Compare commits
15 Commits
be87e225d8
...
ad4418c29a
| Author | SHA1 | Date | |
|---|---|---|---|
| ad4418c29a | |||
| 1f0b5a6dc8 | |||
|
8a595bfdbc | ||
|
|
6855a5c43c | ||
|
|
ea306ece64 | ||
|
|
64d523f302 | ||
|
|
b2f546f0b7 | ||
| 5c0aaa1e30 | |||
| fa6791c9d4 | |||
53faa51b51
|
|||
| 56737d59a6 | |||
| e5aa79abe8 | |||
|
|
c46bfd88e2 | ||
|
c6d0973522
|
|||
|
8deb163e0d
|
@ -8,3 +8,7 @@ creation_rules:
|
||||
key_groups:
|
||||
- age:
|
||||
- age1vzkv97n2p7gfkw8dyx8ctz2kumattz89th2jq47zyjyrarmnssysdkw9v8
|
||||
- path_regex: common/values/secrets.*
|
||||
key_groups:
|
||||
- age:
|
||||
- age1vzkv97n2p7gfkw8dyx8ctz2kumattz89th2jq47zyjyrarmnssysdkw9v8
|
||||
|
||||
@ -25,6 +25,14 @@ metadata:
|
||||
namespace: {{ $ns.name }}
|
||||
data:
|
||||
.dockerconfigjson: {{ $.Values.defaultRegcred }}
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: ServiceAccount
|
||||
metadata:
|
||||
name: default
|
||||
namespace: {{ $ns.name }}
|
||||
imagePullSecrets:
|
||||
- name: regcred
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
|
||||
@ -2,7 +2,7 @@ environments:
|
||||
badhouseplants:
|
||||
kubeContext: badhouseplants
|
||||
values:
|
||||
#- ./common/values/values.badhouseplants.yaml
|
||||
- ./common/values/values.badhouseplants.yaml
|
||||
- base:
|
||||
enabled: true
|
||||
- velero:
|
||||
|
||||
@ -1,3 +1,6 @@
|
||||
helmDefaults:
|
||||
kubeContext: {{ .StateValues.kubeContext }}
|
||||
|
||||
templates:
|
||||
# ---------------------------
|
||||
# -- Hooks
|
||||
@ -39,19 +42,19 @@ templates:
|
||||
- '{{ requiredEnv "PWD" }}/values/{{ .Environment.Name }}/secrets.{{ `{{ .Release.Name }}` }}.yaml'
|
||||
common-values:
|
||||
values:
|
||||
- '{{ requiredEnv "PWD" }}/values/common/{{ `{{ .Release.Namespace }}` }}/{{ `{{ .Release.Name }}` }}/values.yaml'
|
||||
- '../values/common/{{ `{{ .Release.Namespace }}` }}/{{ `{{ .Release.Name }}` }}/values.yaml'
|
||||
common-values-tpl:
|
||||
values:
|
||||
- '{{ requiredEnv "PWD" }}/values/common/{{ `{{ .Release.Namespace }}` }}/{{ `{{ .Release.Name }}` }}/values.gotmpl'
|
||||
- '../values/common/{{ `{{ .Release.Namespace }}` }}/{{ `{{ .Release.Name }}` }}/values.gotmpl'
|
||||
env-values:
|
||||
values:
|
||||
- '{{ requiredEnv "PWD" }}/values/{{ .Environment.Name }}/{{ `{{ .Release.Namespace }}` }}/{{ `{{ .Release.Name }}` }}/values.yaml'
|
||||
- '../values/{{ .Environment.Name }}/{{ `{{ .Release.Namespace }}` }}/{{ `{{ .Release.Name }}` }}/values.yaml'
|
||||
env-values-tpl:
|
||||
values:
|
||||
- '{{ requiredEnv "PWD" }}/values/{{ .Environment.Name }}/{{ `{{ .Release.Namespace }}` }}/{{ `{{ .Release.Name }}` }}/values.gotmpl'
|
||||
- '../values/{{ .Environment.Name }}/{{ `{{ .Release.Namespace }}` }}/{{ `{{ .Release.Name }}` }}/values.gotmpl'
|
||||
env-secrets:
|
||||
secrets:
|
||||
- '{{ requiredEnv "PWD" }}/values/{{ .Environment.Name }}/{{ `{{ .Release.Namespace }}` }}/{{ `{{ .Release.Name }}` }}/secrets.yaml'
|
||||
- '../values/{{ .Environment.Name }}/{{ `{{ .Release.Namespace }}` }}/{{ `{{ .Release.Name }}` }}/secrets.yaml'
|
||||
# ----------------------------
|
||||
# -- Extensions
|
||||
# ----------------------------
|
||||
@ -68,7 +71,7 @@ templates:
|
||||
version: 2.0.0
|
||||
alias: traefik
|
||||
values:
|
||||
- '{{ requiredEnv "PWD" }}/values/common/values.tcp-route.yaml'
|
||||
- '../values/common/values.tcp-route.yaml'
|
||||
ext-udp-routes:
|
||||
dependencies:
|
||||
- chart: bedag/raw
|
||||
@ -125,7 +128,7 @@ templates:
|
||||
version: 2.0.0
|
||||
alias: ext-database
|
||||
values:
|
||||
- '{{ requiredEnv "PWD" }}/values/common/values.database.yaml'
|
||||
- '../values/common/values.database.yaml'
|
||||
ext-secret:
|
||||
dependencies:
|
||||
- chart: bedag/raw
|
||||
|
||||
@ -1,6 +0,0 @@
|
||||
bases:
|
||||
- ./common/environments.yaml
|
||||
- ./common/templates.yaml
|
||||
- ./helmfiles/base.yaml
|
||||
- ./helmfiles/system.yaml
|
||||
- ./helmfiles/platform.yaml
|
||||
26
helmfile.yaml.gotmpl
Normal file
26
helmfile.yaml.gotmpl
Normal file
@ -0,0 +1,26 @@
|
||||
---
|
||||
bases:
|
||||
- ./common/environments.yaml
|
||||
|
||||
---
|
||||
helmfiles:
|
||||
- path: ./helmfiles/base.yaml
|
||||
values:
|
||||
- kubeContext: "{{ .Environment.KubeContext }}"
|
||||
- {{ toYaml .Environment.Values | nindent 8 }}
|
||||
- path: ./helmfiles/system.yaml
|
||||
values:
|
||||
- kubeContext: "{{ .Environment.KubeContext }}"
|
||||
- {{ toYaml .Environment.Values | nindent 8 }}
|
||||
- path: ./helmfiles/platform.yaml
|
||||
values:
|
||||
- kubeContext: "{{ .Environment.KubeContext }}"
|
||||
- {{ toYaml .Environment.Values | nindent 8 }}
|
||||
- path: ./helmfiles/databases.yaml
|
||||
values:
|
||||
- kubeContext: "{{ .Environment.KubeContext }}"
|
||||
- {{ toYaml .Environment.Values | nindent 8 }}
|
||||
- path: ./helmfiles/applications.yaml
|
||||
values:
|
||||
- kubeContext: "{{ .Environment.KubeContext }}"
|
||||
- {{ toYaml .Environment.Values | nindent 8 }}
|
||||
28
helmfiles/applications.yaml
Normal file
28
helmfiles/applications.yaml
Normal file
@ -0,0 +1,28 @@
|
||||
bases:
|
||||
- ../common/templates.yaml
|
||||
|
||||
repositories:
|
||||
- name: gitea
|
||||
url: https://dl.gitea.io/charts/
|
||||
- name: bedag
|
||||
url: https://bedag.github.io/helm-charts/
|
||||
- name: minecraft
|
||||
url: https://itzg.github.io/minecraft-server-charts/
|
||||
|
||||
releases:
|
||||
- name: app-gitea
|
||||
chart: gitea/gitea
|
||||
version: 11.0.0
|
||||
namespace: org-badhouseplants
|
||||
inherit:
|
||||
- template: env-values
|
||||
- template: env-secrets
|
||||
|
||||
- name: minecraft
|
||||
chart: minecraft/minecraft
|
||||
namespace: games
|
||||
version: 4.26.1
|
||||
inherit:
|
||||
- template: common-values-tpl
|
||||
- template: env-values
|
||||
- template: env-secrets
|
||||
@ -1,7 +1,10 @@
|
||||
bases:
|
||||
- ../common/templates.yaml
|
||||
|
||||
releases:
|
||||
# -- This one must be executed with --take-ownership at least once
|
||||
- name: namespaces
|
||||
chart: ./charts/namespaces
|
||||
chart: ../charts/namespaces
|
||||
namespace: kube-system
|
||||
createNamespace: false
|
||||
inherit:
|
||||
@ -9,7 +12,7 @@ releases:
|
||||
- template: env-secrets
|
||||
|
||||
- name: roles
|
||||
chart: ./charts/roles
|
||||
chart: ../charts/roles
|
||||
namespace: kube-system
|
||||
createNamespace: false
|
||||
needs:
|
||||
|
||||
@ -1,12 +1,14 @@
|
||||
bases:
|
||||
- ../../common/environments.yaml
|
||||
- ../../common/templates.yaml
|
||||
- ../common/templates.yaml
|
||||
|
||||
repositories:
|
||||
- name: bitnami
|
||||
url: registry-1.docker.io/bitnamicharts
|
||||
oci: true
|
||||
- name: bedag
|
||||
url: https://bedag.github.io/helm-charts/
|
||||
commonLabels:
|
||||
installation: databases
|
||||
releases:
|
||||
- name: redis
|
||||
chart: bitnami/redis
|
||||
@ -14,8 +16,10 @@ releases:
|
||||
condition: redis.enabled
|
||||
version: 20.11.3
|
||||
inherit:
|
||||
- template: default-env-values
|
||||
- template: default-env-secrets
|
||||
- template: common-values-tpl
|
||||
- template: env-values
|
||||
- template: env-secrets
|
||||
|
||||
- name: postgres16
|
||||
labels:
|
||||
bundle: postgres
|
||||
@ -24,8 +28,10 @@ releases:
|
||||
condition: postgres16.enabled
|
||||
version: 15.5.38
|
||||
inherit:
|
||||
- template: default-env-values
|
||||
- template: default-env-secrets
|
||||
- template: common-values-tpl
|
||||
- template: env-values
|
||||
- template: env-secrets
|
||||
|
||||
- name: postgres17
|
||||
labels:
|
||||
bundle: postgres
|
||||
@ -34,5 +40,6 @@ releases:
|
||||
condition: postgres17.enabled
|
||||
version: 16.3.4
|
||||
inherit:
|
||||
- template: default-env-values
|
||||
- template: default-env-secrets
|
||||
- template: common-values-tpl
|
||||
- template: env-values
|
||||
- template: env-secrets
|
||||
@ -1,3 +1,6 @@
|
||||
bases:
|
||||
- ../common/templates.yaml
|
||||
|
||||
repositories:
|
||||
- name: keel
|
||||
url: https://keel-hq.github.io/keel/
|
||||
@ -7,11 +10,18 @@ repositories:
|
||||
url: https://kubernetes-sigs.github.io/external-dns/
|
||||
- name: minio-standalone
|
||||
url: https://charts.min.io/
|
||||
- name: db-operator
|
||||
url: https://db-operator.github.io/charts
|
||||
- name: zot
|
||||
url: https://zotregistry.dev/helm-charts/
|
||||
- name: goauthentik
|
||||
url: https://charts.goauthentik.io/
|
||||
- name: flux-community
|
||||
url: ghcr.io/fluxcd-community/charts
|
||||
oci: true
|
||||
releases:
|
||||
- name: external-dns
|
||||
chart: external-dns/external-dns
|
||||
labels:
|
||||
layer: platform
|
||||
version: 1.15.2
|
||||
namespace: platform
|
||||
inherit:
|
||||
@ -19,6 +29,13 @@ releases:
|
