwwRwqh1MD3+RwjKBMlgCL/y8=,tag:D7DFlbbdk3whwO1VTymDmw==,type:str]
data: ENC[AES256_GCM,data:8Lcjs0itPOyEy/ZQJS8KZBwFW5BEC039JJJCVhUjL29+NF31Os5vo8jLoCayW9e8tasVVhP8BQlGFq/ABQajXmLoLCSQI0yAOGdVSvQEXy4HjBxsDnPIvNq1/4dk0FsoQwTJYaVW0QxSUWkipyZD0cbzssJ9Zd+KnIIs4MGreXfibuyZI+HinrYlxP8CXNTn6o2eUSx3zXodD0K2IO7tUOlIbYK2PwIBvhz1JxUhqXIXfoEF2FoVU7ca6YCHA4b8kLLep9gz6z2yHrM6CMk2AUi6H90jGfUPu1dn+H0zBc9JsnVpbGp1KGtx5V6UAk8i4Ed1Iv8zVlvv/i8mmWhY2ue0doFj2cY6QgKc0fqgfkqTgy0k1IeTbxfWDH69KEKMpqk5UotvI31R6ZQlYNgc29IzdMDzXU9UVvDzwwP6bl10VYZp0pwwgV8nqOnr+ZTNR4Hy3Xrmq99SUAq1fc7/CPebj+g9v+PfjKMrOAL9kOVTNK7EJMMp7JQXTrtgifkz21HkfjMVKh3JMFs6gJla21zgYqHqpgU4t1dtA2+Y2OCJV43dZsNNnuEqvBVJhCMta/Lh6xoqtaLoC3TYRrkp1PWGNvP277UJnvS1RekDAl/RjFFOlOLHOrbQpFd5zTWeM6K8iOPcmugPreE8p9FQIFN9tyYW0SryrZ7V6dRb9qrEYbFXMqjLX9voTJyD7K6xX9omgX4OHC9RJA3P0hbsidwooZZBUDGs842LI5hCoEeEOYz1h5ZQV0tLUP8omIwZOvm5B9cXt3GmVvcWYw0Cy5h/1neuzZzQipveQoQkartZuvg+WjjJMOASdMuSqdvw+wCdGCGlNH8ACtFR3pvnXn3NIN5WaQukWpkpSWNGtr/teW/5KtFvICwg95ieNoAOar3T0txR4DQ4oHw8gh7JK/57E0HzC6q6gqCeqQGZYKt/0QVnQCMKHh7rD6nz1aiFgh15vzAU3sjWMlszt5Q6pNQCb9Ib8txJA3gvI2AuMr/614NwyN2WHtuangVBg/nLUQW/0IL0FZWYWAmjvn+e0Ucsx+gNt9XVzvJv8782gnt3LXMz9QqT+NbNW0lzrac5AQ5Ka/uImDFNmzKunk/3yTb9K2q2kzOx0QCBYGcvvCjeX4SP2cDOJkSQV7qB9AqiKJP4h/oDkrNHH+b6n624c9C/IDAqWu5Gr9RUbhADVbRsLJjbzNdQj9Feacvw2UDjE9BNz42RN5K+Nz8Cw72B3iUg/3gcAhhjUvI/liuZCf1Py6nxi1Hl4MpoAinKabIUGvoIt5fBv+iXKXmhe+qulKDuJj+maIAKKmcnVFxcl1waWLrVPLO4gSNVCTp8b7tCwGuLIcynPGCLxSOnis4YJi7ux5oA3pn9pq5jop3kXQTpU8AexU4bmDFF4pzqXogNSDbiy/fKQV2pFnMW3KwOSXCBTzS9RmnGm+X8zQbXxnX1cP/vSmh9Pqs/4FEVlg79P5uEY+0YGmKRqmzBFZEQgXaYhOMWWsIMCzES2wNe5LuHEYiVF0fXK0GsYswPejH2Y8kg4jT5gynzfHuQzNO2P9id/o+q/Ptf9w5fizPZOBeOLMPpDP5LzYA8mPyb3WMryUj6agYk/CnEc07R0Xqk62gh9l0kmmDJneciwUz9bcGQGwfZVDwJeHyI2cS1huU6Ay6s8D1XyZnzWRAk0uAdY1a7oYhs0X0XioG0jsz6NBhUfRMNTqxITmxLnrrC3RbZfHtKizBnBDZ/OsSvMcUDg+wxz84PKM3p+gXUzxXypWCBFxHUoAy5x1V9rVINha9LUdtWiYD3JeoUbmgTIWKGOTXuXGlDdqkVedAtLyqIwAxCRgLWra/