Mathis/dev-cluster
1
0
Fork 0
mirror of https://github.com/lordmathis/dev-cluster.git synced 2025-12-22 16:44:24 +00:00
Code Issues Packages Projects Releases Wiki Activity

Set up cluster vars

Browse Source
This commit is contained in:
Matúš Námešný
2024-12-30 15:25:20 +01:00
parent c83f8feffc
commit 1eaa3a42e4
5 changed files with 65 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
clusters/prod/apps.yaml
View File

@@ -16,4 +16,8 @@ spec:
decryption: decryption:
provider: sops provider: sops
secretRef: secretRef:
name: sops-age name: sops-age
postBuild:
substituteFrom:
- kind: Secret
name: cluster-vars-prod

17
clusters/prod/cluster-vars.yaml Normal file
View File

@@ -0,0 +1,17 @@
# /clusters/prod/vars.yaml
apiVersion: kustomize.toolkit.fluxcd.io/v1
kind: Kustomization
metadata:
name: cluster-vars
namespace: flux-system
spec:
interval: 10m0s
path: ./clusters/prod/cluster-vars
prune: true
sourceRef:
kind: GitRepository
name: flux-system
decryption:
provider: sops
secretRef:
name: sops-age

5
clusters/prod/cluster-vars/kustomization.yaml Normal file
View File

@@ -0,0 +1,5 @@
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
namespace: flux-system
resources:
- secret.enc.yaml

32
clusters/prod/cluster-vars/secret.enc.yaml Normal file
View File

@@ -0,0 +1,32 @@
apiVersion: v1
kind: Secret
metadata:
name: cluster-vars-prod
namespace: flux-system
stringData:
DOMAIN: ENC[AES256_GCM,data:95H2LGPNDZWu,iv:dPZncDMxmt80FgX2Kzc3u4Tw3ZN5XxNm1W9RExxkozw=,tag:OPCTvLJesJ7OzmZ4/c04sQ==,type:str]
GITEA_DOMAIN: ENC[AES256_GCM,data:6eDeGcMQp71VTjRUfA==,iv:KtCy5YQeV4tY8xzFuH2y2Yp8QWzK7ZOSuWdKhihklgU=,tag:PkdH/n01nHWCyaAW4QwoPg==,type:str]
AUTHELIA_DOMAIN: ENC[AES256_GCM,data:iWiuvZ5U0rCH64IOe3k=,iv:8WaB4ukSauuzmdD+TlKCVlNE2opox+XlVVjr+ER9mH0=,tag:oLWQ4r+LgzRpHTuU2mu+Xw==,type:str]
TRAEFIK_DOMAIN: ENC[AES256_GCM,data:QC1SpkDPrqZm+sc3e1Tv8So=,iv:YQLzZNP4+D7EcCJYYMygsFfHAjNIh12q449ensSmcc8=,tag:l6HnN4GBq9+9TynWzZCTng==,type:str]
LEMMA_DOMAIN: ENC[AES256_GCM,data:3+HM+wE0SZeceyAJGx9e,iv:TrOp/Lcf+Ka3RlusoBvmhOVIbRquJ7fHK/ThXSkU4SU=,tag:kGwqvbHQ4jgQ6lbz+9zvKw==,type:str]
LETSENCRYPT_EMAIL: ENC[AES256_GCM,data:932hjsPXXEzeeMRoCxScU0YsKo0iwDE=,iv:aVnK22akFCamQMWC+pgmhN1Ok8RUwRJ7RCrqryJUiaU=,tag:e7QZYNeR2QRJg94BRRqZSw==,type:str]
sops:
kms: []
gcp_kms: []
azure_kv: []
hc_vault: []
age:
- recipient: age1jk99rtxq3ep2xj2w886cchddf7jypqpwkr3dszg5dzq93gn8cy9qyc786m
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBNRGZmNGpKVWYva0VJRTdh
TGh1eXhHUzM0bm51QTJZOENjbDkrMEdPM3pJCnNwN1pGK3E3VVZVSXpWTVBSemYw
eTVHNjZvZStISTBpeVhoazc3VFMxdVkKLS0tIEErYkFTV1o4RW1tODFWWk9VNkho
dWwrUlpjQ2xZVjNJSG9vN0tidHVvMnMKwNj4Gm3bXY/vbVIq2bH7/8OWBVMiUxuk
ttMDYmoTmGAqWwa3uYxpAJiYV6Qni0rGsEop+IKs4DehcmH7UH2XZw==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2024-12-30T14:20:14Z"
mac: ENC[AES256_GCM,data:X8J6nwxK+ECLilgwpeSDcf8OTBuqZYEXiFe2UhIBfIB/xrdGRSnPrwcMf3drswftdjnHT9biFocyC3/D9Qv/dPF9iC5ft3D38SDvklstLCn97YivdxQZxGcdggp0we14WVGhmjvlLLucLZ9+1KN5tx+P2r8LhjsI+JhwkB13Zbk=,iv:QU28TNdNwzAsjyEA3po75iPZB8nIq7zCrD3y8JDzkr8=,tag:qPRcTlmAjC4BGEmsxctIRg==,type:str]
pgp: []
unencrypted_regex: ^(apiVersion|metadata|kind|type)$
version: 3.9.0

6
clusters/prod/infrastructure.yaml
View File

@@ -9,6 +9,8 @@ spec:
interval: 10m0s interval: 10m0s
path: ./infrastructure/core path: ./infrastructure/core
prune: true prune: true
dependsOn:
- name: cluster-vars
sourceRef: sourceRef:
kind: GitRepository kind: GitRepository
name: flux-system name: flux-system
@@ -46,3 +48,7 @@ spec:
provider: sops provider: sops
secretRef: secretRef:
name: sops-age name: sops-age
postBuild:
substituteFrom:
- kind: Secret
name: cluster-vars-prod