||||
- template: env-values
|
||||
- template: env-secrets
|
||||
|
||||
- name: flux2
|
||||
chart: flux-community/flux2
|
||||
version: 2.15.0
|
||||
namespace: flux-system
|
||||
inherit:
|
||||
- template: common-values-tpl
|
||||
|
||||
- name: keel
|
||||
chart: keel/keel
|
||||
version: v1.0.5
|
||||
@ -48,3 +65,44 @@ releases:
|
||||
- template: common-values-tpl
|
||||
- template: env-values
|
||||
- template: env-secrets
|
||||
|
||||
- name: db-operator
|
||||
namespace: platform
|
||||
chart: db-operator/db-operator
|
||||
version: 1.34.0
|
||||
inherit:
|
||||
- template: common-values-tpl
|
||||
|
||||
- name: db-instances
|
||||
chart: db-operator/db-instances
|
||||
namespace: platform
|
||||
needs:
|
||||
- platform/db-operator
|
||||
version: 2.4.0
|
||||
inherit:
|
||||
- template: env-values
|
||||
- template: env-secrets
|
||||
|
||||
- name: zot
|
||||
chart: zot/zot
|
||||
version: 0.1.67
|
||||
namespace: platform
|
||||
condition: workload.enabled
|
||||
inherit:
|
||||
- template: common-values-tpl
|
||||
- template: env-values
|
||||
- template: env-secrets
|
||||
|
||||
- name: authentik
|
||||
chart: goauthentik/authentik
|
||||
version: 2025.2.2
|
||||
namespace: platform
|
||||
createNamespace: false
|
||||
condition: workload.enabled
|
||||
needs:
|
||||
- platform/db-operator
|
||||
inherit:
|
||||
- template: common-values-tpl
|
||||
- template: env-values
|
||||
- template: env-secrets
|
||||
- template: ext-database
|
||||
|
||||
@ -1,3 +1,6 @@
|
||||
bases:
|
||||
- ../common/templates.yaml
|
||||
|
||||
repositories:
|
||||
- name: coredns
|
||||
url: https://coredns.github.io/helm
|
||||
@ -54,7 +57,7 @@ releases:
|
||||
- template: common-values-tpl
|
||||
|
||||
- name: issuer
|
||||
chart: ./charts/issuer
|
||||
chart: ../charts/issuer
|
||||
namespace: kube-system
|
||||
missingFileHandler: Warn
|
||||
needs:
|
||||
@ -85,7 +88,7 @@ releases:
|
||||
- kyverno/kyverno
|
||||
|
||||
- name: custom-kyverno-policies
|
||||
chart: ./kustomizations/kyverno/{{ .Environment.Name }}
|
||||
chart: ../kustomizations/kyverno/{{ .Environment.Name }}
|
||||
namespace: kyverno
|
||||
needs:
|
||||
- kyverno/kyverno
|
||||
@ -102,7 +105,7 @@ releases:
|
||||
- template: common-values-tpl
|
||||
|
||||
- name: metallb-resources
|
||||
chart: ./charts/metallb-resources
|
||||
chart: ../charts/metallb-resources
|
||||
version: 2.0.0
|
||||
condition: base.enabled
|
||||
namespace: kube-system
|
||||
@ -154,7 +157,7 @@ releases:
|
||||
- name: velero
|
||||
chart: vmware-tanzu/velero
|
||||
namespace: velero
|
||||
version: 8.5.0
|
||||
version: 8.7.0
|
||||
condition: velero.enabled
|
||||
inherit:
|
||||
- template: common-values-tpl
|
||||
@ -163,7 +166,6 @@ releases:
|
||||
|
||||
- name: istio-base
|
||||
chart: istio/base
|
||||
condition: istio.enabled
|
||||
namespace: istio-system
|
||||
version: 1.25.1
|
||||
inherit:
|
||||
@ -171,7 +173,6 @@ releases:
|
||||
|
||||
- name: istiod
|
||||
chart: istio/istiod
|
||||
condition: istio.enabled
|
||||
namespace: istio-system
|
||||
version: 1.25.1
|
||||
inherit:
|
||||
|
||||
@ -16,17 +16,6 @@ repositories:
|
||||
# url: git+https://gitea.badhouseplants.net/badhouseplants/open-strike-2.git@helm?ref=main
|
||||
|
||||
releases:
|
||||
- name: gitea
|
||||
chart: gitea/gitea
|
||||
version: 11.0.0
|
||||
namespace: applications
|
||||
installed: false
|
||||
inherit:
|
||||
- template: default-env-values
|
||||
- template: default-env-secrets
|
||||
- template: ext-database
|
||||
- template: ext-tcp-routes
|
||||
|
||||
- name: app-vaultwarden
|
||||
chart: allangers-charts/vaultwarden
|
||||
version: 3.1.1
|
||||
@ -43,16 +32,6 @@ releases:
|
||||
- template: env-values
|
||||
- template: env-secrets
|
||||
|
||||
- name: app-tandoor-recipes
|
||||
installed: false
|
||||
chart: allangers-charts/tandoor-recipes
|
||||
version: 0.2.0
|
||||
namespace: org-badhouseplants
|
||||
inherit:
|
||||
- template: env-values
|
||||
- template: env-secrets
|
||||
- template: ext-database
|
||||
|
||||
- name: app-tandoor-recipes
|
||||
chart: allangers-charts/tandoor-recipes
|
||||
version: 0.2.0
|
||||
@ -78,14 +57,6 @@ releases:
|
||||
- template: env-values
|
||||
- template: env-secrets
|
||||
|
||||
- name: app-gitea
|
||||
chart: gitea/gitea
|
||||
version: 11.0.0
|
||||
namespace: org-badhouseplants
|
||||
inherit:
|
||||
- template: env-values
|
||||
- template: env-secrets
|
||||
|
||||
- name: server-xray-public
|
||||
chart: allangers-charts/server-xray
|
||||
namespace: public-xray
|
||||
@ -99,7 +70,7 @@ releases:
|
||||
|
||||
- name: server-xray-public-edge
|
||||
chart: allangers-charts/server-xray
|
||||
installed: true
|
||||
installed: false
|
||||
namespace: public-xray
|
||||
version: 0.6.0
|
||||
inherit:
|
||||
|
||||
@ -27,6 +27,14 @@ releases:
|
||||
- template: default-env-values
|
||||
- template: default-env-secrets
|
||||
|
||||
- name: memos
|
||||
chart: allangers-charts/memos
|
||||
version: 0.3.0
|
||||
namespace: applications
|
||||
inherit:
|
||||
- template: default-env-values
|
||||
|
||||
|
||||
- name: external-service-xray
|
||||
chart: ../../kustomizations/external-service-xray
|
||||
installed: true
|
||||
|
||||
@ -1,23 +0,0 @@
|
||||
bases:
|
||||
- ../../common/environments.yaml
|
||||
- ../../common/templates.yaml
|
||||
repositories:
|
||||
- name: allangers-charts
|
||||
url: ghcr.io/allanger/allangers-charts
|
||||
oci: true
|
||||
releases:
|
||||
- name: server-xray-public
|
||||
chart: allangers-charts/server-xray
|
||||
namespace: public-xray
|
||||
version: 0.6.0
|
||||
inherit:
|
||||
- template: default-env-secrets
|
||||
- template: default-env-values
|
||||
- template: ext-self-signed-cert
|
||||
- name: promtail
|
||||
chart: grafana/promtail
|
||||
namespace: promtail
|
||||
version: 6.16.6
|
||||
inherit:
|
||||
- template: default-env-values
|
||||
- template: default-env-secrets
|
||||
@ -1,16 +0,0 @@
|
||||
bases:
|
||||
- ../../common/environments.yaml
|
||||
- ../../common/templates.yaml
|
||||
repositories:
|
||||
- name: allangers-charts
|
||||
url: ghcr.io/allanger/allangers-charts
|
||||
oci: true
|
||||
releases:
|
||||
- name: server-xray-public
|
||||
chart: allangers-charts/server-xray
|
||||
namespace: public-xray
|
||||
version: 0.6.0
|
||||
inherit:
|
||||
- template: default-env-secrets
|
||||
- template: default-env-values
|
||||
- template: ext-self-signed-cert
|
||||
@ -1,9 +0,0 @@
|
||||
bases:
|
||||
- ../../common/environments.yaml
|
||||
- ../../common/templates.yaml
|
||||
repositories:
|
||||
- name: argo
|
||||
url: https://argoproj.github.io/argo-helm
|
||||
releases:
|
||||
- name: badhouseplants
|
||||
namespace: platform
|
||||
@ -13,16 +13,7 @@ releases:
|
||||
- name: minecraft
|
||||
chart: minecraft/minecraft
|
||||
namespace: games
|
||||
version: 4.25.1
|
||||
inherit:
|
||||
- template: ext-tcp-routes
|
||||
- template: default-env-values
|
||||
- template: default-env-secrets
|
||||
|
||||
- name: team-fortress-2
|
||||
chart: allangers-charts/team-fortress-2
|
||||
namespace: team-fortress-2
|
||||
version: 0.1.2
|
||||
version: 4.26.1
|
||||
inherit:
|
||||
- template: ext-tcp-routes
|
||||
- template: default-env-values
|
||||
|
||||
@ -20,15 +20,15 @@ releases:
|
||||
- name: renovate-gitea
|
||||
chart: renovate/renovate
|
||||
namespace: pipelines
|
||||
version: 39.227.2
|
||||
version: 39.236.0
|
||||
inherit:
|
||||
- template: default-env-values
|
||||
- template: default-env-secrets
|
||||
- name: renovate-github
|
||||
chart: renovate/renovate
|
||||
installed: false
|
||||
installed: true
|
||||
namespace: pipelines
|
||||
version: 39.227.2
|
||||
version: 39.236.0
|
||||
inherit:
|
||||
- template: default-env-values
|
||||
- template: default-env-secrets
|
||||
|
||||
@ -1,119 +0,0 @@
|
||||
bases:
|
||||
- ../../common/environments.yaml
|
||||
- ../../common/templates.yaml
|
||||
|
||||
repositories:
|
||||
- name: argo
|
||||
url: https://argoproj.github.io/argo-helm
|
||||
- name: db-operator
|
||||
url: https://db-operator.github.io/charts
|
||||
- name: zot
|
||||
url: https://zotregistry.dev/helm-charts/
|
||||
- name: bedag
|
||||
url: https://bedag.github.io/helm-charts/
|
||||
- name: crossplane-stable
|
||||
url: https://charts.crossplane.io/stable
|
||||
- name: goauthentik
|
||||
url: https://charts.goauthentik.io/
|
||||
- name: minio-standalone
|
||||
url: https://charts.min.io/
|
||||
- name: kyverno
|
||||
url: https://kyverno.github.io/kyverno/
|
||||
- name: external-dns
|
||||
url: https://kubernetes-sigs.github.io/external-dns/
|
||||
- name: keel
|
||||
url: https://keel-hq.github.io/keel/
|
||||
- name: uptime-kuma
