theshire/kubernetes/apps/database/emqx/app/externalsecret.yaml

82 lines
2.2 KiB
YAML
Raw Normal View History

---
# yaml-language-server: $schema=https://ks.hsn.dev/external-secrets.io/externalsecret_v1beta1.json
apiVersion: external-secrets.io/v1beta1
kind: ExternalSecret
metadata:
name: emqx
spec:
secretStoreRef:
kind: ClusterSecretStore
name: onepassword-connect
target:
name: emqx-secret
template:
engineVersion: v2
data:
EMQX_DASHBOARD__DEFAULT_USERNAME: "{{ .EMQX_DASHBOARD__DEFAULT_USERNAME }}"
EMQX_DASHBOARD__DEFAULT_PASSWORD: "{{ .EMQX_DASHBOARD__DEFAULT_PASSWORD }}"
dataFrom:
- extract:
key: emqx
---
# yaml-language-server: $schema=https://ks.hsn.dev/external-secrets.io/externalsecret_v1beta1.json
apiVersion: external-secrets.io/v1beta1
kind: ExternalSecret
metadata:
name: emqx-init-user
spec:
refreshInterval: 5m
secretStoreRef:
kind: ClusterSecretStore
name: onepassword-connect
target:
name: emqx-init-user-secret
template:
engineVersion: v2
data:
init-user.json: |
2024-09-22 21:10:53 -05:00
[
{
"user_id": "{{ .X_EMQX_MQTT_USERNAME }}",
"password": "{{ .X_EMQX_MQTT_PASSWORD }}",
"is_superuser": true
},
{
2024-09-22 23:19:40 -05:00
"user_id": "tasmota",
"password": "{{ .x_emqx_tasmota_password }}",
"is_superuser": true # Until I can figure out authorization in emqx
2024-09-22 21:10:53 -05:00
},
{
2024-10-03 19:27:57 -05:00
"user_id": "zwave",
"password": "{{ .x_emqx_homeassistant_password }}",
"is_superuser": true # Until I can figure out authorization in emqx
2024-10-03 19:27:57 -05:00
},
{
"user_id": "zwave",
"password": "{{ .x_emqx_zwave_password }}",
"is_superuser": true # Until I can figure out authorization in emqx
2024-09-22 21:10:53 -05:00
}
]
dataFrom:
- extract:
key: emqx
2024-09-22 21:10:53 -05:00
- extract:
2024-09-22 21:34:42 -05:00
key: "emqx [tasmota]"
2024-09-22 21:10:53 -05:00
rewrite:
- regexp:
source: "(.*)"
2024-09-22 23:03:41 -05:00
target: "x_emqx_tasmota_$1"
2024-09-22 21:10:53 -05:00
- extract:
2024-09-22 21:34:42 -05:00
key: "emqx [homeassistant]"
2024-09-22 21:10:53 -05:00
rewrite:
- regexp:
source: "(.*)"
2024-09-22 23:03:41 -05:00
target: "x_emqx_homeassistant_$1"
2024-10-03 19:27:57 -05:00
- extract:
key: "emqx [zwave]"
rewrite:
- regexp:
source: "(.*)"
target: "x_emqx_zwave_$1"