jahanson/valinor
Archived
1
0
Fork 0
Code Issues 1 Pull requests Projects Releases Packages Wiki Activity Actions

re-launching valinor

Browse source
This commit is contained in:
Joseph Hanson 2023-11-27 22:31:02 -06:00
parent 0070e59aea
commit 324196e35a
Signed by: jahanson
SSH key fingerprint: SHA256:vy6dKBECV522aPAwklFM3ReKAVB086rT3oWwiuiFG7o
71 changed files with 185 additions and 69 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
archive/fediverse/kustomization.yaml
View file

@ -1,9 +1,10 @@
---
# yaml-language-server: $schema=https://json.schemastore.org/kustomization.json
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
# Pre Flux-Kustomizations
- ./namespace.yaml
# Flux-Kustomizations
- ./elk/ks.yaml
- ./mastodon/ks.yaml
- ./peertube/ks.yaml
- ./redis/ks.yaml

2
archive/fediverse/namespace.yaml
View file

@ -5,4 +5,4 @@ metadata:
name: fediverse
labels:
kustomize.toolkit.fluxcd.io/prune: disabled
goldilocks.fairwinds.com/enabled: "true"
pgo-enabled-hsn.dev: "true"

0
kubernetes/apps/fediverse/peertube/app/config/production.yml → archive/fediverse/peertube/app/config/production.yml
View file

0
kubernetes/apps/fediverse/peertube/app/externalsecret.yaml → archive/fediverse/peertube/app/externalsecret.yaml
View file

0
kubernetes/apps/fediverse/peertube/app/helmrelease.yaml → archive/fediverse/peertube/app/helmrelease.yaml
View file

0
kubernetes/apps/fediverse/peertube/app/kustomization.yaml → archive/fediverse/peertube/app/kustomization.yaml
View file

0
archive/fediverse/peertube/postgresCluster.yaml → archive/fediverse/peertube/app/postgresCluster.yaml
View file

0
kubernetes/apps/fediverse/peertube/app/pvc.yaml → archive/fediverse/peertube/app/pvc.yaml
View file

0
kubernetes/apps/fediverse/peertube/ks.yaml → archive/fediverse/peertube/ks.yaml
View file

0
kubernetes/apps/fediverse/redis/ks.yaml → archive/fediverse/peertube/redis/ks.yaml
View file

0
kubernetes/apps/fediverse/redis/peertube/helmrelease.yaml → archive/fediverse/peertube/redis/peertube/helmrelease.yaml
View file

0
kubernetes/apps/fediverse/redis/peertube/kustomization.yaml → archive/fediverse/peertube/redis/peertube/kustomization.yaml
View file

12
kubernetes/apps/fediverse/kustomization.yaml → archive/monitoring/kube-prometheus-stack/app/kustomization.yaml
View file

@ -1,10 +1,10 @@
---
# yaml-language-server: $schema=https://json.schemastore.org/kustomization.json
# yaml-language-server: $schema=https://json.schemastore.org/kustomization
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
namespace: monitoring
resources:
# Pre Flux-Kustomizations
- ./namespace.yaml
# Flux-Kustomizations
- ./peertube/ks.yaml
- ./redis/ks.yaml
- ./externalsecret.yaml
- ./helmrelease.yaml
- ./scrapeconfigs
- ./prometheusrules

0
kubernetes/apps/monitoring/kube-prometheus-stack/app/prometheusrules/kustomization.yaml → archive/monitoring/kube-prometheus-stack/app/prometheusrules/kustomization.yaml
View file

0
kubernetes/apps/monitoring/kube-prometheus-stack/app/prometheusrules/minio.yaml → archive/monitoring/kube-prometheus-stack/app/prometheusrules/minio.yaml
View file

0
kubernetes/apps/monitoring/kube-prometheus-stack/app/scrapeconfigs/erebor.yaml → archive/monitoring/kube-prometheus-stack/app/scrapeconfigs/erebor.yaml
View file