|
||||
url: https://helm.irsigler.cloud
|
||||
|
||||
releases:
|
||||
- name: db-operator
|
||||
namespace: platform
|
||||
chart: db-operator/db-operator
|
||||
version: 1.34.0
|
||||
|
||||
- name: db-instances
|
||||
chart: db-operator/db-instances
|
||||
namespace: platform
|
||||
needs:
|
||||
- platform/db-operator
|
||||
version: 2.4.0
|
||||
inherit:
|
||||
- template: default-env-values
|
||||
- template: default-env-secrets
|
||||
|
||||
- name: zot
|
||||
chart: zot/zot
|
||||
version: 0.1.67
|
||||
createNamespace: false
|
||||
installed: true
|
||||
namespace: platform
|
||||
condition: workload.enabled
|
||||
inherit:
|
||||
- template: default-env-values
|
||||
- template: default-env-secrets
|
||||
|
||||
- name: authentik
|
||||
chart: goauthentik/authentik
|
||||
version: 2025.2.2
|
||||
namespace: platform
|
||||
createNamespace: false
|
||||
condition: workload.enabled
|
||||
needs:
|
||||
- platform/db-operator
|
||||
inherit:
|
||||
- template: default-env-values
|
||||
- template: default-env-secrets
|
||||
- template: ext-database
|
||||
|
||||
- name: minio
|
||||
chart: minio-standalone/minio
|
||||
version: 5.4.0
|
||||
namespace: platform
|
||||
inherit:
|
||||
- template: default-env-values
|
||||
- template: default-env-secrets
|
||||
|
||||
- name: kyverno
|
||||
chart: kyverno/kyverno
|
||||
namespace: kyverno
|
||||
labels:
|
||||
bootstrap: true
|
||||
version: 3.3.7
|
||||
|
||||
- name: kyverno-policies
|
||||
chart: kyverno/kyverno-policies
|
||||
namespace: kyverno
|
||||
labels:
|
||||
bootstrap: true
|
||||
version: 3.3.4
|
||||
needs:
|
||||
- kyverno/kyverno
|
||||
|
||||
- name: custom-kyverno-policies
|
||||
chart: "../../kustomizations/kyverno/{{ .Environment.Name }}"
|
||||
namespace: kyverno
|
||||
labels:
|
||||
bootstrap: true
|
||||
needs:
|
||||
- kyverno/kyverno
|
||||
|
||||
- name: external-dns
|
||||
chart: external-dns/external-dns
|
||||
version: 1.15.2
|
||||
namespace: platform
|
||||
inherit:
|
||||
- template: default-env-values
|
||||
- template: default-env-secrets
|
||||
|
||||
- name: keel
|
||||
chart: keel/keel
|
||||
version: v1.0.5
|
||||
namespace: platform
|
||||
|
||||
- name: uptime-kuma
|
||||
chart: uptime-kuma/uptime-kuma
|
||||
version: 2.21.2
|
||||
namespace: platform
|
||||
inherit:
|
||||
- template: default-env-values
|
||||
@ -1,52 +0,0 @@
|
||||
bases:
|
||||
- ../../common/environments.yaml
|
||||
- ../../common/templates.yaml
|
||||
|
||||
repositories:
|
||||
- name: bedag
|
||||
url: https://bedag.github.io/helm-charts/
|
||||
- name: metrics-server
|
||||
url: https://kubernetes-sigs.github.io/metrics-server/
|
||||
- name: jetstack
|
||||
url: https://charts.jetstack.io
|
||||
- name: metallb
|
||||
url: https://metallb.github.io/metallb
|
||||
- name: traefik
|
||||
url: https://traefik.github.io/charts
|
||||
- name: coredns
|
||||
url: https://coredns.github.io/helm
|
||||
- name: cilium
|
||||
url: https://helm.cilium.io/
|
||||
- name: local-path-provisioner
|
||||
url: git+https://github.com/rancher/local-path-provisioner@deploy/chart?ref=master
|
||||
- name: istio
|
||||
url: https://istio-release.storage.googleapis.com/charts
|
||||
- name: zot
|
||||
url: https://zotregistry.dev/helm-charts/
|
||||
|
||||
releases:
|
||||
- name: istio-base
|
||||
chart: istio/base
|
||||
condition: istio.enabled
|
||||
namespace: istio-system
|
||||
inherit:
|
||||
- template: crd-management-hook
|
||||
|
||||
- name: istio-ingressgateway
|
||||
chart: istio/gateway
|
||||
condition: istio.enabled
|
||||
installed: false
|
||||
namespace: istio-system
|
||||
needs:
|
||||
- istio-system/istio-base
|
||||
inherit:
|
||||
- template: default-env-values
|
||||
|
||||
- name: istiod
|
||||
chart: istio/istiod
|
||||
condition: istio.enabled
|
||||
namespace: istio-system
|
||||
inherit:
|
||||
- template: default-env-values
|
||||
needs:
|
||||
- istio-system/istio-base
|
||||
@ -37,22 +37,22 @@ spec:
|
||||
storageClassName: openebs-hostpath
|
||||
accessModes:
|
||||
- ReadWriteOnce
|
||||
- name: remove-unwanted-annotations
|
||||
match:
|
||||
any:
|
||||
- resources:
|
||||
kinds:
|
||||
- PersistentVolumeClaim
|
||||
namespaces:
|
||||
- games
|
||||
mutate:
|
||||
patchesJson6902: |-
|
||||
- path: "/metadata/annotations/volume.beta.kubernetes.io~1storage-class"
|
||||
op: replace
|
||||
value: openebs-hostpath
|
||||
- path: "/metadata/annotations/volume.beta.kubernetes.io~1storage-provisioner"
|
||||
op: replace
|
||||
value: openebs.io/local
|
||||
- path: "/metadata/annotations/volume.kubernetes.io~1storage-provisioner"
|
||||
op: replace
|
||||
value: openebs.io/local
|
||||
#- name: remove-unwanted-annotations
|
||||
# match:
|
||||
# any:
|
||||
# - resources:
|
||||
# kinds:
|
||||
# - PersistentVolumeClaim
|
||||
# namespaces:
|
||||
# - games
|
||||
# mutate:
|
||||
# patchesJson6902: |-
|
||||
# - path: "/metadata/annotations/volume.beta.kubernetes.io~1storage-class"
|
||||
# op: replace
|
||||
# value: openebs-hostpath
|
||||
# - path: "/metadata/annotations/volume.beta.kubernetes.io~1storage-provisioner"
|
||||
# op: replace
|
||||
# value: openebs.io/local
|
||||
# - path: "/metadata/annotations/volume.kubernetes.io~1storage-provisioner"
|
||||
# op: replace
|
||||
# value: openebs.io/local
|
||||
|
||||
@ -9,7 +9,7 @@ metrics:
|
||||
primary:
|
||||
persistence:
|
||||
size: 2Gi
|
||||
resources:
|
||||
resources:
|
||||
limits:
|
||||
ephemeral-storage: 1Gi
|
||||
memory: 512Mi
|
||||
@ -1,33 +1,15 @@
|
||||
service-account:
|
||||
enabled: true
|
||||
resources:
|
||||
- name: minecraft-exporter
|
||||
label:
|
||||
app: minecraft-minecraft-metrics
|
||||
endpoints:
|
||||
port: metrics
|
||||
traefik:
|
||||
enabled: true
|
||||
tcpRoutes:
|
||||
- name: minecraft-tcp
|
||||
entrypoint: minecraft
|
||||
gateway: istio-system/badhouseplants-minecraft
|
||||
match: HostSNI(`*`)
|
||||
service: minecraft-minecraft
|
||||
port: 25565
|
||||
# --------------------------------------------------
|
||||
# -- Main values
|
||||
# --------------------------------------------------
|
||||
image:
|
||||
#tag: java21-graalvm
|
||||
tag: java21-jdk
|
||||
tag: java23-graalvm
|
||||
pullPolicy: Always
|
||||
resources:
|
||||
requests:
|
||||
memory: 3.5Gi
|
||||
memory: 2.5Gi
|
||||
cpu: 2.5
|
||||
limits:
|
||||
memory: 3.5Gi
|
||||
memory: 2.5Gi
|
||||
lifecycle:
|
||||
postStart:
|
||||
- bash
|
||||
@ -52,32 +34,23 @@ readinessProbe:
|
||||
successThreshold: 1
|
||||
timeoutSeconds: 20
|
||||
minecraftServer:
|
||||
memory: 3000M
|
||||
memory: 2000M
|
||||
jvmOpts: |
|
||||
-server
|
||||
jvmXXOpts: |
|
||||
-Xms3000G -Xmx3500G -XX:+UseG1GC -XX:+UnlockExperimentalVMOptions -XX:G1NewSizePercent=20 -XX:G1ReservePercent=20 -XX:MaxGCPauseMillis=50 -XX:G1HeapRegionSize=32M
|
||||
-Xms2000G -Xmx2500G -XX:+UseG1GC -XX:+UnlockExperimentalVMOptions -XX:G1NewSizePercent=20 -XX:G1ReservePercent=20 -XX:MaxGCPauseMillis=50 -XX:G1HeapRegionSize=32M
|
||||
overrideServerProperties: true
|
||||
eula: "TRUE"
|
||||
onlineMode: false
|
||||
difficulty: hard
|
||||
hardcore: true
|
||||
version: "1.21.1"
|
||||
version: "1.21.4"
|
||||
maxWorldSize: 90000
|
||||
type: "FABRIC"
|
||||
gameMode: survival
|
||||
pvp: true
|
||||
modUrls: []
|
||||
serviceType: NodePort
|
||||
#- https://github.com/CaffeineMC/lithium-fabric/releases/download/mc1.20.1-0.11.2/lithium-fabric-mc1.20.1-0.11.2-api.jar
|
||||
#- https://github.com/CaffeineMC/sodium-fabric/releases/download/mc1.20.1-0.5.11/sodium-fabric-0.5.11+mc1.20.1.jar
|
||||
#- https://github.com/CaffeineMC/lithium-fabric/releases/download/mc1.20.1-0.11.2/lithium-fabric-mc1.20.1-0.11.2.jar
|
||||
#pluginUrls:
|
||||
# - https://github.com/dmulloy2/ProtocolLib/releases/download/5.2.0/ProtocolLib.jar
|
||||
# - https://mediafilez.forgecdn.net/files/3789/833/GravityControl-2.0.0.jar
|
||||
# - https://mediafilez.forgecdn.net/files/3151/915/CrackShot.jar
|
||||
# - https://s3.badhouseplants.net/public-download/MechanicsCore-3.4.8.jar
|
||||
# - https://s3.badhouseplants.net/public-download/WeaponMechanics-3.4.9.jar
|
||||
rcon:
|
||||
enabled: true
|
||||
withGeneratedPassword: false
|
||||
@ -85,7 +58,7 @@ minecraftServer:
|
||||
serviceType: ClusterIP
|
||||
extraPorts:
|
||||
- name: metrics
|
||||
containerPort: 9225
|
||||
containerPort: 19565
|
||||
protocol: TCP
|
||||
service:
|
||||
enabled: true
|
||||
@ -93,12 +66,11 @@ minecraftServer:
|
||||
labels:
|
||||
exporter: minecraft
|
||||
type: ClusterIP
|
||||
port: 9925
|
||||
port: 19565
|
||||
ingress:
|
||||
enabled: false
|
||||
persistence:
|
||||
storageClass: openebs-hostpath
|
||||
#storageClass: local-path
|
||||
dataDir:
|