NoLJ3ZSVjWB/bpsrDc6suVKTn2LXSk+QSHE/2mzIvO1XBDd2QvG0VnVXNwFFRP8321hERwgNDQgh2AlcPBFJX1VaP6EHqa/VjX3bIrXxZMmq3UKH+wxR1pn+D0x1npIk1lAOW9yvJH/CUpbXJcNzSRTy2OR2MFTJcW432KKdcm7VoWhmUciCfOnvcvJekH/1yjoXRd3D0T/2hdPnxdkcFyoM9QZ7/5T3NXnNxVwaZwqlzg5vKGf8YkqWL2PhsbqxkRk62oPYEAfamyyszn2WT8mxp1MjYmYxAxAxIiVBuZR/Vn/pU/Abpar+7hTUChKSz/hiR0vF6MiblMcyjLA4hZ0SRdkDDaofpvkg4qo4cAjTtIBHj4doPWPdieXYvxLp0SCUe41WnBj3Z4Cmxkc+V9UaFhRxmxCU18Q4eOZ5DMOikB9BbQooHQ/eqrkel8pT1ObtqxAmQmuFyiP5RvByEdyvM4R9hZ+nO/C9m4msoIxr0Zl3VR0oNZEjtIMS+RGfofK4Su611pkRk2nHVG9fJqvNjX30SZts7BZarrj3IZJNx0OGfXOEVAR2AftV0UlEIyjJm9oB/WTLlecUAXZgaVCkebB5R1rSB3Bxu4tFkb3AUdCFz9CpNH2IFVGaTPlQK9cowc+2s1fPVpDiVFU4NBPgPGKD3X7Reu/U0Z13J7gC9zcbPt+39GRomH/XhubjyWps1CQZRQ0XadiimQhlmiM+da9Gpy5VSUNCapr8+rw0SJhHP3oKbpPscBxjcaI5Q1wCMHzSfuF/rvGxeah2M/RHW8nFXWrZGMXHqjRQeDPagkRM782/wx1JBX5o0P1vbjV7pTRtySC9ukQPEoepjcGxR0eso1WHPO+oxaAc56ViORdfEBVMSdgVYJQJeCayIqYcQxFY1As0WT6JgQ9FyITIwJcPW8AQ6vzz6mDaBCpibNqWkv7SRe3vvivIaW+prQS+mujqsbgwtLq71LtGkjAbe5ANyBP9OfhIvYYY/yuENKfTe1pOnzQL1THyrfVTWhqsB9Smu7L3VCaULTLVxL/fELnunWNSWqzhAWLm3YP907phKt84bd/4vI/eN7RO6WpB/J0XpAbBfwVWB5A2fxToe9pfw9zJ//nJZg+iP0kX9aJkENV17YYINsd7QHgwWnAFgxcaQgco9VwugJz2B6mNAmhc3ahi6zdOon/E/mC7hKzKPIsf9Ll87L+1pcYO1yGdzKLl/vx6EcjqzIk/GnUnkr/8h6qNSUBPUzWqMce6DsxvbRYc07C3g/CjcS8SLoxLwHCsQhQev3vtSOT0VC3vuOKOu3f0zHJRyeyG2Ppn5hNtv3J6WWUOL3N8oVbOdH42JQnNxDrbXJNE93jN1YTgTUwhne4ZboqudGoZTnwzZo/1E0GvKA7aXq049isY9UdCU+LGb8pvJL/XjWXWApMiXDRMVAoG6+VxyIaDrrlSWoPdaSwhxNZM8Gzy0Y74=,iv:BdIS18qQNBFdjwlv0IH/t2L/R0FywZiu8+ExA7X2HIc=,tag:AiCzrJzmxzocT/fnshUttA==,type:str]
sops:
kms: []
gcp_kms: []
azure_kv: []
hc_vault: []
age:
- recipient: age1vzkv97n2p7gfkw8dyx8ctz2kumattz89th2jq47zyjyrarmnssysdkw9v8
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBMUGM4THZRckZFZk1jMG9K
ZlQ2Q2o5VVlWTGtWMDRlMmp5MGxqZGRRd0hrCmlsV0NVMWlac2d6T0F4SHAzampm
bDJ2WFFOYmtmUllyY0UybFN5anhBQzQKLS0tIDlwUndYOXJtMWMyUVdMRzVjczZr
TG81OHQ1NXVBazBOYm9wT0FXZHN3bEUK+c+RP3xPEB3CCGN8zyHZaswiImhYNgYW