0
kubernetes/apps/monitoring/kube-prometheus-stack/app/scrapeconfigs/kustomization.yaml → archive/monitoring/kube-prometheus-stack/app/scrapeconfigs/kustomization.yaml
View file

8
kubernetes/apps/fediverse/namespace.yaml
View file

@ -1,8 +0,0 @@
---
apiVersion: v1
kind: Namespace
metadata:
name: fediverse
labels:
kustomize.toolkit.fluxcd.io/prune: disabled
pgo-enabled-hsn.dev: "true"

1
kubernetes/apps/flux-system/add-ons/monitoring/kustomization.yaml
View file

@ -1,4 +1,5 @@
---
# yaml-language-server: $schema=https://json.schemastore.org/kustomization.json
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
namespace: flux-system

1
kubernetes/apps/flux-system/add-ons/monitoring/podmonitor.yaml
View file

@ -1,4 +1,5 @@
---
# yaml-language-server: $schema=https://ks.hsn.dev/monitoring.coreos.com/podmonitor_v1.json
apiVersion: monitoring.coreos.com/v1
kind: PodMonitor
metadata:

1
kubernetes/apps/flux-system/add-ons/monitoring/prometheusrule.yaml
View file

@ -1,4 +1,5 @@
---
# yaml-language-server: $schema=https://ks.hsn.dev/monitoring.coreos.com/prometheusrule_v1.json
apiVersion: monitoring.coreos.com/v1
kind: PrometheusRule
metadata:

7
kubernetes/apps/flux-system/add-ons/webhooks/github/externalsecret.yaml → kubernetes/apps/flux-system/add-ons/webhooks/git/externalsecret.yaml
View file

@ -1,18 +1,19 @@
---
# yaml-language-server: $schema=https://ks.hsn.dev/external-secrets.io/externalsecret_v1beta1.json
apiVersion: external-secrets.io/v1beta1
kind: ExternalSecret
metadata:
name: github-webhook-token
name: git-webhook-token
namespace: flux-system
spec:
secretStoreRef:
kind: ClusterSecretStore
name: onepassword-connect
target:
name: github-webhook-token
name: git-webhook-token
creationPolicy: Owner
data:
- secretKey: token
remoteRef:
key: flux
property: github_webhook_token
property: git_webhook_token

4
kubernetes/apps/flux-system/add-ons/webhooks/github/ingress.yaml → kubernetes/apps/flux-system/add-ons/webhooks/git/ingress.yaml
View file

@ -5,11 +5,11 @@ metadata:
name: webhook-receiver
namespace: flux-system
annotations:
external-dns.alpha.kubernetes.io/target: ingress.valinor.social
external-dns.alpha.kubernetes.io/target: valinor.hsn.dev
spec:
ingressClassName: "nginx"
rules:
- host: &host "flux-receiver-valinor.valinor.social"
- host: &host "flux-receiver-valinor.hsn.dev"
http:
paths:
- path: /hook/

0
kubernetes/apps/flux-system/add-ons/webhooks/github/kustomization.yaml → kubernetes/apps/flux-system/add-ons/webhooks/git/kustomization.yaml
View file

4
kubernetes/apps/flux-system/add-ons/webhooks/github/receiver.yaml → kubernetes/apps/flux-system/add-ons/webhooks/git/receiver.yaml
View file

@ -3,7 +3,7 @@
apiVersion: notification.toolkit.fluxcd.io/v1
kind: Receiver
metadata:
name: github-receiver
name: git-receiver
namespace: flux-system
spec:
type: github
@ -11,7 +11,7 @@ spec:
- "ping"
- "push"
secretRef:
name: github-webhook-token
name: git-webhook-token
resources:
- apiVersion: source.toolkit.fluxcd.io/v1
kind: GitRepository