||||
enabled: true
|
||||
Size: 9Gi
|
||||
@ -121,35 +93,6 @@ mcbackup:
|
||||
persistence:
|
||||
backupDir:
|
||||
enabled: false
|
||||
# ---------------------------------------------
|
||||
# -- Install Plugins
|
||||
# ---------------------------------------------
|
||||
initContainers:
|
||||
- name: 0-download-mods
|
||||
image: alpine/curl
|
||||
command:
|
||||
- curl
|
||||
- -L
|
||||
- "https://s3.badhouseplants.net/minecraft-mods/server_mods.tar"
|
||||
- -o
|
||||
- /download/server_mods.tar
|
||||
volumeMounts:
|
||||
- name: download
|
||||
mountPath: /download
|
||||
readOnly: false
|
||||
- name: 1-copy-plugins-to-minecraft
|
||||
image: ubuntu
|
||||
command:
|
||||
- sh
|
||||
- -c
|
||||
- cd /mods && tar -xvf /download/server_mods.tar || true
|
||||
volumeMounts:
|
||||
- name: plugins
|
||||
mountPath: /mods
|
||||
readOnly: false
|
||||
- name: download
|
||||
mountPath: /download
|
||||
readOnly: false
|
||||
extraVolumes:
|
||||
- volumeMounts:
|
||||
- name: plugins
|
||||
@ -162,3 +105,36 @@ extraVolumes:
|
||||
- name: download
|
||||
emptyDir:
|
||||
sizeLimit: 500Mi
|
||||
extraDeploy:
|
||||
- |-
|
||||
apiVersion: monitoring.coreos.com/v1
|
||||
kind: ServiceMonitor
|
||||
metadata:
|
||||
name: minecraft
|
||||
spec:
|
||||
endpoints:
|
||||
- interval: 30s
|
||||
port: metrics
|
||||
scrapeTimeout: 10s
|
||||
path: '/'
|
||||
namespaceSelector:
|
||||
matchNames:
|
||||
- games
|
||||
selector:
|
||||
matchLabels:
|
||||
app.kubernetes.io/instance: minecraft
|
||||
- |-
|
||||
apiVersion: traefik.io/v1alpha1
|
||||
kind: IngressRouteTCP
|
||||
metadata:
|
||||
name: minecraft-tcp
|
||||
spec:
|
||||
entryPoints:
|
||||
- minecraft
|
||||
routes:
|
||||
- match: HostSNI(`*`)
|
||||
services:
|
||||
- name: minecraft
|
||||
nativeLB: true
|
||||
port: 25565
|
||||
|
||||
@ -1,13 +1,19 @@
|
||||
namespaces:
|
||||
- name: registry
|
||||
- name: flux-system
|
||||
defaultRegcred: true
|
||||
- name: kube-system
|
||||
defaultRegcred: true
|
||||
- name: production
|
||||
defaultRegcred: true
|
||||
- name: kyverno
|
||||
defaultRegcred: true
|
||||
- name: velero
|
||||
defaultRegcred: true
|
||||
- name: observability
|
||||
defaultRegcred: true
|
||||
- name: databases
|
||||
defaultRegcred: true
|
||||
- name: istio-system
|
||||
defaultRegcred: true
|
||||
- name: applications
|
||||
@ -17,10 +23,15 @@ namespaces:
|
||||
- name: platform
|
||||
defaultRegcred: true
|
||||
- name: games
|
||||
- name: team-fortress-2
|
||||
defaultRegcred: true
|
||||
- name: pipelines
|
||||
defaultRegcred: true
|
||||
- name: public-xray
|
||||
defaultRegcred: true
|
||||
labels:
|
||||
istio-injection: disabled
|
||||
- name: org-badhouseplants
|
||||
defaultRegcred: true
|
||||
- name: org-allanger
|
||||
labels:
|
||||
istio-injection: enabled
|
||||
|
||||
@ -41,8 +41,7 @@ gitea:
|
||||
metrics:
|
||||
enabled: true
|
||||
serviceMonitor:
|
||||
# -- TODO(@allanger): Enable it once prometheus is configured
|
||||
enabled: false
|
||||
enabled: true
|
||||
config:
|
||||
database:
|
||||
DB_TYPE: postgres
|
||||
@ -66,6 +65,7 @@ gitea:
|
||||
LFS_START_SERVER: true
|
||||
LANDING_PAGE: explore
|
||||
START_SSH_SERVER: true
|
||||
ENABLE_PPROF: true
|
||||
storage:
|
||||
STORAGE_TYPE: minio
|
||||
MINIO_ENDPOINT: "s3.badhouseplants.net:443"
|
||||
|
||||
@ -50,13 +50,14 @@ extraVolumes:
|
||||
emptyDir: {}
|
||||
ingress:
|
||||
main:
|
||||
annotations:
|
||||
cert-manager.io/cluster-issuer: badhouseplants-issuer-http01
|
||||
kubernetes.io/ingress.allow-http: "false"
|
||||
kubernetes.io/ingress.class: traefik
|
||||
kubernetes.io/ingress.global-static-ip-name: ""
|
||||
kubernetes.io/tls-acme: "true"
|
||||
traefik.ingress.kubernetes.io/router.entrypoints: web,websecure
|
||||
metadata:
|
||||
annotations:
|
||||
cert-manager.io/cluster-issuer: badhouseplants-issuer-http01
|
||||
kubernetes.io/ingress.allow-http: "false"
|
||||
kubernetes.io/ingress.class: traefik
|
||||
kubernetes.io/ingress.global-static-ip-name: ""
|
||||
kubernetes.io/tls-acme: "true"
|
||||
traefik.ingress.kubernetes.io/router.entrypoints: web,websecure
|
||||
config:
|
||||
files:
|
||||
config:
|
||||
|
||||
@ -1,31 +1,26 @@
|
||||
config:
|
||||
env:
|
||||
secrets:
|
||||
enabled: ENC[AES256_GCM,data:C4TSoQ==,iv:kG2QtaNWHSc2sdhzo8HnMnPE0Mixqs1dvFsAcke/Gw4=,tag:HhbVmIw5RQ9hipQqZ5J2pw==,type:bool]
|
||||
sensitive: ENC[AES256_GCM,data:0wVOUg==,iv:FGxAd9h2e0LeWukZR/THhCscF3FWoK4dnkrX1mqSC+A=,tag:0rpeedT6x2V79WB5xRNbuA==,type:bool]
|
||||
enabled: ENC[AES256_GCM,data:bai2CQ==,iv:NG7q1ZsDpCW9Lu00fGsibpTEHGtew+l5TFOLOpljlwU=,tag:Z2/fXmsEEqhDzCdTWS/Qhw==,type:bool]
|
||||
sensitive: ENC[AES256_GCM,data:n+dNXA==,iv:iFM0+5G5Bsw4NI+JH1vMMrty3Zo0El0HE9F6PEDsJrY=,tag:EcbzQHVeOHVLVC7kgaRPXw==,type:bool]
|
||||
data:
|
||||
SMTP_USERNAME: ENC[AES256_GCM,data:82zb,iv:Z89+Wt6jGMQTZ73ghk1Ey504WYt2Li9XQ2gaH0SB8tI=,tag:RmqHxghik75E9LAABzyVxA==,type:str]
|
||||
ADMIN_PASSWORD: ENC[AES256_GCM,data:ELi8dtNa/OhQKgrXbrgwHK95ntZjyzRSvQ==,iv:IVZbXZlFyCRMc3bW81Ak9UdjeGke0px9mGqrmaW7EHk=,tag:9xli08c0pqnxu2ktTbCMcg==,type:str]
|
||||
ADMIN_TOKEN: ENC[AES256_GCM,data:CAAalqRcu9vsM1bjC76enJCSX/tc7yOd48mxGV0d5rTFxQz08b4JVhKyMzl7BRog7+PMtJkkTnRIXZHgj31FqhRylmHyuAn3iPc=,iv:PpZvZMhOEt6ecdkBcvAOSz+eZktPAzaAlYNjBSgiN/w=,tag:apHKw66HG7TYnpBNVyM7xA==,type:str]
|
||||
SMTP_USERNAME: ENC[AES256_GCM,data:eQ4c,iv:4vX/ioHWEA6DzMwZ+23dgUN4PJ7Asz7bbufG5Fy80iI=,tag:1Mq0Hj/23T4fvGEXuNUtxA==,type:str]
|
||||
ADMIN_PASSWORD: ENC[AES256_GCM,data:B08urSqwYgekI6I5LDYGHbPK5n3r+woRZw==,iv:K2O9aSJLRMbK+N2lfX4ojSqhbmb9KbWsuW2DtYZHCOA=,tag:Qz0OJ7aWwC+/9d1oc38ySw==,type:str]
|
||||
ADMIN_TOKEN: ENC[AES256_GCM,data:sKVugfrrR9L5LtozHPibGiPULiwv8pAot925Z/rQ0V/mW+DVvNPEw4odgfX596Ddmd8oV5zo5Mz8WIPUCmrVmfdoz+3YzVywEy8=,iv:npthfz4xcW6fF10RhHCF6uXH/6526l3gjZGRu+Xpylg=,tag:vsPsRZ7EIQ7FMvqJga3hhg==,type:str]
|
||||
DATABASE_URL: null
|
||||
SMTP_PASSWORD: ENC[AES256_GCM,data:g212PzN9/4hxBKMAWFNiR0qAnPPK/tkffg==,iv:1l6dikIQGSjznW9MsaCTdz0wLJmAhiL0ZOdN2J4Q0yA=,tag:tNbPdORUa6IBWgh0HHaNjA==,type:str]
|
||||
SMTP_PASSWORD: ENC[AES256_GCM,data:quvcZQKauXeW+l8xkYgVBElBQveoRWKDBA==,iv:KpQH+Ef87jl/M9XpBtIKNhn7ATHoV+Jgjpzg2Li28Kg=,tag:jniePrO7UVp/cz/eIh19mg==,type:str]
|
||||
sops:
|
||||
kms: []
|
||||
gcp_kms: []
|
||||
azure_kv: []
|
||||
hc_vault: []
|
||||
age:
|
||||
- recipient: age1vzkv97n2p7gfkw8dyx8ctz2kumattz89th2jq47zyjyrarmnssysdkw9v8
|
||||
enc: |
|
||||
-----BEGIN AGE ENCRYPTED FILE-----
|
||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBoLys3dkJDK2lrQ0d4ZlJi
|
||||
eFRTSmx1RUtZRnpxdkNvVFFCeXl6dDcvWXdvCitoNkcwVFFxRVJ6dkNUbGVPb1pU
|
||||
b3E4ZjZibFF6QytNdUhXNDFLZXRpSEUKLS0tIHpZTmFXNnptVzJmZFhIU2haRWhR
|
||||
UjNEN1BlREFVak1xdmQzaFY1dHVyM3cKuvMIrQUL1cuw3Odz/Cv+kZV9ZZzBozSW
|
||||
XimhDSkxNrH5OsGC1Jxz/8JOv8abBs4NROzffVdyqtZZzXOLzw3mJQ==
|
||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBGNnFwbWFpTWgxRk45S240
|
||||
cVI5ekJXdVIwaG5NcGRPa2xTN2pFV2tyN1JBClNVMGhNL2FaM2pCK0sxbjgyalJN
|
||||
MnpQeHBxY2RtWkI2c1htV3oyQmNnbVUKLS0tIGg4ZXNwaFRKNTlIRDluT3k0VDRD
|
||||
Y3pIaEdFb1JwMnVrYnJ4UkpWMERmZFUKa45EvUqkvjaL85xh3gyxTeJ02IxPJf9a
|
||||
TGjAvpjBrym9v++OrHn2otw1NOeZwSP1hmSCc+sa6/0yFqcU031xjQ==
|
||||
-----END AGE ENCRYPTED FILE-----
|
||||
lastmodified: "2025-03-02T08:58:16Z"
|
||||
mac: ENC[AES256_GCM,data:px+D6tlAZU6GzlE8/jLc0BaPyRwsfE1jRROy2mX7bhFTIW3lZqt/zangO46fFH5hXZjY5wLNIktCDbawIbUFwAp0vrmXxctZoAftl9hpdtW6ann3yfyv3pdcs7/BKu3s5QUswx6D13iLU0dvzyG4vGcQNmKpxuPQYLuDp2o74hM=,iv:2Y+wsS7QcgQ/8umZ+a21QjU25Yq24Y7UWjXVy9Gmvoo=,tag:APVtby5NCOQxrPAjIbMJ+w==,type:str]
|
||||
pgp: []
|
||||
lastmodified: "2025-04-01T10:29:47Z"
|
||||
mac: ENC[AES256_GCM,data:VmYotoR4BJJv2mZ+kt+NNn+oXLKWHed0o/TkJO93/4eLUm8Wg9SPMA1ZYYe9YRfgbIhYxPlQbPPKQBv95XeOS1FFL24VyenTTP3TXWroeXxOWubko/Fp88U3glJXs5jfL5DLYKvGwTXG3tchFDwH9m6QOABX+aRxvNBEP5zXUxs=,iv:HMzuvl8YCPj9ZA5tKfExQfSbvwu4IEHz6sMLAe8g7vo=,tag:lI2fh1b7prHsBS8Snrbdtw==,type:str]
|
||||
unencrypted_suffix: _unencrypted
|
||||
version: 3.9.4
|
||||
version: 3.10.0
|
||||
|
||||
@ -14,10 +14,10 @@ ext-database:
|
||||
database: "{{ .Database }}"
|
||||
authentik:
|
||||
email:
|
||||
host: email.badhouseplants.net
|
||||
host: stalwart.badhouseplants.net
|
||||
port: 587
|
||||
username: bot@badhouseplants.net
|
||||
use_tls: false
|
||||
use_tls: true
|
||||
use_ssl: false
|
||||
timeout: 30
|
||||
from: bot@badhouseplants.net
|
||||
@ -26,7 +26,6 @@ authentik:
|
||||
user: file:///postgres-creds/username
|
||||
password: file:///postgres-creds/password
|
||||
name: file:///postgres-creds/database
|
||||
secret_key: "2Scv6ivCfV6uGRTx9Kg5CYJ2KjBRHpR8GqSBearnBYvBFZBwR7"
|
||||
# This sends anonymous usage-data, stack traces on errors and
|
||||
