---
# yaml-language-server: $schema=https://raw.githubusercontent.com/fluxcd-community/flux2-schemas/main/helmrelease-helm-v2beta2.json
apiVersion: helm.toolkit.fluxcd.io/v2beta2
kind: HelmRelease
metadata:
  name: &name externaldns-jahanson-tech
  namespace: network
spec:
  interval: 30m
  chart:
    spec:
      chart: external-dns
      version: 1.14.3
      sourceRef:
        kind: HelmRepository
        name: kubernetes-sigs-external-dns
        namespace: flux-system
      interval: 30m

  values:
    fullnameOverride: *name

    domainFilters:
      - jahanson.tech

    env:
      - name: EXTERNAL_DNS_RFC2136_HOST
        value: "10.5.0.3"
      - name: EXTERNAL_DNS_RFC2136_PORT
        value: "53"
      - name: EXTERNAL_DNS_RFC2136_ZONE
        value: "jahanson.tech"
      - name: EXTERNAL_DNS_RFC2136_TSIG_AXFR
        value: "true"
      - name: EXTERNAL_DNS_RFC2136_TSIG_KEYNAME
        value: externaldns
      - name: EXTERNAL_DNS_RFC2136_TSIG_SECRET_ALG
        valueFrom:
          secretKeyRef:
            name: externaldns-internal-secrets
            key: bind_rndc_algorithm
      - name: EXTERNAL_DNS_RFC2136_TSIG_SECRET
        valueFrom:
          secretKeyRef:
            name: externaldns-internal-secrets
            key: bind_rndc_secret

    podAnnotations:
      secret.reloader.stakater.com/reload: externaldns-internal-secrets

    policy: sync
    provider: rfc2136

    resources:
      requests:
        cpu: 16m
        memory: 90M
      limits:
        memory: 90M

    serviceMonitor:
      enabled: true

    sources:
      - ingress
      - service

    txtPrefix: "k8s."

  postRenderers:
    - kustomize:
        patches:
          - target:
              version: v1
              kind: Deployment
              name: *name
            patch: |
              - op: add
                path: /spec/template/spec/enableServiceLinks
                value: false