2lj77y++2QWNCdndR7DfsKYgt6wzwe2k3dvrLUbz8DhKHnZLiVz+OQ==
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA1OXIrRVJJS2hlZUQ0a3I5
SCtVeHFiWExFM1F5K1ZzVENOMGtvOWlJOEF3ClJTRXJ5NCtHT08zWkluL3oydkJR
aHd5ZmZKY0ZHcXdhaExiVE9tUVg4S0UKLS0tIEliYkxrck9tc2F2amF1TDVXZlZR
eU1ENGZHaUgwSXViNEY2cnhneUEvbDAKW4Ynu3DBBXRGn8l+yIMKTFp1+qnEEwhz
ZCX0RkdBusfX9IU+EZjAh6L0t+RKUf5vvC4giHbd4g0Fhui2E/NWpw==
-----END AGE ENCRYPTED FILE-----
- recipient: age17fyzv5mezck364lvyepp9pa3tnjn7jvsgcpykhhz2smnxyq6fdusvl7waf
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBYVkVsZXRRZVlyaytSN2Nz
VnErNEhaekdJcldIVkNEMTVNWHJ0d0FLNldnClU1WFNCV2JUdm85UU9oVEFOQXpD
VTBEUmZlaytLcU0zVUhpMk1LQWsxSkUKLS0tIE5zWG5UckdKb0tTRUhXNkFBNzZP
YmJFazAydjBSSHYyYzZJa3JHdEVMK1kKNgqAMknySjN255pn+u2XF+lL/OtU6vjf
DCKGPGWKxVFMHC9DgYf8HifjburDZ1L+CvMDLHQOPd+1Piy58qoMpQ==
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBjUVNJN0VQSHlHVzRyem9H
a1pDT1lQZGRjRTcwUzFWSEgrdlljZDlnOEN3CktYakY5YWEvTloyaHBPR3hqVUph
WXFMb2krZnBWNWJhRWJBOFloNEFPUUUKLS0tIFRjYlNRb21TanF3SDkxRDk0N2k0
ZTZBWkxUbVZpYjdUZFZDK1JOREpDcmMKyBU5+qvwshU6LBzSPptQtqIY3X+gKgur
nhkMcV6g5z40EwfvuJvfAzqZrsuKOejungXunKV3Q/QyiTn+/RrJoA==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2025-04-06T11:46:52Z"
mac: ENC[AES256_GCM,data:mqkvRkklYHKHsPa0g5MHw+7EaNeftEj1sBs4cOPVN6E8alTIvudqfzU3Q0eDpq7vFPRRUpcYxCJV5NDSK6/ahr+oeWOpURbrbQ9JyEFpH4GGJRHrMW04JVjtSEbh8HshvIj+IEi7dc6k8Wg8lt4sMEv/rzaJ3ezPWRiHM8GqNvg=,iv:yA7dH0qsDv84Ngxw92BsVk8u444o1OT7/T/MpGpIeyE=,tag:IBXzQ+F1mx+MQnnbwnKfJw==,type:str]
lastmodified: "2025-02-08T20:27:36Z"
mac: ENC[AES256_GCM,data:JT/yRb2b+wKSS66ZkqqzbTOQWs1dOjXSEKZeBP6hcaVwmPcFld4bOZgPmJeYl8ZTWJyIjNc5cwBB/VP95DdSBroFy2WCJeVjdSEWxQT37AvwJSXwHeODr5JOI+pwwubqzhorNKip/MDvZw3qnIUuFEaXWlwKMfMR01/M3nGB2HI=,iv:dfWIeGuk7S6jS12OOAzYVmDWFQmaiQP83roR1GxulaA=,tag:ZocnLTP4PO1QAw9F6oK1wQ==,type:str]
pgp: []
unencrypted_suffix: _unencrypted
version: 3.10.1
version: 3.9.4