# performance data to authentik.error-reporting.a7k.io, and is fully opt-in
|
||||
error_reporting:
|
||||
29
values/badhouseplants/platform/db-instances/secrets.yaml
Normal file
29
values/badhouseplants/platform/db-instances/secrets.yaml
Normal file
@ -0,0 +1,29 @@
|
||||
dbinstances:
|
||||
postgres16:
|
||||
secrets:
|
||||
adminUser: ENC[AES256_GCM,data:uuu/xvwJkHk=,iv:Pk+i8bf7AeeG9wKVh1RDJy7Dt3r5b1UKy4SJijlZfq0=,tag:QO3gwYXAG0sBBuHcKfTNQg==,type:str]
|
||||
adminPassword: ENC[AES256_GCM,data:tjWATjuJT+C97D4TLQgk55BZOwVv,iv:1MWYtksmrEBQtOdGvtc6MZyLP4yBKA88eIpQ4mZCULM=,tag:3hOlT5n2Wd81ebxeEgW5tw==,type:str]
|
||||
postgres17:
|
||||
secrets:
|
||||
adminUser: ENC[AES256_GCM,data:4w2EItIM++Q=,iv:cQLryeBskm2Y9OlbMFgQEWEBi7z/VxucLWbwZXsRtto=,tag:Ir2Q7KZv/sSDdA1MX/Niqw==,type:str]
|
||||
adminPassword: ENC[AES256_GCM,data:wHUL2p8CXYwoEFu3ffCCsQO9xn/GqOZ6JPrcHKzy,iv:khoogPPFHSd+4xyp+jf1w0RfOUgrKzAmFjLnisQ8HXU=,tag:GRnkCQ0uOlUt2AiEAceFRQ==,type:str]
|
||||
sops:
|
||||
kms: []
|
||||
gcp_kms: []
|
||||
azure_kv: []
|
||||
hc_vault: []
|
||||
age:
|
||||
- recipient: age1vzkv97n2p7gfkw8dyx8ctz2kumattz89th2jq47zyjyrarmnssysdkw9v8
|
||||
enc: |
|
||||
-----BEGIN AGE ENCRYPTED FILE-----
|
||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBuL1lwdVNHMm9nZHRld2lO
|
||||
Rm4xVnVHWG9hNDc1cUVyakxzUU1PcFJhalM4CkNicEdUV2lEYWMwaWNqeGcrQ2p1
|
||||
Qmw1b1FzRllqYW85bjF0cmRGcW1MbjQKLS0tIENUcG1oOXFNV3REaFU0aUEyd2k4
|
||||
RDgzRmlKT1ArblpOV1plcFpyMnJXZTQKgm8Eaw591+EHZWofXAADTXRHPOdOvdOM
|
||||
jYne1szB/V9UJz+pmLa10tNgruga+P5yP/j+DGcYrTj0pVh5IJLjTA==
|
||||
-----END AGE ENCRYPTED FILE-----
|
||||
lastmodified: "2024-10-30T19:59:46Z"
|
||||
mac: ENC[AES256_GCM,data:3KrwiArDx/bPAHbFGgb9BdDVHC+uC1IHp4LZXlYRZzWSKtX1t+ODQVzUW97kigGFG1sx6WXddl/w3XeNOoT9JbS5iPXJQe6KAPleNV50S/oab+U53WeloO8uL68Wrk9v/NwMhCKwE9cCqBBhqk7wCb6N9ivt45mLrUf06L8fok0=,iv:bOWhyIm8FhKtZAZH/78bukkeDp5P4XShSD20mgr4Neo=,tag:RZMx9bi+ZEcLwTzk+Gm8RQ==,type:str]
|
||||
pgp: []
|
||||
unencrypted_suffix: _unencrypted
|
||||
version: 3.9.1
|
||||
21
values/badhouseplants/platform/db-instances/values.yaml
Normal file
21
values/badhouseplants/platform/db-instances/values.yaml
Normal file
@ -0,0 +1,21 @@
|
||||
dbinstances:
|
||||
postgres16:
|
||||
monitoring:
|
||||
enabled: false
|
||||
adminSecretRef:
|
||||
Name: postgres16-secret
|
||||
Namespace: databases
|
||||
engine: postgres
|
||||
generic:
|
||||
host: postgres16-postgresql.databases.svc.cluster.local
|
||||
port: 5432
|
||||
postgres17:
|
||||
monitoring:
|
||||
enabled: false
|
||||
adminSecretRef:
|
||||
Name: postgres17-secret
|
||||
Namespace: databases
|
||||
engine: postgres
|
||||
generic:
|
||||
host: postgres17-postgresql.databases.svc.cluster.local
|
||||
port: 5432
|
||||
27
values/badhouseplants/platform/zot/values.yaml
Normal file
27
values/badhouseplants/platform/zot/values.yaml
Normal file
@ -0,0 +1,27 @@
|
||||
image:
|
||||
repository: ghcr.io/project-zot/zot
|
||||
tag: v2.1.3-rc4
|
||||
ingress:
|
||||
enabled: true
|
||||
className: traefik
|
||||
annotations:
|
||||
traefik.ingress.kubernetes.io/router.entrypoints: web,websecure
|
||||
kubernetes.io/tls-acme: "true"
|
||||
kubernetes.io/ingress.allow-http: "false"
|
||||
cert-manager.io/cluster-issuer: badhouseplants-issuer-http01
|
||||
pathtype: Prefix
|
||||
hosts:
|
||||
- host: zot.badhouseplants.net
|
||||
paths:
|
||||
- path: /
|
||||
tls:
|
||||
- secretName: zot.badhouseplants.net
|
||||
hosts:
|
||||
- zot.badhouseplants.net
|
||||
service:
|
||||
type: ClusterIP
|
||||
persistence: false
|
||||
pvc:
|
||||
create: false
|
||||
mountConfig: true
|
||||
mountSecret: true
|
||||
@ -1,22 +1,17 @@
|
||||
secrets:
|
||||
RENOVATE_TOKEN: ENC[AES256_GCM,data:NwkAP50vrUc7dVB0wyWTgFDd+axltTqdyXuXFHHkmO2VF4QyV/svsw==,iv:kr53r5w7lVo9luC36mHghZ8fabo6/da8vLFEzhEOgDE=,tag:UnGnSXuvwlSzVuL6pEUXsw==,type:str]
|
||||
RENOVATE_TOKEN: ENC[AES256_GCM,data:ohd4EhTlhRpQ+IXVf1Nb73+h0VHrMZduPhkbm53s3/+HRKUZd7JepA==,iv:qtbH0lz9Li+jjWcef6JGRpbcsOGlG+e3TNHDukAK2HE=,tag:KVmari0LUGHVb61VSFtgXw==,type:str]
|
||||
sops:
|
||||
kms: []
|
||||
gcp_kms: []
|
||||
azure_kv: []
|
||||
hc_vault: []
|
||||
age:
|
||||
- recipient: age1vzkv97n2p7gfkw8dyx8ctz2kumattz89th2jq47zyjyrarmnssysdkw9v8
|
||||
enc: |
|
||||
-----BEGIN AGE ENCRYPTED FILE-----
|
||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBtZDVVZm1UallMRzJpRVF0
|
||||
b2dHaUJlQldOeHN5RVhydm5oaG52ZG95SVVzCkZ0enk4Mit4KzV6Z0ErTmxhU29W
|
||||
R0p6NVBiRjFSU0NWUjNKdGU2WXdrcFUKLS0tIHFURlFVLzJ5NkJVRVpCV2I5U2E4
|
||||
dE1VWExmY0xEdVlrZW8wRzlPRkVrRzAKVZHyy3AGktGuv7KEQX/M0xjyU/7FpgSB
|
||||
OrWzXXds9h8PWC/19FU2puvdIER1G/2CajEq0PQmaC9YMvb8nLMv0w==
|
||||
-----END AGE ENCRYPTED FILE-----
|
||||
lastmodified: "2024-10-14T08:08:22Z"
|
||||
mac: ENC[AES256_GCM,data:5FV7wwVyhB1UQOLW+iYyeImXAPv3dtTlw3Qjg2rBVBmbC8vHNpXFWloBhFeTSN4VAEjxm5tqACdP3IfNkrVT1SnYeySh6Xl/sdcAuAIao7uMjLDT/MK02AcS55T9pt7h+H4nkdNatMAX7jLKbHJwNoAnL5a/FgX+gKizAg4PRHc=,iv:7HRq2xMClJXYF2S9SQeYLZwCn2EOEc4JkEFzgze2e20=,tag:Fb3fm+wlnywr0hBfw5xyQQ==,type:str]
|
||||
pgp: []
|
||||
unencrypted_suffix: _unencrypted
|
||||
version: 3.9.1
|
||||
age:
|
||||
- recipient: age1vzkv97n2p7gfkw8dyx8ctz2kumattz89th2jq47zyjyrarmnssysdkw9v8
|
||||
enc: |
|
||||
-----BEGIN AGE ENCRYPTED FILE-----
|
||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB4TGozODRjVzQvdzlvSE5s
|
||||
RTlReWNSWDlzUVVLVmZXV1c3dWVwUU9hbWw4CnJUL20yTFpHMUJFWTdYQ2JWUisx
|
||||
Y0djU2FhaEtVSTlRWEY3Z0RnOUhVVjAKLS0tIEZEUjhqUTRtTEo0L3haWFlRT2JS
|
||||
QTFVWU5RSTBldzBjalg1TFBDY3hGUEEKCH1rY+tGtRNGMYrfSjqXbVsrPAleVHDO
|
||||
Altiz0ceC5ODo01zwBf63vDVqjZtbIQNZ8oQ8Pjlktp3jCpL7JNK9A==
|
||||
-----END AGE ENCRYPTED FILE-----
|
||||
lastmodified: "2025-04-01T08:52:26Z"
|
||||
mac: ENC[AES256_GCM,data:6PyWgR3f7lnen5Jun04Tsw1P7rcAgTSuF+YEh0fq3r3xHvQYFGesfEO4PHLfCGYtjyyCeyzpwBUIoUHTmI5tRYjLwjwRiIu/GH75eSLOx0y0gYMl8JUeaPxSpPvElpii3XAm7vKEJhTR9QzNuzduf0Q1JdlR6TM68XM8g78zeSc=,iv:CqTrPYoLg4IgW5zTsIcmGQUg5RfK+IQmxeQIQbd6oqk=,tag:P8Je5EhAv5TqqT77nPwlHw==,type:str]
|
||||
unencrypted_suffix: _unencrypted
|
||||
version: 3.10.1
|
||||
|
||||
File diff suppressed because one or more lines are too long
File diff suppressed because one or more lines are too long
@ -40,11 +40,11 @@ replicaCount: 1
|
||||
clusterDomain: cluster.local
|
||||
resources:
|
||||
limits:
|
||||
memory: 1024Mi
|
||||
memory: 1.5Gi
|
||||
cpu: 1
|
||||
requests:
|
||||
cpu: 1
|
||||
memory: 1024Mi
|
||||
memory: 1.5Gi
|
||||
persistence:
|
||||
enabled: true
|
||||
size: 15Gi
|
||||
@ -57,8 +57,7 @@ gitea:
|
||||
metrics:
|
||||
enabled: true
|
||||
serviceMonitor:
|
||||
# -- TODO(@allanger): Enable it once prometheus is configured
|
||||
enabled: false
|
||||
enabled: true
|
||||
config:
|
||||
database:
|
||||
DB_TYPE: postgres
|
||||
@ -82,6 +81,7 @@ gitea:
|
||||
LFS_START_SERVER: true
|
||||
LANDING_PAGE: explore
|
||||
START_SSH_SERVER: true
|
||||
ENABLE_PPROF: true
|
||||
storage:
|
||||
STORAGE_TYPE: minio
|
||||
MINIO_ENDPOINT: "s3.badhouseplants.net:443"
|
||||
|
||||
@ -2,8 +2,8 @@ shortcuts:
|
||||
hostname: notes.badhouseplants.net
|
||||
ext-database:
|
||||
enabled: true
|
||||
name: memos-postgres17
|
||||
instance: postgres17
|
||||
name: memos-postgres16
|
||||
instance: postgres16
|
||||
credentials:
|
||||
MEMOS_DRIVER: postgres
|
||||
MEMOS_DSN: "{{ .Protocol }}://{{ .Username }}:{{ .Password }}@{{ .Hostname }}:{{ .Port }}/{{ .Database }}?sslmode=disable"
|
||||
@ -25,10 +25,11 @@ storage:
|
||||
storageClassName: openebs-hostpath
|
||||
ingress:
|
||||
main:
|
||||
annotations:
|
||||
kubernetes.io/ingress.class: traefik
|
||||
kubernetes.io/tls-acme: "true"
|
||||
kubernetes.io/ingress.allow-http: "false"
|
||||
kubernetes.io/ingress.global-static-ip-name: ""
|
||||
cert-manager.io/cluster-issuer: badhouseplants-issuer-http01
|
||||
traefik.ingress.kubernetes.io/router.entrypoints: web,websecure
|
||||
metadata:
|
||||
annotations:
|
||||
kubernetes.io/ingress.class: traefik
|
||||
kubernetes.io/tls-acme: "true"
|
||||
kubernetes.io/ingress.allow-http: "false"
|
||||
kubernetes.io/ingress.global-static-ip-name: ""
|
||||
cert-manager.io/cluster-issuer: badhouseplants-issuer-http01
|
||||
traefik.ingress.kubernetes.io/router.entrypoints: web,websecure
|
||||
|
||||
@ -1,7 +1,3 @@
|
||||
# ------------------------------------------
|
||||
# -- Istio extenstion. Just because I'm
|
||||
# -- not using ingress nginx
|
||||
# ------------------------------------------
|
||||
coreDns:
|
||||
enabled: false
|
||||
kubeEtcd:
|
||||
|
||||
@ -1,26 +1,21 @@
|
||||
credentials:
|
||||
useSecret: ENC[AES256_GCM,data:7gOgTQ==,iv:Wiutik5u1CZ3jkI5lL4JLwvKDQrjNPSfmnyet7SBVzo=,tag:SYm+fm393zhqNMKejQfYKw==,type:bool]
|
||||