3
kubernetes/apps/flux-system/add-ons/webhooks/kustomization.yaml
View file

@ -1,5 +1,6 @@
---
# yaml-language-server: $schema=https://json.schemastore.org/kustomization.json
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
- ./github
- ./git

1
kubernetes/apps/kube-system/hccm/app/externalsecret.yaml
View file

@ -1,4 +1,5 @@
---
# yaml-language-server: $schema=https://ks.hsn.dev/external-secrets.io/externalsecret_v1beta1.json
apiVersion: external-secrets.io/v1beta1
kind: ExternalSecret
metadata:

2
kubernetes/apps/kube-system/hccm/app/helmrelease.yaml
View file

@ -1,5 +1,5 @@
# yaml-language-server: $schema=https://raw.githubusercontent.com/fluxcd-community/flux2-schemas/main/helmrelease-helm-v2beta1.json
---
# yaml-language-server: $schema=https://raw.githubusercontent.com/fluxcd-community/flux2-schemas/main/helmrelease-helm-v2beta1.json
apiVersion: helm.toolkit.fluxcd.io/v2beta1
kind: HelmRelease
metadata:

2
kubernetes/apps/kube-system/hccm/app/kustomization.yaml
View file

@ -1,5 +1,5 @@
# yaml-language-server: $schema=https://json.schemastore.org/kustomization.json
---
# yaml-language-server: $schema=https://json.schemastore.org/kustomization.json
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
namespace: kube-system

1
kubernetes/apps/kube-system/hccm/ks.yaml
View file

@ -1,4 +1,5 @@
---
# yaml-language-server: $schema=https://raw.githubusercontent.com/fluxcd-community/flux2-schemas/main/kustomization-kustomize-v1.json
apiVersion: kustomize.toolkit.fluxcd.io/v1
kind: Kustomization
metadata:

2
kubernetes/apps/kube-system/kustomization.yaml
View file

@ -1,5 +1,5 @@
# yaml-language-server: $schema=https://json.schemastore.org/kustomization.json
---
# yaml-language-server: $schema=https://json.schemastore.org/kustomization.json
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:

1
kubernetes/apps/kube-system/metrics-server/app/helmrelease.yaml
View file

@ -1,4 +1,5 @@
---
# yaml-language-server: $schema=https://ks.hsn.dev/helm.toolkit.fluxcd.io/helmrelease_v2beta1.json
apiVersion: helm.toolkit.fluxcd.io/v2beta1
kind: HelmRelease
metadata:

2
kubernetes/apps/kube-system/metrics-server/app/kustomization.yaml
View file

@ -1,5 +1,5 @@
# yaml-language-server: $schema=https://json.schemastore.org/kustomization.json
---
# yaml-language-server: $schema=https://json.schemastore.org/kustomization.json
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
namespace: kube-system

1
kubernetes/apps/kube-system/metrics-server/ks.yaml
View file

@ -1,4 +1,5 @@
---
# yaml-language-server: $schema=https://raw.githubusercontent.com/fluxcd-community/flux2-schemas/main/kustomization-kustomize-v1.json
apiVersion: kustomize.toolkit.fluxcd.io/v1
kind: Kustomization
metadata:

2
kubernetes/apps/kyverno/kyverno/ks.yaml
View file

@ -1,4 +1,5 @@
---
# yaml-language-server: $schema=https://raw.githubusercontent.com/fluxcd-community/flux2-schemas/main/kustomization-kustomize-v1.json
apiVersion: kustomize.toolkit.fluxcd.io/v1
kind: Kustomization
metadata:
@ -15,6 +16,7 @@ spec:
retryInterval: 1m
timeout: 5m
---
# yaml-language-server: $schema=https://raw.githubusercontent.com/fluxcd-community/flux2-schemas/main/kustomization-kustomize-v1.json
apiVersion: kustomize.toolkit.fluxcd.io/v1
kind: Kustomization
metadata:

1
kubernetes/apps/kyverno/kyverno/policies/remove-cpu-limits.yaml
View file

@ -1,4 +1,5 @@
---
# yaml-language-server: $schema=https://ks.hsn.dev/kyverno.io/clusterpolicy_v1.json
apiVersion: kyverno.io/v1
kind: ClusterPolicy
metadata:

1
kubernetes/apps/monitoring/alertmanager/ks.yaml
View file

@ -1,4 +1,5 @@
---
# yaml-language-server: $schema=https://raw.githubusercontent.com/fluxcd-community/flux2-schemas/main/kustomization-kustomize-v1.json
apiVersion: kustomize.toolkit.fluxcd.io/v1
kind: Kustomization
metadata:

1
kubernetes/apps/monitoring/grafana/app/externalsecret.yaml
View file

@ -1,4 +1,5 @@
---
# yaml-language-server: $schema=https://ks.hsn.dev/external-secrets.io/externalsecret_v1beta1.json
apiVersion: external-secrets.io/v1beta1
kind: ExternalSecret
metadata:

50
kubernetes/apps/monitoring/grafana/app/helmrelease.yaml
View file

@ -78,7 +78,7 @@ spec:
allow_embedding: true
cookie_samesite: grafana
server:
root_url: https://grafana.valinor.social
root_url: https://gv.hsn.dev
datasources:
datasources.yaml:
apiVersion: 1
@ -161,28 +161,28 @@ spec:
gnetId: 15038
revision: 1
datasource: Prometheus
minio:
# renovate: depName="MinIO Dashboard"
gnetId: 13502
revision: 24
datasource:
- { name: DS_PROMETHEUS, value: Prometheus }
ceph:
ceph-cluster:
# renovate: depName="Ceph Cluster"
gnetId: 2842
revision: 17
datasource: Prometheus
ceph-osd:
# renovate: depName="Ceph - OSD (Single)"
gnetId: 5336
revision: 9
datasource: Prometheus
ceph-pools:
# renovate: depName="Ceph - Pools"
gnetId: 5342
revision: 9
datasource: Prometheus
# minio:
# # renovate: depName="MinIO Dashboard"
# gnetId: 13502
# revision: 24
# datasource:
# - { name: DS_PROMETHEUS, value: Prometheus }
# ceph:
# ceph-cluster:
# # renovate: depName="Ceph Cluster"
# gnetId: 2842
# revision: 17
# datasource: Prometheus
# ceph-osd:
# # renovate: depName="Ceph - OSD (Single)"
# gnetId: 5336
# revision: 9
# datasource: Prometheus
# ceph-pools:
# # renovate: depName="Ceph - Pools"
# gnetId: 5342
# revision: 9
# datasource: Prometheus
flux:
flux-cluster:
url: https://raw.githubusercontent.com/fluxcd/flux2/main/manifests/monitoring/monitoring-config/dashboards/cluster.json
@ -267,10 +267,10 @@ spec:
ingress:
enabled: true
annotations:
external-dns.alpha.kubernetes.io/target: ingress.valinor.social
external-dns.alpha.kubernetes.io/target: valinor.hsn.dev
ingressClassName: nginx
hosts:
- &host grafana.valinor.social
- &host grafana.hsn.dev
tls:
- hosts:
- *host

1
kubernetes/apps/monitoring/grafana/ks.yaml
View file

@ -1,4 +1,5 @@
---
# yaml-language-server: $schema=https://raw.githubusercontent.com/fluxcd-community/flux2-schemas/main/kustomization-kustomize-v1.json
apiVersion: kustomize.toolkit.fluxcd.io/v1
kind: Kustomization
metadata:

2
kubernetes/apps/monitoring/kube-prometheus-stack/app/kustomization.yaml
View file

@ -6,5 +6,3 @@ namespace: monitoring
resources:
- ./externalsecret.yaml
- ./helmrelease.yaml
- ./scrapeconfigs
- ./prometheusrules

1
kubernetes/apps/monitoring/kube-prometheus-stack/ks.yaml
View file

@ -1,4 +1,5 @@
---
# yaml-language-server: $schema=https://raw.githubusercontent.com/fluxcd-community/flux2-schemas/main/kustomization-kustomize-v1.json
apiVersion: kustomize.toolkit.fluxcd.io/v1
kind: Kustomization
metadata:

1
kubernetes/apps/monitoring/kustomization.yaml
View file

@ -1,4 +1,5 @@
---
# yaml-language-server: $schema=https://json.schemastore.org/kustomization.json
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:

1
kubernetes/apps/monitoring/node-exporter/app/kustomization.yaml
View file

@ -1,4 +1,5 @@
---
# yaml-language-server: $schema=https://json.schemastore.org/kustomization.json
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
namespace: monitoring

1
kubernetes/apps/monitoring/node-exporter/ks.yaml
View file

@ -1,4 +1,5 @@
---
# yaml-language-server: $schema=https://raw.githubusercontent.com/fluxcd-community/flux2-schemas/main/kustomization-kustomize-v1.json
apiVersion: kustomize.toolkit.fluxcd.io/v1
kind: Kustomization
metadata:

1
kubernetes/apps/monitoring/thanos/app/externalsecret.yaml
View file

@ -1,4 +1,5 @@
---
# yaml-language-server: $schema=https://ks.hsn.dev/external-secrets.io/externalsecret_v1beta1.json
apiVersion: external-secrets.io/v1beta1
kind: ExternalSecret
metadata:

1
kubernetes/apps/monitoring/thanos/ks.yaml
View file

@ -1,4 +1,5 @@
---
# yaml-language-server: $schema=https://raw.githubusercontent.com/fluxcd-community/flux2-schemas/main/kustomization-kustomize-v1.json
apiVersion: kustomize.toolkit.fluxcd.io/v1
kind: Kustomization
metadata:

4
kubernetes/apps/network/echo-server/app/helmrelease.yaml
View file

@ -41,9 +41,9 @@ spec:
enabled: true
className: "nginx"
annotations:
external-dns.alpha.kubernetes.io/target: "ingress.valinor.social"
external-dns.alpha.kubernetes.io/target: "valinor.hsn.dev"
hosts:
- host: &host "echo-server.valinor.social"
- host: &host "esv.hsn.dev"
paths:
- path: /
service:

1
kubernetes/apps/network/echo-server/app/kustomization.yaml
View file

@ -1,4 +1,5 @@
---
# yaml-language-server: $schema=https://json.schemastore.org/kustomization.json
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
namespace: network

1
kubernetes/apps/network/echo-server/ks.yaml
View file

@ -1,4 +1,5 @@
---
# yaml-language-server: $schema=https://raw.githubusercontent.com/fluxcd-community/flux2-schemas/main/kustomization-kustomize-v1.json
apiVersion: kustomize.toolkit.fluxcd.io/v1
kind: Kustomization
metadata:

19
kubernetes/apps/network/external-dns/app/hsn-dev/externalsecret.yaml Normal file
View file

@ -0,0 +1,19 @@
---
# yaml-language-server: $schema=https://ks.hsn.dev/external-secrets.io/externalsecret_v1beta1.json
apiVersion: external-secrets.io/v1beta1
kind: ExternalSecret
metadata:
name: externaldns-hsn-dev-secrets
namespace: cert-manager
spec:
secretStoreRef:
kind: ClusterSecretStore
name: onepassword-connect
target:
name: externaldns-hsn-dev-secrets
creationPolicy: Owner
data:
- secretKey: cloudflare_api_token
remoteRef:
key: Cloudflare
property: external-dns

69
kubernetes/apps/network/external-dns/app/hsn-dev/helmrelease.yaml Normal file
View file