name: ENC[AES256_GCM,data:NKs3qbFPKGIhXI7lzGTq,iv:MWumBc7eHro/P1oLZxQArvfoWmdJN+S0d/Qxb+ohI9E=,tag:pxJQzB82Us+UflGc271wGg==,type:str]
|
||||
useSecret: ENC[AES256_GCM,data:JeoOyQ==,iv:fu/UL5pN+RfYRluV1ipqbJ7AMmb6mBzo9Cs8MEaH90g=,tag:SXueO8IzwQ12MjSQUx5K4A==,type:bool]
|
||||
name: ENC[AES256_GCM,data:jHBOoXdfbcm9/tWworFG,iv:EZdqinT6tBFS2t7/l3bA2A5OspmmXVBhlM4ENIMlWeI=,tag:ltP1tFsWxRiQV8GgNe2RmA==,type:str]
|
||||
secretContents:
|
||||
hetzner: ENC[AES256_GCM,data:tlumlKIfwugQj5Dj8Lu9HuEcKRv8v/JhTTz4oOvRavxmeBIGElfn/MyWbK68pagfDatyKsrYjqPTutYykJWVOWdHFOCIXunnI8vkDbzpxAH0BqyZQrek3s4mkTOPJkjfW6V1MNr5AvWMYLwptcIp2Q==,iv:E3jBlMgIXzuLCNVxEBlTiiVpLCdEolJuv96bSYamwLI=,tag:4zkhZUu+on0K1zF4/8tiWQ==,type:str]
|
||||
etersoft: ENC[AES256_GCM,data:/kQ9eCnHIfDSzHxy2tbVgwe7C0cF+l5LaKCgksodxUJgxTQs2pJHyx4cluoW62RwOQKHxMCy3IaqphD2zZOIVKbR0q3xVmBoxcBxrKE5UIlSxbQ=,iv:YcJF8OMiFMz147c8lXVU+ccjq1okYnHiwUvJLmJHi20=,tag:hnwtfAkBCpZUy4TEGtMOOw==,type:str]
|
||||
hetzner: ENC[AES256_GCM,data:cLAnAdz3RlBE4YOVDIcQ+gjWxsA2jsNJgh2zkBV9LbPHU2eJDaLmQIzGov28vQK0tpdGBk8uncjg7eLVpqQFnn/+4mbMrCICLNqeNYJNG9sTRhBoA8EqODRQ7mJoHMdvSqk8dp+9nGXrgO/HCKZCbg==,iv:pEQbq9pqWcuUG3Jj93QNbD4N9a/NxLPc1XqmfYNdOoc=,tag:Ss8hyMYYm24UG2aVXw6MQQ==,type:str]
|
||||
etersoft: ENC[AES256_GCM,data:f7opp9R8bLoOSqpzJdjUXiVHF0hxH3uE+fRQfgEA/G0wDrPio6SPNUG+ROeZCrLJgizFTR6x4/r/yTIglEeaa9aefF1OG9dEdlpko7AALnf3DYQ=,iv:NGXNl5BbQS5dgVn5wNqN7ba11AeDgHXPloYTBC95l2E=,tag:kA/7bvS9h20/a7se5e1zUg==,type:str]
|
||||
sops:
|
||||
kms: []
|
||||
gcp_kms: []
|
||||
azure_kv: []
|
||||
hc_vault: []
|
||||
age:
|
||||
- recipient: age1vzkv97n2p7gfkw8dyx8ctz2kumattz89th2jq47zyjyrarmnssysdkw9v8
|
||||
enc: |
|
||||
-----BEGIN AGE ENCRYPTED FILE-----
|
||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBiaW9NQVR6OGtLV3ZqMThn
|
||||
bWsrcGZKNVk1cXB2aDc5RnRNbTMwZVoyRERVCnEyQ2tFSlZmTnhRdGQxNW1BVGNs
|
||||
QzBjM2tXWnhQYTBaR1pUZnUzMWpYTmMKLS0tIGQ1emdDNlVGdzNWRlRQcU5xSWxB
|
||||
bWdPdVF3RjU0Z0RQWXZWVUVocVBTeWsKogQ3kmwrShfBOwMC+JHNiavRHryv+WNY
|
||||
dkUkONkUH5HEWN/6M7bsMMqjkH0D/upD5UXOXr4fiibcM/w+XI/BpA==
|
||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA2emd4d1gyWjlYL3dYRmw4
|
||||
Y2J0UkJaMTR6b0NsNTVzcTBHMXJ3WnNRdWlJCnB0ZEJmclRzY0Y1WEsvQmRWYU9k
|
||||
cDRtQ3J4azNBUnN5bVUvdm9EbEo1ZHcKLS0tIGN6L0VpTWlQNm1sVnA4UldBbk9C
|
||||
Q1dWek5PVjNkZUdJYllJSTZhQ1p0QU0K4LFd1ITs38M101fqy6KZGZ43x4Ou3VtB
|
||||
EN1uxBEt5AdfX4F+FbOnA5qAOUdRRN31TjIXs948E/1vgm8zRxSx1Q==
|
||||
-----END AGE ENCRYPTED FILE-----
|
||||
lastmodified: "2024-12-16T14:51:45Z"
|
||||
mac: ENC[AES256_GCM,data:65vGxoFLwH9WpxvqKYi1FEb8DhRWpq4K5cTjfqQEXDxbzKDk/RjTtHpFZ2iLnAOcL2ECvL+JU9yPeM7fS06nTW/TC/oP3yNGfyJp84IWNzrBVBE8HCTaXthxcRSIbGwvdCihViT4gZU7VkMaDt1WnEesjq/KQqcK/TSpCxhSyjI=,iv:HPfV3MRyeilrAFprdsLT6H//V74YzRiGM8O7TmU/g5c=,tag:tQHA6JW5ELAUXzIlJdLYFA==,type:str]
|
||||
pgp: []
|
||||
lastmodified: "2025-04-02T21:11:55Z"
|
||||
mac: ENC[AES256_GCM,data:ArJNDbctyrzJIVo9CojFPAKlhW9xCBYvfpA27iG2YGWYfCRQ0uAIVmUn0jVsbfYWdtQ5WZD7p05itXMobQMMlFlv3twi7B7taXYXQQzZghhOCVJBYo8I3gFl9wxVpKHNc+WxuerFCQUCOXyBMI9CLmXsKBwlciLl78OSU6SMe/s=,iv:wHFF4yhYLs6QjOcvcU4WDpNyjQZl0dI42mouVR/43Eo=,tag:notDIF/S/r7MlYogftz9aA==,type:str]
|
||||
unencrypted_suffix: _unencrypted
|
||||
version: 3.9.2
|
||||
version: 3.10.1
|
||||
|
||||
@ -22,6 +22,7 @@ configuration:
|
||||
s3Url: https://nbg1.your-objectstorage.com
|
||||
publicUrl: https://nbg1.your-objectstorage.com
|
||||
checksumAlgorithm: ""
|
||||
|
||||
- name: etersoft
|
||||
provider: aws
|
||||
plugin: velero/velero-plugin-for-aws:v1.11.1
|
||||
|
||||
6
values/common/databases/postgres16/values.gotmpl
Normal file
6
values/common/databases/postgres16/values.gotmpl
Normal file
@ -0,0 +1,6 @@
|
||||
global:
|
||||
imageRegistry: {{ .Values.registry }}
|
||||
imagePullSecrets:
|
||||
- regcred
|
||||
security:
|
||||
allowInsecureImages: true
|
||||
6
values/common/databases/postgres17/values.gotmpl
Normal file
6
values/common/databases/postgres17/values.gotmpl
Normal file
@ -0,0 +1,6 @@
|
||||
global:
|
||||
imageRegistry: {{ .Values.registry }}
|
||||
imagePullSecrets:
|
||||
- regcred
|
||||
security:
|
||||
allowInsecureImages: true
|
||||
6
values/common/databases/redis/values.gotmpl
Normal file
6
values/common/databases/redis/values.gotmpl
Normal file
@ -0,0 +1,6 @@
|
||||
global:
|
||||
imageRegistry: {{ .Values.registry}}
|
||||
imagePullSecrets:
|
||||
- regcred
|
||||
security:
|
||||
allowInsecureImages: true
|
||||
22
values/common/flux-system/flux2/values.gotmpl
Normal file
22
values/common/flux-system/flux2/values.gotmpl
Normal file
@ -0,0 +1,22 @@
|
||||
imagePullSecrets:
|
||||
- name: regcred
|
||||
cli:
|
||||
image: {{ .Values.registry }}/fluxcd/flux-cli
|
||||
helmController:
|
||||
create: true
|
||||
image: {{ .Values.registry }}/fluxcd/helm-controller
|
||||
imageAutomationController:
|
||||
create: false
|
||||
image: {{ .Values.registry }}/fluxcd/image-automation-controller
|
||||
imageReflectionController:
|
||||
create: false
|
||||
image: {{ .Values.registry }}/fluxcd/image-reflector-controller
|
||||
kustomizeController:
|
||||
create: true
|
||||
image: {{ .Values.registry }}/fluxcd/kustomize-controller
|
||||
notificationController:
|
||||
create: false
|
||||
image: {{ .Values.registry }}/fluxcd/notification-controller
|
||||
sourceController:
|
||||
create: true
|
||||
image: {{ .Values.registry }}/fluxcd/source-controller
|
||||
33
values/common/games/minecraft/values.gotmpl
Normal file
33
values/common/games/minecraft/values.gotmpl
Normal file
@ -0,0 +1,33 @@
|
||||
image:
|
||||
repository: {{ .Values.registry }}/itzg/minecraft-server
|
||||
pullSecret: regcred
|
||||
|
||||
# ---------------------------------------------
|
||||
# -- Install Plugins
|
||||
# ---------------------------------------------
|
||||
initContainers:
|
||||
- name: 0-download-mods
|
||||
image: {{.Values.registry}}/alpine/curl
|
||||
command:
|
||||
- curl
|
||||
- -L
|
||||
- "https://s3.badhouseplants.net/minecraft-mods/server_mods.tar"
|
||||
- -o
|
||||
- /download/server_mods.tar
|
||||
volumeMounts:
|
||||
- name: download
|
||||
mountPath: /download
|
||||
readOnly: false
|
||||
- name: 1-copy-plugins-to-minecraft
|
||||
image: {{ .Values.registry }}/ubuntu
|
||||
command:
|
||||
- sh
|
||||
- -c
|
||||
- cd /mods && tar -xvf /download/server_mods.tar || true
|
||||
volumeMounts:
|
||||
- name: plugins
|
||||
mountPath: /mods
|
||||
readOnly: false
|
||||
- name: download
|
||||
mountPath: /download
|
||||
readOnly: false
|
||||
@ -5,7 +5,10 @@ globalArguments:
|
||||
ports:
|
||||
web:
|
||||
redirections:
|
||||
port: websecure
|
||||
entryPoint:
|
||||
to: websecure
|
||||
scheme: https
|
||||
permanent: true
|
||||
|
||||
deployment:
|
||||
replicas: 2
|
||||
|
||||
12
values/common/platform/authentik/values.gotmpl
Normal file
12
values/common/platform/authentik/values.gotmpl
Normal file
@ -0,0 +1,12 @@
|
||||
global:
|
||||
image:
|
||||
repository: {{ .Values.registry }}/goauthentik/server
|
||||
imagePullSecrets:
|
||||
- name: regcred
|
||||
redis:
|
||||
global:
|
||||
imageRegistry: {{ .Values.registry}}
|
||||
imagePullSecrets:
|
||||
- regcred
|
||||
security:
|
||||
allowInsecureImages: true
|
||||
4
values/common/platform/db-operator/values.gotmpl
Normal file
4
values/common/platform/db-operator/values.gotmpl
Normal file
@ -0,0 +1,4 @@
|
||||
image:
|
||||
repository: {{ .Values.registry }}/db-operator/db-operator
|
||||
imagePullSecrets:
|
||||
- name: regcred
|
||||
5
values/common/platform/zot/values.gotmpl
Normal file
5
values/common/platform/zot/values.gotmpl
Normal file
@ -0,0 +1,5 @@
|
||||
image:
|
||||
repository: {{ .Values.registry }}/project-zot/zot-linux-amd64
|
||||
serviceAccount:
|
||||
create: false
|
||||
name: default
|
||||
@ -15,6 +15,14 @@ initContainers:
|
||||
volumeMounts:
|
||||
- mountPath: /target
|
||||
name: plugins
|
||||
metrics:
|
||||
enabled: true
|
||||
scrapeInterval: 30s
|
||||
scrapeTimeout: 10s
|
||||
|
||||
serviceMonitor:
|
||||
autodetect: true
|
||||
enabled: true
|
||||
{{- else }}
|
||||
initContainers:
|
||||
- name: velero-plugin-for-aws
|
||||
|
||||
@ -3,6 +3,7 @@ namespaces:
|
||||
- name: kube-system
|
||||
defaultRegcred: true
|
||||
- name: applications
|
||||
defaultRegcred: true
|
||||
- name: platform
|
||||
defaultRegcred: true
|
||||
- name: kyverno
|
||||
|
||||
@ -1,38 +1,33 @@
|
||||
rootPassword: ENC[AES256_GCM,data:kxg0YirkjeeTaKueH1G4RijoLjLGxHJP2w==,iv:FM83CGAl7E/xEh9k+GPy/z5apxlAb6/HEhznGcUcu64=,tag:Obw7iPuQltcaWwjZfAh7xQ==,type:str]
|
||||
rootPassword: ENC[AES256_GCM,data:qnexaqMkE9mrB1xiX9wJ5Zck/A86UpliUw==,iv:ogGbSnHyC+NrlPkxnsWMypSLl1R/dmCHs41XGPVV+jQ=,tag:WjxWZVBsXfilMihi1AfnUg==,type:str]
|
||||
users:
|
||||