@ -0,0 +1,69 @@
---
# yaml-language-server: $schema=https://raw.githubusercontent.com/fluxcd-community/flux2-schemas/main/helmrelease-helm-v2beta1.json
apiVersion: helm.toolkit.fluxcd.io/v2beta1
kind: HelmRelease
metadata:
name: externaldns-external
namespace: network
spec:
interval: 30m
chart:
spec:
chart: external-dns
version: 1.13.1
sourceRef:
kind: HelmRepository
name: kubernetes-sigs-external-dns
namespace: flux-system
interval: 30m
values:
fullnameOverride: &name externaldns-external
domainFilters:
- hsn.dev
env:
- name: CF_API_TOKEN
valueFrom:
secretKeyRef:
name: externaldns-hsn-dev-secrets
key: cloudflare_api_token
extraArgs:
- --crd-source-apiversion=externaldns.k8s.io/v1alpha1
- --ingress-class=hsn-nginx
podAnnotations:
secret.reloader.stakater.com/reload: externaldns-external-secrets
policy: sync
provider: cloudflare
resources:
requests:
cpu: 5m
memory: 24M
limits:
memory: 48M
serviceMonitor:
enabled: true
sources:
- ingress
- crd
txtPrefix: "k8s."
postRenderers:
- kustomize:
patches:
- target:
version: v1
kind: Deployment
name: *name
patch: |
- op: add
path: /spec/template/spec/enableServiceLinks
value: false

5
kubernetes/apps/network/external-dns/app/kustomization.yaml
View file

@ -1,8 +1,9 @@
---
# yaml-language-server: $schema=https://json.schemastore.org/kustomization
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
namespace: network
resources:
- ./helmrelease.yaml
- ./externalsecret.yaml
- ./hsn-dev/helmrelease.yaml
- ./hsn-dev/externalsecret.yaml
- ./dns_endpoint-crd.yaml

5
kubernetes/apps/network/external-dns/app/externalsecret.yaml → kubernetes/apps/network/external-dns/app/valinor-social/externalsecret.yaml
View file

@ -1,15 +1,16 @@
---
# yaml-language-server: $schema=https://ks.hsn.dev/external-secrets.io/externalsecret_v1beta1.json
apiVersion: external-secrets.io/v1beta1
kind: ExternalSecret
metadata:
name: externaldns-secrets
name: externaldns-valinor-social-secrets
namespace: cert-manager
spec:
secretStoreRef:
kind: ClusterSecretStore
name: onepassword-connect
target:
name: externaldns-secrets
name: externaldns-valinor-social-secrets
creationPolicy: Owner
data:
- secretKey: dnsimple_api_token

0
kubernetes/apps/network/external-dns/app/helmrelease.yaml → kubernetes/apps/network/external-dns/app/valinor-social/helmrelease.yaml
View file

3
kubernetes/apps/network/ingress-nginx/app/helmrelease.yaml
View file

@ -44,6 +44,7 @@ spec:
any: true
ingressClassResource:
name: hsn-nginx
default: true
config:
@ -69,7 +70,7 @@ spec:
resolver local=on ipv6=off;
extraArgs:
default-ssl-certificate: "network/valinor-social-tls"
default-ssl-certificate: "network/hsn-dev-tls"
topologySpreadConstraints:
- maxSkew: 2

1
kubernetes/apps/network/kustomization.yaml
View file

@ -1,4 +1,5 @@
---
# yaml-language-server: $schema=https://json.schemastore.org/kustomization.json
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:

1
kubernetes/apps/network/namespace.yaml
View file

@ -5,4 +5,3 @@ metadata:
name: network
labels:
kustomize.toolkit.fluxcd.io/prune: disabled
goldilocks.fairwinds.com/enabled: "true"

1
kubernetes/apps/security/external-secrets/app/helmrelease.yaml
View file

@ -1,4 +1,5 @@
---
# yaml-language-server: $schema=https://raw.githubusercontent.com/fluxcd-community/flux2-schemas/main/helmrelease-helm-v2beta1.json
apiVersion: helm.toolkit.fluxcd.io/v2beta1
kind: HelmRelease
metadata:

1
kubernetes/apps/security/external-secrets/app/kustomization.yaml
View file

@ -1,4 +1,5 @@
---
# yaml-language-server: $schema=https://json.schemastore.org/kustomization.json
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
namespace: security

1
kubernetes/apps/security/external-secrets/cluster-secrets/pgo-s3-creds.yaml
View file

@ -1,4 +1,5 @@
---
# yaml-language-server: $schema=https://ks.hsn.dev/external-secrets.io/clusterexternalsecret_v1beta1.json
apiVersion: external-secrets.io/v1beta1
kind: ClusterExternalSecret
metadata:

2
kubernetes/apps/security/external-secrets/ks.yaml
View file

@ -1,4 +1,5 @@
---
# yaml-language-server: $schema=https://raw.githubusercontent.com/fluxcd-community/flux2-schemas/main/kustomization-kustomize-v1.json
apiVersion: kustomize.toolkit.fluxcd.io/v1
kind: Kustomization
metadata:
@ -13,6 +14,7 @@ spec:
name: valinor
wait: true
---
# yaml-language-server: $schema=https://raw.githubusercontent.com/fluxcd-community/flux2-schemas/main/kustomization-kustomize-v1.json
apiVersion: kustomize.toolkit.fluxcd.io/v1
kind: Kustomization
metadata:

1
kubernetes/apps/security/external-secrets/stores/kustomization.yaml
View file

@ -1,4 +1,5 @@
---
# yaml-language-server: $schema=https://json.schemastore.org/kustomization.json
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:

1
kubernetes/apps/security/external-secrets/stores/onepassword/kustomization.yaml
View file

@ -1,4 +1,5 @@
---
# yaml-language-server: $schema=https://json.schemastore.org/kustomization.json
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
namespace: security

1
kubernetes/apps/system/kubelet-csr-approver/app/kustomization.yaml
View file

@ -1,4 +1,5 @@
---
# yaml-language-server: $schema=https://json.schemastore.org/kustomization.json
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
namespace: system

1
kubernetes/apps/system/kustomization.yaml
View file

@ -1,4 +1,5 @@
---
# yaml-language-server: $schema=https://json.schemastore.org/kustomization.json
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:

1
kubernetes/apps/system/namespace.yaml
View file

@ -5,4 +5,3 @@ metadata:
name: system
labels:
goldilocks.fairwinds.com/enabled: "true"
kustomize.toolkit.fluxcd.io/prune: disabled

1
kubernetes/apps/system/reloader/app/helmrelease.yaml
View file

@ -1,4 +1,5 @@
---
# yaml-language-server: $schema=https://raw.githubusercontent.com/fluxcd-community/flux2-schemas/main/helmrelease-helm-v2beta1.json
apiVersion: helm.toolkit.fluxcd.io/v2beta1
kind: HelmRelease
metadata:

1
kubernetes/apps/system/reloader/app/kustomization.yaml
View file

@ -1,4 +1,5 @@
---
# yaml-language-server: $schema=https://json.schemastore.org/kustomization.json
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
namespace: system

1
kubernetes/apps/system/reloader/ks.yaml
View file

@ -1,4 +1,5 @@
---
# yaml-language-server: $schema=https://raw.githubusercontent.com/fluxcd-community/flux2-schemas/main/kustomization-kustomize-v1.json
apiVersion: kustomize.toolkit.fluxcd.io/v1
kind: Kustomization
metadata:

8
kubernetes/flux/vars/cluster-secrets.sops.yaml
View file

@ -6,7 +6,7 @@ metadata:
stringData:
SECRET_PUSHOVER_USERKEY: ENC[AES256_GCM,data:MeaD8iRbieNr5W9PqpjZ5ywdbMijX9nYQJbbVj6s,iv:42QymFlr47PYNjorJc5tgDjzZ9WHPVIk543GGChalVM=,tag:qyk1chI/IpPdfyEMdOqsbQ==,type:str]
SECRET_PUSHOVER_ALERT_MANAGER_APIKEY: ENC[AES256_GCM,data:4+9e/tWQBszoPakAo+1vNhWsdKz8qfoioeUz+dTb,iv:sY4dkzMEmvi8kCLesBiknmoYHWq3uqXpWs5Y4FeFSuk=,tag:rPxH+5m6rPiSnhm2JrrT4w==,type:str]
SECRET_HEALTHCHECKS_WEBHOOK: ENC[AES256_GCM,data:EaCR6grPycx8RTdW286v7ocgzNdoNEynCNn2avNuhkWLEDm5yiejlRAl82ir9V/OODSWIPD00UmHG8LK8X23Mnk/OhKvqsD4,iv:eFbQABHQGNGOycI+clXnOQ1orJr/yFUyRX8WSJtogNU=,tag:Fc9q3zv/8l1c3ugy8NoS7A==,type:str]
SECRET_HEALTHCHECKS_WEBHOOK: ENC[AES256_GCM,data:a6hjTy2HRy7s2+KHxfop8077CgAzzILCF/g5I9TIXdhRiziUrLpJVzC0mqNmfdooJsZyErrJ9ihamFKLFoK8S/PmD5IgWuZu,iv:l5JTxmiWct5nr7eJM/Rtl7AclhCoIQ4KW6nJK6Slhg0=,tag:K5yGxYBTNSSoxYJt8Kmhyw==,type:str]
SECRET_CLOUDFLARE_ACCOUNT_ID: ENC[AES256_GCM,data:X63a7aMBMyd9Be6bik0knOyMXnYx/Kg3SoOrG0bkAHU=,iv:POcU1kIRWekrzUdzqPopKDovviK+fMZRVuZVWp9Vuuc=,tag:n9UamxITJCiLbH37Ta2lTg==,type:str]
sops:
kms: []
@ -23,8 +23,8 @@ sops:
dDhWMDZYait3UzNRZy9oVk85cHBPdEUKa7e22jHlW1chaLDKBB1in8ZTFnfKMXug
QJQ/9z6z/RjmnnFam2FWg++Xg2A8LQ7XTZcfR97csf59DQ/xwu7sVw==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2023-09-23T15:52:55Z"
mac: ENC[AES256_GCM,data:PrmBMH4L7CtF83A7OFEr/MtOH1IM4iMZTWYA5VgbhscxonWzgH9t5hbNqI1M2etnB8HydhwiapyZwJYnTjGmvXBsVzdtU2H31s5/Jj3Bx1px1zvj7kEjPCZTib5zbFjdvXk8vfmVYf7IQ8tUKz5frqbvEtP/W1/OxSAWmOWXTZI=,iv:HUsB9siGrsvi8DmbUVAvUQXD3Qf+GLhCZPdT50xoPVo=,tag:MpkPTYV08flOZumyX6gnPg==,type:str]
lastmodified: "2023-11-28T03:23:26Z"
mac: ENC[AES256_GCM,data:pymGYIauY1QsSuepCBNRi+s1g2UypI5/RIe+c4auKfyv0QFdgPHTPHYhT0q4g8nfFwFp8E6u9oxFlDZSR1Vy3BHc4RqZCREA6+kKHG7bwH25xvhtWUQnLq7bDkNhm7ZzjEeIgNq5pEXeeNr12nlHJqTFw++lvnGjJRJJ5Rzl0AQ=,iv:EMrOFhLoNodX0KCiMqoA/FI+WqypChI+53JCg+eu6OE=,tag:DUOR4uf2ib0eYlJOdTfNNg==,type:str]
pgp: []
encrypted_regex: ^(data|stringData)$
version: 3.8.0
version: 3.8.1