- accessKey: ENC[AES256_GCM,data:h01uNoYYTNs=,iv:YkdniZm4pFzcEa+MfXazBClz6RrnYjzAh+3IbnVE0nQ=,tag:SFZ8HnM8N99CNLvEnWBXqA==,type:str]
|
||||
secretKey: ENC[AES256_GCM,data:sr33gCJYEd2k7bbZNHKVgvOmUN235YJoUg==,iv:hGFkM9cS0cv+GOWpxn1YPjDJBqSZl3RHRrUM9TQt0A0=,tag:Uu7ItlGDxayQhG9vmSNp/Q==,type:str]
|
||||
policy: ENC[AES256_GCM,data:QPL12F5ZWVI=,iv:wXBHgWlI6kFvGH6rp5pLEEcT7S2i58K3Pwa4D4407ks=,tag:JckGYguaJfvHK/sgSuKICQ==,type:str]
|
||||
- accessKey: ENC[AES256_GCM,data:oJrvlRNB,iv:RTYdPqj5Q77NvJIUsRw7PA/7yhZ1YzjRWCYfvshXoCU=,tag:5gtdnE9cIUvZWWpQsO+2oA==,type:str]
|
||||
secretKey: ENC[AES256_GCM,data:nZGlehkE2OhNjXLZk/4syI/xKRGmRmzltw==,iv:24Q/OVU2Rtz5ZmUcgJ6ZsOfXv97PXHL9456C5ccsVAA=,tag:xbU/qLleiUwUBzB1dU6/Ew==,type:str]
|
||||
policy: ENC[AES256_GCM,data:eC7ZPjG/,iv:cEbFEZygJ7ntGA174A3p/RXhjK1QFVY1ldLiZFsaJ8M=,tag:cknvoIX5NONoni1mInssgg==,type:str]
|
||||
- accessKey: ENC[AES256_GCM,data:5HL9wVqfA0M=,iv:5/93WLtsbjI8es0eR4v8L+d0rouppWv71yRUkVPlJaY=,tag:LWikGmdEB1En9kzK/q7iuA==,type:str]
|
||||
secretKey: ENC[AES256_GCM,data:YQTRFqsrwgti2ClhOsNJ4mJ8UJFe5x2kHg==,iv:5eU6lMwai8fRQc2pGTfVOfKrVGZUFyu2h3E9UVDQMfo=,tag:C1zyKZACiLQHbrSOMxAPBQ==,type:str]
|
||||
policy: ENC[AES256_GCM,data:xmfAJOUfKLo=,iv:ZtwUL9/Q9TwRKjWiQ9+lyRqC4rQG5sHDomRjwhJjaqE=,tag:ZER1ZAfuFxtm7uUOqVLdCg==,type:str]
|
||||
- accessKey: ENC[AES256_GCM,data:AuteZNMO,iv:d6WqR5iwTxAExyavsSrAmd13VQ52wobBve6Borp4+ug=,tag:BFDiFc/XT3G2vxMj47p9Lg==,type:str]
|
||||
secretKey: ENC[AES256_GCM,data:xA1OPlugsx3B/tQ7kPd7pmTWh5M+FtO2MA==,iv:R21qjcQT9D2wdnnRYM+zS+vsxEDNSVg2ScLLNxogfBU=,tag:zg6EAcmsZxRMwQHWSCsesA==,type:str]
|
||||
policy: ENC[AES256_GCM,data:bYC8mdky,iv:0OmqMpDPVPPVGC4ZWrrS12DIMBztHDtt3Iumdxesa8M=,tag:I5BizMVL9OKnaVx5p89/Cg==,type:str]
|
||||
oidc:
|
||||
enabled: ENC[AES256_GCM,data:ZzHQSw==,iv:pAM6Sg5FOqk3OevwXxNz6+HoA+S9JKn3qXKBrvtQOjw=,tag:jIjUzOpsDTrmWXnVQZvOLQ==,type:bool]
|
||||
configUrl: ENC[AES256_GCM,data:wM3MMDLR0hD0moLuOJbVV0FXEAcRpGQCiWZHIRfaer5WzSAnQH/8/PVkOnFy16uzsAf1IFbQIOjaXDw1alv3WxczIKpfXiR8mfNI013fCs+tURdOPCSdziQf9G1+sar9/Fs=,iv:95nxS+kP5Ml3WWbN6kGQxH0E/hLDUMp664OrQVZhH80=,tag:0PvfH+J9SQGwBJ/Kh7zgCA==,type:str]
|
||||
clientId: ENC[AES256_GCM,data:UlETcj+fUPFDh2thR2Q=,iv:EF5QHrfstIqT5MYvrkQkUtcquG9SIsruYKSaR9adz5E=,tag:/yYOxzIIgoCRqsFSHyQanw==,type:str]
|
||||
clientSecret: ENC[AES256_GCM,data:elh+rgMPMxJ3Tf+ufv4FBVQRBY+HeWbaSz4Mjx+CQIGzVBYDw2TaImgZbdIN7X+tVRdKjBUad7Bd4VUZoZt8kIacT4usJRQC9qErhMjnuT+OGzq6mSpXMztAzbGpL76L44S893sRkUkVwDpA6p4vqPSe5vMiaXZZAANIrhIDcRo=,iv:FIr6pRpJ3FlRchQs2Hg25bJu4HFYSy9HFiDhOPDPang=,tag:0pWGuHVwrlm11SqFKYj5ag==,type:str]
|
||||
claimName: ENC[AES256_GCM,data:EOYQcSX7,iv:7ELctRaFlUmE/I9ExsLjMSCOrwLyTrJt5RQeDMqcZXI=,tag:CAEcRcWu0jkHxIdWFwoQvA==,type:str]
|
||||
redirectUri: ENC[AES256_GCM,data:ek2cRHXtOCy9yNRrCyW6GFULz9ql7vzFIYc/7OBBlqQZmzMVEiNJ0B8Wej5TELIJ+do=,iv:IMr3J6Vcs7mT+agAcwaV8av7PUuOtvCdvLOOIKYwN2U=,tag:hLgtwpqtgsyoIF574C8UYA==,type:str]
|
||||
comment: ENC[AES256_GCM,data:io98WZF69zRwoaDz1WXgb3gJ+Ac=,iv:Uw3p8734k25N+GZhQQ225Ye5mJInR4LcJ9LPcppEsgY=,tag:hvx6FxcwajTmC4gQGErWmQ==,type:str]
|
||||
enabled: ENC[AES256_GCM,data:InAwLw==,iv:wdnXWnfIzS+eXwswgJhG2ZPg2Ub9YMiZXfV3ShWHZ7E=,tag:fYTaVa92A9gnkcEn1EMT3g==,type:bool]
|
||||
configUrl: ENC[AES256_GCM,data:KgarNhP8BMR5ivK9MTCKUuXjT5zd8/9MO6JyUTfzCPmNoBqRTKPJzjdM29LIa6U1171BS4YqcxcIpIR6Y+72d0YTZuvgQQF0ztb904d8MUXgu3KtBZzAIbEhI9xu8MkGbTY=,iv:WMkgF03poOzKOBKEZkd54z41wp1cgZKFDI2/qAswl0w=,tag:1dEektNStbHBu6MzrD7wnw==,type:str]
|
||||
clientId: ENC[AES256_GCM,data:L3CQnmb1XrLD3rqtffs=,iv:wN4l9DxccLlXpUPSvs3hx/Bag7+EPf9H7klUkvsKAZw=,tag:k9E/3o6OXHi6TiXnlPblNg==,type:str]
|
||||
clientSecret: ENC[AES256_GCM,data:G809E5NifCWqqndhIG1dDNwUHUOhlDcyMBRE9O7PEXO9ZXRAdLaxVGGRHy7UpPwY1iYKpz7+WRAWmkh0vBcFdtxqnzHBlHD1pPF+vkN0pOG/jm0ds86AKrjQm6X2Zcf/p546+O+rw0ipgYyUS6zsZFfL5LQvkpU6sjF9wXxQQpQ=,iv:LwZw0tWUiGm6meZ5dMM5IvcD6rXgIhlKcpvqnScP+8U=,tag:0R2s2CYJWlbzzV5hNJ6uyw==,type:str]
|
||||
claimName: ENC[AES256_GCM,data:xtR/BhXA,iv:Ku5QCNMqmWGINu6Bisla4oYwR046AeFrQzcLuXuO/c0=,tag:5laaIeCC3vng3xySerBi4Q==,type:str]
|
||||
redirectUri: ENC[AES256_GCM,data:zmWLYgD0iE+wkydBQvj8oOy/EzNtdL5WBIVTvb8nlg4ES9n+pzw5fjMw0GIMrPs+I0s=,iv:1nvn8yOhz3PMB0GgFCzDPbx7HxPpLlPbbLcWX9HnTMk=,tag:lCPoujWw32Q/bqPrD9ur8A==,type:str]
|
||||
comment: ENC[AES256_GCM,data:I4T+pUEdC+sQChKrxfwXT3jTOCQ=,iv:lJ9ccLVf+thEFT9erHuGVPp/LuyfiCaz1YCwrcW+kEQ=,tag:g0XtSnglE4Pvjgn0mKHfsQ==,type:str]
|
||||
claimPrefix: ""
|
||||
scopes: ENC[AES256_GCM,data:mK8Vczvi5SSVPW6k9pLx2aOaXUdfujXE1G77,iv:M8TxsGfsnvdRyBo94JitBnx366MuRY5Q6vLNmCs0hp8=,tag:YaobqJvS7u6B9x0MN5VMzA==,type:str]
|
||||
scopes: ENC[AES256_GCM,data:BGQgbk1zlBkf+kIT4+iKNuE1Xavoa2uv2WLB,iv:8fLWtfpBu/R/iu4q/ULHKSgSApzNImQknoqjh0mtUu0=,tag:LQ7QwEb1il2U7dPKdMG1/Q==,type:str]
|
||||
sops:
|
||||
kms: []
|
||||
gcp_kms: []
|
||||
azure_kv: []
|
||||
hc_vault: []
|
||||
age:
|
||||
- recipient: age1vzkv97n2p7gfkw8dyx8ctz2kumattz89th2jq47zyjyrarmnssysdkw9v8
|
||||
enc: |
|
||||
-----BEGIN AGE ENCRYPTED FILE-----
|
||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBFYlFwMzFCaG8wbk5ZcDI4
|
||||
OU93MVNoZGNyL0h0WFhRM254eDF6Y2FkZjMwClJEcHNZcFVlaTB4eDlsMm5QaEYy
|
||||
NE0rd3EzUytaVEc5Y3I0MUpJWnI1NkUKLS0tIHBlS1dKMG9kcXpJSHMzbDhXcGJx
|
||||
OXIvTU1uSVFXenF5QU82VHFta3ZmS0UK86P5geFl4PEMgKqBW2AlQfyTjT84TRfE
|
||||
NjjFcpeFsUa3GoSm+NHxjzXbEEWkQsVsLWqS48IAPhOiICyWPwiznA==
|
||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBDRzNRdGNJajZycHpwbFBJ
|
||||
eUVJa2hVRmxuN0RIanZHU0Z6S3BIWXF4YTM4CmxtcG1aOThtLzExdGI0ZHRGN2Qy
|
||||
NXFneUlHZUFvZTJzOVNKZ09lSUdzVk0KLS0tIFJZWm14bWgvMmNsYUtkVHVBQUJs
|
||||
ckRqT1ZvWld4TjNHMmFtNFc1NGZWYkUKU3njj8FgDNTwziL7KS+nfRJ4yhiUod9Q
|
||||
wbVc+Yxijtu+S0jkDdDSR4SmyeD3vRicCsRHGs5S+SS1pKcPEM3c3w==
|
||||
-----END AGE ENCRYPTED FILE-----
|
||||
lastmodified: "2025-02-20T16:42:14Z"
|
||||
mac: ENC[AES256_GCM,data:DyBFmjgWcRCkEEpuDUL2M4w6DcJ+YiVaUZcCuHReTKZRuE0BcYn8TCKYqaILKM4B0ClLK4aYH194ZNysEMDoAVDnLaTWPa3as8dW8mwpeaPmV80CbnKsRLMajwWJi7T8LBYrHaSSZx8eCRHvXFaB3u8B7t31vmzwutlpu5BKQqc=,iv:RzcPzF0rrSVZNSuG/Juv/gFtSdPqgImU+jO0Z3oQVzQ=,tag:KkEecRrbBDImiTBhn4T0pQ==,type:str]
|
||||
pgp: []
|
||||
lastmodified: "2025-04-05T11:29:21Z"
|
||||
mac: ENC[AES256_GCM,data:kyFSH23LwA9JbzWrCFaQA1dzs1AUDVfp7vuYrbu3GnWAkS7YBR7/ZqdEQZZYtDphSYDcQPSvQf/aVgM77qgCxgYrBFF+HTLyTCLOB59+iftA7jPp4Tv9GyCTnrObkuQHYUdatV5iQwoa/qwS9TKi2/yWJQhfrbawjmJTHeiBpIk=,iv:SgIw7X3pZZUfU70Wf9WBFAXg9SLQheMwycQlC3C3Xtc=,tag:zcwc2mLFR57SgliiX7HnTw==,type:str]
|
||||
unencrypted_suffix: _unencrypted
|
||||
version: 3.9.4
|
||||
version: 3.10.1
|
||||
|
||||
File diff suppressed because one or more lines are too long
@ -1,37 +1,32 @@
|
||||
files:
|
||||
config:
|
||||
enabled: ENC[AES256_GCM,data:QJdNMQ==,iv:m8KcSZ1Qi9lmCUTfJkceKMu1iWMBin2Y8P+6g7pSU4g=,tag:z4N53rRhoTNdlMK5nu8rYw==,type:bool]
|
||||
sensitive: ENC[AES256_GCM,data:8ltdENw=,iv:qeBWpMCAxo0OwRc4B/6CAbkxn7Bal7iDfgidvqtEmpg=,tag:3ipWGmcf1ZjsNTP1zJuXhw==,type:bool]
|
||||
enabled: ENC[AES256_GCM,data:/Pq9iw==,iv:HMs4LzwNIFF8XRmjQ4uqKu7X5QsV8Mk9I/yc/gZq62E=,tag:f8WZiM0PEXwwu+cMMOoRiw==,type:bool]
|
||||
sensitive: ENC[AES256_GCM,data:nv0bwRU=,iv:E6FE7eGGHt1DfkMyRteMbnuaX4Kq9rWMmVISTE/eD5Q=,tag:OsPWtKkwawXqvIoc+Nwmeg==,type:bool]
|
||||
remove: []
|
||||
entries:
|
||||
config.json:
|
||||
data: ENC[AES256_GCM,data:8Lcjs0itPOyEy/ZQJS8KZBwFW5BEC039JJJCVhUjL29+NF31Os5vo8jLoCayW9e8tasVVhP8BQlGFq/ABQajXmLoLCSQI0yAOGdVSvQEXy4HjBxsDnPIvNq1/4dk0FsoQwTJYaVW0QxSUWkipyZD0cbzssJ9Zd+KnIIs4MGreXfibuyZI+HinrYlxP8CXNTn6o2eUSx3zXodD0K2IO7tUOlIbYK2PwIBvhz1JxUhqXIXfoEF2FoVU7ca6YCHA4b8kLLep9gz6z2yHrM6CMk2AUi6H90jGfUPu1dn+H0zBc9JsnVpbGp1KGtx5V6UAk8i4Ed1Iv8zVlvv/i8mmWhY2ue0doFj2cY6QgKc0fqgfkqTgy0k1IeTbxfWDH69KEKMpqk5UotvI31R6ZQlYNgc29IzdMDzXU9UVvDzwwP6bl10VYZp0pwwgV8nqOnr+ZTNR4Hy3Xrmq99SUAq1fc7/CPebj+g9v+PfjKMrOAL9kOVTNK7EJMMp7JQXTrtgifkz21HkfjMVKh3JMFs6gJla21zgYqHqpgU4t1dtA2+Y2OCJV43dZsNNnuEqvBVJhCMta/Lh6xoqtaLoC3TYRrkp1PWGNvP277UJnvS1RekDAl/RjFFOlOLHOrbQpFd5zTWeM6K8iOPcmugPreE8p9FQIFN9tyYW0SryrZ7V6dRb9qrEYbFXMqjLX9voTJyD7K6xX9omgX4OHC9RJA3P0hbsidwooZZBUDGs842LI5hCoEeEOYz1h5ZQV0tLUP8omIwZOvm5B9cXt3GmVvcWYw0Cy5h/1neuzZzQipveQoQkartZuvg+WjjJMOASdMuSqdvw+wCdGCGlNH8ACtFR3pvnXn3NIN5WaQukWpkpSWNGtr/teW/5KtFvICwg95ieNoAOar3T0txR4DQ4oHw8gh7JK/57E0HzC6q6gqCeqQGZYKt/0QVnQCMKHh7rD6nz1aiFgh15vzAU3sjWMlszt5Q6pNQCb9Ib8txJA3gvI2AuMr/614NwyN2WHtuangVBg/nLUQW/0IL0FZWYWAmjvn+e0Ucsx+gNt9XVzvJv8782gnt3LXMz9QqT+NbNW0lzrac5AQ5Ka/uImDFNmzKunk/3yTb9K2q2kzOx0QCBYGcvvCjeX4SP2cDOJkSQV7qB9AqiKJP4h/oDkrNHH+b6n624c9C/IDAqWu5Gr9RUbhADVbRsLJjbzNdQj9Feacvw2UDjE9BNz42RN5K+Nz8Cw72B3iUg/3gcAhhjUvI/liuZCf1Py6nxi1Hl4MpoAinKabIUGvoIt5fBv+iXKXmhe+qulKDuJj+maIAKKmcnVFxcl1waWLrVPLO4gSNVCTp8b7tCwGuLIcynPGCLxSOnis4YJi7ux5oA3pn9pq5jop3kXQTpU8AexU4bmDFF4pzqXogNSDbiy/fKQV2pFnMW3KwOSXCBTzS9RmnGm+X8zQbXxnX1cP/vSmh9Pqs/4FEVlg79P5uEY+0YGmKRqmzBFZEQgXaYhOMWWsIMCzES2wNe5LuHEYiVF0fXK0GsYswPejH2Y8kg4jT5gynzfHuQzNO2P9id/o+q/Ptf9w5fizPZOBeOLMPpDP5LzYA8mPyb3WMryUj6agYk/CnEc07R0Xqk62gh9l0kmmDJneciwUz9bcGQGwfZVDwJeHyI2cS1huU6Ay6s8D1XyZnzWRAk0uAdY1a7oYhs0X0XioG0jsz6NBhUfRMNTqxITmxLnrrC3RbZfHtKizBnBDZ/OsSvMcUDg+wxz84PKM3p+gXUzxXypWCBFxHUoAy5x1V9rVINha9LUdtWiYD3JeoUbmgTIWKGOTXuXGlDdqkVedAtLyqIwAxCRgLWra/NoLJ3ZSVjWB/bpsrDc6suVKTn2LXSk+QSHE/2mzIvO1XBDd2QvG0VnVXNwFFRP8321hERwgNDQgh2AlcPBFJX1VaP6EHqa/VjX3bIrXxZMmq3UKH+wxR1pn+D0x1npIk1lAOW9yvJH/CUpbXJcNzSRTy2OR2MFTJcW432KKdcm7VoWhmUciCfOnvcvJekH/1yjoXRd3D0T/2hdPnxdkcFyoM9QZ7/5T3NXnNxVwaZwqlzg5vKGf8YkqWL2PhsbqxkRk62oPYEAfamyyszn2WT8mxp1MjYmYxAxAxIiVBuZR/Vn/pU/Abpar+7hTUChKSz/hiR0vF6MiblMcyjLA4hZ0SRdkDDaofpvkg4qo4cAjTtIBHj4doPWPdieXYvxLp0SCUe41WnBj3Z4Cmxkc+V9UaFhRxmxCU18Q4eOZ5DMOikB9BbQooHQ/eqrkel8pT1ObtqxAmQmuFyiP5RvByEdyvM4R9hZ+nO/C9m4msoIxr0Zl3VR0oNZEjtIMS+RGfofK4Su611pkRk2nHVG9fJqvNjX30SZts7BZarrj3IZJNx0OGfXOEVAR2AftV0UlEIyjJm9oB/WTLlecUAXZgaVCkebB5R1rSB3Bxu4tFkb3AUdCFz9CpNH2IFVGaTPlQK9cowc+2s1fPVpDiVFU4NBPgPGKD3X7Reu/U0Z13J7gC9zcbPt+39GRomH/XhubjyWps1CQZRQ0XadiimQhlmiM+da9Gpy5VSUNCapr8+rw0SJhHP3oKbpPscBxjcaI5Q1wCMHzSfuF/rvGxeah2M/RHW8nFXWrZGMXHqjRQeDPagkRM782/wx1JBX5o0P1vbjV7pTRtySC9ukQPEoepjcGxR0eso1WHPO+oxaAc56ViORdfEBVMSdgVYJQJeCayIqYcQxFY1As0WT6JgQ9FyITIwJcPW8AQ6vzz6mDaBCpibNqWkv7SRe3vvivIaW+prQS+mujqsbgwtLq71LtGkjAbe5ANyBP9OfhIvYYY/yuENKfTe1pOnzQL1THyrfVTWhqsB9Smu7L3VCaULTLVxL/fELnunWNSWqzhAWLm3YP907phKt84bd/4vI/eN7RO6WpB/J0XpAbBfwVWB5A2fxToe9pfw9zJ//nJZg+iP0kX9aJkENV17YYINsd7QHgwWnAFgxcaQgco9VwugJz2B6mNAmhc3ahi6zdOon/E/mC7hKzKPIsf9Ll87L+1pcYO1yGdzKLl/vx6EcjqzIk/GnUnkr/8h6qNSUBPUzWqMce6DsxvbRYc07C3g/CjcS8SLoxLwHCsQhQev3vtSOT0VC3vuOKOu3f0zHJRyeyG2Ppn5hNtv3J6WWUOL3N8oVbOdH42JQnNxDrbXJNE93jN1YTgTUwhne4ZboqudGoZTnwzZo/1E0GvKA7aXq049isY9UdCU+LGb8pvJL/XjWXWApMiXDRMVAoG6+VxyIaDrrlSWoPdaSwhxNZM8Gzy0Y74=,iv:BdIS18qQNBFdjwlv0IH/t2L/R0FywZiu8+ExA7X2HIc=,tag:AiCzrJzmxzocT/fnshUttA==,type:str]
|
||||
data: ENC[AES256_GCM,data:p8tabUYlroJSzmGH4GQyrn+HCRKL3QtSoCIZTqS9h6B/KPLsGZVmpPlSZ06C0ahBYVDzsefE07//mkoa6zA8FmlPpyEiwOXJB3LE1xqSo/kH5Ckr1dSoUXiuSIARCigRqParHe8PHG9KTZvdOmrMaThpioWzL9wS9Qb/uqpg9A2P9eipmY/Gm6UcQDMbHXQRBBYcrZ8Ag7cYIjWI0Y6sqdtUuSPiWwBKGNdhZDoXNdb1EcDRKgJtQ1BiLBZ1EMzyD2SnrQbCShV3SCdzki3iRVol0n8oJ4DlCuRRWUzGWF1Qo42yqOd+xdgHI08hHcdww3+MIMIKouHaNibzBzE7tVlCHDqM/dLm3eoNAvyUza24ajmhyVxyzTRlY5seWqRv+P0E7JviiP3CQBk/zscIMMUn5zOsBtIpCPzQA/+lRbc9k2B6K18f/V8yiJH0z9ukxPxuRRE+AmTGvrd5eUnpu8ruczcavSzRViU3eN7EpkoJbFkSTKwaDlSO23d4vpyupjeVfQSJjEadqfSuOnv592/8SlLrMU7B2U/bhmFRggAfyQpxrOhO5p9EWioG2o3qNJA8dKU3Lj0AXKk0fv6O74PG32YjnUsMJxB6i6lrz9vGQ7Ris868FIbhPmRJyD4+5XBy1bAtjT/DULpA2J1ChaK5tKXtLrwRp+u6LJmhQo9Q8iTjoCciVwtgzc2sI1V+AaVEz9LfgoL1XeGRxtLi29graan9MTTqEdIOloibfT+BCAD3vVc145RzDVpM5v/D3mVni/R5XWIuZrMklkFf/K3fgF9SOkME1zHfIOr9i2W8egV/r3WxtjT6VoVKjkIc1Zje+52wd8cn76a7DCOfV50oYMdRSoMlrjRXcppN4NVYn0KNscILB/Hu0Itof76pRJJN6m682U2KlBGNn5K797TJas288vqoo01mPg7HZipsmkVYy43/9KntKxr5Zi21Cr4eltY9Yt5Za6olT8VeJTpRygglhyxaQmfQRG/+9r/DqWyIuXZvU7l+fozvOBevefgkmohGA20QbmQ7YpDUeQv18T0RgDwMC2PE1aNx3+luwOteI4jb1B8r99zuicAa1SgggGZy9bYtzGYliNOcZ8oK1nxth8W3k0qMmjBrGNpTn0tZ+J0LJTAZ56OLMQyJPFFAJqVzwLdJ06K0Cw/MlXfho4iH22qVNbUpIQ34ndhmrPlO4Py0oouqdupS4veY61Df+1yeMIFNMgaGxsSdBp10A5u+YF1BI6Tu6BlUhT7bAWfEjX/P7Eq/MS/yu5iU3yMzE3IPiq+ZgZ+fxQYwJkYcwiaSY67pqUy4URxVe98URpE06GD+I6bCWw28qSDVUC+pWLmw+ll2lMeB/QgBFsynKrW68wGU38O3agMAfK598EUBoMAgI7bap2nx57o/Y+UpNtTsHBpwKlgFYL5abwKCPCrhV4rnDJetjgCbTumduTqTE9ICu8m104bNTpw6mvLe+BWp/c43Xx3/9WmwIJVOLnM8prigehxBQoxFU2+CclriNYjTn8za/fZuNLJ/XWFoTwiVYCd7RXsPsxnVe2LuDRzkFK8U1JB42iAIKIo2/OwOPiKjBXtAk4Q76guUoxcoCVaj/q9+t74V5viTjlaX7scNd7hNNjs56S3+6ZNBL37yuKbf3nY5qzPYBVt3h2LAHHcdfxtNIsz8gIDKWkHxc8NOjgUIv/B5ENuJLcDn3W5VVcfTh08wuWR7mZO1xiOCPyLEmlB3hNJQLvoLPrMHfwGjxB8CwC2xrQ2ndEWlUwgXwPFrhmM3cGV/jWY2nXLeUieIiMVFldsjSDwA0XjcExs1RfWoO0ZrZs5+0YehDmjRQRq0XtSvsO+5IeE1bFoZRtzEUzf8iZNvBcHtc8FmRUPVFJKnh8RJGKDkbVKLYg0mGtDvzianLYdv3Ugrnal5e/Rjp6EbezVLUK3kvubFUjxSwFQBIjRfJUP2hmX70JRoMoWWpnJbpHgsjQNg2K7aQ45NTSJSP1VyD2H3gibm6zm7IYWTlQ7lpbdZH0MxH8WIFYa1UBMlNq0JCFc18jWLxcLMlCEoM/qX7GrjoCRaj6YZWH3MeseLxcyfoY8wRWHo7piJjdeDXBQTpvu6ClzHz36iVxpueCTTkhZbcf0dLsxxQ0qfzqZgOhtJq/wc5dOKyHRtCxCJnVvDl8twxA1h+fgXol2EpJvHVdFfKVq7/b+B+F2tSlEQtc4i9lFaMQaeXdlFZNhmp+/6ZKojowZWnAnhA+mC87+p/3yeII1Wf5ct9mFm+K2uit88nAzhxFQXpGuhUrMj+PHSVlyv1wY1i1vi4QfSGzm2VKU8Ajf+BpiVnb2kkKeUkrR5IR07fOpkJktmUqMlbxt1Q+V46cxEC2r3AA38OOPfrFGAb7yjT/DYwehBN9r6BIhgd+0DFFpL/W9HYu10j3NVNm40lkRl1+atdeDa6LXCR8ZNhHtK0zSPcpXFlsB07YYSjXblqtA1jKVMarrQDYLRueqYVjjkZV+VsxBexfHhj4ZO/hIHvP6Yb00qmlSQGGO17Cq3oZRj1TwIWsE28qKOkFWCquzjS/coE/rMVoN3aLp+KkZlEaB4fvZd8kflMIXS0C2weSMhLq4mQ8ICb81jzmrBvN/io2aV2V57feFg3gDnDtpEdzflh3fI8q+DbANdCBeIEaj+Iizbg/7tRV0XtgdkDbJGRMmDZ8V9veQT6NThlwtuAVDSusaTw/U7giMotC3GI4/7Tl3/G3KNlMOgzmUphDRA638YKw7TEFYKr068B3+ZyZQK4taxCkeKn2f9R/0Kg/JK238lR3vYZ2Ye6W1adv4rqVhMLSHbDSavqW8Q/wJnZkZVwXLWRHG+E6u74ufBp7Uxg/7aYbMGl4vMd8TcA/ydq7e/2jiZbwPVzXPMnKypBHwTdndJ6R09nwHMyz6iZ/0e4WVy6mrkR5LuIfTzA+7zhZN/kpUakhAj2bj9d6GwsawMCsZi2ld9XS+HJrqy53w52IWazsQeSGfEKklVcOyQHY21zN3aB63eixVrIMhmVlzu4HVnDoFvUCYs6ShCMTc8FJP3KFOUAl/vlzo81gnpEhWsYNseWSEcHLpdRVkPH55hqEjhQJFDxY8/dXhkU7X0fe5z0Y/I0ElPIR1sIzueD3f9ECiCZBvt/sHtfPuDWWEz0OZw8ga6BXAhDlfomT7bmImvWj+DYbnETxfkMXIifY01cTUn1Gq7WKxKWpcRB7Aj5bHyG4keGbi59NjY/n+DexxiQeXfPeCGJuth/dUC6DU+Z/CukN7L6FurZ2UAaAgHtYES1RR3YWC/MNokvRE5cOI=,iv:chRQSyE0r7SQ462WWUUwwRwqh1MD3+RwjKBMlgCL/y8=,tag:D7DFlbbdk3whwO1VTymDmw==,type:str]
|
||||
sops:
|
||||
kms: []
|
||||
gcp_kms: []
|
||||
azure_kv: []
|
||||
hc_vault: []
|
||||
age:
|
||||
- recipient: age1vzkv97n2p7gfkw8dyx8ctz2kumattz89th2jq47zyjyrarmnssysdkw9v8
|
||||
enc: |
|
||||
-----BEGIN AGE ENCRYPTED FILE-----
|
||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA1OXIrRVJJS2hlZUQ0a3I5
|
||||
SCtVeHFiWExFM1F5K1ZzVENOMGtvOWlJOEF3ClJTRXJ5NCtHT08zWkluL3oydkJR
|
||||
aHd5ZmZKY0ZHcXdhaExiVE9tUVg4S0UKLS0tIEliYkxrck9tc2F2amF1TDVXZlZR
|
||||
eU1ENGZHaUgwSXViNEY2cnhneUEvbDAKW4Ynu3DBBXRGn8l+yIMKTFp1+qnEEwhz
|
||||
ZCX0RkdBusfX9IU+EZjAh6L0t+RKUf5vvC4giHbd4g0Fhui2E/NWpw==
|
||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBMUGM4THZRckZFZk1jMG9K
|
||||
ZlQ2Q2o5VVlWTGtWMDRlMmp5MGxqZGRRd0hrCmlsV0NVMWlac2d6T0F4SHAzampm
|
||||
bDJ2WFFOYmtmUllyY0UybFN5anhBQzQKLS0tIDlwUndYOXJtMWMyUVdMRzVjczZr
|
||||
TG81OHQ1NXVBazBOYm9wT0FXZHN3bEUK+c+RP3xPEB3CCGN8zyHZaswiImhYNgYW
|
||||
2lj77y++2QWNCdndR7DfsKYgt6wzwe2k3dvrLUbz8DhKHnZLiVz+OQ==
|
||||
-----END AGE ENCRYPTED FILE-----
|
||||
- recipient: age17fyzv5mezck364lvyepp9pa3tnjn7jvsgcpykhhz2smnxyq6fdusvl7waf
|
||||
enc: |
|
||||
-----BEGIN AGE ENCRYPTED FILE-----
|
||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBjUVNJN0VQSHlHVzRyem9H
|
||||
a1pDT1lQZGRjRTcwUzFWSEgrdlljZDlnOEN3CktYakY5YWEvTloyaHBPR3hqVUph
|
||||
WXFMb2krZnBWNWJhRWJBOFloNEFPUUUKLS0tIFRjYlNRb21TanF3SDkxRDk0N2k0
|
||||
ZTZBWkxUbVZpYjdUZFZDK1JOREpDcmMKyBU5+qvwshU6LBzSPptQtqIY3X+gKgur
|
||||
nhkMcV6g5z40EwfvuJvfAzqZrsuKOejungXunKV3Q/QyiTn+/RrJoA==
|
||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBYVkVsZXRRZVlyaytSN2Nz
|
||||
VnErNEhaekdJcldIVkNEMTVNWHJ0d0FLNldnClU1WFNCV2JUdm85UU9oVEFOQXpD
|
||||
VTBEUmZlaytLcU0zVUhpMk1LQWsxSkUKLS0tIE5zWG5UckdKb0tTRUhXNkFBNzZP
|
||||
YmJFazAydjBSSHYyYzZJa3JHdEVMK1kKNgqAMknySjN255pn+u2XF+lL/OtU6vjf
|
||||
DCKGPGWKxVFMHC9DgYf8HifjburDZ1L+CvMDLHQOPd+1Piy58qoMpQ==
|
||||
-----END AGE ENCRYPTED FILE-----
|
||||
lastmodified: "2025-02-08T20:27:36Z"
|
||||
mac: ENC[AES256_GCM,data:JT/yRb2b+wKSS66ZkqqzbTOQWs1dOjXSEKZeBP6hcaVwmPcFld4bOZgPmJeYl8ZTWJyIjNc5cwBB/VP95DdSBroFy2WCJeVjdSEWxQT37AvwJSXwHeODr5JOI+pwwubqzhorNKip/MDvZw3qnIUuFEaXWlwKMfMR01/M3nGB2HI=,iv:dfWIeGuk7S6jS12OOAzYVmDWFQmaiQP83roR1GxulaA=,tag:ZocnLTP4PO1QAw9F6oK1wQ==,type:str]
|
||||
pgp: []
|
||||
lastmodified: "2025-04-06T11:46:52Z"
|
||||
mac: ENC[AES256_GCM,data:mqkvRkklYHKHsPa0g5MHw+7EaNeftEj1sBs4cOPVN6E8alTIvudqfzU3Q0eDpq7vFPRRUpcYxCJV5NDSK6/ahr+oeWOpURbrbQ9JyEFpH4GGJRHrMW04JVjtSEbh8HshvIj+IEi7dc6k8Wg8lt4sMEv/rzaJ3ezPWRiHM8GqNvg=,iv:yA7dH0qsDv84Ngxw92BsVk8u444o1OT7/T/MpGpIeyE=,tag:IBXzQ+F1mx+MQnnbwnKfJw==,type:str]
|
||||
unencrypted_suffix: _unencrypted
|
||||
version: 3.9.4
|
||||
version: 3.10.1
|
||||
|
||||
12
values/etersoft/values.memos.yaml
Normal file
12
values/etersoft/values.memos.yaml
Normal file
@ -0,0 +1,12 @@
|
||||
shortcuts:
|
||||
hostname: memos.ds.badhouseplants.net
|
||||
ingress:
|
||||
main:
|
||||
metadata:
|
||||
annotations:
|
||||
kubernetes.io/ingress.class: traefik
|
||||
kubernetes.io/tls-acme: "true"
|
||||
kubernetes.io/ingress.allow-http: "false"
|
||||
kubernetes.io/ingress.global-static-ip-name: ""
|
||||
cert-manager.io/cluster-issuer: badhouseplants-issuer-http01
|
||||
traefik.ingress.kubernetes.io/router.entrypoints: web,websecure
|
||||
Loading…
x
Reference in New Issue
Block a user